On Google’s Policy Change Towards Fingerprinting
52 comments
·January 10, 2025Hizonner
fidotron
It is because Google want a situation where they have a monopoly over being able to track web users, and Chrome is a major part of that.
Because that is so blatantly anti competitive the adtech industry manipulates it into a sort of war of opaque identifiers (“user resettable device identifiers”) , attached to things like Roku, smart TV and phones, which then can be passed along with bid requests for ads and later used to effectively target people even on other devices in the same household, conveniently only by some players in the adtech world who then charge more.
Breaking the Chrome monoculture will not solve this problem by itself, but it is a necessary step in getting there.
Hizonner
You're not going to even improve the problem without completely shutting down the entire "personalized" advertising industry. Which I'm totally on board for, mind you.
fidotron
That is true, and part of that would have to be enabling people to make money from web type content without shoving ads in it (or it being an ad for something else).
My personal, controversial, conception of the future is to return to the notion of the Internet as a network of other networks, and then enable devs and content creators to sell apps and experiences which operate privately within those networks.
xnx
This seems like nothing. Had Google ever enforced or even inspected its ad partners for use of fingerprinting?
My assumption is that every site that knows how to do fingerprinting is doing fingerprinting and probably deanonymizing against a shared signature database.
NemoNobody
Exactly. There is not anon browsing bc of a browser - you have to do a lot more than a browser to be anon online these days.
fsflover
How about the Tor Browser?
Hizonner
Very hard to link with your name or other elements of your "real identity" (unless you ever give them out over Tor).
Probably only slightly hard to link all the things you do using a given installation of the browser to each other. They do at least try, but it's still basically Firefox, and it's not clear that it's even possible to make an unfingerprintable browser.
gr4vityWall
My guess is that the way aggressive captchas and similar tools work these days is fundamentally incompatible with the original wording in Google's policy.
Doesn't make it any less sad, though. The web is very hostile to the end user these days.
Hizonner
I guess it'd make a difference if anybody'd been following the policy or Google'd been doing anything effective to enforce it. I find this, um, improbable.
jqpabc123
The simplest, readily available solution ---use Brave or LibreWolf.
These can't prevent all fingerprinting but they can make it less reliable and more difficult and costly for a fingerprint to be relayed back to the mother ship.
Personalized advertising is one of the dumbest ideas of the 21st century. Studies show it is less effective than context sensitive ads and it costs more. Participants in ad auctions are essentially flying blind with little reliable, verifiable insight into the process.
dewey
Simplest solution is Firefox or Safari, not another Chromium browser or niche Firefox Fork.
bobajeff
Simplest solution is to not use computers anymore. Move to a cabin in the woods, away from civilization, and live off the fat of the land.
tholdem
If security is not that important, Firefox or Safari. If you care about security, Chromium.
dewey
Any widespread recent security issues that were only affecting Safari and Firefox? That sounds like scaremongering to me.
fsflover
Using Firefox on Qubes OS. Show me any good attack vector affecting me.
iLoveOncall
Ah yes, Brave, the browser that highjacks websites to inject their own referral code, that's the right browser to use for privacy conscious people.
yjftsjthsd-h
So... humor me... let's say that this is exactly true, and Brave adds or replaces referral codes. Is that a privacy problem? The only information that the website gets is that you're using Brave, but not where you got the link. We can absolutely talk about the ethics of the thing or such, but I can't see why privacy conscious people would care.
pseudo0
They were adding their own referral code to queries made in the search bar, not replacing or altering referral codes on websites. They apologized and reversed this after criticism back in 2020 (https://brave.com/blog/referral-codes-in-suggested-sites/).
Overall Brave is pretty good, they build in ad-blocking by default and their own ad service is opt-in. They also have Tor and IPFS support that does not exist in Chromium, and are maintaining Manifest V2 support.
NemoNobody
Well, I don't know what they do with it bc I do not see ads on Brave Browser - it's an entirely different Internet.
jqpabc123
They use it for BAT tokens. You can "opt-in" to viewing some ads in exchange for crypto.
Don't opt-in and enjoy an ad free experience.
LightBug1
What's your suggestion? Genuine question. I'm on Firefox.
NemoNobody
Fr, ignore these people and try Brave Browser.
I care less about privacy than I do an annoying Internet. There NO ADS with Brave Browser - like I just DO NOT SEE ADS anywhere on the Internet.
Anyone that has been using Chrome can't possibly care about privacy anyways and they can't know what I mean about ads online.
SlimyHog
Firefox.
fidotron
He may or may not want the attention, but https://ladybird.org/ is coming along surprisingly well.
In the meantime Safari/Firefox as appropriate.
It's a shame really, because as a piece of software engineering Chrome is incredible.
2OEH8eoCRo0
Is it though? Or is it a monolithic rube Goldberg machine of lock-in?
gr4vityWall
V8 is amazing.
2OEH8eoCRo0
Yeah but I should be able to swap in any JavaScript engine I desire or use one provided by the system. Browsers are far too bloated.
nine_zeros
Use Firefox. Consumers need to wean away from spam companies.
Hizonner
No browser is immune to fingerprinting, or even a little bit hard to fingerprint.
jqpabc123
True --- but incomplete.
Browsers can block known sources of advertising and fingerprinting code.
It's hard to produce a fingerprint when the browser won't load the code.
xnx
Wouldn't Safari on iOS put your browser in a crowd with millions of other people?
jqpabc123
No --- because fingerprinting techniques can detect subtle manufacturing differences in the underlying hardware.
Even identical models of iPhone have minor variations in hardware and configuration and will produce different fingerprints.
Hizonner
No. Not unless every other aspect of browser, many aspects of the computer, and many ways you can configure them were identical with every other user.
In fact, Safari narrows you way down all by itself.
hilbert42
Perhaps so, but with JS disabled, Chrome uninstalled and all Google apps disabled and or removed together with a myriad of other tweaks including phone rooting, regular rebooting of routers to change IP address as well as using multiple different IP providers seems to minimize the problem.
Can't remember when I last saw an ad (except for some static one within the page), and the last time I actually clicked on an ad was about 20 years ago.
Oh and BTW, I use a dumb/feature phone for telephone, my smartphones have no SIMs and they connect to the net via a WiFi router (usually a pocket type), and no email is sent from smartphones. Nor do I use any social media (perhaps one if by some stretch HN could be classified as one).
And Gibson Research's ShieldsUP can't find anything of note.
Finally, without JS the web runs like a grayhound. Sites that break without it are not worth visiting anyway (and they're usually the worst privacy offenders).
I've no need of them, as they say, there are pleanty more fish in the sea.
All this nonsense is only a problem if you expect something for nothing and or like the trinkets and pretty baubles Google pretends to offer for free.
PS: and I don't send or receive email from those who've gmail addresses. Boycotting those with gmail addresses sends a message that one is actually serious about privacy.
null
What is with everybody suggesting this or that browser? They're all going to be fingerprintable. Using a less common browser just makes that easier... not that it will ever be hard.
You might get some relief from some tracking, including via fingerprinting, by using comprehensive ad and tracking blockers. Or you might not, since CDNs are still probably going to track you.