Identifiers

Testing Privacy Tools

Saturday, December 4, 2010 

I was curious after posting some hints about how to protect your privacy to see how they worked.

Using EFF’s convenient panopticlick browser fingerprinting site. Panopticlick doesn’t use all the tricks available, such as measuring the time delta between your machine and a reference time, but it does a pretty good job. Most of my machines test as “completely unique,” which I find complementary but isn’t really all that good for not being tracked.

Personally I’m not too wound up about targeted marketing style uses of information. If I’m going to see ads I’d rather they be closer to my interests than not. But there are bad actors using the same information for more nefarious purposes and I’d rather see mistargeted ads than give the wrong person useful information.

Panopticlik noscript.jpg

Testing Panopticlick with scripts blocked (note TACO doesn’t help with browser fingerprinting, just cookie control) I cut my fingerprint to 12.32 bits from 20.29 bits, the additional data comes from fonts and plugins.

Note that EFF reports that 1:4.1 browsers have javascript disabled. Visitors to EFF are, I would assume, more likely to disable javascript than teh norm on teh interwebz, but that implies that javascript-based analytics packages like Google analytics miss about 25% of visitors.

Panopticlick_1291458952178.jpg

It is also interesting to note that fingerprint scanners (fingerprints as on the ends of fingers) have false reject rates of about 0.5% and false acceptance rates of about 0.001%. Obviously they’re tuned that way to be 50x more likely to reject a legitimate user than to accept the wrong person and the algorithms are intrinsically fallible in both directions, so this is a necessary trade-off. Actual entropy measures in fingerprints are the subject of much debate. An estimate based on Pankanti‘s analysis computes a 5.5×10^59 chance of a collision or 193 bits of entropy but manufacturer published false acceptance rates of 0.001% are equivalent to 16.6 bits, less accurate than browser fingerprinting.

Posted at 06:44:41 GMT-0700

Category: politicstechnology

Finding fun TLDs

Wednesday, September 15, 2010 

URL shortening services have discovered international TLDs because they aren’t as jammed as .com where every combination of 5 or fewer characters and every word in the English language is registered at a parking site.  Some new ones (t.co) have found pretty good short domains.

I found that RWGUSA.net is a great resource for registering domains around the globe – not only do they let you register all the easy ones in the table below, but they also have a way to register more complicated ones that require in-country support (for a fee).

Then all you need is a wildcard dictionary search and some patience to find a cute short domain.  Check out the list below:

Read more…

Posted at 19:26:50 GMT-0700

Category: self-publishingtechnology