A web page that shows you everything the browser told it without asking

Posted by mwheelz 1 day ago

A web page that shows you everything the browser told it without asking(sinceyouarrived.world)

579 points | 285 commentspage 5

kbigdelysh 19 hours ago|

So if they can figure out whether I have an expensive laptop/computer based on my graphic card, then they can adjust the prices I see on the page (e.g.higher prices for game devs/players and lower prices for plumbers). Not fair.

nathanmills 1 day ago||

You can't gaurentee any of this is fingerprintable without checking twice (i.e. give the user a unique url, then ask them to restart the browser and visit it). In privacy browsers like LibreWolf or Mullvad Browser this is almost all spoofed, save for things like the IP which needs to be hidden/changed independently of the browser.

mwheelz 1 day ago|

Correct on rigor. Proving a fingerprint requires the two-visit protocol you describe. The page doesn't actually compute a stable fingerprint or attempt to track returning visitors, it shows you the signals that go into one. The barcode at the bottom is deterministic from the data shown but isn't compared against anything stored. Sloppier than a real fingerprinting tool, by design.

culi 1 day ago||

Most of this is pretty standard stuff but one thing I did learn is some of the fingerprinting techniques I wouldn't've thought of. Like Mozilla/Apple not sharing GPU or battery information being used to confirm which browser I use even if I fake the User Agent String.

YeGoblynQueenne 19 hours ago||

Huh? The user mwheelz seems to have been [dead]'d in the time this post has been on the front page. If I look at their comments page, those posted more than 46 minutes ago (at the time of writing) are normally visible and the rest are [dead].

https://news.ycombinator.com/threads?id=mwheelz

Mods, is there something we should know? Is there maybe a reason to stay away from the linked website?

CyberDildonics 9 minutes ago|

Huhh?? Oh dear, ok but it's because they ai generated everything to make a poor copy of other websites.

every 20 hours ago||

It seems to have a little trouble with lynx... https://en.wikipedia.org/wiki/Lynx_(web_browser)

shepherdjerred 17 hours ago||

How did you prompt Claude to be so paranoid but also bad at fingerprinting?

Of course the browser knows my IP and language. Nothing on this page is really surprising

everdrive 21 hours ago||

"With JavaScript off, the page cannot tell you what your browser disclosed. The data is still there. The disclosure still happened. Only the telling of it stops."

This is surely only partially true.

ramon156 1 day ago||

Its mixing confidential info. For example, you know I'm connected from a location, but you do not know my precise location. I connected from a tower that is from Odido, but I am not paying Odido for a subscription.

mwheelz 1 day ago|

Right, IP-to-geo is approximate and gets a lot of cases wrong (yours among them). Most ad networks use it as a region/DMA hint, and not precise positioning. The point of including it isn't precision. It's that any location is more than nothing, and the visitor never opted in.

yakkomajuri 1 day ago||

DuckDuckGo browser helped mask some stuff, but definitely a fair amount still goes through.

Annoyingly the web is becoming a bit more annoying to browse as a DuckDuckGo (mobile) and Brave (desktop) user. With a VPN on top it gets even worse.

seydor 20 hours ago|

I thought the referer was not available under https anymore

mwheelz 20 hours ago|

[dead]

More comments...