you are viewing a single comment's thread.

view the rest of the comments →

[–]SoCo 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (2 children)

There is no way to avoid fingerprinting. You can't realistically block it, obfuscate it, or avoid it. There are too many ways to finger print a network connection, computer, and browser.

This can't identify you or anything, so it is mostly not a problem.....What it can do, though, is match you when you access their website or service. They can know you are the same person who accessed content of theirs before and can keep a history of when and what you accessed. If you have two accounts on a website, the website will always be able to know those accounts are the same person through fingerprinting, even if you change browsers, operating systems, and maybe even if you change computers with some confidence.

This is all if they wanted to. Any small website can slap fingerprinting plugin or library on their webpages. You might even be able to avoid most of that fingerprinting, with a ton of effort, but ultimately it is a hopeless task.

Big companies will pay a subscription to enterprise fingerprinting packages, completely undetectable to the users, with regular updates from teams of experts pushing the most crazy robust and cutting edge techniques. They measure so much about your screen's technical details, video driver, your installed fonts, your HTTPS cipher acceptance, your browser in every way, tons of obscure timing stuff...and just everything. It is infeasible to completely avoid it.

Knowing you are the same person who has been to a web site in the past and how often is slightly valuable as a anonymous anti-spam/telemetry/analytics metrics or something to websites, but knowledge of you limited to just their own site....

Yet, large companies like AmazonCloud, Cloudfare, Google, and many places that simply host very popular JavaScript libraries, have such a wide grasp. This quickly becomes de-anonymizing, able to track you across the internet with that fingerprinting, and eventually linking you to various locations, web accounts, or submitted content that identify you. It is a side-channel attack technically.

Marketing, politics/social analytics, government intelligence companies, and even police departments are buying this kind of data regularly. It is a massive market, that is massively valuable. It is extremely hard for too-large of companies to say "no" to large mounts of revenue from their existing infrastructure, especially when they have a government or police investigation compelling them and telling them is for a really important reason that saves or helps people.

Now just wait for the AI to put all that data together and predict what the perfect talking point is to convince more than 70% of the population to get in cages without resisting would be...

[–][deleted]  (1 child)

[deleted]

    [–]SoCo 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

    I'm suggesting that data, after collected, would then be fed into AI for nefarious reasons. Collecting all that data can't be that valuable to governments just for crime/terrorism fighting and politics. They need that much info to feed AI, to manipulate the public masses.