How Browser Fingerprinting Hurts Online Privacy
The literal meaning of fingerprint is the impression your fingertip leaves when you touch something. The whorls and ridges that can be clearly seen under a magnifying glass. As far as we know, each person’s whole fingerprint is unique. Which means if your fingerprints match those at the scene of a crime, you’d better have a good explanation why.
So, when we talk about browser fingerprinting, you probably have the general idea right already. As you probably thought, it’s a way to identify who has visited a site by identifying the unique aspects of their browsers. What aspects are these? Glad you asked!
What Is This Fingerprinting Stuff Anyway?
Let’s imagine that you have a freshly-installed copy of Windows and have just installed the web browser of your choice.
When you visit a website, that website can request all sorts of information about your computer from the browser. On this fresh new machine, it will know things like what hardware the computer is using, what the screen resolution is and the version of Windows you’re running.
As you use the computer, visit websites and install plugins, your computer and browser becomes more and more unique. Which means that the specific browser and computer used to visit a given site can be matched later.
Let’s say you switch on some sort of privacy protection, such as a VPN. Although your ISP and the remote site you connect to are in the dark about who you are or where you are from, your browser fingerprint can tell them something.
If two sites both compare fingerprints, you may be linked to both. If you visited one of them without any privacy protection, you will have confirmed your internet activity while ostensibly “anonymous”.
How To Test Your Browser Fingerprint
You can test whether your browser is leaving a unique print around quite easily. There are several online tools that expose that information for you to see. The one that’s easiest to recommend is the Electronic Frontier Foundation’s Panopticlick 3.0.
All you have to do is click “TEST ME” and you’ll see within a few seconds whether your browser is unique enough to be a privacy risk. Go ahead and try it now.
Leaving No Fingerprint Behind
Presumably most of you reading this have failed the tracking test. So what can you do to anonymize your browser?
The answer to this question comes in degrees. There is no 100% foolproof way of anonymizing your browsing, but you can make it hard enough that whoever wants to track your browsing won’t have the resources or motivation to do so.
Let’s look at some practical steps you can take to become more anonymous online.
Private Browsing Modes
Popular browsers such as Chrome or Firefox have private browsing modes that switch off plenty of functions used for tracking and fingerprinting.
When you’re in private browsing mode, the computer won’t retain cookies or site data. It doesn’t hide many things from the site you are visiting, but it does prevent the accumulation of some unique data that could be used to identify you.
Of course, you can’t use the entire internet in this mode. So switch over to a private tab when visiting sites you’d rather not have as part of your total ID data.
Kick The Extension Habit
Every modification you make to your browser makes it easier to tell it apart from all the other users on the net. It can be tempting to really customize your experience and there are many brilliant extensions for browsers like Chrome.
Unfortunately, if you care at all about being tracked and identified, you need to refrain from using extensions. Well, except for one. The Privacy Badger extension from the EFF actually blocks invisible tracking technologies and you can get it for Firefox and Opera.
Use Popular Browsers
While it’s cool to try something off the beaten path, it’s not the best idea if you care about browser privacy. It’s best to stick to browsers that are very popular. So avoid niche and heavily modified browsers.
There are many ways to express your individuality, but this is one area where it’s actually a bad idea.
Boss Mode: Use a Virtual Machine, VPN and Privacy Operating System
If you want a more hardcore solution to being tracked and identified through your internet browsing habits, it’s possible to do something a little “nuclear” in terms of privacy. By combining several technologies you can radically reduce the chances that you can be identified by the sites that you visit.
The recipe goes something like this:
- Use a virtual machine, which hides your true hardware specifications.
- Run a privacy-focused operating system within the virtual machines. Tails is a good choice.
- Use the stock Tor browser, which is already included in Tails.
- Use a VPN that does not store activity logs, so that your ISP has no data for correlation with data from sites you visit.
In combination, these measures make it very hard for either your ISP or the site you visit to uniquely identify you.
Of course, none of that matters if you volunteer your identity. Logging into Facebook or Twitter leaves little doubt about who you are. Which means you also have to be cognizant about the information you openly provide and whether it’s what you want to do or not