Hacker News new | ask | show | jobs
by derekreed 5306 days ago
Thanks for all the insightful comments about how this "didn't work for you" or "I'm paranoid so I survived this"?

It works. It works enough of the time and on enough browsers to be very relevant to anyone who cares about the privacy/security of internet users at large.

This is an impressive proof of concept, and an important thing to be discussing, yeah?

[EDIT] To clarify, I tested this on Firefox 8.0.1 on my 2011 iMac with Lion and it worked flawlessly one by one as I visited the sites "Facebook, Reddit, Flickr", they turned from gray to green in each subsequent test.
2 comments
cookiecaper 5305 days ago
I don't know if it's accurate enough to be a concern. What could an attacker do with such information that is so scary? They could publish "IP address X has been to Y, Z, and W recently", or they could use it to target ads, I guess, but it doesn't seem like it's reliable enough to cause any serious harm. You could just say, "Um, no I haven't" if it becomes an issue.

It did correctly detect some sites for me, but it gave one false positive and three false negatives. With that kind of error rate I just don't see it being taken seriously in anything that matters.

link
photon_off 5305 days ago
You are a sample size of 1.
link
cookiecaper 5305 days ago
Read the rest of the comments here. Everyone else is having similar problems. Also, please spare me the expected "This is all anecdotal/sample size of 30" follow-up. Perhaps you can answer the real question -- is this valuable to anyone if it has a significant error margin? I think it wouldn't be allowed a margin of more than 1% if it were to be useful, and even that is kind of pushing it if you intend to do anything important with the data -- if 20 sites are tested per visitor, a 1% error rate would mean that an incorrect detection would occur every fifth visitor or so. That's enough to allow plausible deniability in my book.
link
futmacl 5305 days ago
FWIW, I added several improvements, and according to the built-in survey, it works for about 95% of all visitors. If you had bad results initially, clear you cache and give it a second try.
link
ksri 5305 days ago
Exactly. Its a matter of spending a few hours per browser to perfect it. For all we know, someone may already have perfected it and could be using this in the wild.
link