Yes, and even before js fingerprint happens the connection is fingerprinted through HTTP and TLS protocol fingerprints as each system is slightly different like supporting different encryption ciphers, different http engine and how requests are performed etc.
So even before you see the page itself the server has a pretty good understanding of your client which determines whether you see this captcha box at all. That’s why on public wifi and rare operating systems (like linux) and web browsers you almost always get these captcha verifications.
The more complex the web becomes the easier it is to gather this data and currently the web is very complex with no sight of stopping.
Huh had no idea. I still wonder how accurate this is though, like whether it can be used forensically as the word “fingerprint” suggests to identify a specific person/private machine. It’s kind of fascinating as a topic. I would think that given that most people use similar setups, similar hardware and software, similar routers and settings, it would be impossible, but perhaps with enough details of a particular setup, a specific machine and user can be identified with decent accuracy.
Yes, and even before js fingerprint happens the connection is fingerprinted through HTTP and TLS protocol fingerprints as each system is slightly different like supporting different encryption ciphers, different http engine and how requests are performed etc.
So even before you see the page itself the server has a pretty good understanding of your client which determines whether you see this captcha box at all. That’s why on public wifi and rare operating systems (like linux) and web browsers you almost always get these captcha verifications.
The more complex the web becomes the easier it is to gather this data and currently the web is very complex with no sight of stopping.
Huh had no idea. I still wonder how accurate this is though, like whether it can be used forensically as the word “fingerprint” suggests to identify a specific person/private machine. It’s kind of fascinating as a topic. I would think that given that most people use similar setups, similar hardware and software, similar routers and settings, it would be impossible, but perhaps with enough details of a particular setup, a specific machine and user can be identified with decent accuracy.