Talk:Device fingerprint
This article is rated Start-class on Wikipedia's content assessment scale. It is of interest to the following WikiProjects: | ||||||||||||||||||||||||||||||||||||||||||||||||||||
|
The contents of the Browser fingerprint page were merged into Device fingerprint on 15 March 2020. For the contribution history and old versions of the redirected page, please see its history; for the discussion at that location, see its talk page. |
Untitled
[edit]I arrived here installing a Nuance product that asked for a machine fingerprint, and the article was no help. I then used the My Computer utility to look at the System Information and on the Dell PC in question found a four-part 21-digit alphanumeric code which worked. So perhaps a Machine Fingerprint page distinct from device fingerprint is in order as the machine print looks to be Nuance's way of referring to the OEM serial number for the PC. translator (talk) 18:02, 12 March 2011 (UTC)
Known companies and products using fingerprinting
[edit]I'm quite surprised there is no information at all about who does actively fingerprinting activity.
It's not that hard to find:
- Iovation claims to acquire "over 100 attributes about the device" with their javascript snippet, while it is claimed that the activity is for fraud prevention uses, they encourage to use iovationscore to "offer trusted customers your best promotion".
- Equifax provides a product based on that iovation code. — Preceding unsigned comment added by Privon (talk • contribs) 09:10, 1 January 2017 (UTC)
External Links
[edit]@Esponenziale and GermanJoe: Ok, I want to talk about some of these external links. Some of them are fine, but several should probably be dropped per WP:LINKFARM, and two don't belong in this section.
* Panopticlick, by the Electronic Frontier Foundation, gathers some elements of your browser's device fingerprint and estimates how identifiable it makes you
- A relevant, good example of fingerprinting in action. This should stay.
* Am I Unique, by INRIA and INSA Rennes, implements state of the art fingerprinting techniques including collecting information through WebGL.
- Also a good fingerprinting example, and perhaps warrants continued inclusion.
* Browserprint, by the University of Adelaide and ACEMS, a fingerprinting site that has many tests including ones targeted at the Tor Browser Bundle and other browsers that have fingerprinting defenses.
- Another example site. We don't really need more than one or two of these.
* Julia Angwin, Jennifer Valentino-DeVries: Race Is On to 'Fingerprint' Phones, PCs The Wall Street Journal, 29 November 2010
- This doesn't really fit as an external link. Perhaps further reading, or incorporate it into the article as a reference.
* Open-Source Device Fingerprint, Open-Source device fingerprint software with demo
- This one redirects to a new location and should be updated if it stays. It also seems redundant with the other ones already listed above.
* Fingerbank Free and Open Source device fingerprinting solution using DHCP, User-Agent, MAC addresses and other information
- This doesn't really add value to the article, and should get dropped.
* UniqueMachine uses differences in WebGL rendering to identify the machine
- And the fourth example site. Once again, needs to be trimmed.
- Same as the WSJ link. This could be incorporated into the article, or moved to further reading.
So basically, #1 and #2 should be kept as good demonstrations of browser fingerprinting techniques and practices. On the other hand, #3 and #7 should be removed, as they are largely redundant, and don't add anything of value after the first two. On to #5: this one may be useful to keep, but we don't keep a long list of links because they're just "useful". Next up, #6 should be removed as well, since it's just a fingerprint database, which doesn't really add value to the article. As for #4 and #8, they should be incorporated into the article or moved to a "further reading" section. Thoughts? — AfroThundr (u · t · c) 15:43, 7 July 2018 (UTC)
- @AfroThundr3007730:, thank you for starting a thread about this issue. I agree with your suggestion to try and include some of these links into the article (assuming they provide non-promotional relevant and reliable information). But I disagree with the usage of "External links" as a repository of mere examples. WP:ELYES and WP:ELMAYBE list an overview of the most common acceptable usages, being just "a good example" is not one of them (and often lends undue promotional focus to some providers while ignoring others). The linking to commercial or promotional sites is also limited by WP:ELNO (primarily #4 and #5). If such an example site contains additional reliable information and a promotional aspect is only minor, then it could possibly be considered. To simplify the process, maybe we could focus on the 2-3 most promising sites in your opinion (probably #1 - #3?), and discuss the pros and cons of these sites in a bit more detail (no need to discuss all at length, if most of them are unsuitable). But as noted, just being a mere example is not sufficient imo. GermanJoe (talk) 16:38, 7 July 2018 (UTC)
- I have removed the excessive linkfarm (for now), but of course will accept any found consensus in this discussion. GermanJoe (talk) 16:51, 7 July 2018 (UTC)
