Title: Google can track your porn history, even in incognito mode

Body(tl;dr version): Pornsites use Google Analytics

You little idiotic motherfucking tech savvy wannabe, most of the websites use some form of user tracking services.

Hell, even the blog/news website you work for probably does.

Just use an add blocker? Blocks GA as well...

And that is why you use Privacy Badger.

Only if you are also signed into your GA

uBlock Origin
Privacy Badger
No Script
Decentraleyes
Container Tabs

No tracking.

@varundey No, because fingerprinting.

@Root really? I don't think so. Do you have link to any article/blog about it?

@varundey what do you think fingerprinting does? It aims to uniquely identify you for the purpose of tracking. Many javascript ads do this. GA does this. If you can be uniquely identified via js, it's the bloody same thing as a login cookie.

Just to be clear, I really don't care about google tracking my porn preferences. I was only commenting or the stupid shit the writer wrote...

And I also don't think JS can access your fingerprint data directly, hell I can't get basic device info with JS.. Can you elaborate?

@ace48 It absolutely can.
There are plenty of articles on it. Gather as much data as you can, and you can narrow the range pretty easily. Who in your timezone connects to the same isp, has the same resolution, the same browser plugins, the same font size, dpi, the same audio hardware (features), the same rendering performance, etc. etc. etc.?

Hell, with benchmarking you can even make an accurate guess at the user's processor model. Not guaranteed to be correct, but they're not likely to change their overclock regularly -- and most people don't overclock at all. So it still helps paint that unique fingerprint.

And there is just so much that a JS script can access. Seriously, read up on it. It's fascinating, and more than a little troubling.

But again, privacy badger, noscript, ublock origin, decentraleyes, container tabs. And on top of that: pihole. That blocks virtually everything. (And you can always poison tracking data, too, if you're really paranoid.)

@Root Fingerprint and for that matter, all your device unlocking creds reside in a secure Enclave of your phone os and nothing else has direct access to it, not even its native apps. Also this encryption/decryption process is super costly. So in that case the steps that would involve in getting your browser data would be:
1. Adding your Fingerprint data to Google cloud from your os secure enclave
2. Adding your browser history to your secure Enclave as another collection other than already present collection of Fingerprint/other unlocking creds
3. Putting another process which will keep on polling google clouds to update your browsing history.
4. All of this will differ with different os architecture.

I'm not saying it's not possible but it seems to me it is too much overkill for incognito given that Google can easily get most of the data it needs from normal mode. So again, coming back to my original question: do you have any link to prove otherwise?

@Root I completely misinterpreted what you meant by fingerprinting and understood it as fingerprint auth.

Yes I know you can collect very sensitive data about a user and build an identity.

Found the original story on Theverge if anyone is interested.

News websites really only care about reads and not what the actual research was about or what it found..

https://theverge.com/2019/7/...

@varundey Pretty sure you misunderstood as well.

Fingerprinting = browser fingerprinting via JS, not actual fingerprints.

@Root woops. Yep I too read your comment as Fingerprint auth. And yea i agree that's totally possible but it can't trace it back to my Google account so I'm cool with that.

@varundey I believe it’s google that made an algorithm to identify a person based on their typing habits; their speed, the types of typing mistakes they made, the words they used etc.

@webapp Not wanting to stir shit up, but, has anybody here donated to the AdBlocker people? Honestly.

https://pi-hole.net is the new boss

@devs not sure if I got your point.

@telephantasm yep. I have a lifetime license of AdGuard. Try it, it's awesome - AdGuard.com

@varundey just another way to identify who a person is

Yeah, I dont use incognito to hide from trackers, I use it to hide from friends and colleagues ._.

@varundey It very much can, even the way you type your searches in porn sites can reveal exactly who you are as that's also very much identifying.

@Root awesome comments, saving this so i don't have to type it every goddamn time.