Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Well for one thing, an IP address is always going to be the easiest way to track a user, but also user agent information which browsers happily give away too much information.


> an IP address is always going to be the easiest way to track a user

Note that an IP address is not unique to a single user (NAT, CGNAT, mobile networks) and may frequently change.

> also user agent information

All users who use the same version of a browser on the same OS typically share the same user agent string (unless modified with a plugin or an extension). It's an indicator, but can't be used as a fingerprint itself.


> IP address is always going to be the easiest way to track a user

This is changing: Apple has rolled out Private Relay, and Chrome is planning some combination of willful IP blindness and near-path NAT.

> user agent information which browsers happily give away too much information

So is this: all the browsers are working on reducing how much they put in the UA.


Yes, for many. VPN's, mobile connections, and commercial work connections (using a proxy) will throw off IP address checks as they report a single IP for large pool groups. You'd have to also use MAC address, but mobile have MAC address swapping ,etc.

I once wrote a tool that would capture all network requesters, and reverse fingerprint them through a connection of Operating system quirks responses to network oddities (eg: tcp fragmented frames), location, routers they connect through, etc combined with the other browser things avail.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: