Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

> There's a difference between something being provent theoretically possible in a laboratory environment and actually making it out in the real world.

Fingerprinting using IP address, running scripts, canvas fingerprinting, using installed fonts, and checking what resources are cached/blocked are all things that are being widely used in many websites, and are not just "theoretically possible".

They are even being sold as a product and are used by many companies.

Look at their customers - https://fingerprint.com/ .



To add to this, basic fingerprinting is trivial. And more advanced fingerprinting isn't much harder.

I'm so confused by GP post. We were doing fingerprinting 15 years ago.


> Look at their customers - https://fingerprint.com/ .

Welp that's scary, can detect me when I'm on VPN, off it, in private browsing mode, different country in private browsing mode...


Try it again with cookies disabled. It looks like they only do the browser fingerprinting if cookies are disabled.


that's nice claim, but for it to work you need to leak enough entropy, and you can check that on various sites.


there's a little widget on the site that can check that for you


Sure, but I was specifically referring to a marketing context.

We maintain pretty robust customer databases and our needs are much different. Just proving you are a unique device isn't useful in most contexts if we don't have good or reliable ways of associating it with existing profiles. Notice that none of their customers are marketing companies.

What this site won't tell you is that fingerprints have a half-life less than 24 hours (when you lose the fingerprint). Useful for anti-abuse measures, somewhat useful for ad-attribution, absolutely garbage for long-term tracking.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: