| I'm not sure I'd use the word "threat model". I don't think Panopticlick is making the world more dangerous. What I'm getting at is that just because Panopticlick says it can't fingerprint you, that doesn't necessarily you can't be fingerprinted anywhere, because the audience using Panopticlick is different than the audience visiting many other sites. So something like disabling Javascript might mean that that you blend in on Panopticlick because a lot of users disable Javascript. But on a small news site or ring of nontechnical blogs, it might help narrow you down because very few people disable Javascript. The other thing I want to get at is that privacy isn't just about fingerprinting, it's also about the effects of being tracked, and what specific information that you're leaking. So what you bring up -- that not having Javascript makes a user less useful to an ad network -- is true. Not having Javascript makes it harder to show you flashy ads or to guarantee that you're looking at them. It makes it harder (but not impossible) to set up persistent tracking that works over longer periods of time and across multiple devices. It also makes it harder to detect and circumvent adblockers. Disabling Javascript doesn't address threat models like using your location to change the content that you get served, or sticking information into cookies, or doing some screwy things with image caches. But that's... sorry, it's just a kind of complicated question. I'm not sure I can give a short, concise answer about how good you should feel about a low Panopticlick score, I think that's dependent on what sites you visit and what kinds of tracking you're trying to prevent, and what other measures you're taking. It's just a very broad topic. > why not just disable (HTTP) redirects? Unfortunately that would break a lot of sites, so it's not feasible as a default setting in the base browser. That being said, I believe that what you're looking for is `network.http.prompt-temp-redirect` inside `about:config` if you want to disable it for yourself. I'm not sure I'd advise it, and I suspect that it's a kind of superfluous setting if you're already invested heavily into other privacy settings, but maybe there's some benefit. I haven't played with that setting to know for certain whether or not there would be non-obvious downsides or caveats. |
There is some relief for the location issue. It is not too difficult to discover alternate geolocated IP addresses for websites that choose to employ such strategies. Further, proxies, even just Tor with a proper config file, can give the user a specific geolocation of the user's choosing.
Do users choose different user-agents for different web usage? On smartphones we routinely see users choosing a variety different applications for different purposes, e.g., an online shopping app versus a news reading app. For example, if the user is engaged in online shopping, then she almost certainly will need to enable Javascript and cookies. However, if the user is reading^1 news on small news websites or nontechnical blogs (to use your examples) then IME neither Javascript nor cookies are required. Using the same application (the same "modern" browser) for both purposes, and with Javascript and cookies enabled, is, IME, from a technical standpoint, unnecessary. The text of the articles can be retrieved and read with much simpler software; none of this software needs Javascript nor cookies to perform its respective task.
1. The situation changes if the user is "viewing" news (photojournalism) or "watching" news (autoplaying videos). IME, neither Javascript nor cookies are required, however short of the user writing custom Javascript to process page contents, employing some software, e.g., standard UNIX utilities, other than a modern browser, to extract the image or video URLs, is sometimes necessary.