Protections against browser fingerprinting (EFF's panopticlick results are in)

Protections against browser fingerprinting (EFF's panopticlick results are in)

EFF's panopticlick results are in, and it doesn't look pretty for online privacy. Out of the ~800 000 browsers they have tested, my Opera installation is still unique. Any chance Opera will take steps to improve user privacy? It would seem natural to further enhance the private browsing mode in the ways suggested by the EFF here, or in the full report. Since Opera has a smaller installed base, it seems likely that we who use it are even more vulnerable to these tracking mechanisms unless steps are taken to somehow normalize the values returned by Opera.

Hi,

I just discovered the same fact. My Browser is also unique. If I surf "privately" it's still the same...

Would be great if Opera could do something about that.

Best,
Jan

I just came here to make a thread about this.

+1.

This is well beyond an issue for a single browser. As I understand it one of the techniques goes so far as to use Java or Flash to enumerate all system fonts.

Of note on this fact is that with plugins (which in 10.5+ includes Java now) enabled my browser is unique. If I disable plugins I'm suddenly 1 of 471,016 browsers that share the same fingerprint. I tried the same trick with Firefox and remained unique even after disabling plugins.

The EFF seem to suggest that it is possible for the browser to somewhat reduce the uniqueness, though without disabling javascript and plugins there will still be a lot of information.

For instance, they write that Internet Explorer does not allow plugin enumeration, which proved to be a (small) benefit in their test.

Frankly I don't know how much of this information can be controlled by the browser, but page 14 of the white paper does mention a few things they suggest browsers do, like disallow exhaustive searches of the fonts available.

Would OperaTOR be a viable "solution"? It's just that, there really doesn't seem to be much Opera can do to the current product.

The uniqueness measured by EFF is largely dependent on how common your configuration is - so the best way to "thwart" this proposed tracking vector is to use Internet Explorer on Windows XP with it's default configuration - without customising or changing any settings at all.

Not only is this (as BtEO pointed out) completely beyond the purview of Opera as software manufacturer, it's also highly unlikely that ANY Opera users will tend towards a "normal", default, non-unique browser setup.

Basically, this is just something Opera users will have to live with.

Originally posted by ivarun:

page 14 of the white paper does mention a few things they suggest browsers do, like disallow exhaustive searches of the fonts available.

I have plugins disabled by default, which means the site can't enumerate fonts or plugins - yet somehow I still have a unique fingerprint. This could simply be because no other English speaking Opera user using Windows NT 6.0 with plugins disabled has visited the site, which is entirely plausible - basically the measures mentioned aren't going to be all that effective for anyone using any minority browser.

That test consistently crashes my opera install.

That suggests a duff Java or Flash plugin. Try uninstalling any versions of both, then reinstalling.

This is pretty important issue, i second opera taking a look into this. Opera should be able to have user defined values for anything javascript / ajax can ask the browser. Including a list of plugin installed list, real or not.

Should be able to fully mimic the browser defined to a user agent string. Having the ability to emulate a browser name, but having a site figure it out is akin to wearing a costume that half way falling off. As long as its not being figured out by tracing differences in how a website is rendered, as i like a browser that sticks to standards of website construction. And it seems no browsers are 100% identical in that.

I can uninstall all plug-ins but flash, the only one i really need. adobe should take some steps in what information is being released itself. Or if there is someway i can clean it up to be more general i would manually do that.

But basically finding each part of how information is obtained to create this fingerprint, and creating a kinda forgery that everyone would adopt so as not to stick out of a crowd. I think too much information is given to websites under the guise of debugging. All i need is to be sent the html, it doesn't need to know ANYTHING more than that.

Originally posted by jboswellopera2:

Opera should be able to have user defined values for anything javascript / ajax can ask the browser. Including a list of plugin installed list, real or not.

+1000000

Opera doesn't even give a user ability to spoof user agent string, so chances for spoof font info sent to plugins are minuscule.
Disable plugins, if you are afraid of finger printing.

ps: finger printing can actualy be beneficial for users - like, your bank might fingerprint your unique browser, and in case some person will try to log into your account (with stolen password, for example) - the server will deny him access, because his browser is not looking like your "regular" one.

pps: yes, attacker can also fingerprint your browser and try to emulate it, but that is a bit another story. As he will need both browser signature and login/password (and most probably normal and flash cookies, and ip, depending on the level of protection).

