
Deanonymizing You: I know who you are after 1 click online or a mobile call - DocFeind
http://www.networkworld.com/community/blog/deanonymizing-you-i-know-who-you-are-after-1-click-online-or-mobile-call
======
praptak
Maybe worth reminding in connection with the article:
<https://panopticlick.eff.org/> \- how many bits of identifying information
your browser leaks from its configuration itself. Even on a fresh profile with
none of the privacy-leaking stuff like cookies or cache.

~~~
pella
"How to disable permission to read 'System Fonts' and 'Browser Plugin Details'
in Chrome and Firefox"

[http://superuser.com/questions/292666/how-to-disable-
permiss...](http://superuser.com/questions/292666/how-to-disable-permission-
to-read-system-fonts-and-browser-plugin-details-in)

~~~
chimeracoder
How well does this work - in other words, how identifying is the _absence_ of
such information?

(The third alternative would be to spoof the information on each request, but
I don't know how well that would work, and it could cause other problems.)

~~~
stephengillie
Most fields won't report with javascript disabled. In those fields "no
javascript" reveals 1.86 bits about you, and 1 in every 1.33 browsers has it
disabled.

------
casca
For those not in the industry, Jeremiah Grossman is a highly respected
researcher who does a lot of work in this space.

This is a more useful technical resource to understand how your privacy is
being compromised: [http://blog.whitehatsec.com/i-know-series-summary-and-
guidan...](http://blog.whitehatsec.com/i-know-series-summary-and-guidance/)

------
deltaqueue
I have no background in security, but I've found Disconnect (Chrome plugin) to
be invaluable for keeping sites away from my social media cookies / sessions:

[https://chrome.google.com/webstore/detail/disconnect/jeoacaf...](https://chrome.google.com/webstore/detail/disconnect/jeoacafpbcihiomhlakheieifhpjdfeo)

Sometimes it causes problems with Facebook photos embedded on other websites
or social integration you actually want, but you can easily see what's being
blocked and disable as needed.

------
bluetidepro
_Per the video showing the exploit:_ I thought since it was being served
through an iFrame, it won't allow you to effect the inner elements with
CSS/JS? If that doesn't matter, is there a way that Facebook, Twitter,
Google+, etc. can do anything on their end so the front end user (or
exploiter, in this case) can't modify the button with CSS to do these types of
things?

~~~
dcdan
Couldn't you just move the iFrame and not need to have access to its elements?