- If we had to choose one of the first three examples, #1 is probably the one that should stay. It's one of the best known sites to test your browser's resilience to fingerprinting, and people usually consider it more "trustworthy" since it's an EFF project. The other examples (#2, #3, and #7) can be dropped then. Now I still think #4 and #8 should be moved to "further reading" or incorporated into the article, and #5 I'm mostly indifferent on (its current URL should be used, if kept). Also, #6 should still be dropped as it provides little value. — AfroThundr (u · t · c) 17:35, 7 July 2018 (UTC)
- Choosing between #1 and #2, I'd prefer #2 for a few reasons: the site has a clear academic background focussing primarily on the research aspect, doesn't ask for donations (WP:ELNO), and leads to several additional possibly interesting publications (albeit with a bit of clicking). We do not need 2 examples for a very similar purpose. I agree with putting the WSJ article into FR (technically it's a "link" but longer articles, linked or not, fit better into Further reading imo). The Akamai white paper has some flaws and is - atleast partially - based on Wikipedia and various blogs, but when consensus is for inclusion as "Further reading" - OK. From my point of view: keep #2 as EL (academic, non-promotional and with additional info), move #4 and #8 into FR. GermanJoe (talk) 18:28, 7 July 2018 (UTC)
- If we had to choose one of the first three examples, #1 is probably the one that should stay. It's one of the best known sites to test your browser's resilience to fingerprinting, and people usually consider it more "trustworthy" since it's an EFF project. The other examples (#2, #3, and #7) can be dropped then. Now I still think #4 and #8 should be moved to "further reading" or incorporated into the article, and #5 I'm mostly indifferent on (its current URL should be used, if kept). Also, #6 should still be dropped as it provides little value. — AfroThundr (u · t · c) 17:35, 7 July 2018 (UTC)
- Thank you @AfroThundr3007730: I agree with you mostly on everything. Specifically, I agree to keep #1 and #2. I won't complain if you drop the other two test sites (that are #3 and #7), although I would have kept them before someone could evaluate if they're less or more relevant than the first two. I agree to move the WSJ article and the Akamai paper, that are #4 and #8, to a "further reading" section, hoping that someone will read them, write the most relevant facts in the article and possibly remove them from the further reading section.
- On the other hand, I think commercial/practical applications of fingerprinting should be better detailed in the article (as noted also in the previous comment), but I admit that it's difficult to assess what is relevant and what it is not. I would keep #6, because the existence of a large open database of fingerprints that is commercially exploited seems relevant. —Esponenziale (talk) 18:02, 7 July 2018 (UTC)
- I think #1 should be kept. In the words of Acar et al.: most studies on fingerprinting methods "followed the path opened by the influential Panopticlick study, which demonstrated the potentials of browser fingerprinting for online tracking." Acar, Gunes; Eubank, Christian; Englehardt, Steven; Juarez, Marc; Narayanan, Arvind; Diaz, Claudia (July 24, 2014). "The Web never forgets: Persistent tracking mechanisms in the wild". –Esponenziale (talk) 21:01, 7 July 2018 (UTC)
- The website is already linked in ref #8, and a detailed paper describing basic methodology and early results of this study is used as ref #9. So interested readers have all information and access to additional ressources. Wikipedia is not a link directory, an additional EFF link would simply be redundant and violate WP:EL. GermanJoe (talk) 21:29, 7 July 2018 (UTC)
- Being the study of such importance, I think it can deserve three links to three resources related to the study. The two references go to the relevant resources, that are the about page and the paper, while the external link goes to the test page, that is also the homepage of the project website. Exaggerating a bit, dropping that link would be like dropping the external link to Microsoft homepage in the article about Microsoft... –Esponenziale (talk) 22:15, 7 July 2018 (UTC)
- External links are not added because a linked site is important or deserving, but because it adds valuable information that could not be included into the article for some reason (please see WP:EL for more information). The additional link does not provide any additional information that is not already in the article (see WP:ELNO #1). But let's wait for other comments for now - we can always ask for advice at Wikipedia:External links/Noticeboard too, if we don't agree about this point. On a more positive note: this seems like the only remaining link which is still disputed; a lot of the other cases could be clarified one way or the other. GermanJoe (talk) 23:02, 7 July 2018 (UTC)
- Being the study of such importance, I think it can deserve three links to three resources related to the study. The two references go to the relevant resources, that are the about page and the paper, while the external link goes to the test page, that is also the homepage of the project website. Exaggerating a bit, dropping that link would be like dropping the external link to Microsoft homepage in the article about Microsoft... –Esponenziale (talk) 22:15, 7 July 2018 (UTC)
