NotHereToPlayGames Posted September 4, 2024 Posted September 4, 2024 (edited) <excerpt> For years, since 2012 at least, Chrome has sent a header called X-client-data, formerly known as X-chrome-variations, to keep track of the field trials of in-development features active in a given browser. Google activates these randomly when the browser is first installed. Active trials are visible if you type chrome://version/ into Chrome's address bar. Under the label Variations, you're likely to see a long list of hexadecimal numbers similar to 202c099d-377be55a. </excerpt> Since these are HEADERS, then I can block/disable/modify via PROXOMITRON. I can't claim to really be "concerned". But sure, I'll experiment over the weekend. The Overly Paranoid keeps wanting to overlook that "n/a" is just as much of a UNIQUE IDENTIFIER as just leaving the real hexadecimal number in place. N/A stands out like a SORE THUMB on any "log". Edited September 4, 2024 by NotHereToPlayGames
NotHereToPlayGames Posted September 4, 2024 Posted September 4, 2024 18 minutes ago, Dixel said: What this means? Right! The generated number is unique! "n/a" is not the correct way to resolve this. What you should do is REPLACE that "unique number" with one that MATCHES WHAT IS KNOWN AS "GOOGLEGOT". Or whatever Bing's or DuckDuckGo's equivalent is. DO NOT ERASE IT and be MISLEAD by that "n/a". That "n/a" is an IDENTIFIER IN AND OF ITSELF. But sure, it means that as far as Google is concerned, everybody that is being identified as "n/a" is ONE PERSON. Or are they? Not if this "unique identifier" is used in conjunction with just a few other easily-gathered tidbits. But again, "not going to loose sleep over it".
Saxon Posted September 5, 2024 Posted September 5, 2024 11 hours ago, NotHereToPlayGames said: "n/a" is not the correct way to resolve this. That's what the Ungoogled suppposed to have there, what do they "Ungoogle", then? Thorium has this Variations tag, but it never claimed to be Ungoogled! 3
Dixel Posted September 5, 2024 Posted September 5, 2024 @NotHereToPlayGames, if we are to assume you got your Ungoogled from proper channels, them I'm rather disappointed in it, as we know, it claims to be really "Ungoogled", but the variation hash is the core of Evil. It's still there! How so? I was never able to switch them off in Thorium either. 2
NotHereToPlayGames Posted September 5, 2024 Posted September 5, 2024 (edited) Let's slow down and not let bias or paranoia cloud an objective analysis. For starters, the superuser link posted above is seven and a half years old. And the register link posted above is four and a half years old. The register link specififically cites "since 2012 at least, Chrome has sent a header called X-client-data, formerly known as X-chrome-variations, to keep track of the field trials of in-development features active in a given browser". I cannot find these headers ANYWHERE. THEY SEEM TO NO LONGER EXIST. While I have no doubt that they "did" FOUR AND A HALF YEARS AGO. The register article also cites this to exist on YouTube - IT DOES NOT. Again, no doubt that it "did" FOUR AND A HALF YEARS AGO. We FIRST need to verify that these headers are still in use TODAY. Let's start there. Second, if this is supposed to be a unique identifier, why is it IDENTICAL across TWO of my computers here at home? I'll check at work later this morning. Edited September 5, 2024 by NotHereToPlayGames
Dixel Posted September 5, 2024 Posted September 5, 2024 11 hours ago, NotHereToPlayGames said: Second, if this is supposed to be a unique identifier, why is it IDENTICAL across TWO of my computers here at home? I'll check at work later this morning. What are you surprised about> that's how they track people across different devices. Ever heard of canvas database? Well, it's the same, you're in their database, and I strongly suggest to remove your unique ID screenshot! 2
Dixel Posted September 5, 2024 Posted September 5, 2024 11 hours ago, NotHereToPlayGames said: The register link specififically cites "since 2012 at least, Chrome has sent a header called X-client-data, formerly known as X-chrome-variations, to keep track of the field trials of in-development features active in a given browser". I cannot find these headers ANYWHERE. THEY SEEM TO NO LONGER EXIST. While I have no doubt that they "did" FOUR AND A HALF YEARS AGO. About four-five years ago they were simply renamed to Active Variations. Because their properties had been extended along with the collected data, and they can change themselves dynamically (hence the new "Active" word). 1
NotHereToPlayGames Posted September 5, 2024 Posted September 5, 2024 31 minutes ago, Dixel said: remove your unique ID screenshot Removed. Though I'm still not convinced that doing so is just undue paranoia.
