- cross-posted to:
- privatliv@feddit.dk
- technology@lemmy.world
- cross-posted to:
- privatliv@feddit.dk
- technology@lemmy.world
You must log in or # to comment.
Onion Browser with Orbot set to gold - site can’t see shit. So that works!
Thanks for sharing, I was already using a decent anti-fingerprinting browser (Fennec) but the fact that it gave away my timezone made me research a bit more and I’m now on IronFox, which has a toggle to spoof it, and reports a fake screen resolution. Great! I’m now unique on coveryourtracks though
Got me to disable sendrefererheader. We’ll see if that breaks anything…
I prefer https://www.deviceinfo.me/
Interesting that this one doesn’t detect my battery (says it’s blocked) but the one OP posted can see it
It seems to be based on how the website is interpreting the browser. I got mine correct but with the battery mentions Firefox and a removed API. I wasn’t using Firefox.
iOS and the browser I use block a lot of stuff from being visible, interesting!
I get a blank page?
So a prettier and minimal version of https://coveryourtracks.eff.org/ ?
This is a much more detailed, less “fear mongering AI” version of the other website. Thanks for sharing!
Kinda like they feed Cover Your Tracks to an LLM’s template so you can experience the data in narrative form
(No LLM used when you visit the site, just when they built it, is what I’m guessing here)
Site feels very LLM generated - in particular the writing just feels off
I scrolled “103% of the way down”
Could you explain why it would be in any way relevant if that was the case?
AI generated is just a stand in for hollow & over-dramatized here. Probably I could enjoy AI generated content if it wasn’t shit. The claims on the site reminiscent of 14y/o skids trying to scare each other: “uhhh I got your IP I will hack you now!1!1”, except now you have access to some chatbot subscription to make it sound like it’s a big deal.
It is a big deal how much the browser shares about you without people realizing. No one thinks about these things.
If you use a VPN on Spain you might think you’re safe but then your timezone is saying you’re in Ireland. You thought you were fooling them buy you really aren’t. You can’t outsmart fingerprint and I wish people made a bigger deal about this so actual solutions get implemented.
Sites like these raise awareness which is quite important.
So, just say that. You think site is hollow and over dramaticized.
https://piefed.social/c/fuck_ai/p/2042849/i-ve-finally-understood-what-my-beef-with-ai-is
I came across this post the other day, and this person has put into words what I have simply failed to.
In short; AI makes the world feel empty and hollow. Many people enjoy the process behind the things we create or encounter, even if it wasn’t us to go through that process. Replacing it with AI removes the human touch/connection that made that thing interesting. I don’t want to know about the faceless algorithm that spat out what I’m seeing; I want to know about the person that created this and their experiences that brought them here.
I mean that’s fine, but plenty of things in our modern life are mass produced, and utilitarian. Everything doesn’t need to be art. For example, I don’t need my toothbrush to be crafted by an artisan, nor do I care if a website that shows stats collected by the browser was artisanally coded or not.
True; however many of the current use cases for AI aren’t utilitarian, but are instead forcibly replacing artists while stealing their work to do so. Ontop of this, the infrastructure behind/supporting these tools is destructive and measurably making a significant amount of peoples lives worse.
These factors have jaded people against AI as a whole; as support for AI is seen as support for the destruction and instability it’s brought with it.
And the rest of us are just tired of people braying about AI in every single thread. People just have to learn how to deal with their personal issues without spamming about their feelings everywhere. I see far more people screeching about AI than actual AI generated content at this point. These tantrums add absolutely nothing to any discussion, and they’re just noise.
“I’m tired of listening to people complain about their or their friends lives being uprooted and my indifference to those problems”
I see far more people screeching about AI than actual AI generated content at this point.
Good, it’s working. People are shying away from creating/posting AI content, knowing it’s very vocally unwanted.
Not really, people are just tired of your spam.
I’m actually going to make a separate point from my other comment:
Art is a matter of perspective.
Maybe you don’t care about how your toothbrush was designed; but someone somewhere sat down and made decisions about how to best shape it, what materials to use, what kind/how many/what thickness of bristles, how to color it, etc. Those were decisions made from experiences that person had which they chose to factor into their designs.