- The website is already linked in ref #8, and a detailed paper describing basic methodology and early results of this study is used as ref #9. So interested readers have all information and access to additional ressources. Wikipedia is not a link directory, an additional EFF link would simply be redundant and violate WP:EL. GermanJoe (talk) 21:29, 7 July 2018 (UTC)
- I think #1 should be kept. In the words of Acar et al.: most studies on fingerprinting methods "followed the path opened by the influential Panopticlick study, which demonstrated the potentials of browser fingerprinting for online tracking." Acar, Gunes; Eubank, Christian; Englehardt, Steven; Juarez, Marc; Narayanan, Arvind; Diaz, Claudia (July 24, 2014). "The Web never forgets: Persistent tracking mechanisms in the wild". –Esponenziale (talk) 21:01, 7 July 2018 (UTC)
- Currently we all seem to agree that #4 and #8 should remain as further reading (until someone feels like actually incorporating them into the article) so I've restored them. Among the rest, #2 is uncontested as keep, and I mostly agree with GermanJoe on the inclusion (or lack thereof) of #1. Esponenziale, you could add a bit more to the article explaining why Panopticlick is significant in the context of fingerprinting (preferably with a reference) if you feel it needs more detail. As of right now, the other two examples (#3 and #7) will be dropped, and the remaining two (#5 and #6) are on the chopping block.
- If the fingerprint database is notable, it should most likely be mentioned in the article (again, with a reference), and not just dropped at the bottom. The blog on the other hand, has good information on the various fingerprinting techniques, and may well warrant inclusion, but I once again think that its information could be used to improve the article directly. — AfroThundr (u · t · c) 22:49, 10 July 2018 (UTC)
- I understand your reasons about the fingerprints database (#6), I probably can bear your dropping it as well. But I confirm that I don't agree about dropping Panopticlick (#1): the test page is a different resource than those in the references and citing only one less notable test page in the external links doesn't make much sense to me. I must point out that, being Panopticlick there since February 2010, a consensus would probably be needed to drop it (not to keep it) according to the rules.–Esponenziale (talk) 10:20, 14 July 2018 (UTC)
- While I agree that #2 is a better example to use, I'm not opposed to also keeping #1, if we're keeping more than one example site. — AfroThundr (u · t · c) 19:32, 14 July 2018 (UTC)
- We really shouldn't keep such links just for the sake of having them. Notability or "importance" are invalid criteria to decide about the inclusion of an external link. The only relevant criteria are reliability and usefulness for additional information. Considering that #1 contains no new information and is a duplicate link, its total usefulness is exactly zero. But if consensus is for inclusion, so be it - I'll live with 1 redundant link per article ;). It's a minor point, thanks for the collegial and constructive discussion. GermanJoe (talk) 19:47, 14 July 2018 (UTC)
- Thank you. I'll update the page as agreed. –Esponenziale (talk) 19:04, 18 July 2018 (UTC)
- We really shouldn't keep such links just for the sake of having them. Notability or "importance" are invalid criteria to decide about the inclusion of an external link. The only relevant criteria are reliability and usefulness for additional information. Considering that #1 contains no new information and is a duplicate link, its total usefulness is exactly zero. But if consensus is for inclusion, so be it - I'll live with 1 redundant link per article ;). It's a minor point, thanks for the collegial and constructive discussion. GermanJoe (talk) 19:47, 14 July 2018 (UTC)
- While I agree that #2 is a better example to use, I'm not opposed to also keeping #1, if we're keeping more than one example site. — AfroThundr (u · t · c) 19:32, 14 July 2018 (UTC)
- I understand your reasons about the fingerprints database (#6), I probably can bear your dropping it as well. But I confirm that I don't agree about dropping Panopticlick (#1): the test page is a different resource than those in the references and citing only one less notable test page in the external links doesn't make much sense to me. I must point out that, being Panopticlick there since February 2010, a consensus would probably be needed to drop it (not to keep it) according to the rules.–Esponenziale (talk) 10:20, 14 July 2018 (UTC)
- FYI, I just tried/tested the "AmIUnique" website (#2 on the list above) and got a "502 Bad Gateway" error. Might be temporary, might be permanent. Thought I'd mention it.2605:6000:6947:AB00:75A9:D270:2421:59E (talk) 06:43, 1 October 2018 (UTC)
Proposed merger with Canvas fingerprinting
[edit]- The following discussion is closed. Please do not modify it. Subsequent comments should be made in a new section. A summary of the conclusions reached follows.
