Browser Fingerprinting Explained (You're Tracked!) 

Thank you for breaking this top down so that the average person can understand. I really enjoyed learning more about thanks to your expertise

Had heard of browser fingerprinting previously, but knew no details. This was a great explanation

Thanks. I had heard that advertisers can build profiles of individuals by aggregating various bits of information, but I didn't really understand how they did it. You explained it very well.

this was so well written, and your pronunciation is 100% clear and Understandable and you Sound Confident and your voice maintains the interest of the listener, which a small pleasent part is in fact your accent. BRAVO!

The fonts bit was really neat, great video Matt!

Very impressive video Matt! Learned 2 new concepts "browser and canvas finger printing". Every second of your video was informative and the way you explained it with visuals makes it more easy to understand. I have played around with cookies for sometime and yes, and they get compromised too. So, it's always best to logout website sessions.

Using hash comparison from canvas is literally devilishly insane method of tracking, really appreciate this info

This video is one of the most important I have seen in the last decade online easily. It's criminal if you don't have 1 million followers already

Your explanations were spot on! Great job. I have not seen anything this good on the net!

I like the smile on your face when you explain the topic. Btw I can understand you clearly. 😊

Pleasure to have met you and I appreciate your guidance.

Bingo. I'm happy to see someone shed some light on this because it's a big deal. It's the reason why the tor browser in tails comes with basic settings and why they recommend against installing additional add-ons and even recommend against maximizing the window to full screen as the dimensions of devices are well known. Expanding the window to full screen can reveal the type of monitor you're using, causing a partial deanonymization.

I appreciate your educating the public on infosec in a clean easy to understand and digest video. EFF FTW!

Really good explanation, Matt. Subscribed.

Awesome video! Thank you for making it simple & easy for me to understand. And to make it clear to us that we are so un-incognito

Great breakdown and explanation of browser fingerprinting and tracking Matt!

Just so you guys know, your browser, your device, your voice, your face, your purchases, your location and every app you download is traced back to you and embedded for future data analysis. There’s no such thing as anonymity or privacy in the digital age. 😢

Excellent cover of the subject. Thanks a lot, mate 🙏🏻

And by the way Matt is truelly awesome. Keep it up man 👍

One limitation would be to run the browser in a VM (possibly changing the VM parameters on a regular basis). Regularly changing your user-agent string would alos confuse some. Unfortunately, the ideal is simply to block the use of JavaScript on your browser, but too many web sites would break without JavaScript enabled.

Fascinating stuff. Keep up the good work

Matt, this is a really well done video. I make videos myself and i must say you did an excellent job here. Informative and kept my intention.

Great performance; pithy and current clear and present concern. Appreciate.

Great video - really enjoying your channel. Keep it up :)

This is great explanation.

Excellent, never heard this anywhere.

Very informative video. Thank you 🙏

Thank you for this information

Such a wonderful video Matt!!

Another great video! I appreciate the fact that you break it down in simple terms, but also go very deep into a particular subject. I don't understand why rather than providing wrong information, those types of data are just not provided at all. As part of a big movement, like in Chromium and Firefox together - just deprecate them. I guess we have traded away security for some features to make websites do some very cool things. Even so, if wrong information is provided sometimes, that surely must cause some small amount of errors or unintended behavior when visiting some sites made by overzealous web developers.

Good video. Just subscribed. Hopefully there’s a solution to this problem soon.

Hello,nice video! What are the options for being untraceable in the internet? I understand that there is a tradeoff between comfort and security. I would like to know about the various security measures that can be put in place.

Very enlighntening video. Thank you very much!

Hello Mateusz, great presentation. Could you expand on the image hash fingerprint please ? Correct my assumption but the hash differs between systems because of other random elements like ... what ?? What causes the difference ?

Nice, happy to meet small technical channel❤. This need to change on RU-vid 😢. Channel like this deserves more subscribers

I checked my computer on Cover Your Tracks and at least half the info it pulled up was wrong.

