@ Tim Brown 1
But even with JS disabled, I'm unique. The interesting thing is that I'm running a pretty vanilla install of Ubuntu 8.04 LTS, recently updated, which gives a user agent string
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:220.127.116.11) Gecko/2010040119 Ubuntu/8.04 (hardy) Firefox/3.0.19 [1 in 21067.7 browsers]
and HTTP_ACCEPT headers
text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 windows-1252,utf-8;q=0.7,*;q=0.7 gzip,deflate en-us,en;q=0.5 [1 in 13167.31 browsers]
Both of these I would expect to be pretty standard, yet evidently both are reasonably rare and in combination make my fingerprint unique. I simply do not understand. Can anyone explain what makes these particular combinations so uncommon? Or is it that the universe of possible combinations is far more extensive than one might think?
With JS enabled, the real killer is one's font selection. I've got some unusual fonts such as Everson Mono and BPG Unicode Standard, so it's understandable that I"m unique in that regard. WRT the assortment of fonts, I notice two things: first, the fingerprint specifically says "system fonts". Does this mean that if I move my special fonts to my user directory they'll be invisible? Second, I notice that the font info is retrieved via Flash. More and more I begin to view Flash as considerably more than just a video/interactive plug-in. Adobe seems to be like Google, far too interested in privacy-eroding details.
At least I've successfully turned supercookies off!
All in all, this is one more reason not to use proprietary software like Flash. At least with Open Source, you can (in theory) go in and neuter it so it doesn't divulge such details.
Let me propose that those concerned with privacy change their user agent string to simple "Hidden"