How identifiable are you on the net?
I'm sure we're all aware that the browser we use (the User Agent in internet-speak) reports back information to each web server we visit. But could a web server gain any information about who we are just from the browser? Could we be identified when we visit later on? You might think: easy, just turn off cookies and we'd be pretty much unidentifiable, but is that the case?
I tried out a web site called Panopticlick put up by the Electronic Frontier Foundation (EFF) to see how identifiable I was (or, if you like, how unique my browser fingerprint is). I got back:Your browser fingerprint appears to be unique among the 139,433 tested so far.
Currently, we estimate that your browser has a fingerprint that conveys at least 17.09 bits of identifying information.
Yikes!
The information that is gathered and analyzed for uniqueness is the User Agent string, the HTTP_ACCEPT headers, the browser plug-ins, time zone, screen size and color depth, the system fonts, whether cookies are enabled, and the "Limited supercookie test", whatever that is. The things that are most unique for me are my list of plug-ins and my fonts. In essence, those are unique amongst the data they currently have collected in their database. The EFF have gathered some recommendations to mitigate against browser fingerprinting here.
Go on, try yours, I dare you...
