When the Internet first went mainstream in the mid-1990s, one of its key characteristics was anonymity. No one gave their real names, and you could live a second life on the Internet at 33 kbps.
Today’s network is completely different. Not only is there a strong push to de-anonymize people, the websites you visit on a daily basis can record and collect all sorts of information about you. What information? Read on to find out.
Your IP Address
This is the most common type of information that a website logs. Your IP or Internet Protocol address is a number that indicates where you are on the Internet.
Essentially, this is the same as the real address. If someone wants to send you a letter, they will write your address on it. When you receive it, their return address will be on the back. So you know where it came from.
If you replace â€œletterâ€ with â€œinternet packetâ€, you basically know how an IP address works. The problem is that a website can actually find out quite a lot of private information about you just from your IP address.
They will more or less know where you are browsing from and which ISP you are using. With a little more detective work in it (and possibly getting legal clearance), an IP address could lead someone right to your door.
This is why so many people use VPNs (virtual private networks) these days. The VPN acts as an intermediary, so only their IP address is visible to the site you visit.
Hardware and Software Details
Web browsers transmit all kinds of information to the website that requests it. This includes extensive information about the computer you are using.
The site will know your operating system, processor, GPU, and more. This may sound innocent, but it can be used to track or identify a specific vehicle.
One way to get around this is to use a virtual machine to view general system information on the website.
1 st & Third-party cookies
A cookie is a small file that a site leaves on your computer to record things like your site’s settings. So the next time you visit him, he will already know a thing or two about you.
Cookie technology itself is not a bad thing. For example, session cookies are deleted when you close your browser. You also receive essential persistent cookies, which the site stores on your device for its own use.
A tracking cookie is a persistent third-party cookie that is read by sites other than the ones that created them. This cookie collects information about your online activities, and then this information can be returned to the creator of the cookie.
However, nothing can stop a fraudulent site from bombarding your computer with tracking cookies without your knowledge. Fortunately, you can use your browser’s privacy settings to block and delete cookies as you see fit.
Cookies are arguably one example of an invisible tracker, but as a large category, invisible trackers also include web applications and external sites embedded in a legitimate site.
Major news sites and other popular web pages often contain promotional content embedded in the footer of the article that includes some form of tracking. Google does that too. This is why, when you search for a specific product on Google, you will see that ads for that product appear on all other sites that have Google Adsense.
Luckily, there are privacy-focused search engines like DuckDuckGo that don’t explicitly track you.
Modern browsers now also support a feature known as “do not track”, which tells a site to turn off tracking technology when visiting. However, this is a voluntary agreement, so the site can ignore it if it wants to.
The most effective tool in the fight against invisible trackers is the EFF privacy badge.
You may have noticed that when you need to enter shipping information on a new site that you have never visited before, your browser will automatically enter information such as your name and address. It’s a handy feature, but it’s also a privacy nightmare.
Unfair sites can be coded to capture this information as soon as it is automatically filled in. This means that the site received all your data without your knowledge. As you can imagine, having information such as an address, full name or social security number can be used to harm someone else’s hands.
Your best bet is to just turn off autocomplete in your browser settings.
Other accounts you are signed in to
When you visit a site, it can tell what other accounts you are currently logged into by looking at the footprints they leave on your computer. This is actually very valuable information because when combined with a well-known email address it tells hackers what other accounts you have.
Therefore, if one of these accounts was part of a data breach and your password was not revealed, you might be in trouble. Many people use the same or similar passwords for different accounts, so it will be much easier for hackers to break into your security system.
The best thing to do here is to use strong, unique passwords for each account. A good password manager that generates these random passwords is highly recommended.
Detailed Entry Logs
Websites can be encoded in such a way that every keystroke and every mouse movement is recorded in detail. The tracking capabilities of websites in this regard are quite extensive.
A research paper detailing â€œSession Replay Scriptsâ€ shows that most major websites record your entire keystrokes and mouse movements during your visit, and then use that for further analysis. You can probably imagine what kind of privacy issues this can cause.
A browser fingerprint is simply a unique combination of browser data, such as which cookies are on your system and which plugins are installed. The longer the browser is used and the more customizable it is, the easier it is to link to a specific user.
For example, even if you are using a VPN to access a site, the site knows your fingerprint. Therefore, if you visit another site using the same browser without protecting anonymity, a clear connection can be established between these actions.
Using a privacy-focused browser like the Tor Browser is a good way to prevent this kind of de-anonymization.
How to check for a leak
There are several websites that can help you figure out where and how information is being leaked. Panopticlick is a great tool from the Electronic Frontier Foundation that does just that.