this post was submitted on 19 Jun 2026
38 points (100.0% liked)
Privacy
10076 readers
134 users here now
A community for Lemmy users interested in privacy
Rules:
- Be civil
- No spam posting
- Keep posts on-topic
- No trolling
founded 3 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Make the site send everything and the device determine what to use.
It's a little more complicated than that.
Should every request you make to a site require EVERY single language the site is translated in to be sent? That's many times more bandwidth, and would make your page load speeds tens of times slower by default. If that's not possible, then they know your language and likely general region.
Want to stay signed in to a website, or have a site remember your settings? You can't do that without some form of persistent authentication mechanism like a cookie, which can also be used to fingerprint you. If you don't want that, you'll have to sign back in to every single website every single time you open a tab for that site.
A site might send all its contents and let your browser format it without revealing its screen size... but what about if the content necessarily has to be different for different screens? A desktop layout for a site won't work well on mobile, after all.
What about the times you browse? Unless you want some of your page loads to randomly take extra hours to happen just to obscure your time zone, that's a data point too.
Oh, also no interactive code that sends data back to a server can run because it could be used to fingerprint your device's general model, OS, and GPU/CPU hardware. Say goodbye to basically all web-based games, file converters, image editors, video players, etc.
Now add in your mouse and keyboard movements, topics of interest, and any data you voluntarily reveal about yourself on any website.
This is why I say this is more a legal problem for prevention than a technical one. Preventing most of this fingerprinting also necessarily means destroying the functionality of the web.
Of course they will be problems if you expect the exact same experience as now. Why can't a website send everything? Bandwidth really isn't so much of an issue and neither is latency these days. If that means a website needs to be built leaner and with less stuff, so be it. I don't see anything you mention as a real blocker.
I think you underestimate how much bandwidth would be required for every single site and piece of web content to be sent in every single language, for every single request. (keep in mind this would also include ALL images with text in them, ALL captions and audio tracks for videos, and entire copies of video content if the contents itself has to be modified, such as on-screen images)
Sites could be slimmer, sure, but that doesn't change the fact it would be a problem very quickly.
For example, a big problem is that if EVERYONE is using many times more bandwidth, the supply gets constrained for EVERYONE given there's still a physical limit to how much data can flow through a cable (or internet exchange).
And again, there's still way more data that could be collected on you that would negate this fingerprinting prevention, even if it was feasible. If you choose to read a particular news site even once, boom, there's your country or even state/city.
Do we 100X bandwidth usage across the board, spend billions of dollars more every year in perpetuity to handle redundant bandwidth, pay more in server hosting costs to accommodate the extra usage, all just to eliminate ONE data point, or do we just pass some laws against using that data to fingerprint someone?
Then the services reduce what a website does. Neither of us know what that internet looks like but it solves the problem of privacy and I'd want to see what it its like and what innovations emerge to solve the problems you're mentioning. A new internet is a massive undertaking, why wouldn't it have lost a of problems needing to be solved? The significance of your criticism is proportional to the significance of the change.
I just think that such a massive undertaking would cost so much, require so much sacrifice, and not even necessarily prevent fingerprinting.
If you don't want fingerprinting, then you genuinely cannot interact on the internet as yourself. Everything would have to be passed through a filter that makes everyone the same, including their interests, what they talk about, when they use it, and what they choose to consume.
At that point, it's no different than a network of robots talking to one another while humans play pretend like they're controlling them.
You cannot eliminate all fingerprinting via technical means alone. Even if you spend the billions and billions of dollars on drastically increased bandwidth and processing power, redesign every web framework from the ground up and brick every internet connected device on earth, bring functionality of all websites to the bare minimum and eliminate some types of sites/content entirely... some of it is just behavior based, which can't be removed without removing the humans from the equation altogether.
This is why I believe a legal framework is best for fingerprinting protections, and technical measures only when it's more of a simple data point to eliminate (e.g. if every browser, or most browsers enabled the Do Not Track header, nobody could realistically be identified by if they do or don't have it on), because the alternative is fundamentally demolishing the ability of anyone to do anything online at a cost that's even higher than what we spend now for more functionality.