Cookie conundrum
in [UK Mac]
|
From: James Taylor on 2 Feb 2010 13:10 Elliott Roper wrote: > James Taylor wrote: > >> There is a uniqueness test from the EFF here: >> >> <http://panopticlick.eff.org/about.php> >> >> Go to the homepage and click the "Test Me" button. It would be >> interesting to see what kind of results Apple users get. I get a >> uniqueness rating of one in 256,032, but then I'm using Linux and have >> my browser fairly heavily locked down, which is unusual. It seems the >> more securely configured you are the more trackable you are, so you >> can't have both security and privacy at the same time. Damn. :-( > > I think your last observation may not be quite right. I was completely > unique in their whole population and my machine is relatively wide > open. They were able to score me uniquely on plugins and again on > fonts. > If I had Javascript off, they would not have been able to see the fonts. Ah, so the fact that I had JavaScript off was to my benefit. Good. I still worry about a uniqueness of 1 in 256000 though because if, for example, I carried my laptop around while travelling through Burma or China in the belief that I'm safer checking my email that way than by using Internet cafe machines, then I'm probably sufficiently unique to be trackable as I move around the country. If I were a journalist working to help political dissidents tell the world about atrocities committed by the governments of such oppressive regimes then I'd have good reason to be very concerned indeed, as the authorities would be able to pinpoint my geographical position every time I accessed the net, at least to the nearest Internet cafe, hotel, or wi-fi hotspot. > Still, I can always don a disguise when I have to. Muck about with > fonts and plugins installed and active. Simples! Unfortunately, I suspect that such tinkering would not be sufficient to throw them off the scent. -- James Taylor
From: James Taylor on 2 Feb 2010 13:13 chris wrote: > James Taylor wrote: > >> That's Google Analytics; the ultimate Big Brother watching you as you >> browse the web regardless of whether you use Google as your search >> engine or not. > > Just filter them out by disabling Javascript. Don't worry, it's on my NoScript "untrusted" blacklist already. However, you have to know about the problem, and know the solution, to be safe and most people are unaware. > I always thought I was 1 in a million... ;) Hehe. Of course you are! -- James Taylor
From: James Taylor on 2 Feb 2010 13:15 Graeme wrote: > Using bog standard OSX and Safari I get 1:513458, hmmm! > > Mind you I followed the link about methodology and when I went > back to the results page I got 1:513709 > > If I clicked back and forwards between the two pages, the ratio > went up each time. That would be because there are a lot of people using it. Indeed you can measure the rate at which people are using it this way. Cool. -- James Taylor
From: James Taylor on 2 Feb 2010 13:21 Peter Ceresole wrote: > James Taylor wrote: > >> <http://panopticlick.eff.org/about.php> > > I had a look. It tells me that my Firefox 3.5.7/10.4.11 setup is > 'unique', out of the 512,000 or so they have tested. Which in terms > of their expressed concerns is as bad as it could possibly be. > Luckily, my concerns and theirs don't coincide. I'd heard there were people who didn't give a damn about being tracked, identified, and profiled, but I had no idea they really existed. Do you not accept that a certain amount of privacy is necessary for freedom of thought and thus required for a healthy democracy? You don't really want to walk blindly into a police state (oh, that's a bad example because the UK is already there) into a Big Brother society do you? -- James Taylor
From: Rowland McDonnell on 2 Feb 2010 13:56
James Taylor <usenet(a)oakseed.demon.co.uk.invalid> wrote: > Rowland McDonnell wrote: > > > James Taylor wrote: > > > >> Well, the sad fact is that security and privacy are hard to sell when > >> the great majority of customers don't understand such things and > >> certainly don't care about them if given a choice between security and > >> privacy on the one hand or convenience and kewl features on the other. > > > > Indeed - that is because they have been brainwashed into bone idle > > acceptance of whatever they're fed, brainwashed into believing that it's > > impossible to understand the background stuff, and denied access to the > > information that they'd need to understand what they'd need to > > understand. > > Even if you tell people they're totally insecure and their privacy is at > risk, most people are too preoccupied with other priorities to spend any > time looking into what they'd need to understand to know what they'd > need to understand. Life's too short. Indeed some people prefer to > believe they're using a secure computing platform (eg. Apple) because to > entertain the possibility that it might not be secure is inconceivable > to their puny minds. Quite. The basic problem is the fundamental absence of real security at any level of commerical computing - those that provide us with these tools have historically decided mostly to ignore the security side of things. If they had not done so, then most of the computer problems we have would not exist. By `security', I mean `security of data and of your workspace', which covers `making sure the damned machines are reliable' as well as `making sure outside malice can't screw things up either'. Why, for example, are buffer overflow attacks possible? Because of shoddy system design, that's why. It goes on like this. End users should not have to worry about security issues at the level we must worry at, if we have any hope for security. But we do - and most people can't or won't. And that's a problem. They've *ALL* ripped us off, in my view - all of 'em. [snip] > > It's all about leaching money from the suckers who suck on the PC teat. > > > > And you think that this commercial tyranny is a good thing, and should > > remain unchallenged, do you? Your words indicate that you do. > > No, I didn't say it was a good thing. You seemed to imply that to me. >It's just how things are. I know that too - and it stinks. Rowland. -- Remove the animal for email address: rowland.mcdonnell(a)dog.physics.org Sorry - the spam got to me http://www.mag-uk.org http://www.bmf.co.uk UK biker? Join MAG and the BMF and stop the Eurocrats banning biking |