@jayrope never understood why people wouldn't just do that

five minutes of work, and your cookie consent looks much shorter

Follow

@kuba @jayrope you're logged in somewhere (GMail), that gives the initial clue. and then you use a website that uses Google Fonts, but no Google Analytics? You can still be correlated.

@meena @jayrope but how, without cookies? Based on IP or the user agent string?

@kuba same as fakebook with 1 pixel beacon. the power of big data and good algorithm. So they have hits from time to time from person X on different sites because of that pixel or fonts, but somewhere on server now records exist. At some point person will open site where they are logged in, so now ALL these records have name on it. I'll admit, just recording an IP with request for font/beacon is not so powerful as tracking, but this is not only thing to fingerprint someone. @meena @jayrope

@kuba @meena @jayrope if my understanding serves, by matching your IP (and probably browser fingerprint) between (in this example) gmail and where you viewed the fonts.

@meena @kuba @jayrope They discovered these simple tricks in the mid 2000s, and it's largely how Google got to be what it is now. Data mining the logs.

For a long time naive techies also gave them cover, with the mantra of "I trust Google with X". Sponsorship has also helped to ensure that nobody gives a tech talk about this. But I notice that the EU is now starting to get interested in self-hosted fonts, and so the classic grift might not be able to continue much longer.

Sign in to participate in the conversation
Cathode Church

A place for trans makers, coders, tinkerers and dreamers.