Re: User-Agent strings, privacy and Debian browsers

To: Peter Eckersley <pde@eff.org>
Cc: debian-devel@lists.debian.org
Subject: Re: User-Agent strings, privacy and Debian browsers
From: Jeremiah Foster <jeremiah@jeremiahfoster.com>
Date: Tue, 25 Sep 2007 13:16:17 +0200
Message-id: <[🔎] C58E5859-9335-48CF-AF30-6C21745CFEBF@jeremiahfoster.com>
In-reply-to: <[🔎] 20070922181849.GA28786@illuminance.reworld.org>
References: <[🔎] 20070922181849.GA28786@illuminance.reworld.org>


On Sep 22, 2007, at 8:18 PM, Peter Eckersley wrote:

On Sep 22, Marco D'Itri <md@Linux.IT> wrote:

On Sep 22, Peter Eckersley <pde@eff.org> wrote:

This means, in practice, that many sites will be able to track
Debian users by their User-Agent, even if (say) the user is blocking
cookies or limiting them to a single session and is changing IP
address regularly.


This is highly debateable. There may be tens or thousands of users of
the same package visiting a web site.


I've seen reports from very large sites indicating that User-Agent
strings are almost as useful as cookies for tracking their users.

There is no question that many, if not all, web sites that trackvisitors use the UA string in some way or other. Often it is used fortracking and more commonly it is used to create work-arounds for non-standard compliance. For example IE 6 has some quirky CSS behaviorthat people often have to consider. Or people use the UA string withthe IP and create a hash that is the 'signature' of the visitor. Thisof course breaks easily but it is still done.


	Jeremiah

Reply to:

References:
- Re: User-Agent strings, privacy and Debian browsers
  - From: Peter Eckersley <pde@eff.org>

Prev by Date: Re: modified email address in debian/copyright file
Next by Date: volatile.debian.org: Does Debian still support it?
Previous by thread: Re: User-Agent strings, privacy and Debian browsers
Next by thread: Re: User-Agent strings, privacy and Debian browsers
Index(es):
- Date
- Thread