
How Browser Fingerprinting Works - kevq
https://kevq.uk/how-browser-fingerprinting-works
======
avmich
> Your public IP address

Can do something with proxies and Tor?

> The user agent and accept header fields are automatically sent to websites

Can we control what browsers send? How decision is made what values to send?

> JavaScript is widely used across the Internet and it can be used to provide
> data on things like the plugins you have installed on your browser.

Can APIs popular for fingerprinting be listed? E.g. request to list plugins
can be interesting. Can we control all such APIs?

> If the Flash plugin is installed, its API provides access to many system-
> specific attributes such as exact version of the operating system, list of
> fonts, screen resolution, timezone etc.

But if not, this shouldn't be a problem, right?

> A HTML5 Canvas element can be used to collect small differences in the
> hardware or software. This is because every machine will render an image in
> a different way. With canvas fingerprinting, the tiniest of details can be
> detected.

Can more details be provided? E.g. screen dimensions can always be reported
the same; if not, we need to have details.

