This post knows where you're viewing it from (Lemmy doesn't proxy external images) [ARCHIVED] (lemmy.ml)

submitted 1 year ago* (last edited 10 months ago) by TriLinder@lemmy.ml to c/lemmy@lemmy.ml

18 comments fedilink hide all child comments

Note: This post now archived and as such no longer works

An external image showing your user-agent and the total "hit count"

you are viewing a single comment's thread
view the rest of the comments

[-] andscape@feddit.it 7 points 1 year ago

Can countermeasures be implemented in the clients to mitigate privacy risks, while not having to proxy images?

[-] flathead@quex.cc 3 points 1 year ago

no. the remote server will log the requests based on the client address. it is a good argument for using a vpn.

[-] andscape@feddit.it 1 points 1 year ago* (last edited 1 year ago)

Oh I mean, sure, but I don't think IP logging is the main privacy concern with spy pixels.

I'm assuming this trick uses the user agent string and other request metadata to identify clients. Even if it didn't recognize Jerboa as a client, it did guess that I was on mobile. That's not possible just by tracking IPs, unless they're cross-referencing it with other datasets. Also, I was on VPN anyway, so the IP would have been useless.

It should be possible for clients to obfuscate/fake the metadata of image requests to make tracking with spy pixels less effective.

[-] TriLinder@lemmy.ml 1 points 1 year ago

Yup, I'm parsing the user agent with the user_agents Python library.

load more comments (4 replies)

this post was submitted on 11 Aug 2023

90 points (88.8% liked)

Lemmy

12443 readers

91 users here now

Everything about Lemmy; bugs, gripes, praises, and advocacy.

For discussion about the lemmy.ml instance, go to !meta@lemmy.ml.

founded 4 years ago

MODERATORS

nutomic@lemmy.ml