| ▲ | RicoElectrico 4 days ago |
| > Makes me think, it would be nice if there was a standard request header to specify preferred TZ for 'local time', That's a another data point for fingerprinting, sadly. Not that Chrome would care, but Firefox and Safari teams do, I guess. |
|
| ▲ | snailmailman 4 days ago | parent | next [-] |
| I believe this is already a thing? In JS at least Firefox’s “resist fingerprinting” does a lot of things to stop fingerprinting. One of those things is that it fakes my time zone as being UTC. 99% of of the time I never notice this being an issue. But occasionally I’ll try to pull up the wordle late in the day and get tomorrows puzzle. |
|
| ▲ | FearNotDaniel 4 days ago | parent | prev | next [-] |
| True. But pro-privacy is the argument that the server no longer needs to geo-lookup your IP address and find out where you are with much greater accuracy than is needed to determine what timezone you would like dates/times to be displayed in. |
| |
| ▲ | account42 3 days ago | parent [-] | | This argument holds as much water as saying that Google's Privacy sandbox reduces tracking because it gives advertisers the information they want. The IP is still available so you can assume that malicious websites will use it for whatever nefarious purposes they desire. An additional timezone header does not incentivize them to track you less. |
|
|
| ▲ | asddubs 4 days ago | parent | prev | next [-] |
| well, for almost everyone this information is contained within the IP anyway, though. |
| |
| ▲ | FearNotDaniel 4 days ago | parent [-] | | In what sense is the user's local time zone "contained within" the IP? The only way I know to get from an IP address (i.e. those four eight-bit integers separated by period signs) to a client-side timezone is first to use a Geo IP lookup table to obtain a physical location (usually, but not always correct), and then use a timezone database to look up the current political timezone in that location. Sure, some server setups will automate this for you so that the already-looked up information is contained within the request object that your chosen language/framework supplies. Is there something I've missed about those four eight-bit integers somehow directly encoding information that specifies the user's timezone, or did you mean something different? | | |
| ▲ | asddubs 3 days ago | parent [-] | | I don't really understand what point you're trying to make. Are you just arguing semantics about the choice of words I used for the fun of it, or do you actually disagree with something I said? |
|
|
|
| ▲ | eknkc 4 days ago | parent | prev | next [-] |
| It’s available on the client side where most of the fingerprinting happens using JS. And I feel like this is a lost cause at this point. Just assign every one of us a unique online ID and be done with it. |
| |
|
| ▲ | lgas 4 days ago | parent | prev [-] |
| It could be opt-out/opt-in and then all six users that care about privacy could do as they wished. |
| |
| ▲ | timlyo 4 days ago | parent [-] | | Sadly that almost makes things worse, if it's off then it's a data point that helps to id privacy conscious people. | | |
| ▲ | oneeyedpigeon 4 days ago | parent [-] | | Just use a default (GMT) for people who don't want to disclose it. | | |
| ▲ | account42 3 days ago | parent [-] | | Timezone: GMT with an IP that says something different is still more information than the IP alone. |
|
|
|
