undefined | Better HN

0 pointsSiebenHeaven5y ago0 comments

Won't turning js off make you one of the few people in the world that do this and hence easier to fingerprint?

0 comments

4 comments · 2 top-level

1vuio0pswjnm75y ago· 1 in thread

I have seen this type of reasoning before in HN comments but from a user's perspective it does not make sense. Imagine every user is sending a maximum amount of information, which we can see keeps increasing over time, via HTTP headers (including cookies), browser capabilities, hardware capabilities, etc. This "run with the herd" reasoning seems to suggest the best way to avoid fingerprinting is to send the maximum amount of information, "like everyone else". That only results in ever more information being sent to the online advertising industry. The probability they can distinguish one user fingerprint from another goes up as the amount of information sent increases. The objective of the online advertising services company is to gather as much information as possible from users.

The objective for the user should be to send as little information as possible. If a fingerprint shows the user is not running JS and is providing only a very minimal, generic set of information, how much value is there is trying to serve ads to that user. Users who want better privacy should be trying to reduce the amount of information they send. Maybe the first movers in that effort are "fingerprinted" as being privacy-conscious, tech-savvy, etc. That is probably going to result in less ads served to them, not more. Eventually, when most users, "the herd", is sending the minimal amount of information, the fingerprints all look similar.

Think it through. Advertisers do not care about users who will not indiscriminantly run JS. They go for the low-hanging fruit.

hakfoo5y ago

I'd posit that the biggest risk for advertisers is "plausible bullshit". Their ability to say "look at our huge tracking profiles" is dependent on both quantity and quality of data. If ad networks can't accurately sanitize their data, advertisers are going to balk at spending $6 per click for misprofiled audiences, when they can spray-and-pray "good enough" contextual ads for 30 cents a click.

Give me a VPN that regularly geolocates me at a Starbucks 30km out of town. Give me plugins that stuff my search history with a fixation on the Cincinnati Bengals and replacement parts for a 2013 Hyundai Accent. Yeah, they might see my actual traffic patterns, but the goal is to make it expensive and hard to filter the real use from the elaborate story.

______-5y ago· 1 in thread

You're just added to a (very large pool) of people who browse with JS turned off. Turning JS off as a default is a common thing.

leesalminen5y ago

Amongst the top 1% of tech savvy users, maybe. In all my years of supporting 100,000s of “regular” users I’ve never encountered anyone with JS disabled.

j / k navigate · click thread line to collapse