Detox-Comic

What is web-user profiling and identification?

Summary

Is it possible to profile a web user so that you can identify them whenever they return to a web site, based on the unique profile of their computer set-up?

Data collection

Every web browser that connects to a web site passes to that web site information about itself, what content it can handle, what screen resolution the computer is running at, what operating system it is running on, and what software and versions are installed that handles web content.

As well as this data (provided in a USER-AGENT string) web sites running special code can also obtain additional information about your computer setup such as what fonts you have installed, how fast your computer and connection is and so on.

Profiling and identifying a unique combination of settings

Once all this data is collected and analysed it is quite possible to use this data as a way to identify a particular computer or individual user by formatting the collected data into a digital 'fingerprint'.

Combined with other traditional tracking methods such as the use of tracking cookies, some companies are stating that they have a high success rate in regards to being able to identify individual computers when they return to a particular web site.

Last word

It is possible to avoid being profiled and tracked this way by only surfing using an iso-bootable virtual machine with a generic set-up and web config. However there is still some data leakage - for example your screen resolution - but this is minimal and the ability to successfully identify a user will certainly be reduced. Unless of course they always connect to the internet from a fixed IP address that is not masked in any way.

There are also plug-in and add-ons available for web browsers that pass generic user-agent strings to web sites in order to attempt to fuzz or blur any unique signatures about your unique computer configuration, but again there is still some leakage.

There is a constant battle raging between companies that are trying to sell the ability to track web users and the privacy advocates developing software to combat this practice.

If you have any feedback regarding this article, or you have a suggestion for a new article, or just want to say thanks for the info then feel free to drop me an email at dave@detoxcomic.com.

Article date: 11th February 2011

Click here for more articles