You know all those “share on”… Twitter/Facebook/whatever links? When they load, from Facebook, it asks the referer URL, and checks the browser for any cookies that might associate that browsing to a person for ad customization. Incognito isolates that information, so while Facebook/X(Twitter)/whoever may know that someone went to that URL, they have no cookie data to link it to a person uniquely, so they have information that the site was visited, but no idea who visited the site since any session cookies I have for those services are in my non-incognito browser.
I mean, this is a little outdated by today’s practices. Any ad tracker worth their salt will be using browser fingerprinting as well.
Imagine this scenario: You have a user with a specific browser, with specific extensions installed, (which you can derive from the fact that your ads are getting blocked by a specific ad blocker, they have the “Do Not Track” flag enabled, you have a nice monitor with a large aspect ratio and you’re browsing in full screen so the site can see that aspect ratio, etc…) from a specific IP address. In normal browsing, this user has a tracking cookie so your “share on Facebook” buttons can see what sites they’re visiting.
But now you’re seeing an identical browser, with identical extensions, on an identical IP address. But this time it doesn’t have your tracking cookie. Sure, there’s the chance that two people are using identical settings. But as your extension list grows and your browser becomes more unique, your fingerprint becomes more easily identifiable. So now, even without that tracking cookie, they’re able to use that fingerprint to infer that you’re the same person and link your incognito browsing back to your regular browsing.
I mean, this is a little outdated by today’s practices. Any ad tracker worth their salt will be using browser fingerprinting as well.
Imagine this scenario: You have a user with a specific browser, with specific extensions installed, (which you can derive from the fact that your ads are getting blocked by a specific ad blocker, they have the “Do Not Track” flag enabled, you have a nice monitor with a large aspect ratio and you’re browsing in full screen so the site can see that aspect ratio, etc…) from a specific IP address. In normal browsing, this user has a tracking cookie so your “share on Facebook” buttons can see what sites they’re visiting.
But now you’re seeing an identical browser, with identical extensions, on an identical IP address. But this time it doesn’t have your tracking cookie. Sure, there’s the chance that two people are using identical settings. But as your extension list grows and your browser becomes more unique, your fingerprint becomes more easily identifiable. So now, even without that tracking cookie, they’re able to use that fingerprint to infer that you’re the same person and link your incognito browsing back to your regular browsing.