On 10/1/2013 12:06 PM, Nicolas Vigier wrote:
Thanks. I'm not a statistics major, so you may have to explain, but are you saying that the 1st time I visit w/ a given set of browser characteristics, and they've only seen 1:3,444,000 browsers w/ exactly the same traits, then on my 2nd visit, they've now seen 2 identical browsers in 3,444,001 = 1: 1,722,000.5?On Tue, 01 Oct 2013, Joe Btfsplk wrote:Not sure I understand the question in this context. Without cookies, I don't expect them to identify repeat visitors. I read their full paper on how they use the data collected https://panopticlick.eff.org/browser-uniqueness.pdf Me visiting 2 - 4 more times, or even the other site visitors - *in the same 2 - 4 min. span*, wouldn't (actually) affect the statistics & lower their reported uniqueness estimate by factors of 2, 3 or more. Repeating the test 4 times, almost immediately (clearing cache between), out of an existing data base of millions of other site visitors, wouldn't lower my uniqueness from 1 in 1.7 million, then to 1 in 700,000, to 1 in 500,000.1st visit: 3 444 000 2nd visit: 3 444 000 / 2 = 1 722 000 3rd visit: 3 444 000 / 3 = 1 148 000 4th visit: 3 444 000 / 4 = 861 000 5th visit: 3 444 000 / 5 = 688 800 6th visit: 3 444 000 / 6 = 574 000 etc ...
All that seems to mean is, they've not seen many browsers like mine (poor distribution), IF... it started out as 1 in 3.44 mil, or anything close - as mine would be a VERY common setup.
All the individual characteristics tested were very common, per their results. Most are < 1:10 & none > 1:100, except the screen size (which seems incorrect). Seems unlikely my 1920 width monitor only has 1664 "usable" browser pane width (what they show). When they show *1920* width for TBB, but the 2 browser panes are the same in width. Only thing taking up horizontal space on either browser is the vertical scroll bar, which are pretty much identical.
*NOTE:* The *"bits of identifying information"* for individual browser characteristics (useragent, cookies enabled, etc.) & uniqueness (1 in X have this) of the INDIVIDUAL characteristics do NOT change, as you run the test repeatedly. Those values must be calculated from a set data base & don't seem to be affected by your current visit.
Assuming trackers had a large enough sample space to have a high confidence level, for fingerprinting purposes, would it matter if only 1 in 10,953, or 1 in 10,953,000 browsers were like yours? As long as they could identify A browser w/ the same uniqueness (EXACT same characteristics - entering & exiting). Even w/o Flash or Java enabled & revealing system fonts, etc.
Only way I see that's not true is if 100's of users w/ EXACT same browser characteristics (right down to same screen characteristics), used the same entry / exit relays at the SAME time. That's unlikely, unless TBB starts spoofing screen size, the same for everyone.
I believe in same TBB version (maybe the same in many versions) they spoof the useragent & time zone, but wouldn't differences in screen sizes & color bit ALONE, among a few users on one entry / exit combination, at a given moment be enough to fingerprint one user?
-- tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx To unsusbscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk