Chromium privacy issue:browser fingerprinting
lukekuhn at hotmail.com
Tue Jul 31 18:21:57 UTC 2012
1: Get control over Youtube and Gmail users by blocking multiple account formation unless users agree to give them a mobile phone number. In the past, they used things like IP address history and IP address match to zip code to determine who to "challenge" for a phone number. I abandoned Youtube because of this, blocked comments on all my old videos to eliminate the need for admininstrative logins, and walked away from the account.
2: Make it much harder to avoid creating a Google search history that can be sold to advertisers or used to target ads. This database is also vulnerable to subpeona. In the light of the recent "street view" case revelations of illegal data retention, I assume the worst about Google.
I won't use Google or Youtube at all without Tor, NoScript, and Ghostery in Firefox, and when they block Tor I treat them as "Server down."The user-agent is set to make it appear that Firefox is running under Windows. Since I make activist media, I have to be careful about this sort of security issue, same as the reason I use encrypted disks, with their overhead, on video editing boxes along with all my others.
As a result, I can only recommend Chromium for known safe sites that you can trust not to track you by browser fingerprint. Fine to keep it in repo, but no distro should install it by default. While neither Ubuntu nor US is intended as a "security" distro, flagging software that creates such a severe privacy issue might be a good idea. Of course, the counter is that Firefox has to be actively secured to do much better an Panopticlick, but then again, they only have about 2 million browser "fingerprints" to test against. Surely Google has far more.
> Date: Mon, 30 Jul 2012 17:37:25 +0200
> From: Ralf Mardorf <ralf.mardorf at alice-dsl.net>
> To: len at ovenwerks.net
> Cc: Ubuntu Studio Development & Technical Discussion
> <ubuntu-studio-devel at lists.ubuntu.com>
> Subject: Re: Another idea for comments
> Message-ID: <1343662645.2215.5.camel at precise>
> Content-Type: text/plain; charset="UTF-8"
> I didn't follow this thread. Is there a list with the available
> meta-packages and the included files somewhere available. I suspect this
> thread is about Quantal. FWIW I'll stay at Precise, since it's a LTS.
> Much used by Linux folks is Chromium, I guess it's not an option for
> Ubuntu Studio. However, most people from Linux and Windows know Firefox.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Ubuntu-Studio-devel