You have your browser set to Private Browsing or Incognito mode where it doesn’t store coookies or history. You load up your favorite VPN, Tor, or I2P and are thinking, “I am totally secure and no one can track me now.” Wrong. You still are possibly leaving a digital fingerprint or browser fingerprint behind. Just because you have a secure computer and can change your IP, people can still find you. Browser Fingerprinting is how some agencies have been able to identify people even through Tor or a VPN.
The EFF, or Electronic Frontier Foundation, discovered this a few years ago and has set up a website to demonstrate their findings. Check out the website below, run their fingerprinting test, and see if your online fingerprint is unique to you out of everyone they have tested. Im guessing it will be.
How does browser fingerprinting work? Once the tracking script is loaded and executed in your browser, it will detect detect things like fonts installed, screen resolution, browser, operating system, addons, and the exact versions of each. A hash is then made based on all the information the script has collected. That hash can help identify and track you like an IP address would.
I had a website where people were using VPN’s and Tor to connect to it to try and do nefarious things on it. Since they could change their IP with one click, I had to implement a different way to track and block them. I used a browser fingerprinting method to do just this. They could still get around the block by changing their resolution or browser, but it made it harder for them, and eventually they gave up.
People are trying more and more advanced techniques to be able to fingerprint and track you online. One such example of this is called HTML5 Canvas Fingerprinting. The following browser addons are noted for their ability to block Canvas Fingerprinting.
If you take away anything from this article, just know that it is easier than most people think to track people online. You should check out all the software and browser addons mentioned in this article and see which one or combinations of ones are right for you. There is no 100% certain way to prevent all forms of tracking, however with a little background knowledge and the right configuration and software, you can greatly reduce your chances of being tracked.
Here is some sourcecode that you can look at to learn from or use to implement a browser fingerprinting tracking system on your site. https://github.com/Valve/fingerprintjs