- No consensus. MorningThoughts (talk) 16:25, 21 November 2019 (UTC)
I'm thinking that Canvas fingerprinting has more than enough detail to stand on its own as an independent article and shouldn't be merged. This article, on the other hand, should be expanded to provide more detail on the different device fingerprinting techniques available, including canvas fingerprinting. — AfroThundr (u · t · c) 16:00, 7 July 2018 (UTC)
- Oppose - Canvas fingerprinting is a specific technique that is notable on its own. Also, there is no rationale given for a merger so this request is malformed.- MrX 🖋 17:16, 7 July 2018 (UTC)
- Indeed, normally one would be provided on the talk page of one of the merging articles, but none was provided here. @Esponenziale: Do you have a decent rationale for the proposed merge? — AfroThundr (u · t · c) 17:37, 7 July 2018 (UTC)
- I apologize for not having shared the motivation in advance. You'll agree that the article about Device fingerprint is critically lacking. On the other hand, most of the comprehensive contents of canvas fingerprinting (that is nothing more than a subtopic) are quite relevant to the main topic of device fingerprinting and would be probably best put into context there. Specifically:
- The (short) history of canvas fingerprinting is relevant to the main topic (being a fundamental step of the evolution of device fingerprinting) and would be better put into context there, together with the (short and currently patchy) history of device fingerprinting.
- Mitigation methods are almost the same for canvas fingerprinting and for device fingerprinting in general: spoofing the fingerprint, offering a simplified fingerprint, blocking third parties who seem to track people, blocking attempts to read too many parameters.
- What remains is only the definition of the canvas fingerprinting method. I think that this as well could be well fitted in the main topic, because it would provide the most prominent example of a fingerprinting method. –Esponenziale (talk) 20:35, 7 July 2018 (UTC)
- If this is merged, the rest of the article would need reworking and expansion, otherwise it's mostly about canvas fingerprinting. This could work, provided we can find further material to flesh out the resulting combined article. I'm kind of surprised the article is still this short, given the increased attention to this topic over the last several years. — AfroThundr (u · t · c) 22:17, 10 July 2018 (UTC)
- I apologize for not having shared the motivation in advance. You'll agree that the article about Device fingerprint is critically lacking. On the other hand, most of the comprehensive contents of canvas fingerprinting (that is nothing more than a subtopic) are quite relevant to the main topic of device fingerprinting and would be probably best put into context there. Specifically:
Is There Means to Defeat "Browser Fingerprinting", and If So, Should It Be Included in the Article?
[edit]I've had some conversations with some "Tech" types about browser fingerprinting, exploring the possibility that a software (addon, extension, etc...) might be able to "anonymize" a browser's fingerprint by altering certain, minor characteristics of the fingerprint periodically so that the browser's fingerprint never appears exactly the same for an extended period of time. One idea is to "lie" and claim that certain, mostly-unused fonts are either installed when they are not, or that they are not installed when they are, so as to obfuscate the fingerprint from automated, machine detection. The upshot of these conversations has been "it's possible", but to this date I've not heard of anyone creating such a software.
Does one exist?
If so, should it/could it be mentioned here in this Article? It seems to me that it should, given that a person concerned enough about computer privacy that they are reading about browser fingerprinting, the logical next step would be to learn about ways in which to try to defeat it. I think the Article would be improved if at least some discussion about means to defeat (or obfuscate) browser fingerprinting were discussed, even if it is to only mention that a means to do so does not yet exist.2605:6000:6947:AB00:75A9:D270:2421:59E (talk) 06:51, 1 October 2018 (UTC)
- @2605:6000:6947:AB00:75A9:D270:2421:59E: There are many methods of resisting browser fingerprinting available. This can range from simple useragent spoofing to blocking the javascript responsible. Many adblockers and other privacy plugins can do this (in every major browser, besides IE). Mozilla, Google, and Apple have started to add fingerprint resistance natively to their browsers as well. This is all mentioned in the article already. As for mentioning specific tools in the article, Wikipedia is not a how-to or guide, so just listing them in the article would not be proper. If there are notable uses of them, they could be mentioned, along with a reliable source to back the addition. — AfroThundr (u · t · c) 01:11, 2 October 2018 (UTC)
Overlap with Browser fingerprint and Canvas fingerprinting
[edit]- The following discussion is closed. Please do not modify it. Subsequent comments should be made in a new section. A summary of the conclusions reached follows.
