[nerdponx]

To wit, A few weeks ago there was a discussion here about a method by which you could figure out how fast a browser/machine could compute an SHA 512 hash, and that this was being used to fingerprint users even who had cookies, images, JavaScript disabled.

[kazagistar]

Hence why technical solutions have been and always will be the wrong approach. If you are worried about privacy, then work to make tracking illegal. That's what this article is doing.

[SquareWheel]

Was it just a proof of concept demonstration, or was there evidence that this method is being used in the wild by advertisers?

[nerdponx]

They stated that they were using it in production for that purpose.

[SquareWheel]

Gotchya, thanks. That seems... kinda wild to me. That method has to be super imprecise, and wastes the resources of everybody involved.

[bo1024]

I would like to see more. How can you get their computer to compute the hash? Is it somewhere in the https interaction?

[nerdponx]

I don't recall the details, but it had something to do with a would-be security feature in the browser that computes the hash of something before following a link.