Originally posted by c69:

Opera doesn't even give a user ability to spoof user agent string, so chances for spoof font info sent to plugins are minuscule.

yes, it does. you can identify as Fx and IE already. also plugins don't get their font list from the browser but directly from the OS (as plugins essentially are "stand allone" apps that just use a space in the browser to draw their stuff).
@ps: that argument absolutely defies the function of online banking. if I have to be at a specific computer and even a specific browser to log in I can as well go to the bank in person.

Sending faked informations to a server will also result in an unique fingerprint unless you won't change the fake every time you visit the server So far it would be rather pointless.
Best solution is to disable plugins like BtEO pointed out (ideally JavaScript as well) in order to lessen the fingerprint.

Within our dataset of several million visitors, only one in 187,121 browsers have the same fingerprint as yours.

After performing the test several times:

Within our dataset of several million visitors, only one in 13,862 browsers have the same fingerprint as yours.

However keep in mind that even a poor fingerprint combined with an IP becomes expressive.

Originally posted by lucideer:

I have plugins disabled by default, which means the site can't enumerate fonts or plugins - yet somehow I still have a unique fingerprint. This could simply be because no other English speaking Opera user using Windows NT 6.0 with plugins disabled has visited the site, which is entirely plausible - basically the measures mentioned aren't going to be all that effective for anyone using any minority browser.

Have you disabled JavaScript?

The strange thing is, when I disabled plugins they still thought my browser was essentially unique (though disabling plugins also disabled their font test), so essentially the fact I was using the latest test build of Opera and was in a specific time zone, preferred English, used Windows XP and my screen size were the only meaningful information in the results. (And of course, my fingerprint is different with plugins disabled since then both the plugin list and font list are empty.)

And yes, changing user agent (still possible through either site preferences or opera:config) results in a technically different result. As does changing your language preferences, or even monitor resolution.

The one result they list which is actually meaningless in Opera (unless you're set to prefer windows over tabs) is the screen data. Since they can't resize my window, why should a website be able to determine my screen size? Window size would be more appropriate (that is, the maximum viewable area for a tab), and why should they be told my color depth (as long as it's more than 8 bits anyway)?

well, I don't think so many people use the latest test build (and much less visit their site), so with the other info I'm pretty sure that you could be unique.

Originally posted by serious:

Originally posted by c69:

Opera doesn't even give a user ability to spoof user agent string, so chances for spoof font info sent to plugins are minuscule.

yes, it does. you can identify as Fx and IE already.

Can you spoof your opera UA string as IE5.5 ? Firefox 3.0.1 ? Konqueror ? NS4 ? Googlebot ? - No. You can only chose 2(5) options, with no direct control over the content of user-agent string.

Originally posted by c69:

Originally posted by serious:

Originally posted by c69:

Opera doesn't even give a user ability to spoof user agent string, so chances for spoof font info sent to plugins are minuscule.

yes, it does. you can identify as Fx and IE already.

Can you spoof your opera UA string as IE5.5 ? Firefox 3.0.1 ? Konqueror ? NS4 ? Googlebot ? - No. You can only chose 2(5) options, with no direct control over the content of user-agent string.

Then theres something for the wish list, that ties into this fingerprinting thing. Opera should put in the ability to 'spoof' any browser completely. The 2 out of 5 options did let me emulate ie, so i could visit adobe.com in opera. For some reason they won't want you view their site in Opera. Perhaps because opera is one of the few browsers who has to put in that extra click on enable flash embeds from the Eolass patent?

But even with this option ticked panopticlick figured out that i using opera, so it needs work.

Its not that I fear tracking, i don't use a ip proxy. But i do strong distaste for advertising companies that go too far with tracking individual users. To turn them into cash, or whatever phrasing they like. I just don't want them to have that power of tracking, and it would please me to thwart that. Online banking and other 'good guys' can rely on passwords and accounts, traditional means of security, not identifying my particular browser, thats a bit silly.

Whether or not i think opera will put in a more robust user defined profile. I'm not sure. They might think of users having this control too much like hacking. But the security issue might make it happen, alot of people everywhere don't want to be tracked.

@ user agent spoofing thing:
a) the feature is there in opera to prevent pages from blocking it based on it's UA String
b) as the paper from panopticlick points out a custom UA makes you even easier trackable (esp if you are like "hey I'm googlebot" whilst your IP clearly not belongs to google), so in the context of this thread saying Opera is bad at protecting my privacy because it only lets me spoof the two most used browsers (which is exactly what panopticlick suggests) is somewhat BS.