| ▲ | gruez 3 days ago | |
>CGNAT exists which is "much privacy" by your logic. So anyone interested, starting with Google, is already fingerprinting you anyway, so the whole idea what "ipv4+NAT is more private than ipv6" is moot at best. It's still an extra fingerprinting signal, and all things being equal you'd want less fingerprinting vectors. Otherwise you fall into defeatist line of "google already probably knows my interests quite well, so I might as well not bother trying to obfuscate my advertising history". It's an extra signal that's basically impossible to spoof >NB: your useragent already sends enough info to effectively distinguish your from the other users behind the same ipv4 address ??? User-agent provides very limited set of information. Two chrome users on windows have the same user agent. Unless you think everyone in a household uses a different browser/OS combo, user agent isn't enough to distinguish users. You'd need to get into canvas/webgl fingerprinting to uniquely identify a device, and even then that can't distinguish identical devices (eg. two people using iPhone 16) | ||
| ▲ | justsomehnguy 3 days ago | parent [-] | |
> It's still an extra fingerprinting signal, and all things being equal you'd want less fingerprinting vectors Yes, but it's value to the interested party is minuscule, precisely because it's not a permanent and distinguish enough signal. They already have a lot more stronger signals so ditching ipv6 for ipv4+nat would not improve your privacy in any meaningful way. > User-agent provides very limited set of information Yes. But if you have two 'users' in your ipv4+NAT network and the one is using an Apple device while the other uses some Android device - you already, without providing any 'extra fingerprinting signal' like a ipv6 address, gave a signal strong enough to distinguish between those users. > You'd need to get into canvas/webgl fingerprinting to uniquely identify a device No need for that to distinguish between different users behind a NAT. Your cookies, your UA, your logged in accounts, your requests to fonts.google.com for a fancy website - they all give enough information to do that already. I remind the original point about CGNAT - it's massive amount of users who are intermingled on the same IPv4 pool and even sometimes change the used address in process. Ad platforms already need to work with an 'non-identifiable' IP:port combo datapoint in the first place, so they do their work to identify you from the every breadcrumb they can leave on your device. And by the way, if you have any 'cloud enabled' app on your device the big boys already knows where and who you are. Eg: any app what uses Firebase, or Location APIs or bazillion of other 'cloud' things... | ||