仪表板将显示存在两个冲突。一个冲突涉及 Dan、Oliver、Jack 和 William,另一个冲突涉及 Harry、Jacob 和 William。请注意,冲突关系不具备传递性(即 Dan 与 William 存在冲突,Harry 也与 William 存在冲突,但 Dan 与 Harry 之间不存在冲突)。
We are very interested in this, but should we be worried about the GDPR? Based on the plugin description it doesn’t seem to collect anything that GAnalytics already does.
How is the data stored? Is it automatically purged at some point of time or can it be purged manually?
Related/Unrelated note: Some browsers are actively working on avoiding fingerprinting. For example Firefox will soon ship with the ability to block this and will be blocked by default soon too.
Unfortunately I am not aware of any big communities that run this plugin. However, in the real world it seems to work pretty well. See https://panopticlick.eff.org/
It depends on how you see it. Every piece of information that is stored cannot be tied to a single individual, which is GDPR compliant. Combining them, you might be able to track individuals.
The plugin uses PluginStore to store at most max_fingerprints fingerprints (default value: 10), purging the oldest to make room for new ones.
I am not sure how their new protection works. In the past, browser extensions were relying on filenames or hashes to do it. Those methods are fragile and minor changes in the fingerprinting script can make them go undetectable.
Big is relative, but I am going to try this in production (tappara.co) when we have our next service break. Could be as soon as next week or one after that.
So it stores 10 most recent prints. Is there a way to purge the prints manually? Are they purged if the user is deleted?
There is no way from the UI, but technically, you could do it from the Rails console. Deleting the user does not purge old Fingerprints, but that is a bug I will have to fix.
user = User.find_by_username("dan")
DiscourseFingerprint::Fingerprint.get_fingerprints(user.id).each do |fp|
DiscourseFingerprint::Fingerprint.remove(user.id, fp)
end
Yes, I believe so. I remember a community had the same problem with mobile devices, especially iPhones due to their build similarity.
I will try and have a look. The news I read said they were using Disconnect’s list which could have been tricked with some little effort.
Should we expect a performance penalty due to this? Our traffic has extreme spikes, based on real time events. Summer time is off-season, so things will be quiet, but during the hockey season we are likely to meet the limits of our server.
One additional idea for fingerprinting the user – what about tagging the users with a unique cookie? That would provide additional information that Harry’s browser has Dan’s cookie? This would obviously happen on shared devices, but might potentially expose trolls that lack technical expertise.
Many thanks for the development efforts and we are most interested in seeing the results.
It’s missing a couple of translations
[en_US.dates.medium.x_years]
[en_US.admin.flags.ignore_flag]
And I can’t click on the ignore flag - important because as the administrator of the site, I need an ‘alternative ego’ to post as a regular user, not as the admin.
它通过计算每个注册用户的唯一标识符(即“指纹”)来工作,该标识符综合考虑了 20 多种浏览器特征,例如用户代理、屏幕分辨率、时区、设备内存等。
数学时间: 假设只有 20 种浏览器特征,且每种特征只有 4 种可能的取值(注意:实际上有超过 20 种浏览器特征,且每种特征的取值远多于 4 种),这意味着共有 4\u003csup\u003e20\u003c/sup\u003e 种组合(指纹)。即 1,099,511,627,776 种组合……而地球上只有 7,640,175,882 人。好吧,有些浏览器特征可能毫无用处(例如,本地社区论坛的所有用户时区可能相同)……但大多数论坛也不会有 76 亿用户。