- There is a consensus to merge Browser fingerprint to Device fingerprint. There is no consensus to fully merge Canvas fingerprinting to Device fingerprint, but there is a consensus for a partial merge, which has been completed. Canvas fingerprinting is a valid summary style sub-topic which is summarized in the parent Device fingerprint article. – wbm1058 (talk) 23:08, 26 April 2020 (UTC)
One of the previous arguments against merging device fingerprint and canvas fingerprinting was the fact that this merger would place undue weight on canvas fingerprinting as the only (perceived) method of fingerprinting. Now that significant work has been done to expand browser fingerprint (thanks to Ergozat and others), would it be worth revisiting the debate? From my perspective as a reader, I would find it useful to have one page that summarizes all "digital fingerprints" (browser, hardware, canvas, or otherwise derived) as a complement to the more technical article at fingerprint (computing). But that's just me. Thoughts? Aeffenberger (talk) 00:48, 22 January 2020 (UTC)
- Merge – As per my motivation when I proposed the merger two years ago —Esponenziale (talk) 11:20, 22 January 2020 (UTC)
- Bumping this discussion and also announcing my intentions... I am planning to merge canvas fingerprinting with browser fingerprint in the next 24 hours (unless someone else decides they really want to do it while I am asleep). Speak now or revert me later! Aeffenberger (talk) 03:12, 30 January 2020 (UTC)
- Does this make a better article? We seem pretty good as is. Andy Dingley (talk) 23:47, 31 January 2020 (UTC)
- Most contents, and specifically history and mitigation methods, have common relevance but they're scattered on three pages, or futilely repeated at best.—Esponenziale (talk) 00:02, 1 February 2020 (UTC)
- Ok, it seems that the proposition hasn't been met with enthusiasm, but neither with opposition. Specifically, neither MrX nor Andy Dingley have opposed it so far. If things remain unchanged, I'll proceed to merge canvas fingerprinting with browser fingerprint in a couple of days. I'll wait more before merging browser fingerprint with device fingerprint.—Esponenziale (talk) 20:12, 5 February 2020 (UTC)
- Could someone please clarify how the three articles would be merged and advance an argument for the merged-to article being a superset of the three articles? Right now there are templatse suggesting merging Canvas Fingerprint into browser fingerprint, which I disagree with. However, the OP talks about a "digital fingerprints" article. Once this is clarified, I will be happy to weigh in. - MrX 🖋 20:26, 5 February 2020 (UTC)
- The canvas fingerprint is one of the browser fingerprints. It has great relevance in that context and doesn't have any relevance outside of it. Specifically, the history of canvas fingerprinting is relevant to the history of browser fingerprinting and it would be better put into context there. The methods for mitigating canvas fingerprinting (spoofing the fingerprint, offering a simplified fingerprint, blocking third parties, blocking attempts to read too many parameters) are the same used for mitigating browser fingerprinting in general.
