Cybersecurity

6351 readers

465 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We're all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !securitynews@infosec.pub !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub

Notable mention to !cybersecuritymemes@lemmy.world

founded 2 years ago

MODERATORS

kid@sh.itjust.works

Lanky_Pomegranate530@midwest.social

183

Google now allows digital fingerprinting of its users (www.malwarebytes.com)

submitted 2 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

43 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] nyankas@lemmy.ml 34 points 2 days ago* (last edited 2 days ago) (4 children)

I unfortunately can't really see how a browser could still be nice to use and properly resist fingerprinting.

The site https://amiunique.org/fingerprint tries to fingerprint your browser and lists the used attributes along with their uniqueness within their dataset. And while a browser could pretty reliably lie about its User Agent or Platform, it's often just necessary for a modern website to know, for example, what your view-port's resolution is or what kind of audio/video codecs your device supports. Going through my own results, I'd say combining these necessary data points is probably enough to identify me, even though I'm pretty privacy-conscious.

Maybe I'm overly pessimistic, but I think preventing fingerprinting would need a regulatory instead of a technical solution. Unfortunately that doesn't seem very likely anytime soon.

[–] Nalivai@lemmy.world 2 points 1 day ago

There are extentions for Firefox that randomise most of that. They add random supported codecs for example, enough to make it believable, not enough to make it a unique combination.
It's not perfect, nothing is, but it seems to be good enough.

[–] schizo@forum.uncomfortable.business 16 points 2 days ago (1 children)

I’d say combining these necessary data points is probably enough to identify me

The EFF has had a couple of websites that would profile you on exactly this data, so you're completely correct in that even the basic normal required metadata is more than enough to identify you pretty well.

coveryourtracks.eff.org is where it's living now, and a quick glance shows that just using browser capabilities and such is absolutely enough to identify me.

[–] 0x0@lemmy.dbzer0.com 12 points 2 days ago (2 children)

For the lazy: https://coveryourtracks.eff.org/

[–] flames5123@lemmy.world 2 points 2 days ago

This helps so much more on mobile using an app. Thank you for your service!

[–] haui_lemmy@lemmy.giftedmc.com 2 points 2 days ago

Thats very good thank you

[–] Dkarma@lemmy.world 5 points 2 days ago

Browser?

Lol they own Android...it's the entire os. They're fingerprinting every android phone.

[–] rainrain@sh.itjust.works -1 points 2 days ago (1 children)

I've been using browsers for a couple of decades without digital fingerprinting and it's nice enough for me. I see no need to make it nicer.

[–] sugar_in_your_tea@sh.itjust.works 5 points 2 days ago

Such as?

Every browser can be fingerprinted, even Tor browser, which goes out of its way to resist fingerprinting. The only way to really avoid fingerprinting is to not use JavaScript, which is extremely limiting.