• Norgur@kbin.social
    link
    fedilink
    arrow-up
    6
    ·
    1 year ago

    I hate to be the one who tears the band-aid off, but… what do you think “incognito mode” does? And how do you think do search engine providers and website owners identify you on the web?

    All “incognito mode” does is ignore any existing browser cache and delete it’s own cache after the window is closed. So you are logged out, yes. But that doesn’t mean anything. Any browser-fingerprint, anything else will be more or less the same: IP, OS, Screen size, combination of browser and OS version, etc.

    Google will know who visited. Facebook will know who visited.

    • Rikudou_Sage@lemmings.world
      link
      fedilink
      arrow-up
      2
      arrow-down
      1
      ·
      1 year ago

      And it has separate storage for cookies, local storage, session storage and generally all other storage. And in Firefox, the list of plugins is also different (which is also a source of fingerprinting). If I’m not mistaken, the canvas and similar fingerprints were patched a while ago.

      IP is pretty much irrelevant, hundreds of people can easily share an IP.

      So no, Google and Facebook won’t know who visited.

      • joneskind@lemmy.world
        link
        fedilink
        arrow-up
        5
        ·
        edit-2
        1 year ago

        Incognito mode doesn’t hide your IP address, nor your user-agent, nor your operating system and its exact version, nor anything your browser/system is willing to share, like position, apps installed, photographs, contacts etc.

        IP is pretty much irrelevant, hundreds of people can easily share an IP.

        LOL. Absolutely not. An IP address is unique to your internet line and can’t be shared. Some internet providers will even dynamically change your IP address from time to time (usually between a few weeks). So, until you live in a hundreds of people village sharing a single box… you know what I mean.

        And it has separate storage for cookies, local storage, session storage and generally all other storage

        indexedDB, file system, localStorage and sessionStorage access is strictly domain based data, thus already separated. Only third party cookies can be shared across domains.

        I’m a web developer in an adtech company. GDPR prevent us to store any type of data on the user’s computer. We use incognito mode to reset the cookie consent (for development purposes). The only thing incognito mode can do is preventing websites to directly trade user information. It doesn’t prevent them to get and store any information. One of the legal role of GDPR is to prevent websites to store and trade user information (among other things).

        Even disabling JavaScript can’t prevent the server to get and store enough information to identify you, as everything is logged. The header of any HTTP Request already gives a lot.

        So no, Google and Facebook won’t know who visited.

        Google Ad Manager is installed everywhere. A single script that communicates every single of your interactions, from which browser, which location, which OS, which computer chip etc. You’re naked. Incognito doesn’t change anything.

        • Rikudou_Sage@lemmings.world
          link
          fedilink
          arrow-up
          1
          arrow-down
          1
          ·
          1 year ago

          What a coincidence, I’m an architect in an adtech company!

          So, IPs can and are shared. For example because there’s hardly enough for every device connected. And yes, I used to live in a village where everyone had the same IP. But that’s beyond the point, every device on your home network has the same IP and ad companies don’t really want to have bad data about you, which would happen if anyone actually used IP for tracking.

          • Ghoelian@lemmy.dbzer0.com
            link
            fedilink
            arrow-up
            2
            ·
            edit-2
            1 year ago

            I thought the way fingerprinting works is to try to get a bunch of semi-personal information, which together can identify a single person?

            Like there’s plenty of people using a 1920x1080p display. Doesn’t stop companies from using that as part of their fingerprinting.

            Sure, your entire town might share an IP. That just means you’ve narrowed your search field from the entire world to one town.

            • joneskind@lemmy.world
              link
              fedilink
              arrow-up
              1
              ·
              1 year ago

              This is exactly how fingerprinting works.

              By crossing enough data.

              Some values might change, like IPs for instance, but never at the same time.

              To make it simple, like the famous Akinator, say you only need 10 values to identify someone with 100% certainty. Store 15 of them, and by the time one of them changes, you still have 14 values to identify with 100% certainty the user. You can then update your pool of data for this particular user.

          • joneskind@lemmy.world
            link
            fedilink
            arrow-up
            2
            arrow-down
            1
            ·
            edit-2
            1 year ago

            Being an architect doesn’t mean you understand the codebase.

            By the way, having 1000 people’s IP changing at the exact same time makes it even easier for fingerprinting, because you only have to get one user’s location to get the 999 others.

            For example because there’s hardly enough for every device connected

            There are 4,294,967,296 IPv4 address (232) and 340,282,366,920,938,463,463,374,607,431,768,211,456 IPv6 addresses (2128)

            So… yeah… sure…

            • Rikudou_Sage@lemmings.world
              link
              fedilink
              arrow-up
              1
              arrow-down
              1
              ·
              1 year ago

              Well, if that’s how you use your data, I wouldn’t really want to be the one doing any kind of analysis on it. And I certainly wouldn’t want to pay for that as your customer.

              • joneskind@lemmy.world
                link
                fedilink
                arrow-up
                1
                arrow-down
                1
                ·
                edit-2
                1 year ago

                Fortunately, I don’t have to work with “architects”, I work with developers.

                • Rikudou_Sage@lemmings.world
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  ·
                  edit-2
                  1 year ago

                  Lucky you, just making stuff up as you go without having someone think about the bigger picture! Seems to work well so far.

                  Anyway, blocking you, got kinda tired of this.

                  • joneskind@lemmy.world
                    link
                    fedilink
                    arrow-up
                    2
                    ·
                    1 year ago

                    Next time, try to argue with actual facts. I know it’s harder than just pretending, like every what-a-conincidence-I-work-in-the-same-area-as-you dudes…