Comment by 1vuio0pswjnm7

7 hours ago

The question that I have not see answered in the many, many forum threads on "browser fingerprinting", is specifically why a user seeks to avoid it

Is it (a) to avoid internet marketing, (b) some other reason or (c) both. What is the "threat model"

If the answer is (c) then is there a belief that a fingerprint collected for marketing purposes may be used for other purposes

I do not use a browser to make HTTP requests, I only send two headers, Host and Connection, unless I need to send more, e.g., User Agent, Cookie, Accept, etc. The vast majority of websites I access work with only two headers. The list of ones that require more is short and the local forward proxy adds them automatically for those sites

For me, the "threat model" is (a) internet marketing

I do not see any ads because (1) the computers I use cannot access ad or tracking servers^FN1 and (2) I use a text-only browser to read HTML. There is no Javascript interpreter, no way to auto-load resources, no way to display images, no way to store cookies, etc.

I have no issue with this information that I'm a text-only web user being revealed to any internet marketer. (More likely I am mistaken for a "bot" as a result of crude heuristics)

On the other hand, if I were using a popular browser to make HTTP requests, one that sends a "common" fingerprint to internet marketers, then this would signal a more viable target for ads and tracking. Popular browsers have default settings that enable Javascript, cookies, images, auto-loading resources, etc.

tl;dr The reasons a computer user has for avoiding fingerprinting may be different. For example, one user might want to "blend in" and "hide", i.e., avoid being "identified", whereas another user might want to "be left alone", i.e., avoid being the target of internet marketers