It got my location wrong. It got my GPU wrong. It said I never left the tab, even though I left it to start this comment. It said I moved my cursor 111 times in 74 seconds, which is absolutely false.
That site is just pointless. Pretty much the only things it got right were my time zone and my browser.
In my case it was incredibly accurate, except for one detail; the wire said I moved my finger over 600 times which… Seems hyperbolic.
It says I’m on Chrome, I’m not.
Also, so what if you know my IP, that isn’t sensitive information.
It’s good to bring attention to this stuff but at the same time there’s no point getting too worried about it.
Fingerprinting is real and we know it. Not because of the site but because every software dev I know who works in a net startup tells me that they do the basics and more. They won’t talk about the more.
It also says I have Azerbaijani on my phone somewhere. I have no idea where that came from.
That’s actually usually a sign of malware…
That’s a good point. Thanks for that. Any tips on how to narrow down on that?
You can download Hypatia. It’s a malware scanner. There’s an official fork that kept it alive after the original dev stopped maintaining.
Otherwise, you’d have to narrow it down further. Any non mainstream apps you have would be the first to check
Awesome. Thanks.
The website is clearly AI-slopped, what did you expect?
Your graphics processor identified itself as or similar.
Ah yes, Or similar, great GPU, love it.
Time zone has no info about where I actually am. Sure, I’m in a particular vertical slice of the earth. I have the JP keyboard downloaded, but you’re wrong, that doesn’t mean I speak Japanese. In fact, I speak French but your cookie reading didn’t pick that up.
It is genuinely interesting what info gets passed to websites but the doomy tone is rather silly and will unnecessarily worry people who don’t know much about computers/Internet, which is the majority of users.
Assuming it’s tz database timezones then they can be relatively specific. Since the slices are based around laws governing current time, there’s hundreds of slices rather than just a couple dozen. https://en.wikipedia.org/wiki/List_of_tz_database_time_zones Alongside things like keyboard downloaded it means you can be uniquely fingerprinted (or close to unique) pretty easily, which means they can then associate all sorts of other information with you
My time zone is quite specific and has only about 500,000 people in it
Heheh, a whole lot of mocking in this thread, but I don’t mind the site / its display.
Yeah, it’s overly melodramatic in its setup, and a bunch of the information doomerism is silly in terms of the info basically being required to provide data comms etc. It also tends to get things a bit wrong in a few categories – like for me, it said I was in a totally different city (still the right country at least - Canada), then it said my time zone was in iceland, which is kinda… no.
But the general message of the site, and the awareness its trying to raise in regards to how much data gets shared for basic comms establishment, and how that information gets used to fingerprint people, is worthwhile.
It got the country wrong for me. I didn’t use a VPN or anything. So that’s good I guess.
Hm, wonder why that’d be – it implies heavily that it bases the country on the IP address, which in theory is done by looking at what company the address is registered to, for the most part. Like I’m guessing it got my city wrong, because it used an address that the ISP provides for the IP range, which isn’t the same as the city I’m in, because the ISP uses it to cover numerous cities around the broader region. I reckon if you’re using something like Starlink, or other similar international-ish provider that may be very loose in how they associated addresses, it’d fail most times.
I was on mobile data, who knows where the mobile network gets their connection from
Ah, makes some sense. The mobile networks are even more erratic with how they assign IPs – though I’d still be a little surprised if it was the wrong country entirely. It’d imply the provider is using IPs from a single range in multiple legal jurisdictions, which’d inherently make things like geofencing more difficult. Sorta like VPN functionality to access foreign data regions, as a result of sloppy configuration and negligence by the ISP. Wonder if it could also be something to do with IPV6 – I think that’s more common to see amongst mobile networks, and I’m honestly not too sure how well that can get mapped to geo locations – I’d doubt the site, how its put together, would be tryin too hard to sort that out.
Why would a website need to know my screen resolution? That’s private.
I personally get a lot creepier vibes from the gyro. Why that is given away silently is beyond me
I used to make websites back in the 2000s. Hit trackers collected this info back then too. Knowing screen resolutions is useful for designing the website. Knowing all this info in general is helpful. If 99% of your visitors are coming from the US with a screen resolution of 1080p and are using Firefox, you know not to worry too much about making the site compatible with Netscape Navigator, 640x480 monitors, and translating everything to French.
I am surprised by this site knowing my graphics card. I don’t know why modern web developers would need to know that. I’ve been out of the game so long. Perhaps it’s useful info.
Edit:
I’m also always surprised/saddened that today nobody on the Internet seems to know anything at all about making websites. This kind of thing was common knowledge back in the 2000s.
That’s one of the things that actually makes sense for a (locally rendered) site to have. Not the screen itself per se, but the usable canvas. This allows things like a static navigation bar on the left, and the remainder of the screen for text.
I see no reason for a site to have my battery status, ever. Gyroscope has limited need, and should ask permission.
So that it can size and position elements appropriately.
meh
There are multiple sites like this, for example clickclickclick.click has been around for 10 years (not optimized for mobile)
Doesn’t seem to be anything new here than what’s we already know:
Just with a more ominous tone. Is it any wonder people are afraid of technology?
It’s a light version of what websites apps collect
Well I am happy with my results… You ain’t gettin shit
I opened it in Firefox and Librewolf just to see how the information sent was different. Librewolf obfuscated the following which Firefox disclosed:
Time zone
Monitor resolution
GPU used
Also, the Firefox one said I moved my cursor such-and-such times, while the Librewolf one said my finger moved such-and-such times. Must be related to hiding what screen I’m using. I’m on desktop.
Firefox on mobile obscured GPU.
“Your browser masked your graphics processor. Firefox and Safari have started returning generic strings — “Mozilla”, “Apple”, “or similar” — instead of the real renderer. The fact that yours did so tells us, with reasonable confidence, which browser you are running. The mask is also a fingerprint.”
Is this just lack of dedicated GPU on mobile?
Your finger moved 273 times. You tapped 14 times.
I’m sorry what?
Since they went into the effort to make this sound so ominous, it’d be cool to see some actual inferences from the data points. For example it would be pretty easy to tell you are behind a VPN and your real location is probably xyz.
They knew i was on a vpn and the time zone, your phone just gives that shit up
Dont even get me started on “experimental” browser flags that come default on some browsers
Seems to be making a lot out of “you send your user agent and screen resolution”.
There is a looot more than that lol. Usually enough to allow them to uniquely fingerprint every device on earth.
There were a couple of things on that page that were novel to me. “Only a couple” made it worthwhile though:
- There’s a free tier to a service that gives you geolocation data from an IP address
- This site counts the number of times you move to a different tab
I didnt mean this site specifically just in general.
See this site for something more technical. Takes a while to process everything give it a minute.
Fine giving away all that info it makes sense tk send that info to websites. There is no way that fingerprint result is accurate considering half the stats were wrong on Firefox.
Location is a few states over. Possibly due to being on a phone? Technically wrong carrier, mine routes through the one that it said. And the app I’m using I guess technically uses chrome to display, but I’m not using the chrome app.
