this post was submitted on 09 Jul 2024
1513 points (99.4% liked)

Technology

57448 readers
4290 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago
MODERATORS
L3s@lemmy.world
enu@lemm.ee
fry@fry.gs
L3s@fry.gs
enu@lemmy.world
L4s@fry.gs
L4s@lemmy.world
1513
Google Chrome ships a default, hidden extension that allows code on *.google.com access to private APIs, including your current CPU usage (fedi.simonwillison.net)
submitted 1 month ago* (last edited 1 month ago) by Andromxda@lemmy.dbzer0.com to c/technology@lemmy.world
199 comments fedilink hide all child comments
 

cross-posted from: https://lemmy.dbzer0.com/post/23752739

https://simonwillison.net/2024/Jul/9/hangout_servicesthunkjs/

you are viewing a single comment's thread
view the rest of the comments
[–] Andromxda@lemmy.dbzer0.com 245 points 1 month ago* (last edited 1 month ago) (28 children)

Yet another reason to switch to Firefox, or even better, a hardened fork like LibreWolf !librewolf@lemmy.ml

[–] sigmaklimgrindset@sopuli.xyz 71 points 1 month ago (27 children)

What functionality would I lose/gain if I switch from Firefox to Librewolf? I'm admittedly an amateur in the privacy space, and I've been pretty content with Firefox + Ublock and container tabs for different profiles, but I consistently get the issue that my browser fingerprint is pretty unique, and I have no idea how to or even if I can anonymize that anymore.

[–] Danitos@reddthat.com 16 points 1 month ago (10 children)

Tangent note: I think browser fingerprinting is only a source of concern if you use VPN. Otherwise, your IP is already a good enough identifier, and quite likely doesn't rotate often enough. Please someone correct me if I'm wrong.

[–] kava@lemmy.world 1 points 1 month ago (4 children)

Yeah I'd only worry about it if I were trying to buy drugs on the dark net or something. I guess if torrenting became illegal I would also worry.

[–] brbposting@sh.itjust.works 2 points 1 month ago (1 children)

I worry about price discrimination

[–] kava@lemmy.world 1 points 1 month ago* (last edited 1 month ago) (1 children)

I appreciate the list. I'm not saying there aren't valid concerns, just that in my day to day life it's one of those items where the steps needed to avoid browser fingerprinting is usually more work than the value I personally get from my perspective.

I've looked into this, and I'm not clueless. I've developed websites, I've done a lot of stuff with Selenium / Puppeteer, and have toyed with Firefox browser extensions.

I understand the tools they use and it's just very tricky to fully eliminate this type of thing. For example they can even use the browser window size. Are you going to randomly change window size to some novel dimension when you open up a tab?

What about the JS engine you use. For example using Firefox already narrows down your anonymity by like 95% or something because only a small amount of users use the browser. Etc etc

It's hard to do this correctly, and I feel like VPN + private window usually takes care of the price fixing thing on the list, for example. When I'm searching for flights I usually do this.

I also use JS blockers in order to try and mess up the scripts that Facebook & Google have hidden over the internet to track you. But ironically, doing that again reduces your anonymity. They know that if their scripts don't work on you, you get narrowed down again to a very small % of users.

It only takes a few of those pieces of data to be reasonably sure that it's you. Browser fingerprinting is tricky to really avoid. It's not impossible, of course. Just saying to really do it right it might be more effort than it's worth.

[–] brbposting@sh.itjust.works 2 points 1 month ago* (last edited 1 month ago)

The depth of fingerprinting really bothers me and I have accepted that the best at it will succeed.

It is tempting to find the world’s most popular default configuration and use that :) But that’s prob be something gross like Windows 10 & Chrome! In fact, that’d be second after Android & Chrome. Wonder how detectable VMing/emulating those configurations would be.

Agree with you and appreciate the detailed response!

[–] Danitos@reddthat.com 1 points 1 month ago

No. If you don't want to be tracked and you are using a VPN, fingerprinting is a problem as well. Privacy is not concern just for drug dealers.

[–] skybox@lemm.ee 1 points 1 month ago (3 children)

Became? 🤔

[–] Mongostein@lemmy.ca 2 points 1 month ago* (last edited 1 month ago)

Torrenting itself is not illegal. The distribution of copyrighted material that you don’t own is the illegal part.

[–] mondoman712@lemmy.ml 2 points 1 month ago

Different places have different laws

[–] kava@lemmy.world 1 points 1 month ago* (last edited 1 month ago)

It's sort of legally gray but generally speaking in the US downloading is a civil offense but not a criminal one. You can get sued by the copyright holder for example but you won't end up in jail over it.

People usually never get sued for it because it's not worth it for Comcast to pay for lawyers to try and extract any money out of regular people. Not only will they almost certainly be unable to even recoup the lawyer fees, they risk getting a lot of bad PR for no gain.

What's usually considered an arrestable offense is uploading aka distribution. Once you start hosting seedboxes then you enter the area where you're liable to go to prison.

load more comments (5 replies)
load more comments (21 replies)
load more comments (21 replies)