NotHereToPlayGames Posted September 5, 2024 Posted September 5, 2024 (edited) 1 hour ago, Dixel said: you're in their database No offense, but SO ARE YOU. Don't be deceived by the legitimacy of your own myth. I claim that the trick is not to AVOID their database - you never will succeed. But rather to be listed in that database TWO HUNDRED TIMES instead of "one". Don't let your browser "auto-update" as it will keep the same "listing" within that database. At least this has always been my assumption. Don't introduce "n/a" fields but modify their contents to match SOMEBODY ELSE'S "fingerprint". You/We/I will NEVER avoid their database entirely. But we can intentionally list ourselves TWO HUNDRED TIMES instead of "one". Edited September 5, 2024 by NotHereToPlayGames
Guest Posted September 5, 2024 Posted September 5, 2024 (edited) A (serious) research was done in 2020 where it was shown that out of the first 100000 websites on Alexa, only 10% were using fingerprinting techniques. The purpose is almost entirely commercial. All websites that violate our privacy sooner or later are added to filter lists that protect our privacy. So precautions to take would be: 1) Use browsers with native capability to block trackers (Thorium does not have this capability). 2) Increase the ability to block these websites with native features of browsers such as Microsoft Defender SmartScreen or similar (Thorium does not have this capability). 3) Use in an adblocker specific filter lists but it is not a protection to be considered complete because it would require filter lists with too many rules here is the importance of using medium/hard mode that comes to our aid. 4) Use DNS filtering to increase the performance of our adblocker. Those who use all these precautions and indeed increase the blocking perfomance of their Chromium-based browser have nothing to worry about. Edited September 5, 2024 by Sampei.Nihira
NotHereToPlayGames Posted September 5, 2024 Posted September 5, 2024 (edited) I kind of maintain that only CRIMINALS need to "lose sleep" over any FINGERPRINT that they leave at the scene. But nor do I condone a laissez-faire approach where the consumer "sells his/her soul" and just "bends over and takes it" as far as PRIVACY RIGHTS go. I once canceled a credit card for one reason and one reason only - their login page would not allow a login without a FACEBOOK SCRIPT BEING ALLOWED. I do not have a Facebook account. And will not bank on a web site "selling my soul" to Facebook. Granted, that was 15-20 years or so ago. Back when coworkers spent half their day on some childish id-iotic Facebook game called Farmville. No clue if Farmville still exists or not. Edited September 5, 2024 by NotHereToPlayGames
Guest Posted September 5, 2024 Posted September 5, 2024 (edited) There is a huge difference between the fingerprints that you see on websites like Browserleaks, and the fingerprints that the various websites that use these techniques might take from you. If MSFN members take care of the 4 tips I wrote above they can sleep soundly even though they see lots and lots of potential violations of their privacy in Browserleaks (by necessity it is a test). Edited September 5, 2024 by Sampei.Nihira
NotHereToPlayGames Posted September 5, 2024 Posted September 5, 2024 Agreed! The one I always get a chuckle out of is when the Paranoid Types talk about a Cloudflare capcha not working and how to MAKE IT WORK. The translation being, "You aren't in Cloudflare's database but you are WILLING TO COMMIT YOURSELF to that database by getting past this capcha."
NotHereToPlayGames Posted September 5, 2024 Posted September 5, 2024 19 hours ago, Saxon said: Thorium/Supermium have even more of those. Can you show a screencap? Feel free to "block out parts" as this seems to be an undue paranoia issue if you ask me. Supermium for me only has ONE. Ironically, it is IDENTICAL to my Ungoogled Chrome's! And YES, I guess that is a tad "alarming". Thorium for me also only has ONE. Again IDENTICAL to my Ungoogled. What I suspect users should be concerned with is if yours LISTS MORE THAN ONE !!! Ask any forensics expert, you cannot ID a criminal when your fingerprint only has ONE "point". Most criminal justice departments require TWELVE.
Dave-H Posted September 5, 2024 Posted September 5, 2024 On 9/3/2024 at 9:28 PM, UCyborg said: I don't think there's anything wrong with using Thorium or Supermium on Win10 if one likes either of these browsers. I haven't installed plain Google Chrome in years. Just an update. I have now indeed uninstalled Google Chrome from Windows 10, and I've installed Supermium 126 x64 instead, as the default browser. It works fine, and I've now got uBlock Origin back again! I've also updated my Supermium x86 installation on XP to version 126, all good. I'm still using Thorium 122 as the default browser on XP. 3
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now