← Back to context

Comment by prism56

8 hours ago

Interesting. So when you try resist fingerprinting. If you dont go all the way you're at risk of making your differentiations smaller?

7 comments

prism56

Reply
kube-system  8 hours ago

As an oversimplified example:

If a website has 100 visitors, and 99 of them use Chrome, and 1 user uses Firefox, it doesn't matter how good their fingerprinting resistance is, they're always the one using Firefox.

https://xkcd.com/1105/

  • godelski  5 hours ago

    Firefox is low on browser count but it's still around 4%[0]. That's enough that there will be lots of collisions. Even a small percent of a very large number is a very large number

    [0] https://radar.cloudflare.com/reports/browser-market-share-20...

    • kube-system  5 hours ago

      Of course.

      However, if you're trying to search for somebody, and you're able to eliminate 96% of the data, you're in a much better position to accomplish your goal.

      Whether or not you should care about this depends on what kind of tracking threats you're trying to avoid.

      2 replies →

  • Phelinofist  5 hours ago

    But if another Firefox user comes they are indistinguishable from each other, while every Chrome user is uniquely identifiable, are they not?

    • kube-system  5 hours ago

      > if another Firefox user comes they are indistinguishable from each other,

      Even if every Firefox browser gave off the exact same fingerprint, that wouldn't make the network traffic indistinguishable between Firefox users. There is a lot of entropy that is provided by your network stack of your device, the networks you connect to in order to get to the end website, the behavior of your requests, etc.

      Now, most websites aren't doing this kind of analysis. But it isn't unheard of or impossible. There are major websites that are known to do TLS fingerprinting.