We use two seperate methods to uniquely identify the user. For each, it will keep track of how many times the user has visited, and when the last visit was.
- Google's gtag.js
- Fingerprinting the user's browser using various methods
Additionally, you can see the data points used for your fingerprint.
Spin up using rails s (make sure to bundle install and rails db:create && rails db:migrate). Take a look at users_controller.rb and put some byebugs in different places. You can look through the commits for what I have added. Currently, my only 3rd-party tracker is Google's gtag.
The js file (main.js) will print out all of your cookies to console. In rails, you can use byebug with users_controller#google_tags to see the gtag cookies. Note that the page needs to first submit a POST request to /create before you will get anything in rails.
For the browser fingerprinting, I tried to follow EFF's panopticlick method. There are a few differences, though, for the sake of simplicity:
- I did not use PluginDetect, and did not bother doing anything special for IE
- I have not (yet) implemented supercookie tracking
For each tracker, show if it is running in user browser session
- Add gtag variable to rails
secrets - More in-depth explanation of fingerprinting process
- Add google
analytics.js(only have gtag currently)
- Mine bitcoin in user's browser (3rd-party)
- Supercookie tracking
- Link gtag with fingerprint in an effort to identify when there are fingerprint collisions
- (multiple users with the same fingerprints)
- Create custom cookie to connect to fingerprint (identify collisions, or a fingerprint change with a given user)
- Mine bitcoin in user's browser (create our own)
- Matomo - google analytics OSS competitor