- Browser fingerprint (the article has been recently created) is the only device fingerprint that has practical relevance. Indeed, the current article about device fingerprinting is actually about browser fingerprinting. We can merge the two either to browser fingerprint or to device fingerprint, any suggestion is welcome.—Esponenziale (talk) 21:07, 5 February 2020 (UTC)
- Done, at last —Esponenziale (talk) 20:57, 15 March 2020 (UTC)
- Despite opposition from two other editors? Andy Dingley (talk) 22:34, 15 March 2020 (UTC)
- Well no, since you didn't get back after I answered your question, I honestly understood that you were both lacking interest in either opposing or supporting the merger. Also in retrospective I think it can't be interpreted otherwise. If you were opposing the merger you should have made it explicit with no question attached and possibly you should have given some reasons against mine.–Esponenziale (talk) 22:59, 15 March 2020 (UTC)
- Reverted. My question has not really been addressed and I think consensus should be reached before trying to merge two articles into a third. If device finger rint and browser fingerprint have the same meaning, then we first need to determine which title to use. Canvas fingerprinting is notable on its own. Why not just take a relevant summary from that article an include it here? - MrX 🖋 22:47, 22 March 2020 (UTC)
- Are you joking? You've left the discussion after asking one question. You can't expect to come back a month later and revert all back as you please. Consensus is reached with the parties that do discuss at the time of the discussion. —Esponenziale (talk) 23:17, 22 March 2020 (UTC)
- When browser fingerprint was created, no consensus was reached about keeping it separate from device fingerprint (see Talk:Browser_fingerprint#Duplicate_of_device_fingerprint,_and_other_feedback), therefore, now that the contents have been merged, it must redirect to this page. –Esponenziale (talk) 00:23, 23 March 2020 (UTC)
- Yes, I see now that Browser fingerprint was arguably a duplicate of this article, so I apologize for that edit, but I stand by my revert on canvas fingerprint. As far as my absence from the discussion is concerned, I edit a lot of other articles. I have thousands on my watchlist, and I allegedly even have a life. Someone could have simply pinged me back to the discussion so that we could continue it. Andy Dingley objected to this merge as well. - MrX 🖋 00:50, 23 March 2020 (UTC)
- Everybody has limited time and can't control everything: you had no fault when you left the discussion, but you have now when you subvert the work done when you weren't here, without even reading anything.
- I pinged you into the discussion the 5th of February. At that time I pinged also Andy Dingley, noting that his question, despite showing lack of enthusiasm, didn't amount to an opposition.
- As you could see by reading the article, canvas fingerprinting is intertwined with most other sections of device fingerprint:
- the applications of device fingerprinting and the reasons for its importance are quite relevant also to the particular case of canvas fingerprinting,
- the short history of canvas fingerprinting is relevant to the main topic and is better put into context there,
- the high level motivations for diversity and stability are relevant also to the particular case of canvas fingerprinting,
- the mitigation methods apply as they are also to the particular case of canvas fingerprinting.–Esponenziale (talk) 12:07, 23 March 2020 (UTC)
- Yes, and I responded to your ping. Your first bullet point is circular. I disagree with the conclusion of your second bullet point. I don't know what "high level motivations for diversity and stability" means in your third bullet point. I don't understand what point you are trying to make in your fourth bullet point.
- I have no objection to covering canvas fingerprinting in this article, but I do oppose deleting the independent article because it's existence allows for more detailed coverage of the subject and it easily meets WP:GNG. - MrX 🖋 12:33, 23 March 2020 (UTC)
- If you don't know what "high level motivations for diversity and stability" means, then you might consider to read the article before discussing it: there's a section just about that titled "diversity and stability."
- With my fourth bullet point I'm saying that it makes no sense to treat the mitigation methods both in the canvas fingerprint and device fingerprint articles, as we currently do, because they're exactly the same: the methods for resisting canvas fingerprinting are the same for resisting any other browser fingerprinting technique. And similarly for the other topics in my list. For example, with the first bullet point I'm saying that it wouldn't make sense to explain the applications of canvas fingerprinting in its page, when they're just the same of device fingerprinting in general.–Esponenziale (talk) 13:06, 23 March 2020 (UTC)
- Yes, I see now that Browser fingerprint was arguably a duplicate of this article, so I apologize for that edit, but I stand by my revert on canvas fingerprint. As far as my absence from the discussion is concerned, I edit a lot of other articles. I have thousands on my watchlist, and I allegedly even have a life. Someone could have simply pinged me back to the discussion so that we could continue it. Andy Dingley objected to this merge as well. - MrX 🖋 00:50, 23 March 2020 (UTC)
- Reverted. My question has not really been addressed and I think consensus should be reached before trying to merge two articles into a third. If device finger rint and browser fingerprint have the same meaning, then we first need to determine which title to use. Canvas fingerprinting is notable on its own. Why not just take a relevant summary from that article an include it here? - MrX 🖋 22:47, 22 March 2020 (UTC)
Closing analysis
[edit]This discussion has been stale for over a month (since 23 March 2020), making it overdue for closure.
Closing this discussion is made more complicated by the fact that there are three pages involved, which means there are more than the usual possible outcomes when only two pages are involved.
