What is Browser Fingerprinting? Is It Worse Than Cookies?

In the current times, topics like privacy and data protection are at the forefront of everyone’s attention. People are now more motivated than ever to protect their personal data.

While many have heard about cookies, fewer people discuss browser fingerprinting in comparison. After all, it’s a fresher concept. So today, this article is going to:

• Compare the two
• Go through their similarities and differences
• Provide a few helpful tips on how you can protect yourself against unwarranted attempts on your privacy.

So let’s get started!

What is Browser Fingerprinting?

When you open a website in your browser, several things get communicated to the server alongside your IP. The browser’s user agent is one example. The latter reveals not only what operating system you’re using, but also the name of your browser and its corresponding version number.

Why is the user agent a part of the browser architecture? It can help to custom-tailor a user’s experience for the best performance on that specific device. On the flip side, it also allows the website to track you.

Fingerprinting Doesn’t Ask For Your Permission!

You might not even realize that fingerprinting takes place. It doesn’t take long to comprehend why it is a reason for concern. What’s worse is that someone can track you without prior consent, explicit or otherwise.

You see, the server can read enough unique parameters from your user agent. It’s easy to conclude that the user is one and the same person, even without knowing your IP or dropping a tracking cookie.

Did you know that you can hide from fingerprinting behind a VPN? That way, the website will get the IP address that the VPN server provides, the obvious benefit of which is that it isn’t yours. Of course, it won’t cover other information, like what OS or browser you use. But if those are mainstream (like Windows 10 and Chrome), it can make you indistinguishable in the crowd.

In the end, there are only so many people using Arch Linux in combination with the Dillo browser, coupled with a resolution of 1920×1080 (an example to illustrate the point). But let’s not get ahead of ourselves. Instead, let’s focus on cookies, the traditional form of user tracking.

Defining Cookies

Cookies are nothing more than a simple text file that gets placed on your device for a period of time when visiting a website. New regulations like GDPR are now in effect in the EU region that steers the webmasters toward obtaining your consent first. But for the rest of the countries, no consent may be necessary.

Cookies have been around for almost as long as the web itself. And unlike what you may have been told, they are not necessarily the evil they often get sold for. For instance, the website may use one to write your preferred settings into it, so there won’t be a need to set them again upon your next visit.

Cookies as a Tracking Tool

Unfortunately, websites can also use cookies as a tracking tool. The good news is that you can delete them at any time. You may also alter the settings of your browser to specify that you do not wish websites to track you and disallow any placing of cookies on your device.

Introducing Supercookies

There’s a unique identifier placed in supercookies. Webmasters can use them to read your browsing history and analyze your browsing behavior. For example, how long you spent reading a specific page.

Flash cookies are an example of supercookies. In comparison to standard cookies, these work across a myriad of browsers and don’t have an expiration date. The good news is that it’s possible to remove them manually.

Cookies and Fingerprinting

By now, you’ve learned that you can either remove or disable cookies, should you choose to. But the same cannot be said for fingerprinting. In practical terms, it is the main difference. In technical terms, these are two separate methods that work in a different manner. However, based on how you use them, they could serve a similar purpose.

So from a webmaster’s perspective, when using cookie tracking methods, they place a text file on your device. Meanwhile, tracking via fingerprinting does not need it. Last but not least, you can opt against having cookies dropped on your computer. There is no such option that would prevent fingerprinting.

Cookies Versus Fingerprinting – Which One is Worse?

This, of course, depends on how someone uses them. In their most innocent form, a website can make use of each to sharpen up the user experience. It custom-tailors it to best fit your browser, device, and operating system.

But when used for tracking your online activity and invading your privacy, it is a different matter altogether. Since you can disable cookies, but not fingerprinting, one could argue that the former is more innocent than the latter. But someone can use them both for purposes equally nefarious in nature.

How to Protect Yourself Against Each

When it comes to cookies, one of the easiest ways to ward against them is to open up your settings section and either remove or disable them. Most, if not all, modern browsers should allow for this.

The middle route is to allow them, but auto-remove them when you close the browser. One might argue this is the best of both worlds.

When it comes to fingerprinting, there are solutions for that as well. But none of them are as straightforward.

For instance, you could use user-agent spoofing methods to confuse the obtrusive website and send it on the wrong path.

It’s also worth mentioning the plethora of browser plugins that block javascript and Flash. Since a lot of your device data reached the websites this way, there’s an argument for never browsing the web without having these installed.

Conclusion

Now you know the bolts and pieces of cookies, fingerprinting, and how these two relate to tracking. Make sure to be on the lookout for it the next time you’re online. And above all, use the means of protecting yourself so those who want to infringe on your privacy won’t have an easy time doing it.