Did I read this correctly and audio fingerprinting is mainly about identifiying the used browser version and OS or laptop, but it cant identify end-users in a stable way?
Yeah, it doesn't tell a website who you are. Instead, it allows them to recognize you again when you come back to visit again, even if you clear cookies.
This is particularly a problem with big advertiser networks because they can track you across many sites you visit, even if you disable third-party cookies.
It has positive uses too, like preventing click fraud and concert ticket arbitrage.
>Instead, it allows them to recognize you again when you come back to visit again, even if you clear cookies.
I don't think that's what stockhorn said. stockhorn said it can only identify a what browser and OS and laptop model you're using. Someone else with the same browser, OS, and laptop model would have the same fingerprint. So audio fingerprinting couldn't precisely recognize you again when you come back again.
> Someone else with the same browser, OS, and laptop model would have the same fingerprint.
the collision rate of their ids is stated to be 0.05%
what they do is basically collect a lot of signals from the browser (audio processing stuff being only a part of it) and then compute an id on the server.
My phone running Firefox for Android produced the same results as the sample data for Firefox on Windows which does seem to fit with this largely being a browser identification scheme
I think that is correct, but it still seems like an amount of leakage that could be further correlated with other another trick.
There was previously a site which could indicate how globally unique your environment was (some combination of screen size, user-agent, fonts?, etc). Locking down to a specific hardware+browser configuration probably does a lot to remove anonymity.
Not the one I used, but this one actually looks better.
Just being Linux + Firefox is terrible for blending into the herd. Let alone everything else that leaks (having a desktop + GPU + good monitor basically destroys all remaining hope).
This is particularly a problem with big advertiser networks because they can track you across many sites you visit, even if you disable third-party cookies.
It has positive uses too, like preventing click fraud and concert ticket arbitrage.