The internet is a scary place and your personal information can be very valuable to unscrupulous marketing companies that want to collect your information to show you targeted advertisements.
although VPNs encrypt your traffic, they cannot prevent websites from tracking your activities through clickbait ads and cookies. Fortunately, most major browsers support extensions that can block malicious links and prevent unnecessary cookies from being downloaded to your device.
If you don’t already have one of these extensions, check out our guide to the best ad blockers of 2023. You can also check your web browser settings to ensure that your cookie settings are configured to respect your privacy.
While using a VPN, browser extensions, and making sure your web browser’s settings are configured for privacy are good steps toward anonymity, they unfortunately can’t prevent you from being tracked completely. Your device’s fingerprints can still give you away.
What are device fingerprints?
Device fingerprinting, also known as machine fingerprinting, is the process of collecting information about the software and hardware on a device in order to distinguish it from others. This is not always done for sinister reasons. For example, a software license only allows you to install software on one computer, and unfortunately the system on that computer had to be reset. In this case, the developer may use a special fingerprinting algorithm based on your machine’s specs to make sure it’s the same algorithm you used last time so you can reinstall the software.
Unfortunately, fingerprints can be misused to identify your device in scenarios you don’t want to identify yourself. During the past years browser fingerprints has become very sophisticated and the implications are very scary. You can use a reliable VPN or an ad blocker, have an antivirus installed and even use your browser incognito mode but you can still be identified.
Often it is your web browser that betrays you. Every time your web browser requests to load a page from the internet, it sends a header with details about the operating system and web browser you are using. This way, sites can more efficiently transmit the information needed to view the web page. Sometimes these headers also contain information about the type of device you are using. This isn’t much in itself, but this is just one example of a device fingerprint that may make your device more identifiable.
Unreliable websites can also use it javascript to find even more information about you. As browser extensions you are using, your monitor size, resolution, your time zone, system language, and so on.
Some sites even go so far as to use a technique called canvas fingerprinting, which uses HTML5 to insert invisible text into your page. When your device processes the text, the time it took your machine to render the image can be used to find out the exact model of GPU you’re using. A similar technique called WebGL fingerprints can also be used to identify and distinguish your GPU from others, as each GPU will perform slightly differently.
Sometimes a tracker will even play a very short sound and then analyze it through audio fingerprinting, as each web browser manages and plays sounds slightly differently.
So that you can discover how easily your device can be distinguished from others, the Electronic Frontier Foundation has developed the Cover your tracks online test. If you’re concerned that you can still be easily tracked online and want to make yourself more anonymous, try some of these techniques to cover your tracks.
Use a regular web browser
If you’re using a particularly unusual type of browser, you’re more likely to have a unique fingerprint. Consider using one of the big players like Mozilla Firefox, Google Chrome or Microsoft Edge.
The Tor browser was one of the very first browsers specifically designed to resist browser fingerprinting. The developers do their best to ensure that the browser fingerprint is the same for all Tor users. Some of the data sent in headers is fake, so it will always look like you’re using Windows no matter what operating system you’re using. This operating system was chosen because it is the most widely used operating system worldwide. The Tor Browser can also block WebGL and Canvasing tools and uses the NoScript extension to disable Javascript.
Disable JavaScript
Much of the information that can be used to fingerprint your device is collected through trackers that run Javascript code in your browser. You can disable Javascript altogether in all major browsers, but this may prevent some legitimate sites from loading properly. Instead, consider using a browser extension like NoScript, which blocks Javascript by default but lets you enable it for specific sites.
Use Canvas Blocker
Since browser extensions are one of the ways you can be identified, you may be wondering why we recommend installing another one. We advise Canvas Blocker because it has some great features that can prevent you from getting fingerprinted from the Canvas and WebGL methods mentioned above. It can also protect you from more advanced fingerprinting techniques, such as playing sounds and detecting your screen resolution. The extension is available for all major browsers such as Chrome, Edge, and Firefox.
Use your smartphone more
Believe it or not, mobile devices are actually harder to fingerprint. They are less configurable and support fewer extensions. This means that people are using more identical browsers on their smartphones, making them more difficult to identify via browser fingerprints.
Stay encrypted
Trackers sometimes use super cookies to identify your device. These are placed in your network by your ISP. They are not stored on your computer, so you cannot detect or delete them. They also cannot be blocked via AdBlockers. The only way to prevent them from giving you away is to ensure that your header information remains encrypted.
Don’t give yourself away
While device fingerprinting has some legitimate uses, it is mostly used by malicious actors to track your online browsing activities. They don’t need to have your personal information, especially since they’ve never asked permission to collect it.