The Sorry State of Browser Privacy

Every one of the estimated 3.7 billion Internet users should be concerned that the vast majority of their searches, the contents of their shopping baskets both on and off line,  often their location, and, by careful statistical analysis, their associates are exposed to the corporate desires of the likes of Google, Microsoft, and Facebook. This information, once collected, is available to law enforcement agencies in many international jurisdictions. Some governments additionally collect information directly to spy on their citizens. One might also consider that logs of private information are also ripe for hackers, paid by organized crime or governments, who break into notionally “secure” systems.

Our mobile devices are also directly inspectable by customs agents when we cross international borders, and in some jurisdictions by police on the street.

Those who say that they have no care for privacy on the Internet have seemingly no idea of the abuse to which such information may be put. The Holocaust was perpetrated by a vicious regime primarily on the basis of household religious indications from a century of national census collection. No government of the past has ever had access to the amount of information available about the location and habits of individual citizens.

How can we possibly protect ourselves from a technically savvy authoritarian government that is willing to abuse this treasure trove of data?

Our browsers, those critical tools for our daily lives, are not currently our friends. They are the portal by which our personal information flees to corporate and government interests.

There are two fundamental approaches to securing our personal information in browsers. The first and easiest is to avoid recording your history from your local device. This is the primary tool behind browsers’ privacy modes such as Firefox’s private mode or Safari’s incognito mode. No having local data will provide some level of protection if your phone or computer is seized.

Removing or avoiding local data storage does nothing to protect you from Web analytics companies who use data your browser happily sends to them during an online session. Advertising companies install trackers into their ads that are implemented in the JavaScript language understood by each browser. That computer code can and does read as much information as it can find, and combine it into a full picture of your individual browser through a process known as browser fingerprinting. It is this fingerprint, good perhaps to identify one person in tens of millions, that your browser happily passes back to the companies that asked for it.

The Electronic Frontier Foundation (EFF) has made a useful tool called Panopticlick to test browsers vulnerability to online tracking. The odd but fitting name is a reference to the Panopticon, a type of jail designed in 1787 by English philosopher Jeremy Bentham. A single jailer could see a large number of prisoners in the Panopticon.

This post reports on a series of Panopticlick tests on a variety of browsers. Desktop browsers were tested on a MacBook Pro. Mobile browsers were tested on an Apple iPhone 6 and a Sony tablet running Android Marshmallow.

Panopticlick asks four questions of browsers:

  • Is your browser blocking tracking ads?
  • Is your browser blocking invisible trackers?
  • Does your browser unblock 3rd parties that promise to honor Do Not Track?
  • Does your browser protect from fingerprinting?

A perfect browser would respond in the affirmative to each question, and a report might look like this:

Ads Trackers DNT Fingerprints
My good browser yes yes yes yes

A browser that failed all four tests would have a negative report. The last question would be answered by noting that a unique fingerprint could be calculated:

Ads Trackers DNT Fingerprints
A terrible browser no no no unique

It is naturally possible for some browsers to provide partial implementations to block tracking ads or other trackers. Partial implementations are marked in yellow.

Desktop Browser Tests

Tests were performed on an Apple MacBook Pro, running MacOS Sierra version 10.12.4.

Safari version 10.1 (12603.

Ads Trackers DNT Fingerprints
Safari (Mac, default) partial partial no unique
Safari (Mac, private browsing, default) partial partial no unique
Safari (Mac, private browsing, block cookies and website data) partial partial no unique

Chrome version 57.0.2987.133 (64-bit)

Ads Trackers DNT Fingerprints
Chrome (Mac, default) yes no no unique
Chrome (Mac, EFF Privacy Badger installed) yes yes no unique
Chrome (Mac, incognito mode, default) partial partial no unique
Chrome (Mac, incognito mode, block cookies and website data) yes yes no unique

Blocking all sites entirely using manual control of Privacy Badger yielded the same results as having Privacy Badger installed.

Safari’s incognito mode blocks plugins including Privacy Badger, so using plugins is ineffective to increase privacy on Safari.