I want to be shown an ad with dogs in a car and my face superimposed on a buff driver with 2.4 kids in the trunk, then I’ll be worried.

you are a good teacher, spent time preparing your presention, you also need a comb, and do not smile too mich. no smile at all. what is it? code or joke presentation. stay angry, sometime shout and swear. no smile :)

This video is amazing.

Well done, thx!

great video with easy to understand examples

Good day, thanks for the in-dept explanation. please i will like to ask. If i format my system and reinstall windows will the system finger print still be the same.

🤓Super content and presentation.

gracias por la enseñanza, me gusto mucho la explicación, y con BRAVE e avanzando mucho en seguridad....

Sounds like a proxy built in to your desktop is a good step. Then your browser can send requests through the proxy without giving any data other than the server IP and resource request. Will that work?

Great explanation! Are there ways to spoof the system properties used in fingerprinting?

Thanks for the video. It helped me understand this pesky fingerprinting technique.

Great vid. Danke.

I was not aware of the part you gave us after the cookies part. And there was me thinking "I don't allow cookies or keep a history or associated data." And I use Linux. Oh, fudge...

A long long time ago, I worked on some web analytics software for the company I worked for. Specifically, I was analyzing the web logs from the servers. In a single day, I counted over 1500 unique user-agent strings. That's just one header. It looks like browsers have expanded on all that information they are sending since then.

I loved this video man thanks

Interesting, thanks.

All the guys who got this video recommended are thinking, "OMG! My internet browsing's being tracked!!" And we all know why😆

I use brave on some systems, installing on the rest now

Thanks for interesting video but I personally do not mind to see targeted ads. They are much better and remind me about things which I need but did nit know that they exist :)

What IF: U have a script what delete and install fonts from a local database every day randomly? If there are other stuffs what u can automate by yourself like the above fonts, will it help?

Nice... whatever data is constant and if every time sending data out from device are added with randomness then???.....

Do all macs have same fingerprint

Great video.

I remember downloading a tool that showed what's beyond tracking cookies. I remember deleting some of the one I saw related to things I knew. Then the application started behaving differently.

Some browsers fight finger printing by returning a canned response from every browser across all systems, no matter what system that browser users. Also tracking cookies can be tied to accounts. My tracking is persistent every time I use Google and Facebook because they store this information even if I delete my cookies.

Great video! I understand it much vetter now.😢

So, let talk from the side of an imageboard owner who need to block/ban malicious users who upload not allowed content, Fingerprint will be from a great help on top of banning IP, also use cookies?

I'm gonna put it in my reply because I don't know if you have the link-filter. But I couldn't help myself. It's so funny.

This was very interesting - subscribed and thumbs-up!

Your CPU, your graphics, card, your motherboard, and your network card all have unique IDs that they broadcast to your operating system, which are then shared with your browser, which is then shared with Google, Microsoft, Apple, etc. The primary source of income for both Apple and Nvidia is sharing user data with Google and Microsoft.

Why not use software to muddle the hash? Spoof a random device ID for your GPU every time you launch the browser, for example.

Basically we're not completely always safe heads up🤔😀 what can we do.

Why can't I comment on the video?! I wrote an important and long comment more than once, but it was deleted.. Why??

I think you can manually change your time zone on some OS'. Maybe do that occasionally (delete your cookies at the same time or it won't help), along with your English dialect (if you use English), and only use the fonts that came pre-installed with your OS, like probably 90% of people. Use different browsers for different things (e.g. do all of your social media on one browser only and all of your shopping on another). Create a "guest user" account on your computer (or have a different device) and never use it to log into anywhere that knows your real identity, telephone number or main email (or any email with your name in it). Compartmentalize your online activities to split your data into multiple different profiles, with each only having a partial picture of your behaviour. Create ambiguity and make them work to connect the dots. You can't hide from the government, but you can make life hard for private companies trying to monetize you.

