How unique is your browser?
How easy is it to track a person online? Perhaps you're tech savvy enough to turn off your browser's cookies, in the hope that any websites you visit won't be able to remember who you are and how often you go back to visit. But a project by the Electronic Frontier Foundation (EFF) put that in perspective. Panopticlick tells you just how unique and trackable your browser is.
It turns out that your browser tells people a lot more about you than you might think. In addition to your IP address, it hands over other information such as its exact version number and operating system, along with language, and other data. The more information it provides, the more unique it is. The EFF says that we need 33 bits of information to identify a single individual separately from everyone on the planet. My browser handed over more than 18 bits, which would enable a website to distinguish me as being part of a significantly smaller part of the population.
This gets interesting when you start surfing across lots of different sites. Companies like Google already offer analytics services that feed data back from any participating site on who has visited them. It also owns a company called Doubleclick which actively monitors a single person's activity across many different sites for advertising purposes. It would be fairly easy for Google to collate the information and get a good idea of your surfing habits.
What can you do to maximise your browsing privacy? Using an anonymising proxy can help you to strip out a lot of the information that is sent via a browser. Another alternative is the Tor anonymous browsing network, that can remove the lot of the identifying information that your browser sends before it reaches its destination. Torbutton is a good way to implement this.
Another interesting development, by hacker Moxie Marlinspike, is called GoogleSharing. Designed specifically for people worried about Google privacy, it takes all of your query data and the other information that your browser automatically sends to Google, strips it away, and mixes your queries in with other peoples' so that it becomes impossible for Google to know who originally sent it. GoogleSharing then delivers your own results back to you.
GoogleSharing will only protect you against Google's data gathering, but there are many other websites that will gather data about you independently. Depending on how paranoid you are, or on how much you value your privacy as a matter of principle. It might be worth taking a look at some or all of these solutions.
Danny Bradbury, MSN Tech & Gadgets
Comments
You can follow this conversation by subscribing to the comment feed for this post.
Posted by: Gezzer | Feb 2, 2010 4:20:53 PM
Of course there's "personal" information that my browser lets others see.
The question is what type of "personal" information. If it makes avaiable things like my pin code, full name, address, phone number, in other words real personal information, that's bad.
On the other hand if you want to retype every pass word you use for every forum, then yes disable cookies. Many of the things users expect a browser to do would be impossible without some sort of indentfiying signature.
I mean come on this comment system has a box that says "Remeber personal info?". How will it remember if it can't connect that information with a users browser?
Far as I'm concerened this story and the scan it liunks to, is nothing more then FUD.
Problem is, a lot of users that don't understan how the internet works could be freaking out about something that they don't need to be.
The biggest problem IMHO is most users haven't been taught proper safe computing habits. So all these things meant to "protect" users compound that fact. That was the major problem with Vista's UAC, not that it was a nag (ok being a nag was a problem) but that the majority of users would have no idea why it was asking permission and always allow things to proceed.