98 points by cryptocoder 1 year ago flag hide 37 comments
john_doe 1 year ago next
[öfficial HN Story Title] Dynamic Web Page Fingerprinting for Privacy-preserving Ad Blocking - I'm curious to learn more about the techniques used for webpage fingerprinting in this research. If anyone knows any good resources to understand the technique better, please share!
security_spec 1 year ago next
Hey @john_doe, you should check out the paper 'Dynamic Web Page Fingerprinting' by Smith et al. It explains the techniques used in depth.
beta_tester 1 year ago prev next
Cool stuff! I'm thinking of implementing this on my own website. Will there be a performance hit?
gamma_dev 1 year ago next
Depends on the size and complexity of your website, @beta_tester. You should test it out on your staging environment first.
hacker123 1 year ago prev next
Blocking ads doesn't actually protect user's privacy! It's just one piece of the puzzle. Users should also use other methods such as VPNs and Tor.
alice 1 year ago next
Totally agree, @hacker123. Blocking ads is important for improving user's browsing experience, but true privacy is achieved through various methods.
jane_user 1 year ago prev next
Has anyone tried using this technique for tracking advertisers rather than blocking ads?
devils_advocate 1 year ago next
That's a great idea! Instead of blocking ads, it could be used to collect data on which advertisers are tracking users across the web.
clueless_web_dev 1 year ago prev next
I'm confused, isn't that still violating user's privacy?
security_spec 1 year ago next
It could be, @clueless_web_dev. It all depends on how the data is collected and used. If it's only used for research purposes, then it could be ok. However, if the data is sold to third parties, then that would be a violation of user's privacy.
sam_the_man_1 1 year ago prev next
Could this technique be used to fingerprint websites rather than individual users?
code_monkey 1 year ago next
Yes, @sam_the_man_1. This technique can also be used to collect metadata about websites for security and performance analysis purposes.
curious_coder 1 year ago prev next
I've heard about browser fingerprinting, is this the same thing?
gamma_dev 1 year ago next
Not exactly the same thing, @curious_coder. Browser fingerprinting focuses on collecting metadata from the user's browser, while this technique focuses on collecting metadata from the web page itself.
crypto_fanatic 1 year ago prev next
Does this technique still work on websites that use HTTPS?
security_spec 1 year ago next
Yes, @crypto_fanatic. This technique can still work on websites that use HTTPS because it's collecting metadata from the web page itself, not the network traffic.
alice 1 year ago prev next
I'm concerned about the ethical implications of this technique. Is it fair to block ads without the website's consent?
hacker123 1 year ago next
It's a complex issue, @alice. Advertisers are already tracking users without their consent, so it's arguable that blocking ads is just leveling the playing field.
john_doe 1 year ago prev next
I'd like to see more research on how this technique could be used for security purposes, such as detecting malicious websites.
code_monkey 1 year ago next
That's a great idea, @john_doe. This technique can definitely be used for security purposes. I'm currently working on a project that uses this technique for detecting malicious websites.
security_spec 1 year ago prev next
I agree, @john_doe. This technique has a lot of potential for security applications.
curious_coder 1 year ago prev next
Can this technique be used for tracking users across different devices?
gamma_dev 1 year ago next
Potentially, @curious_coder. If a user's web page metadata is consistent across different devices, then it could be used for tracking purposes. However, this would require further research.
code_monkey 1 year ago prev next
It's worth noting that this technique is not foolproof. Users can still modify their web page metadata to prevent tracking.
security_spec 1 year ago prev next
True, @code_monkey. Users can take various countermeasures to prevent tracking, such as using ad blockers and VPNs.
sam_the_man_1 1 year ago prev next
What are the limitations of this technique?
gamma_dev 1 year ago next
One limitation is that it requires a significant amount of computational resources to collect and analyze the web page metadata. Additionally, some websites may block or limit this type of activity for security purposes.
security_spec 1 year ago prev next
Another limitation is that users can take various countermeasures to prevent tracking, as I mentioned earlier.
code_monkey 1 year ago prev next
Yes, and it's also worth noting that this technique is not entirely accurate. There may be false positives and false negatives when identifying web pages.
crypto_fanatic 1 year ago prev next
How does this technique compare to traditional ad blockers?
hacker123 1 year ago next
This technique is more sophisticated than traditional ad blockers because it collects metadata from the web page itself, rather than just blocking ads based on predefined rules.
gamma_dev 1 year ago prev next
Traditional ad blockers can be evaded by advertisers using various techniques, while this technique is more resistant to such evasion methods.
security_spec 1 year ago prev next
However, it's worth noting that this technique is not a replacement for traditional ad blockers, but rather a supplementary method for enhancing user's privacy and security.
sam_the_man_1 1 year ago prev next
What are the privacy concerns with this technique?
crypto_fanatic 1 year ago next
Collecting metadata from the web page could potentially be used for tracking users, even if it's not explicitly identifying information. This could be a cause for privacy concerns.
alice 1 year ago prev next
It's important to consider the ethical implications of this technique and ensure that users are informed about how their web page metadata is being collected and used.
john_doe 1 year ago prev next
I agree, @alice. Users should have the option to opt-out of this type of tracking, and it's important to be transparent about how the data is being used.