On Thu, 04 Feb 2016 21:47:00 +1030
Tim <ignored_mailbox@xxxxxxxxxxxx> wrote:
On Wed, 2016-02-03 at 10:18 -0700, stan wrote:
I doubt that you are experiencing traditional cookie tracking.
Hmm, I reckon they probably still do that.
I'd agree. But my bank, to increase security, tried to use both a
regular cookie and an LSO cookie. Fortunately, I convinced them that I
shouldn't have to have a third party private app installed to access
their website, and they removed it. Or, more likely, made the LSO
cookie non blocking.
[snip]
And there's the rub, these days. Now that dial-up is dying off, many
users have persistent IPs (not quite static, but most likely to keep
on using the same IP). You can't just block something once it's
touched you, wipe your cache, and be a new anonymous person on your
next session. And thanks to browsers with tabs, or multiple windows
that do not act like isolated programs, one session can last a very
long time, as you close your window with your bank, but other windows
remain open.
Yeah, I used to have an ISP like that, same IP every time. Now, my ISP
gives me a random IP from their range every time I log on to their
network.
I tend to keep only minimal tabs open, not because of privacy primarily,
but because I don't like the clutter. I have read that there have been
exploits that allowed a website running malicious scripts to gather
information from other open tabs in the browser, but I think those are
fixed now.
Once we are using IPv6, though, everyone will probably get assigned an
IP address at birth, and keep it for their whole life. :-) Sayanora
privacy, and welcome to the goldfish bowl. Maybe some enterprising
souls will start a site that operates as a nat or proxy for IPv6, so
that everything goes through their randomly assigned IPv6 IP addresses,
and routes the information to the real address anonymously to the
queried website.
I wonder if any browsers have a randomiser in them to jiggle the
tell-tale signs that browser fingerprinting makes use of?
I'm not aware of a plug in that does that, though I think it is
possible to change some of the information the browser gives out. The
trouble is that website client side apps have to know what's available
for their use, so they are allowed to query the browser to find out the
environment they are operating in. And once they do, they have the
browser fingerprint. So, the trackers piggyback on that to find the
environment as a fingerprint. If the environment is blocked to stop the
trackers, the legitimate apps won't be able to function properly.