- Device fingerprint – Created at 06:44, 7 March 2008 by Tim Barber
- It was suggested by Esponenziale that Canvas fingerprinting be merged into this article at 09:44, 7 July 2018. The discussion was closed by MorningThoughts as No consensus at 16:25, 21 November 2019
- Aeffenberger started this discussion at 00:48, 22 January 2020
- Esponenziale merged 19,842 bytes from Canvas fingerprinting (a 9,877-byte article) and Browser fingerprint (a 25,582-byte article) to this article at at 20:39, 15 March 2020
- Browser fingerprint
- #REDIRECT to Device fingerprint created at 03:01, 2 April 2016 by Danhash
- The lead sentence of device fingerprint at 02:53, 2 April 2016 indicates that machine fingerprint and browser fingerprint are synonyms for device fingerprint
- A new article was started at 22:36, 13 January 2020 by Ergozat (Removed redirect to Device fingerprint) Ergozat announced their intention to start this article HERE.
- A discussion is started at Talk:Browser fingerprint § Duplicate of device fingerprint, and other feedback at 03:20, 17 January 2020. The last comment in this thread was made at 20:13, 21 January 2020. The result of this discussion is a rough consensus to merge to Device fingerprint.
- Aeffenberger started this discussion at 00:48, 22 January 2020
- Aeffenberger merged a 3,066-byte summary of Canvas fingerprinting to this article at 17:03, 30 January 2020.
- Esponenziale redirected this page to Device fingerprint#Browser fingerprint at 20:46, 15 March 2020, was reverted by MrX at 22:33, 22 March 2020, but reverted the revert at 00:24, 23 March 2020
- Canvas fingerprinting
- Created at 03:12, 22 July 2014 by MrX
- It was suggested by Esponenziale that this article be merged into Device fingerprint at 09:42, 7 July 2018. The discussion was closed by MorningThoughts as No consensus at 16:25, 21 November 2019
- Aeffenberger started this discussion at 00:48, 22 January 2020
- Aeffenberger merged a 3,066-byte summary of this 9,729-byte article to Browser fingerprint at 17:03, 30 January 2020
- Aeffenberger redirected this page to Browser fingerprint#Canvas and WebGL at 17:03, 30 January 2020 but was reverted by MrX at 17:07, 30 January 2020
- It was suggested by Esponenziale that this article be merged into Browser fingerprint at 23:24, 31 January 2020. This is the proposal which is curently up for closing.
- Esponenziale merged 19,842 bytes from Canvas fingerprinting (a 9,877-byte article) and Browser fingerprint (a 25,582-byte article) to Device fingerprint at at 20:39, 15 March 2020
- Esponenziale redirected this page to Device fingerprint#Canvas and WebGL at 20:43, 15 March 2020 but was reverted by MrX at 22:36, 22 March 2020
brave.com/privacy-updates
[edit]- https://brave.com/privacy-updates-1/
- https://brave.com/privacy-updates-2/
- https://brave.com/privacy-updates-3/
- https://brave.com/privacy-updates-4/
- https://brave.com/privacy-updates-5/
- https://brave.com/privacy-updates-6/
- https://brave.com/privacy-updates-7/
- https://brave.com/privacy-updates-8/
Recent addition to the lead
[edit]In my opinion the recent addition to the introduction by user:BunnyyHop lacks precision and briefness:
- it refers to browser fingerprinting while describing features that apply more generically to device fingerprinting,
- it says that browser fingerprinting "uses a stateless technique," which I find misleading not being a communication protocol,
- it summarizes the problem of diversity and stability, which I find unnecessary since the relevant section is almost short as the summary and also I don't see it of sufficient importance to be discussed right in the introduction.
I'm open to discussion. Since consensus is currently lacking, I'll proceed to delete the addition, a part for a phrase that I'll move to the section about diversity and stability. —Esponenziale (talk) 17:51, 20 September 2021 (UTC)
- While I personally agree with the difference between the usage of "device fingerprinting" and "browser fingerprinting", that document in specific used "browser fingerprinting", which I decided to follow, to avoid OR. Papers such as this one that approach device fingerprinting, say that "[w]e identify and classify 29 available device fingerprinting mechanisms, primarily browser-based and known, but including several network-based methods and others not in the literature". For device fingerprinting, I believe this one might be of better usage.
- The exact quote is "[u]nlike cookies, fingerprinting is a stateless technique that does not store any information on devices, but instead exploits unique combinations of attributes handed over freely by browsers". To avoid a COPYVIO, naturally, the phrasing must be altered. This is a problem of wikilink and not with the wording itself, I believe. I don't think there's an article in Wikipedia for "stateless" as described here.