Someone else out there is interested in what led to those design choices, perhaps to design their own with improvements or changes, perhaps just out of curiosity. They can’t ask an algorithm why it made the choices it did and have a discussion about the details; but they could with a person.
What some find disinteresting, others immerse themselves in. AI destroys those opportunities for human connection. Human connection we already struggle to find as a species.
You might not care how this site was created, but some do. The use of an LLM has made it impossible to discuss the choices made, because there weren’t any decisions, just an algorithm spitting out letters one after another…
That’s just a complete straw man that stems from having utter lack of understanding how people actually use LLMs. Here’s one example for you from Terence Tao https://mathstodon.xyz/@tao/115855840223258103
because if you lack the ability to discern whether or not something is actual useful feedback or hallucinated AI garbage then it’s worthless
“knowing” something wrong is arguably worse than not knowing anything at all
Oh boy, if you think humans are never wrong and trust human generated content implicitly, prepare to be surprised.
rank condescension aside
if you are somehow incapable of realizing that leaning on AI only exacerbates the problem you’re talking about then idk what to tell you
The point here is that we already lived in a world where you can’t just take things on faith. The AI changes fuck all about that.
I’m interested in the people that make the stuff I consume. When I read something or enjoy a piece of art, much of the enjoyment is imagining why the artist made the decisions they did. If it was made by AI, the answer is much less interesting.
This is not a piece of art, it’s a piece of educational material showing people what information websites collect about them. But it’s also fascinating how you could enjoy something if you didn’t know how it was produced, and then the act of knowing would remove the enjoyment you were deriving from it.
The enjoyment includes the feeling of reaching out to another person’s mind. Finding out there is no mind is like expecting stairs where there are none and stepping into emptiness.
That’s just complete misunderstanding of how people use these tools. The intention still comes from somebody’s mind. Somebody had an idea and they used the tool to execute it.
They’re the client, not the artist. There is no artist and no artist’s mind to connect to.
In the same way a photographer is a client of the camera.
it’s also fascinating how you could enjoy something if you didn’t know how it was produced, and then the act of knowing would remove the enjoyment you were deriving from it.
Would you feel differently about, say a book you read and somewhat enjoyed if you later learned it was written by a fascist? It sure would make a difference to me. Have you never consumed any sort of media that you later felt was tainted by who created it, or used a product that you later decided not to use again after learning how it was produced? There’s even a colloquialism referring to this very thing, about “knowing how the sausage is made.”
Sure, because it would be tainted by another individual with goals and intentions different from my own. Being upset that something was made using a particular tool is quite different from that. Also, do you get upset looking at a beautiful sunset just because no human designed it intentionally?
If intelligently designed sunsets were an option, I’d probably like those more. You raise a good point, we might just like all these “natural beauties” because we haven’t anything else.
Or perhaps the beauty is in the eye of the beholder. We are able to appreciate things that look interesting without them having been designed, and they can trigger emotions and ideas within our own minds that are meaningful to us. Even with human created artifacts, we do not know what the artist was thinking vast majority of the time, or what they were actually trying to convey. We interpret the work using our own thoughts and experience. So, even with the most meticulously human generated art, it is the viewer projecting their own meaning onto it.
I was taking the statement about what you found “fascinating” in isolation because it was phrased as such. You were surprised that the other commenter could find enjoyment in “something” not knowing how it was produced then feel less enjoyment after learning more. That is a silly thing to be “fascinated” by because it is something that the vast majority of us are keenly familiar with. But because that commenter has qualms about AI which you don’t, you suddenly can’t understand how later information about something can alter one’s enjoyment of it? It’s an absurd thing to say. As is your sunset question. I don’t get upset looking at most AI slop either, but I absolutely do place it in a different category than either a natural phenomenon or something I know was made by human expression and if you can’t understand or recognize that difference, I don’t know that anything I could say could help you with that.
Last I checked, LLMs have no will or agency of their own. Literally everything they produce is an artifact of a human expressing themselves. The argument is regarding how much effort a human is expected to put in and what tools they use to express themselves. Apparently, when a certain arbitrary threshold is reached, then it’s no longer human responsible for producing something.
Very well done site!
Scary
Really interesting and slightly scary, thanks for sharing!
Your screen is 360 by 640 pixels, rendered at 4x density — which means it is almost certainly a recent, high-end display
GUESS AGAIN, IDIOTS!