It's not cookie, it's kuki. The data collected can be spoofed. That's the solution but I don't expect to see a guide on RU-vid any time soon or ever. I like the video though. Kuuki

Thank you for your help. I currently have lost access to both my internet banking and Play store because the bank app needs to be updated and I can't remember my Gmail address as I rarely use it. I am trapped.

(3:20) So, I have to push back on the "Schrödinger's Cat" metaphor. First of all, that name is German and pronounced "shroid" (rhymes with "steroid", means "to shred") plus "-ingah" (means "one who does the"), with the emphasis on the "shroid" for the same reason you emphasize "cheese" in "cheesemonger". He's clearly descended from tailors. Anyway, second, the "cat" in Schrödinger's paradox is secretly "duplicative" as opposed to the ad cookies which are observably "duplicitous". A better metaphor would be a "double agent" in the spy trade.

Bro serving your printer sounds scary indeed.

Is it possible to ‘spoof’ a browser fingerprint?

laws need to be changed to make tracking illegal

Dzięki

Tor, NoScript, ABP, Cookie AutoDelete, and uBlock are your friends.

Just like cookies may be evil (tracking) or a blessing (session), fingerprints can benefit you, when used as additional authentication in the site you're logging into.

What about corrupting their database by sending overwhelming, random and fake browser activity each time you access a website?

In a perfect world we would not have to run a script (JS) delivered by the {random} server. I mean ... you can turn off JS, but then a lot of websites will not work. BTW: as soon your fingerprint changes (f.e. new hardware) and there was the related cookie then they will for sure update your coolection of fingerprints. You loose, because you let your browser execute programs (JS) just because you wanted to read text (f.e. the news).

10:12 that's wrong, you have close to full control over the information you send to websites, it can be archived with plugins. There's no reason to send to websites your graphics card ID if you want to avoid it

Chaos theory, the initial conditions (programming) can have long tem effects.

What surprises me, is that this information is being sent to the server. Seems like this info on how to render their page. Doesnt need to be transmitted and that the browsers can hanlde all this on the client.. something doesn't seem right with all this. Lol

We need a browser that randomize some things in the fingerprint to mask your identity.

Basically how Windows handles licenses.

This behaviour will not stop until legislation enforces it….and that will never happen because it is all about big money.

👍

It's something I've known for a while, and do my best to avoid, but it still makes me sad seeing the backend explained

Don't worry. ISPs are forging an alliance (already have) to track you by your connection. No matter the IP, no matter the device. All of it is linked to you by inserting a "cookie" into every data packet you send over their connection.

I envision browsers having the capability to identify which services possess your identity and what specific data they hold about you. With this feature, users could simply click a button to obfuscate or remove their data, effectively erasing their presence from these services. Data brokers should be held to stringent security standards, and legislation should prohibit the sale of personal data. Instead, brokers should only be allowed to sell aggregated information. For instance, if someone wants to conduct a census on a particular tool, they should be able to request aggregated data without compromising individual privacy.

Subscribed after watching this.

You make a large assumption that when you clear your browser and eliminate cookies that they're actually eliminated; and it's not just to instill a new, a confidence based on the idea that you are able to sever that connection and be private and anonymous and start over again. You cannot know these things unless you can read code like an expert and you can go into the very code of your browser and the very code of Google and Facebook and so forth and you can identify code strings that are actually designed to to create this false confidence by making it appear that you have control over your cookies and control over your privacy, but it's just a facade, force.

Not only that , enter android, add gps location and client network ip address, with your gmail id to the fingerprint and see the magic.

Iphone: - Switched private relay on Safari settings: - turn off all cookies - advanced protection for tracking for all surfing - turn javascript off Scary.

tracking deosn`t matter if all the ads they personalize based on their data gets blocked by Ublock or abp

13:03 then just start every day with different RAM configuration.

STOP THE MUSIC, PLEASE.

Although it still is an issue, they all (Meta, Google, …) absolutely hate Apple for lying in Safari.

I just commented, then wanted to adjust a name, didn't take the adjustment so I reloaded the page and my comment is gone as if I never wrote it. I'll retry underneath this - if it stays..