So, one thing I don't quite get about fingerprinting:

> For example, websites can see web browser version, number of CPUs on your device, screen size, number of touchpoints, video/audio codecs, operating system and many other details

If, for example, I upgrade my web browser in two weeks (i.e. I get a new version number), doesn't that mean that the site has lost me?

Sites like https://coveryourtracks.eff.org seem to focus on how unique your fingerprint is, but doesn't it also matter how stable it is over time?

▲

rinz 2 days ago | parent | next [-]

That is why they probably don't put features that can be easily changed into the final fingerprint hash.

▲

Vinnl 2 days ago | parent [-]

But how many features then remain? For example, I've seen people discuss font size, version numbers, viewport size, etc. Do the remaining features still make a unique identifier?

	▲	corford 2 days ago \| parent [-]
		In most cases yes. If you upgrade your browser, the only thing that changes is the user agent data. The underlying device remains the same and it is this that leaks a lot of fingerprinting attributes (screen, gfx card, fonts, timezone, language, operating system, battery status, audio setup, bluetooth, installed video codecs, TCP data, IP address if static etc.). To get a feeling for this, try: https://abrahamjuliot.github.io/creepjs/ ; https://bot.incolumitas.com/ and https://amiunique.org/fingerprint Combined with super cookies (https://blog.mozilla.org/en/internet-culture/mozilla-explain...), that's a lot of data points to stitch together a high confidence fingerprint. Although not perfect, FF is much better out of the box at limiting the leaks than chrome.

▲

dehrmann 2 days ago | parent | prev [-]

It depends if they hash the data points or send them unprocessed. If they're unprocessed, they can associate two fingerprints where only the browser has changed.