Web surfing privacy and being multilingual

In many cases, it’s easy to track your browsing – thanks to JavaScript which is by default executed in most browsers. For example, any site can figure out did you visit a particular another site or not. Like, find out which social networks you hang in. So far, it was mostly about showing more targeted advertisements.

Nothing bad has happened to me because of this, and one may argue that targeted ads are better than non-targeted. But I do not like the idea of being tracked – and I shut off all web ads anyway with AdBlock. Additionally, I have NoScript always on (and allow sites selectively each time when “some site does not work”).

Today I have been told that there is a way to track me even without JavaScript and tracking images from spyhouse sites. It is demonstrated here:

https://panopticlick.eff.org/

I have quite long “accept-language” header set in my browsers, as I can read web pages in several languages. panopticlick shows that I’m one such user out of about half million (it might be that I’m just the only one with this value of accept-language, who made a check there).

I’m not feeling paranoid because of this. But I’ll be happy to know, is there a way to pass my (complicated 🙂 ) language preferences without allowing for easy fingerprinting.

4 thoughts on “Web surfing privacy and being multilingual

  1. I think that there is no way of doing this. The idea here is that you pass to the server your custom preferences. If you want those custom preferences – you are different and that it’s why it’s possible to track you 🙂

    But, I see the ultimate solution. Such tracking is useful only if one single party receives information from different parties (e.g. one google tracks you on different sites by embeding its content to them using images, scripts, etc). I see no reason for the browser to pass those custom preferences to any external domains to the site visiting. If somebody create an extension that does not send any custom infromation to them, it will break such fingerprinting. The site you visit will be able to track you anyway, but this is not that critical.

    But, well, there is also a TCP fingerprinting available, but TOR or any proxy can solve it.

    • I see no reason for the browser to pass those custom preferences to any external domains to the site visiting.

      Hm, Anton, this is damn smart. Seriously. If only I was a bit more experienced in this area, I would consider writing a Firefox plugin which strips extra HTTP headers from any requests to 3rd party hosts. You’d get the credit then 😉

      • That’s a nice change for you to digg into this area. Seriously. Nothing helps that much to learn some field than having a short real task.

        I would like to write such an extension, but my FOSS plans are already overcommiteed 😉

Leave a Reply

Your email address will not be published. Required fields are marked *