[tor-talk] Spoofing a browser profile to prevent fingerprinting
Joe Btfsplk
joebtfsplk at gmx.com
Wed Jul 30 14:12:23 UTC 2014
On 7/29/2014 4:35 PM, Ben Bailess wrote:
> But here are some numbers that I just collected that
> perhaps could be of use to you. This test was done with the latest TBB
> (3.6.3) and Firefox versions on Linux (Fedora), with both JS on and off:
>
> FF (private browsing) / JS disabled = 16 bits (not "unique" - one in 65,487)
> FF (private browsing) / JS enabled = 22 bits ("unique" out of >4M samples)
> FF (normal browsing) / JS disabled = 15.98 bits (not "unique" - one in
> 64,524)
> FF (normal browsing) / JS enabled = 21.07 bits (not "unique" but one in
> 2,193,824 [roughly 2 matching entries in the sample]... so the other data
> point may well have been me...)
> TBB / JS enabled = 12.06 bits (not "unique" - one in 4,260)
> TBB / JS disabled = 9.05 bits (not "unique" - one in 529 are same)
>
Thanks to all for your input.
OK, I slept & revisited Panopticlick fingerprinting results
https://panopticlick.eff.org. Silly me - I was looking at the values
listed for each parameter, then assessing the total entropy for all
parameters shown.
Yes, if I look at the value they report *in a sentence* above the
results table, that total is far < than the sum of "bits of identifying
information" for all browser characteristics measured, as shown in their
results table.
For those that haven't looked at the site (or anything similar), the
total entropy that Panopticlick arrives at is far < than the sum of
individual values.
("The total is less than the sum of its parts" ??)
Like when it says,
"_Currently, we estimate that your browser has a fingerprint that
conveys *13.72 bits* of identifying information_*,*" but the sum of all
parameters in that same test is *far* > than 13.72 bits.
Maybe someone more familiar w/ their algorithm to arrive at the grand
total "*bits of identifying information," *(that they state in a
sentence, above the results table) can explain why their stated total
entropy for the browser tested is *so much lower* than the total of all
parameters shown in the table of test results.
I read their paper, https://panopticlick.eff.org/browser-uniqueness.pdf,
but missed any explanation of why that is so.
I have an idea why that may be true, but no (generic) mathematical
explanation.
More information about the tor-talk
mailing list