We know that browsing sessions can be followed by tracking a user's IP address and using cookies. But one could disable cookies and take steps to hide their IP address in order not to be tracked, for instance. So the Electronic Frontier Foundation (EFF) has started the Panopticlick project, "a privacy research effort to measure how much identifying information is being conveyed by other browser characteristics."
By collecting data such as User Agent strings, plugin details and installed fonts, Panopticlick claims to create an identifiable browser fingerprint that it can compare to its database. They say that when combining the variables, they can often find that a particular configuration is totally unique.
As an example, running the test on my work machine said that my "browser fingerprint appears to be unique among the 240,551 tested so far." More details are available too, like the uniqueness of the User Agent string (1 in 24,055), browser plugin details (1 in 80,183) and "screen size and color depth" (1 in 373). While a Power PC Mac (it is indicated in the User Agent string) may not be commonplace, there has been several reports of other configurations that seem much more generic being detected as unique.
There are two ways to look at this: either the test does find that Internet users can be accurately tracked by the browser fingerprint, or the test is giving inaccurate results of browser fingerprints being unique when they are not. In any case, a sample of 240,000 tests is far from enough to judge its accuracy. Assuming there are more than 1.7 billion Internet users worldwide (InternetWorldStats), Panopticlick would not even have tested 0.01% of the total Internet population.
We will have to wait before we can see if there is some legitimacy and usefulness to this test, but EFF does say the following:"Adding your information to our database will help EFF evaluate the capabilities of Internet tracking and advertising companies, who are already using techniques of this sort to record people's online activities. They develop these methods in secret, and don't always tell the world what they've found. But this experiment will give us more insight into the privacy risk posed by browser fingerprinting, and help web users to protect themselves."
|
