[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Browser Fingerprinting
- From: Boruch Baum <boruch_baum@xxxxxxx>
- Date: Fri, 17 Apr 2020 04:57:16 -0400
- X-ml-name: emacs-w3m
- X-mail-count: 13611
- References: <email@example.com> <firstname.lastname@example.org> <20200417025514.5gotmp6vlvg3v25x@E15-2016.optimum.net> <email@example.com>
On 2020-04-17 10:15, Tomas Nordin wrote:
> The fields tested as browser characteristtics were
Thanks. Good to know.
> The most identifying characteristics is User Agent followed by
> HTTP_ACCEPT Headers.
Of course emacs-w3m and w3m have no choice but to send them, but ...
> Browsing the web with a text based browser is not a common thing to do,
> so from a browser fingerprinting point of view I guess the uniqeness is
> to be expected.
Right. That's why I suggested in my original e-mail...
"What might be more useful is to set variable w3m-add-user-agent to t,
and then set w3m-user-agent to some generic and popular user-agent
That leaves us with the matter of the HTTP_ACCEPT Headers. My memory is
that the information sent in that header is very limited, just a set of
mime-types that the server can use to send data to the client. That
doesn't seem to me to be much from which to create a fingerprint, but it
would be great to do a comparison. emacs-w3m does have configurable
variables for that feature that I guess ought to be what is in those
headers (see, for example, w3m-content-type-alist and
w3m-default-content-type) Otherwise, I don't know what identifying
information is in that header. I don't have time to look at this now,
but have added it to my (long) emacs-w3m to-do list. As is true with the
case of the user-agent string, I would have to also see what w3m is
If you do more research on this, please keep me informed, and if I have
any other insights, I'd be happy to share them. The simplest test would
be check the uniqueness score after following my suggestion about using
a false user-agent string. A second step would be to compare ACCEPT
headers with a common browser, and see how changing the emacs-w3m
variables can cause the results to yield a better result.
CA45 09B5 5351 7C11 A9D1 7286 0036 9E45 1595 8BC0