Hacker News new | past | comments | ask | show | jobs | submit login

> "I know not all tracking is based on JS, but the browser provides so many heuristics this way: screen size, cursor location, installed plugins."

Installed plugins? Why would javascript need to know my installed plugins? I'd like my browser to more actively restrict what javascript has access to. I get a popup when it wants access to my location (which I generally deny). Why not do the same with these other features?

"This site wants to view your installed plugins. Allow/deny?" "This site wants to set a non-login cookie" Deny, deny, deny.




I don't think they can see the plugins themselves but any code that the plugins run in the document context will throw exceptions that can be caught by any fingerprinting code. I see a variety of uncaught exceptions with obvious plugin names on my Sentry feeds.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: