Your separate computer will be fingerprinted. The IP address then shows your approx location.
Indeed. You can appreciate now why journalist are trained to use TOR.
There are 4 stages of competence:
-
Unconscious competence – when clue about a subject is so ingrained that you don’t even consciously consider the reasoning you apply when knowing how to do things. (Highest form.)
-
Conscious competence – when you have clue about a subject, and still have to think about it to apply your knowledge. (Next most competent).
-
Conscious incompetence – when you know you don’t know, and either decide not to care, or fight hard to learn more. (Please: aspire to this one, mate).
-
Unconscious incompetence – when you don’t even know what you don’t know.
Your separate computer will be fingerprinted. The IP address then shows your approx location.
Unless I’ve got a virus - or the CIA is involved -, there’s no way any “fingerprint” attempt from a system well on the other side of a VPN will ever reach my client system.
Please study up, mate. It’s not useful to mislead people by dispensing misinfo.
Alternatively, feel free to name the HTTP header involved and trace the packets please, and show us all (ROTFLMAO). An application level protocol like HTTP does not require knowledge of any underlying stack details including IP address, and unless you’ve been naive enough to install a remote-site-specific client-side “helper” as many virus-distribution services like to use, there’s no way that low level info from your system can reach a remote site well on the other side of a VPN connection. The TCP/IP stack just doesn’t work that way. 
Yes, Tor is better against most kinds of attacks. But it has some disadvantages relative to a VPN:
-
usually onion is lower performance
-
usually onion is blocked more
-
onion doesn’t handle UDP traffic
So, I use a VPN 24/365.
You do not know what you are talking about, a browser fingerprint is not that.
So, go on, tell us all what it is.
This is just hilarious. I guarantee you that no remote site can “fingerprint” a browser without sending data across the network (see “trace the packets please”).
I’m all for being kind, helpful, and patient with those who are honestly trying to learn, but people who are pushing odd belief-based theories (you can fingerprint a browser without any evidence of network traffic from that browser???) not grounded in technical fact really need to be discouraged from attempting to profess knowing more than experts.
Sure, I might be running Mozilla 21348q7498327.q93283/12.j234 … but so are a few tens of millions of others. That’s pretty much the extent of information you can get from a browser fingerprint, and that doesn’t get anywhere near conclusively identifying the client node involved in a communication. To get the IP address, you’d need tricking into running client-side discovery code. And smart people intentionally using a VPN to hide identity won’t be easily tricked.
Cannot you do a net search? Here let me help you.
https://letmegooglethat.com/?q=browser+fingerprint+test
With recent developments in browser fingerprint, we can successfully identify computers 99+% of the time. That means even if you use multiple recommended privacy precautions, VPNs and delete your cookies, trackers can still use browser fingerprints to identify you.
So, in other words, you refuse to provide me with the packet trace that I could debunk line by line.
Mate, none of that conclusively identifies an end node that connected last week to a social media site.
It pulls browser headers and gets your browser configuration on demand. Proving that I do know what you’re referring to *** SEVERAL POSTS AGO *** I challenged you to name the headers and trace the packets so that I could reassure you. (Headers, by the way, are all a browser can get. It’s the only information visible at that layer of the protocol stack. Again. Sigh. I’ve done TCP/IP stacks for a living on multiple platforms. Why on earth don’t you believe me, but you did stop short of saying others on the same thread who’ve told you the same things, were lying, as you’re claiming I am?)
Consider this:
-
You’ve got Twitter.
-
You post that a pollie is a potato.
-
The pollie throws a fit and said “FIND THEM AND DESTROY THEM!”
-
The pollie’s solicitor’s tech “experts” who think like you do, go to Twitter and say “we need this person’s browser fingerprint to match against the billion or so devices on the internet, most of whose fingerprints we don’t have in a database, because we were told to find and destroy them.”
-
Twitter responds, “What on earth are you talking about? We don’t cache browser headers associated with every post, just IPs, sorry. And we don’t even know what you’d do with them once you find them, unless you already have a strong suspect – which if you do, we don’t know why you’re talking to us – and have impounded their devices.”
-
Tech “expert” hangs head, shufffles about, “Errr, sorry, Mr. Solicitor, guess I mighta been wrong there. I’m afraid you’re back to square one!”
Twitter responds, “What on earth are you talking about? We don’t cache browser headers associated with every post, just IPs, sorry. And we don’t even know what you’d do with them once you find them, unless you already have a strong suspect – which if you do, we don’t know why you’re talking to us – and have impounded their devices.”
Cannot answer you about twitter but Facebook has a Server Side API where API’s can send events directly to the Facebook servers. This includes forwarding the client_user_agent which contains your browser fingerprint so they can match these requests to identify you.
Also many commonly used Web spam prevention use Browser Fingerprinting eg its inbuilt in Drupal.
LOL, the client user agent can be reset to send any arbitrary string you wish. That’s sort of my whole point. (I asked for which headers were involved 16-17 replies ago, thinking you were naively relying on accuracy of that User Agent header and wanting you to admit that so that I could make this point. It’s commonly known that setting it to, for example, an iPad UA allows certain functionality on certain sites that those sites don’t allow by non-iPad platform browsers.)
Do some googling of your own instead of wasting the time of a TCP/IP internals person by continuing to insist that they don’t know squat about how TCP/IP works compared to a power user, LOL.
Some of it can be spoofed
It can be spoofed, mate. The end.