- While I agree that the diversity and stability section ought to be moved to its respective section, I believe these phrases: "Browser fingerprinting came to light as a way to track users without consent. It uses a stateless technique, which doesn't store data on those devices, and takes advantage of multiple attributes given by the browser. As such, identification is possible given the uniqueness of the fingerprint. Nonetheless, since browser fingerprints are altered with time, the efficacy of long-term user tracking isn't accurately known" are essential to the introduction.
-
- I clarify: describing features as pertaining to browser fingerprinting, although correct, might be misleading in the context of our introduction because it suggests that they pertain only to browser fingerprinting and not to device fingerprinting. There would be no sense in referring to "browser or device fingerprinting" because browser fingerprinting is a type of device fingerprinting, as per the quote you've mentioned and the first paragraph of the current introduction.
- Apart for the wikilink, the adjective "stateless" remains obscure without further explanation, and also misleading being commonly used for communication protocols. More importantly, the fact that fingerprinting techniques don't store any data on the client side is already stated in precise terms in the second paragraph of the current introduction.
- The fact that device fingerprinting is used for tracking users without consent is already stated in the second paragraph of the current introduction with better detail. The subject of diversity and stability is treated in the brief section about that. If you think that the subject should be given more prominence, we may think to move up in first place the relevant section or even merging it to the lead (not sure)?—Esponenziale (talk) 12:18, 21 September 2021 (UTC)
-
- Shouldn't we describe browser fingerprinting (giving it more weight) and its common attributes instead of concealing it due to a more general device fingerprinting, as it is the primary and predominant way of device fingerprinting?
- "stateless" is mentioned twice in the document, and one describes the following "technique [as] completely stateless": "[a] browser fingerprint is composed of a set of browser and system attributes. By executing a script in the browser, sensitive meta-data can be revealed, including the browser’s parameters, but also operating system and hardware details.". This paper also describes browser fingerprinting as an "invasive and opaque stateless technique", and describes the statelessness in a more in depth way: "Browser fingerprinting is a stateless tracking technique that uses device configuration information exposed by the browser through JavaScript APIs (e.g., Canvas) and HTTP headers (e.g., User-Agent). In contrast to traditional stateful tracking, browser fingerprinting is stateless—the tracker does not need to store any client-side information (e.g., unique identifiers in cookies or local storage)". It seems to me that the problem you brought up can be fixed by mentioned that the fact that it doesn't store any client-side information is what the "stateless" refers to.
- It is, but in a tacit way. I think a brief phrase about how it's an invasive technique (per this) that arose as a way to track users without their consent is sufficient. --BunnyyHop (talk) 22:56, 21 September 2021 (UTC)
- Nothing comes to mind worth adding to the introduction specifically about browser fingerprint.
- I don't see why using an obscure adjective which needs a description, instead of using the description straight away.
- I find the current phrasing very clear about it: "this may allow a service provider [...] to compile long-term records of individuals' browsing histories [...] even when they are attempting to avoid tracking." —Esponenziale (talk) 20:02, 22 September 2021 (UTC)
Split into Browser fingerprinting and others
[edit]Currently Device fingerprint page starts of with a mishmash of all kinds of fingerprinting techniques (browser, mobile, network etc) and then slides off into just browser fingerprinting, neglecting to mention any other fingerprinting tecnique. This is due to a previous merge in 2020. I would like to propose a split to unmerge browser fingerprinting from this article and make it a seperate standalone article (and similarly create spinoffs for each of those fingerprinting techniques, network fingerprinting has a ton of old literature, mobile fingerprinting also has some literature [1], [2] etc from 2013-2018). Once we create spinoff articles, we should be able to create a overview/summary style article of device fingerprinting here. Sohom (talk) 20:47, 24 February 2024 (UTC)
- This has been here for two weeks, I'm assuming consensus here :) Sohom (talk) 23:57, 8 March 2024 (UTC)
- Start-Class Computing articles
- Mid-importance Computing articles
- Start-Class Websites articles
- High-importance Websites articles
- Start-Class Websites articles of High-importance
- All Websites articles
- Start-Class Computer Security articles
- High-importance Computer Security articles
- Start-Class Computer Security articles of High-importance
- All Computer Security articles
- All Computing articles
- Start-Class Internet articles
- High-importance Internet articles
- WikiProject Internet articles
- Start-Class Marketing & Advertising articles
- High-importance Marketing & Advertising articles
- WikiProject Marketing & Advertising articles
- Start-Class Mass surveillance articles
- Low-importance Mass surveillance articles