[tor-talk] Spoofing a browser profile to prevent fingerprinting

Joe Btfsplk joebtfsplk at gmx.com
Thu Jul 31 17:44:30 UTC 2014


Wow, I'm surprised no one has questioned this before or has a reasonable 
explanation.
Why Panopticlick's total estimated entropy, *reported in the sentence 
_above_ their results table,* is much less than the sum of individual 
parameters' entropies - shown in the table:

"_Currently, we estimate that your browser has a fingerprint that 
conveys *nn.nn bits* of identifying information_."

To arrive at a total *"bits of identifying information"*, do they ignore 
characteristics with entopies < certain values?
Because, in a typical test - w/ JS ENabled, the sentence may show total 
entropy of *13.xx bits.*
In the same test,  the sum of entropies from their included table may be 
*34.xx* bits identifying information.

Why is there such a huge difference?  To arrive at their "total," what 
do they ignore - and WHY?
Or, do they take the results in the table & apply additional 
algorithms?  If so, do they detail that?
Thanks.

On 7/30/2014 9:12 AM, Joe Btfsplk wrote:
> On 7/29/2014 4:35 PM, Ben Bailess wrote:
>> But here are some numbers that I just collected that
>> perhaps could be of use to you. This test was done with the latest TBB
>> (3.6.3) and Firefox versions on Linux (Fedora), with both JS on and off:
>>
>> FF (private browsing) / JS disabled = 16 bits (not "unique" - one in 65,487)
>> FF (private browsing) / JS enabled = 22 bits ("unique" out of >4M samples)
>> FF (normal browsing) / JS disabled = 15.98 bits (not "unique" - one in
>> 64,524)
>> FF (normal browsing) / JS enabled = 21.07 bits (not "unique" but one in
>> 2,193,824 [roughly 2 matching entries in the sample]... so the other data
>> point may well have been me...)
>> TBB / JS enabled = 12.06 bits (not "unique" - one in 4,260)
>> TBB / JS disabled = 9.05 bits (not "unique" - one in 529 are same)
>>
> Thanks to all for your input.
> OK, I slept & revisited Panopticlick fingerprinting results
> https://panopticlick.eff.org.  Silly me - I was looking at the values
> listed for each parameter, then assessing the total entropy for all
> parameters shown.
> Yes, if I look at the value they report *in a sentence* above the
> results table, that total is far < than the sum of "bits of identifying
> information" for all browser characteristics measured, as shown in their
> results table.
>
> For those that haven't looked at the site (or anything similar), the
> total entropy that Panopticlick arrives at is far < than the sum of
> individual values.
> ("The total is less than the sum of its parts" ??)
> Like when it says,
> "_Currently, we estimate that your browser has a fingerprint that
> conveys *13.72 bits* of identifying information_*,*" but the sum of all
> parameters in that same test is *far* > than 13.72 bits.
>
> Maybe someone more familiar w/ their algorithm to arrive at the grand
> total "*bits of identifying information," *(that they state in a
> sentence, above the results table) can explain why their stated total
> entropy for the browser tested is *so much lower* than the total of all
> parameters shown in the table of test results.
>
> I read their paper, https://panopticlick.eff.org/browser-uniqueness.pdf,
> but missed any explanation of why that is so.
> I have an idea why that may be true, but no (generic) mathematical
> explanation.



More information about the tor-talk mailing list