Your finger moved 899 times… what???
It seems to count a swipe as a series of dozens of movements. Probably to show there’s a clear fingerprint even in how exactly you move your finger.
Websites don’t just get a “swipe” command. They know exactly where your finger is on the screen at any given moment.
What other tabs were open? 👀
It’s been a few years since I was invested in this topic, but I think the “meta” for reconciling the tension between blocking tracking and unique fingerprinting was to, in some cases, spoof information rather than outright block it.
Tor browser does that by default, though a few years ago when I tried to use it as a daily driver it was too tedious thanks to cloudflare.
Most of my research regarding browsers was focused on computers. Now that Firefox mobile can run extensions some of this might be mitigated that way.
Blocking JavaScript unfortunately makes you super unique but the tradeoff is probably worth it imo. I don’t want every random site I visit to immediately run a bunch of code, especially third party nonsense. Even if it makes my traffic stand out.
For most threat models I suspect unrestricted JavaScript is more dangerous than the potential for fingerprint-based tracking. Or at least JavaScript is very likely to leak multiple unique data points, whereas a “blocks JavaScript flag” is just a single unique identifier.
Sandboxing and siloing can also mitigate some of the risk, and is relatively painless once implemented.
All of it comes down to threat model and motivation. You can probably get like 70% better privacy/security for 20% of the work, which is a good standard for a typical usecase/person. Install ublock, disable some of the higher risk and less useful tracking (websites don’t need my fucking battery and gyroscope).
Diminishing returns start to hit hard, in part due to the passive fingerprinting / active tracking tension, due to cloudflare, due to everyone around you that doesn’t give a shit. Anything on the other end of the risk spectrum should just be done without a smartphone in the vicinity, if possible.
I’m honestly not impressed. Basic IP address that didn’t really provide an accurate location, plus the (no shit sherlock) state and country it was in. Told me it was ios, a browser, and that I’d turned a bunch of stuff off.
That’s it.
Opend it in Tor Browser inside a Whonix dispVM inside Qubes OS it got nothing on me
I tried it with Tor browser on a standard OS, hoping I’d get a similar result to what you got using Tor on Whonix, etc. It fed me a line about how my information was still shared but because javascript is turned off, it can’t tell me what that information is. More like it won’t tell me, because amiunique.org and other sites like this do so just fine. I know I can turn js on and reload, but part of the point would be to see the difference in info shared with it on vs off but this place can’t test that.
“We know your IP address”. No kidding, that’s how IPv4 works, even if the browser wasn’t
leakingoffering it.The point is not that they know your IP, but that even your IP already gives away information. That’s why they start with the information, rather than the IP being the source.
This is not intended to be for people who understand how this works.
And as someone else said, probably vibe coded.
I understand how all of it works. Whether it’s vibe coded or not it, it showed me stuff that I didn’t think about like arbitrary web pages can know my phone tilt, battery level??
The opsec implications are severe.
Oh yeah, it’s insane. The only way to truly protect your identity on the internet is by not using the internet. Second best would be tor, I suppose
The public IP is irrelevant, only shows the IP of the server used by your ISP, which can be at the other side of the country. It can maybe identify the ISP, but not the user, less if a dynamic changing IP is used. The public IP is always leaked if you don’t use a VPN or the TOR network.
Absolutely not, the public IP a website sees is your home IP. The resolved location will be inaccurate by design, but the IP definitely identifies you at that time.
What the website see is the current IP of the used ISP server in this moment. In the last check it was Madrid, several hundreds km from my real home. The public IP isn’t the same as my user IP, which only know my ISP and I (and the police by the ISP, if exist a court order). The public IP don’t show your real location, the website only can use your GPS data if you have it activated or if it appears in your account data (Google, Google Maps).
depends on the isp, my router has its own adress on the iternet
couple of friends have a different isp that layers it users behind multiple nats so half the city would show the same ip on a website
Depending on your location it can actually be geolocated into your specific city block, I geolocated an online friend’s IP just for the hell of it (I already knew where they lived) and it spit back out the city block they lived in as well as a lot of other very identifiable information
Also, if you can ping devices on that network using that IP you can also use that as a way to easily identify users. That’s if they have anything that isn’t firewalled, obviously, but the point stands!