Firefox version 52.0.2

Ads Trackers DNT Fingerprints
Firefox (Mac, default) no no no unique
Firefox (Mac, EFF Privacy Badger installed) yes yes yes unique
Firefox (Mac, NoScript installed) yes yes yes yes
Firefox (Mac, private mode, EFF Privacy Badger installed) yes yes yes unique
Firefox (Mac, private mode, NoScript installed) yes yes yes yes

Firefox’s private mode does not block plugins, so Privacy Badger could be used with private mode.

NB: JavaScript was disallowed for with NoScript; disabling JavaScript is a key way to avoid trackers. Unfortunately, it is also a key way to break modern Web pages.

NoScript maintains a white list of common sites to minimize the breakage of legitimate JavaScript functionality. It blocks all others, but gives a useful user interface to allow exceptions. As shown in Figure 1 below, most sites are analytics trackers such as Google Analytics, Facebook, and Doubleclick.

Figure 1. NoScript’s list of recently blocked sites

Mobile Browser Tests on iOS

Tests on iOS were performed on an Apple iPhone 6, running iOS version 10.3.1.

Safari iOS version 10.3.1

Ads Trackers DNT Fingerprints
Safari (iOS, default) partial partial no unique
Safari (iOS, private browsing, default) partial partial no unique
Safari (iOS, private browsing, block cookies and website data) partial partial no unique
Safari (iOS, Disconnect Privacy Pro installed and VPN active) yes yes no unique

Firefox iOS version 7.1 (2565)

Ads Trackers DNT Fingerprints
Firefox (iOS, default) no no no unique
Firefox (iOS, private mode, default) partial partial no unique
Firefox (iOS, Disconnect Privacy Pro installed and VPN active) yes yes no unique

Firefox Focus iOS version (current as of 17 April 2017)

Ads Trackers DNT Fingerprints
Firefox Focus (iOS, default) yes yes no unique
Firefox Focus (iOS, “Block other content trackers” option on) yes yes no unique
Firefox Focus (iOS, Disconnect Privacy Pro installed and VPN active) yes yes no unique

The motto for Firefox Focus is “Browse, erase, repeat”, which shows its focus on erasing local history.

Chrome iOS version 57.0.2987.137

Ads Trackers DNT Fingerprints
Chrome (iOS, default) no no no unique
Chrome (iOS, incognito mode, default) no no no unique
Chrome (iOS, Disconnect Privacy Pro installed and VPN active) yes yes no unique

Opera Mini iOS version

Ads Trackers DNT Fingerprints
Opera Mini (iOS, default) no no no unique
Opera Mini (iOS, “Accept Cookies” turned off and “Block Pop-ups” turned on) no no no unique

EFF suggests rather concerningly, “switching to another browser or OS that offers better protections.”

Mobile Browser Tests on Android

Tests on Android were performed on a Sony Xperia Z2 Tablet SGP511, Android version 6.0.1 (Marshmallow), kernel 3.4.0-perf-gc14c2d5

Chrome Android version 57.0.2987.132

Ads Trackers DNT Fingerprints
Chrome (Android, default) no no no unique
Chrome (Android, incognito mode, default) no no no unique

Firefox Android version 52.2

Ads Trackers DNT Fingerprints
Firefox (Android, default) no no no unique
Firefox (Android, private mode, default) yes yes no unique

Opera Mini Android version 24.0.2254.115784

Ads Trackers DNT Fingerprints
Opera Mini (Android, default) yes yes no unique
Opera Mini (Android, private tab, default) yes yes no unique

NB: Opera Mini tested “no” in all categories last week, but Opera seems to be adding an effective ad blocking technology, which seems to have come to Android before iOS.

Disconnect free edition for Android (no version number, as of 23 April 2017)

Ads Trackers DNT Fingerprints
Disconnect in-app browser(Android, default) partial partial no unique

NB: Disconnect Pro/Premium versions were not tested on Android because I was borrowing the device and didn’t want to buy my friend a $50 subscription.


