[tor-talk] panopticlick data
joebtfsplk at gmx.com
Tue Oct 1 18:43:10 UTC 2013
On 10/1/2013 12:06 PM, Nicolas Vigier wrote:
> On Tue, 01 Oct 2013, Joe Btfsplk wrote:
>> Not sure I understand the question in this context. Without
>> cookies, I don't expect them to identify repeat visitors. I read
>> their full paper on how they use the data collected
>> Me visiting 2 - 4 more times, or even the other site visitors - *in
>> the same 2 - 4 min. span*, wouldn't (actually) affect the statistics
>> & lower their reported uniqueness estimate by factors of 2, 3 or
>> Repeating the test 4 times, almost immediately (clearing cache
>> between), out of an existing data base of millions of other site
>> visitors, wouldn't lower my uniqueness from 1 in 1.7 million, then
>> to 1 in 700,000, to 1 in 500,000.
> 1st visit: 3 444 000
> 2nd visit: 3 444 000 / 2 = 1 722 000
> 3rd visit: 3 444 000 / 3 = 1 148 000
> 4th visit: 3 444 000 / 4 = 861 000
> 5th visit: 3 444 000 / 5 = 688 800
> 6th visit: 3 444 000 / 6 = 574 000
> etc ...
Thanks. I'm not a statistics major, so you may have to explain, but are
you saying that the 1st time I visit w/ a given set of browser
characteristics, and they've only seen 1:3,444,000 browsers w/ exactly
the same traits, then on my 2nd visit, they've now seen 2 identical
browsers in 3,444,001 = 1: 1,722,000.5?
All that seems to mean is, they've not seen many browsers like mine
(poor distribution), IF... it started out as 1 in 3.44 mil, or anything
close - as mine would be a VERY common setup.
All the individual characteristics tested were very common, per their
results. Most are < 1:10 & none > 1:100, except the screen size (which
seems incorrect). Seems unlikely my 1920 width monitor only has 1664
"usable" browser pane width (what they show). When they show *1920*
width for TBB, but the 2 browser panes are the same in width. Only
thing taking up horizontal space on either browser is the vertical
scroll bar, which are pretty much identical.
*NOTE:* The *"bits of identifying information"* for individual browser
characteristics (useragent, cookies enabled, etc.) & uniqueness (1 in X
have this) of the INDIVIDUAL characteristics do NOT change, as you run
the test repeatedly.
Those values must be calculated from a set data base & don't seem to be
affected by your current visit.
Assuming trackers had a large enough sample space to have a high
confidence level, for fingerprinting purposes, would it matter if only 1
in 10,953, or 1 in 10,953,000 browsers were like yours? As long as they
could identify A browser w/ the same uniqueness (EXACT same
characteristics - entering & exiting). Even w/o Flash or Java enabled &
revealing system fonts, etc.
Only way I see that's not true is if 100's of users w/ EXACT same
browser characteristics (right down to same screen characteristics),
used the same entry / exit relays at the SAME time. That's unlikely,
unless TBB starts spoofing screen size, the same for everyone.
I believe in same TBB version (maybe the same in many versions) they
spoof the useragent & time zone, but wouldn't differences in screen
sizes & color bit ALONE, among a few users on one entry / exit
combination, at a given moment be enough to fingerprint one user?
More information about the tor-talk