Comment by vpShane

Comment by vpShane 7 hours ago

0 replies

View on Hacker News

Of course. There's data where there isn't data.

-make client load something

-client doesn't load it

-add.fingerprint.point(client,'doesnltloadthings',1)

-detect if client does something only a certain browser does

-client does it

-add.fingerprint.point(client,'doesthisbrowsderthing',1)

-window was resized/moved, send a websocket snitch to the backend

- keep a consistent web socket open, or fetch a backend-api call for updates on X events - more calls are made, means user is probably scrolling, inject more things/different things.

I see some js obfuscators out there where I look at the js file and it's all mumbo jumbo.

It is indeed a privacy nightmare, where whatever we do feeds the algorithms to aide in making other people do things.

But it's also used in network security, organizations etc. Staff/employees will use the system a certain way, if something enters it without the behaviors, it's detectable. I assume that's what you mean in anti-fraud.

Sad part is we don't know what the data is ever used for, and it's often bought and sold and the cycle repeats.