this post was submitted on 11 Aug 2023
590 points (96.5% liked)

Privacy

37765 readers
596 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
k_o_t@lemmy.ml
tmpod@lemmy.pt
Yayannick@lemmy.ml
ranok@sopuli.xyz
590
This post knows where you're viewing it from (Lemmy doesn't proxy external images) [ARCHIVED] (lemmy.ml)
submitted 2 years ago* (last edited 2 years ago) by TriLinder@lemmy.ml to c/privacy@lemmy.ml
142 comments fedilink hide all child comments
 

Note: This post now archived and as such no longer works

An external image showing your user-agent and the total "hit count"

(page 2) 50 comments
sorted by: hot top controversial new old
[–] gamey@feddit.rocks 9 points 2 years ago

Image proxies are a must have, let's hope we get those soon!

[–] loudWaterEnjoyer@lemmy.dbzer0.com 9 points 2 years ago (6 children)

unknown device?

[–] TriLinder@lemmy.ml 3 points 2 years ago (1 children)

The user-agent detection definitely isn’t great. If it doesn't recognize a client, it just says unknown. But that wasn't the main point of the post anyway, this was just meant as a quick proof of concept for anyone curious.

load more comments (1 replies)
load more comments (5 replies)
[–] Mikug@lemmy.world 7 points 2 years ago (1 children)

load more comments (1 replies)
[–] Drinvictus@discuss.tchncs.de 5 points 2 years ago (11 children)

Holy shit. How do we avoid this? VPN?

[–] ricecake@beehaw.org 9 points 2 years ago (1 children)

It's not nearly as nefarious as people seem to think. Effectively all applications that access web resources send along what they are and basic platform information.
This is part of how the application asks for content in a way that it can handle
It does a little to let you be tracked, but there are other techniques that are far more reliable for that purpose.

[–] PoliticalAgitator@lemm.ee 5 points 2 years ago

I posted this further up, but I think it's worth pasting here too:

I suspect with a coordinated pool of posts or multiple comments on the same post, you could narrow that IP address down to an actual user account.

When a new comment is posted by a user, store, against their username, all IP addresses that visited since the last comment in that thread (by anyone). When a second comment is posted by a user, remove any IP addresses that don't appear in both lists.

I suspect you would have a very short list after two comments, and a single address after 3. It would also be extremely easy to both lure someone into viewing an image and bait them into multiple replies. Geolocate that IP and you know know vaguely where that user lives.

Time to make sure you're always on a VPN I guess.

[–] CookieJarObserver@sh.itjust.works 4 points 2 years ago* (last edited 2 years ago) (2 children)

Next DNS Blocks it apparently.

load more comments (2 replies)
load more comments (9 replies)
[–] mub@lemmy.ml 5 points 2 years ago

All these people correcting the result effectively giving useful data to improve data collection and detection methods.

[–] WhatAmLemmy@lemmy.world 4 points 2 years ago

Lemmy clients should really include an option to group or only show the first instance of a link for cases like this; where the same link is posted to multiple places.

[–] tjaden@lemmy.sdf.org 4 points 2 years ago (1 children)

Jokes on you! I use a Firefox extension that spoofs my browser profile. https://addons.mozilla.org/en-US/firefox/addon/chameleon-ext/

load more comments (1 replies)
[–] ZeroHora@lemmy.ml 3 points 2 years ago

User Agent Switcher and Manager

load more comments
view more: ‹ prev next ›