- From: Jason A. Novak <jnovak@apple.com>
- Date: Mon, 02 Jul 2018 11:39:55 -0500
- To: public-privacy@w3.org
- Message-id: <2799EA89-819F-49AE-8380-02150BCF3B4D@apple.com>
Wanted to raise folks’ attention to this study by Inria of browser fingerprinting at scale <https://www.doc.ic.ac.uk/~maffeis/331/EffectivenessOfFingerprinting.pdf> wherein they found that 33.6% of browser fingerprints are unique. They conducted this study by placing a fingerprinting script on one of the top 15 websites in France and collecting data from users who had consented to cookie collection over six months. Their notable findings are: - The population you are fingerprinting matters; they found that 33.6% of fingerprints are unique, in part, because they were collecting from a general interest site as opposed to a site dedicated to collecting fingerprints; - That 35.7% of personal computers are unique and that 18.5% of mobile device fingerprints are unique; - That content language and time zone provided significant herd immunity; - That removing fingerprinting elements that are collected via Javascript removes the percentage of unique devices from 18.5% on mobile to 4.3% and from 35.7% on desktop to 0.7% (they grant that “[t]he improvement in privacy by removing Javascript is highly visible, but the cost to the ease and comfort of using web services could be overly high”). - That the list of plugins, canvas, user agent, and fonts are the most distinctive attributes. Jason
Received on Monday, 2 July 2018 16:40:23 UTC