|
Do social networks know which os we're running?
I can see Facebook guestimates the browser (hypothetical example, Epiphany-Web showing as Safari, other times accurate), and it knows we're running Linux vs. Redmond, but does it know our Linux distro/kernel/desktop environment?
|
At the very least, it knows your user agent. With the help of javascript, it can know much more.
|
Yes, a web page/site can os/browser fingerprint you.
https://www.washingtonpost.com/techn...rprinting-you/ https://www.comparitech.com/blog/vpn...tect-yourself/ https://amiunique.org/ https://pixelprivacy.com/resources/b...ingerprinting/ |
Unless you obfuscate or fake your signature (available to any HTTP protocol server to which you connect) the basic information about your browser and operating system is available. One of my Linux machines presents as running Mozilla on WinNT4. I run a utility on another so that my signature changes ever hour. Such obfuscation can cause some poorly crafted sites to display improperly or break, so I do nothing of the kind on my working machines.
I also do not bother on my Pinebook Pro, since nothing out there really understands what the heck that is anyway. |
What's more important to you, the fact that social network knows all your connections to people or the fact that social network knows which distro you use?
|
|
There are also forensic differences in certain parts of a TCP packet that provide good clues to the originating OS and at a lower level than the easily changed "user agent" in the browser.
|
Quote:
|
Try nmap or zenmap for fingerprinting of operating systems:
https://nmap.org/book/osdetect.html There is also a passive option in tcpdump, but the documentation seems not to mention the source for the lookups. |
Quote:
|
The OS and browser being used provide far less useful information than the contacts of the user. Facebook, Instagram, Twitter, et al all know every person you are or have been connected to. That is valuable information, and you give it to them freely by running their software. You can easily change devices, with different OS and browser, so that information is of little use to anyone. But knowing everyone you follow, or follows you, and every site you visit, is of considerable value, in multiple ways.
|
Quote:
Quote:
Knowing the use scenarios of the userbase is important. A few simplistic examples;
|
Lots of big sites scan the computers connecting to them. Here's one:
https://securityboulevard.com/2020/0...r-pc-probably/ |
Certainly knowing the OS and browser can be valuable to the site owner, and Google Analytics collects that. My point is, that information is of less use for attacks against the site visitors, and is not so easily connected to a specific person. All they get is an IP, the OS, browser, etc, but not necessarily the specific person using the computer. With a VPN they don't even get the IP. However, once the user logs in to the social media site, they know much, much more, and more use gives more connections. Generally, they know your name, your address, phone number, family member names, occupation, almost everything. That's why law enforcement and government security agencies go to them for information. Nobody knows more about you than Facebook, if you go there. Nobody. Except maybe Instagram which is a Facebook subdivision, and others very like it. I joined Facebook when it first started up at the behest of my daughter, for playing Scrabble online. After a short time I got suspicious and deleted my account and information. But I'm pretty certain it all still exists, and will forever, and has been sold millions of times. Knowing the browsing habits of the average customer is one thing, knowing almost everything about specific users is something else.
|
Lots of sites report to facebook.
Code:
tcpdump net 69.171.224.0/19 -qtni anyCode:
whois -h whois.radb.net -- '-i origin AS32934' | grep ^route |
| All times are GMT -5. The time now is 09:54 PM. |