I’ve posted some notes about browser fingerprinting back in March, and noted how easy it is to identify a given user across requests just by the few passive scans that are possible without even having to have Flash enabled. Indeed, EFF’s Panopticlick considers my browser unique even with Flash disabled.
Given how paranoid some of my readers are, I’m looking forward for somebody to add Chrome and Firefox extensions identification to Panopticlick, it’ll be definitely interesting going forward.
As an employee of Opera Software and the author of Fluxfonts and several browser extensions; I am embarrassed to admit that I have never considered browser extensions to be a source of fingerprint entropy. O.O I guess there is a reason why they are disabled by default when in private browsing mode.
Heh, I’m sorry for the embarrassment, but at least now I feel less n00b — LISA 13 was a good thing for my impostor syndrome, but not for me.I think there are a couple more reasons to disable the extensions during private browsing, but that one is definitely one of them.