How exactly are you going to hash my fingerprint if it's my first visit to the site and I'm using someone else's link? You wouldn't know til my second visit if I wasn't running something to change the value anyway, and if I am running interference on the request, you're kinda boned. For that matter, what keeps me from just hijacking someone else's token in it's entirety?
Also, how does a fingerprint, (something already capable of being deanonymized), being put through a trapdoor function (some think specifically used universally for purposes of authentication), generally arrive at making a mechanism that isn't being hijacked for tracking purposes? That's where you end up running into the fundamental problem of web traffic analysis.
As soon as you have enough information to reasonably assure you you're talking to the same person, someone else will come up out of nowhere to beg you to share it with them. You can make tons of money sharing this info, but by and large people object to you being loose-lipped about their business with strangers.
This is what makes me shake my head in wonder at the direction the Web went...
We already knew there was going to be an issue. We knew, because advertising/marketing/big data like info sharing did not exist; and where it did, it was generally in the customer's face, and they had something to gain, and not much to lose, and big, ponderous and unwieldy to do.
By letting advertising drive the direction the Web developed, we've turned the entire apparatus into the most effective surveillance device known to man.
You didn't have police looking up people's catalog or financial records before. You did have landlines being tapped on a case to case basis, but that's a big difference compared to Google's capacity to provide LE with suspect lists via geofenced warrants.
It saddens me sometimes we never got to see a Web without "user" abstractions. In the beginning it may have been close, but since the late nineties it's been far too close to a liability in terms of abusability by well positioned players for me to feel super happy about it.
And yet I've been developing stuff for it for 10+ years without pulling Stallman levels of sticking to my ideals... Hooray for being part of the problem.
Also, how does a fingerprint, (something already capable of being deanonymized), being put through a trapdoor function (some think specifically used universally for purposes of authentication), generally arrive at making a mechanism that isn't being hijacked for tracking purposes? That's where you end up running into the fundamental problem of web traffic analysis.
As soon as you have enough information to reasonably assure you you're talking to the same person, someone else will come up out of nowhere to beg you to share it with them. You can make tons of money sharing this info, but by and large people object to you being loose-lipped about their business with strangers.
This is what makes me shake my head in wonder at the direction the Web went...
We already knew there was going to be an issue. We knew, because advertising/marketing/big data like info sharing did not exist; and where it did, it was generally in the customer's face, and they had something to gain, and not much to lose, and big, ponderous and unwieldy to do.
By letting advertising drive the direction the Web developed, we've turned the entire apparatus into the most effective surveillance device known to man.
You didn't have police looking up people's catalog or financial records before. You did have landlines being tapped on a case to case basis, but that's a big difference compared to Google's capacity to provide LE with suspect lists via geofenced warrants.
It saddens me sometimes we never got to see a Web without "user" abstractions. In the beginning it may have been close, but since the late nineties it's been far too close to a liability in terms of abusability by well positioned players for me to feel super happy about it.
And yet I've been developing stuff for it for 10+ years without pulling Stallman levels of sticking to my ideals... Hooray for being part of the problem.