Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

> What I'd love for these sites to do is help me understand where I am distributionally. How unique am I? On what? Help me understand what needs to be fixed and what my threat vector is.

This EFF tool does this https://coveryourtracks.eff.org/





Thanks, I forgot about that one.

To critique that (and maybe suggest what OP can do to make theirs better) is that there's poor visualization. What's great is that it tells me there right in center

  > Our tests indicate *that you have **strong protection against Web tracking***.

  > Blocking tracking ads?             Yes
    Blocking invisible trackers?     Yes
    Protecting you from fingerprinting?    Your browser has a nearly-unique fingerprint
But give me some visualization. Sentences like

  Bits of identifying information: 6.76
  One in x browsers have this value: 108.61
Are not super helpful, though they should exist. Showing a density plot[0] is very useful[1]. It gives the user more information, telling them where they need to go. Even a simple replacement to

  One in *108.61* browsers have this value
Makes things easier to read.

In an ideal setting I think the site should suggest to users what they should change and show them where they could be with the new settings. Letting them play around and adjust a some settings.

I know I'm being nitpicky here and to be honest I think the EFF version is "good enough" but I still think adding such visualizations and letting users "see" the results makes things easier to understand and can help them know what to do.

[0] https://seaborn.pydata.org/generated/seaborn.kdeplot.html

[1] In this case it isn't going to be continuous since I pulled from the User agent so this will have more discrete bins. Helping inform the user would be seeing the proportion of those other bins. That way they know what to change their user agent to!

reply


It would be nice if they (or someone) could list ways to mitigate against each of these information leakages. Or even nicer if someone made a plugin that make us unidentifiable. Even nicer would be a way to e.g. disable sharing which fonts, extensions, etc. I have installed. Why do webpages even need to know such details? What if our browsers just sent Firefox vN instead of this huge string? Why does a webpage need to know how many CPU cores I have, or, let's say I have > 4, that should be sufficient to run any webpage and anything > 4 could just be reported as 4. If they don't know these things, I assume webpages/frameworks will still work fine.

reply




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: