Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I believe the "a fresh OS" makes fingerprinting useless.


Not really. Modern web browsers expose a lot of information, such as your language, time zone, screen resolution, CPU and GPU details (number of cores, vendor, model...), etc. There's even <canvas> fingerprint which depends on your GPU driver version.

If you use a custom built desktop computer, you're going to have a pretty unique browser fingerprint because few people will use the same exact hardware configuration. On the other hand, if you use Apple hardware you'll look the same as other Mac/iPhone users. The other option is to use Tor Browser or Tails OS, but I don't think that's feasible for everyday browsing.

As other people have said, it's suprisingly difficult to have privacy on everyday browsing today. Personally, I blame Google. I believe they purposefully pushed modern web standards into maximum user data exposure for their own profit.


So, one could think a solution would be to not use modern browsers. But then this alone makes you stand out again I guess.

Maybe VPNs should start to offer “browser anonymization” as a service.


That's also surprisingly hard. Even assuming that every feature you need will work (which won't probably be the case), many popular websites as well as nearly all banking/shopping sites are behind Cloudflare, captchas or something else that doesn't like non-standard browsers at all. You will be automatically flagged as a suspicious user or a bot and will be prevented from accessing the site or be presented with tons of captchas. Google won't even let you access your account or Gmail.

At least that's been my experience. In fact, I've even encountered problems while using Chromium and Firefox on Linux, just because some sites didn't like the user agent.

In short, to use the modern web you need a modern browser, and modern browsers are very leaky and fingerprintable by design.

> Maybe VPNs should start to offer “browser anonymization” as a service.

The problem is that they'd need to render the website server-side and then serve it to you. That has their own problems, as the VPN provider now has total control of all web content you see.

That already exists, by the way: https://www.puffin.com/secure-browser

I'd say the most realistic options to avoid browser fingerprinting is either using Apple hardware or sandboxing the browser inside a virtual machine. And it's better to use Chrome because it has the most users by a large margin. Firefox, Brave and the new Mullvad browser do implement some anti-fingerprint mitigations, but they have few users so you'll stick out more.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: