Results 1 to 3 of 3

Thread: Browser Versions Carry 10.5 Bits of Identifying Information on Average (EFF)

  1. January 27th, 2010, 11:34 PM #1
    Drew Wilson
    Drew Wilson is online now
    Drew Wilson's Avatar

    AKA IceCube
    Join Date
    Dec 2007
    Location
    Igloo Country?
    Posts
    9,662

    Browser Versions Carry 10.5 Bits of Identifying Information on Average (EFF)

    Whenever you visit a web page, your browser sends a "User Agent" header to the website saying precisely which operating system and web browser you are using. This information could help distinguish Internet users from one another because these versions differ, often considerably, from person to person. We recently ran an experiment to see to what extent this information could be used to track people (for instance, if someone deletes their browser cookies, would the User Agent, alone or in combination with some other detail, be unique enough to let a site recognize them and re-create their old cookie?).

    Our experiment to date has shown that the browser User Agent string usually carries 5-15 bits of identifying information (about 10.5 bits on average). That means that on average, only one person in about 1,500 (2^10.5) will have the same User Agent as you. On its own, that isn't enough to recreate cookies and track people perfectly, but in combination with another detail like geolocation to a particular ZIP code or having an uncommon browser plugin installed, the User Agent string becomes a real privacy problem.

    More...

    Interesting.
    My Blog
    Free Music I Produced
    My Music Available on ED2K
    Some of my Tunes on BitTorrent

    2005 P2P writer and still alive.
    Reply With Quote Reply With Quote
  2. January 27th, 2010, 11:58 PM #2
    mountain_rage
    mountain_rage is offline
    mountain_rage's Avatar

    Zeropaids nipple
    Join Date
    Mar 2004
    Location
    purgatory
    Posts
    7,069
    How they would get around this is beyond me, for compatibility reasons the browser version needs to be identified, and oftentimes along windows version for multimedia applications.
    Anyone upset or offended by my post please follow the link and let your opinions be known.
    http://www.zeropaid.com/bbs/showthread.php?t=55492
    Reply With Quote Reply With Quote
  3. January 28th, 2010, 01:09 PM #3
    Boomer The Dog
    Boomer The Dog is offline
    Boomer The Dog's Avatar

    Anthropomorphic
    Join Date
    Jun 2005
    Location
    Pittsburgh PA
    Posts
    539
    You can fake the browser ID with a proxy on the local machine, and I think that Opera browser allowed you to identify as other browsers, so that you could access Explorer only sites, for example. If you look at server logs, you can see some funny customized IDs, usually the platform name will be something absurd.

    It's good for a site to know that you're using Firefox 3 on Windows, but actually you can sometimes mess things up in a good way by using a fake browser ID, like sites that give persistent popups through Firefox's blocker, by saying you're on Lynx (text based browser) or IE 4, making the server try an old popup method. I used to do that with Proxomitron all of the time before Firefox.
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules