Hacker News new | past | comments | ask | show | jobs | submit login

Surely this is a case of commenting something that does not to be commented ?

Check out https://vytal.io/. There are many more data points then just the geolocation api.




> Check out https://vytal.io/. There are many more data points then just the geolocation api.

I think most people would agree that your so called additional data points are worthless for the purpose that most people would be concerned about location data.

Something like timezone "location" (which basically what your vytal website is showing) is simply not granular enough to be used for nefarious purposes.

I mean, if my browser is telling someone that my "location" is EDT timezone what good is that going to do them ? Its still too much of haystack to be useful to anyone.

Let's be honest here, "location" to most people means GPS-type location (i.e. you'll find me in this house on this street). Anything more coarse than that is frankly of limited use to an adversary.


What if you're trying to hide your country lol? It also spoofs your locale and user agent. Just because its not something you care about doesn't mean its useless. Also never claimed it was going to change the world or anything. Just thought it was an interesting way to use the debugger api and that some people might find it cool.


Consider some “people who downloaded and executed ga.js from misinfo.gov.” What is the relative size of these three anonymity sets?

* browser with IP in USA but timezone in Russia

* browser with IP in USA and timezone in USA

* browser with IP in Russia with timezone in Russia

Hint: it’s the middle one. The smaller the anonymity set, the more conspicuous and therefore fingerprintable you are.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: