Can a website tell what device you're using?

ip-address mac-address cookies
17,737

The answer is yes, and it no longer requires cookies to do so:

Various technologies exist to track users, in addition to cookies. Some fingerprint a browser based on differences in each browser's rendering of a site, since each browser will load the page slightly different due to screen size, plugins, etc. From the Electronic Frontier Foundation:

ProPublica reported on new research by a team at KU Leuven and Princeton on canvas fingerprinting. One of the most intrusive users of the technology is a company called AddThis, who are employing it in “shadowing visitors to thousands of top websites, from WhiteHouse.gov to YouPorn.com.” Canvas fingerprinting allows sites to get even more identifying information than we had previously warned about with our Panopticlick fingerprinting experiment.

Canvas fingerprinting exploits the fact that different browsers have slightly different algorithms, parameters, and hardware for turning text into pictures on your screen (or more specifically, into an HTML 5 canvas object that the tracker can read). ... The main distinction is that the canvas fingerprint can’t be blocked by cookie management techniques, or erased with your other cookies. ...

And from Forbes

To combat the cookie’s flaws, advertisers and publishers are increasingly turning to something called fingerprinting. This technique allows a web site to look at the characteristics of a computer such as what plugins and software you have installed, the size of the screen, the time zone, fonts and other features of any particular machine. These form a unique signature just like random skin patterns on a finger. The Electronic Frontier Foundation has found that 94% of browsers that use Flash or Java – which enable key features in Internet browsing – had unique identities.

Fingerprinting may prove a more robust tracking technology than cookies because the user’s identity endures even if they erase their cookies. Making changes to your software and settings only makes you more identifiable, not less. An EFF study several years ago found that it is easy to track when someone changes their profiles by adding software updates, for example.

Forbes also references the EFF site https://panopticlick.eff.org/ to show a user what information their browser reports that can be used to create a unique browser fingerprint without a cookie.

Finally Internet Carriers have introduced their own tracking tools, such as Verizon's Unique Identifier Header as Wired describes Verizon’s ‘Perma-Cookie’ Is a Privacy-Killing Machine

Verizon Wireless has been subtly altering the web traffic of its wireless customers for the past two years, inserting a string of about 50 letters, numbers, and characters into data flowing between these customers and the websites they visit.

The company—one the country’s largest wireless carriers, providing cell phone service for about 123 million subscribers—calls this a Unique Identifier Header, or UIDH. It’s a kind of short-term serial number that advertisers can use to identify you on the web, and it’s the lynchpin of the company’s internet advertising program.

Each of these technologies provide means to track regardless of the presence of cookies, and in the case of UIDH header-injection - regardless of any browser setting.

Share:
17,737

Related videos on Youtube

Giacomo1968
Author by

Giacomo1968

Updated on September 18, 2022

Comments

  • Giacomo1968
    Giacomo1968 over 1 year

    If I were to visit a website on different occasions and from different IP addresses but from the same device, could a website potentially tell?

    If so, would deleting cookies prevent this?

    • Giacomo1968
      Giacomo1968 over 9 years
      You can delete your cookies all day & and night since they have nothing to do with user profiling. And IP address has nothing to do with it either.
  • James P
    James P over 9 years
    I don't think that is what he is asking. He is talking about whether a website can tell if you are the same person/device if your IP address changes, not whether a website can tell what hardware you have.
  • LPChip
    LPChip over 9 years
    @James DavidB is correct though. It is up to the browser to relay that information. Changing device but using the same browser will cause different data to be sent, unless that data is spoofed.
  • DaveTheMinion
    DaveTheMinion over 9 years
    @James If that is in fact what he is asking, then I suppose it would be possible for a website to tell if unique identifying cookies are stored on the device.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Doing ARP and Inverse ARP on Linux 2.6.21 (glibc 2.3.5)
Huawei HG8245H MAC Address Change (Clone)
How to get an IP address from a MAC address?
Theory regarding MAC and IP address in network packet and frame content?
How to bind IP address to MAC address in Windows XP?
How should I reserve IP addresses for my home LAN?
In computer networks, when is a MAC address used and when is an IP Address used?
MAC address in DHCP client list different from manufacturer's. Also, same device getting two different MAC addresses
Assign IP's to certian mac addresses in dd-wrt
Why are Ethernet/MAC addresses needed?