One clearly needs to shop around to find a browser that will protect your privacy. That is easier on a computer than on a mobile device.
The combination of Firefox and the NoScript plugin was the only way discovered to pass all EFF tests, and that combination is only available on desktop and laptop computers. That is a shame given the power performance of Safari, or the Google app integration with Chrome.
There is no apparent way to avoid browser fingerprinting on iOS or Android.
Apple users seem to have a choice between the new Firefox Focus and installing (and using!) Disconnect Privacy Pro. It is easy to forget to turn on Disconnect’s VPN. There is a cost, of course, but that should be nothing new to Apple users. Better privacy is part of what we pay for with Apple. It is surprising that Apple hasn’t done with browser privacy what they have done with server-side encryption of user data.
Android users fare reasonably well using either Firefox’s private mode or (surprise!) the new Opera Mini. Both browsers have decent blockers for ad trackers and other online trackers. Unfortunately, neither option does a thing to stop browser fingerprinting. In 2017 and beyond, blocking direct tracking is just not good enough. One cannot help but wonder why one needs to use Firefox’s private mode to access apparently built-in functionality.
In summary, be careful. Practice safe computing to avoid infections of one form or another. It might be wise to both use a browser with good privacy support and also to check the status of updates once in a while.
We remain with poor tradeoffs. Should we increase privacy and suffer inconvenience, or opt for convenience? Unfortunately, I am sure I know what most people will do. Browser vendors, especially the Mozilla Foundation, should ensure that privacy protection is enabled by default. Action against browser fingerprinting is urgently needed.
Your privacy is in your hands.

Chapters 5-7 Now Available for Humanity: An Unauthorized Biography

Chapters 5-7 are now available in PDF for Humanity: An Unauthorized Biography!

Chapters 5, 6, and 7 have been added in this update.

Chapter 5 (“The Invention of Rationality”) traces the history of rational thought – and shows why it is a rather unnatural basis for human culture.

Chapter 6 (“Accidental Progress”) reviews the history of civilization’s Golden Ages, from the ancient Greek to our own.

Chapter 7 (“Return of the Shaman”) illustrates why our age is different from all the others, and why we are left with such challenges as a result.

Comments are welcome and sincerely appreciated!


Chapters 1-7 Now Available for Humanity: An Unauthorized Biography

Chapters 1-7 are now available in PDF for Humanity: An Unauthorized Biography!

Chapters 5, 6, and 7 have been added in this update.

Chapter 5 (“The Invention of Rationality”) traces the history of rational thought – and shows why it is a rather unnatural basis for human culture.

Chapter 6 (“Accidental Progress”) reviews the history of civilization’s Golden Ages, from the ancient Greek to our own.

Chapter 7 (“Return of the Shaman”) illustrates why our age is different from all the others, and why we are left with such challenges as a result.

Comments are welcome and sincerely appreciated!


Chapters 1-4 Now Available for Humanity: An Unauthorized Biography

Chapters 1-4 are now available in PDF for Humanity: An Unauthorized Biography!

Chapters 3 and 4 have been added in this update.

Chapter 3 (“Power Shift”) explains the failure, and recovery, of the Neolithic Revolution.

Chapter 4 (“Thinking for Cities”) delves into Bronze Age thought to uncover how our earliest city-dwelling ancestors thought about themselves and their world.

Comments are welcome and sincerely appreciated!


Chapters 1-2 Now Available for Humanity: An Unauthorized Biography

Chapters 1 & 2 are now available in PDF for Humanity: An Unauthorized Biography!

Chapter 2 is entitled “Planting and Prayer”. It covers the transition of hunter-gatherers in the Near East to full-time agriculture, and the switch from shamanistic religions to religions of “big gods”.

Comments are welcome and sincerely appreciated!


Defining Culture

Culture is a slippery concept to define. Many social scientists today refer to a formulation by the nineteenth century English anthropologist Edward Burnett Tylor, who said “Culture, or civilization, taken in its broad, ethnographic sense, is that complex whole which includes knowledge, belief, art, morals, law, custom, and any other capabilities and habits acquired by man as a member of society.” At least two things jump out at me when I read that quotation. Firstly, that Tylor equated culture with civilization, and secondly that he considered nearly anything people do to be “culture”.

All extant hunter-gatherer groups have some “capabilities and habits” that allow people to fit in as members of those societies. Archaeological evidence gives us no reason to believe that earlier hunter-gatherer tribes failed to have them as well. Quite to the contrary, archaeology has provided plenty of evidence to suggest that Stone Age people spent a lot of time identifying with their groups. We see this evidence in both the similarities and differences that exist in burials, artwork, and artifacts around the world, and in the echoes of languages that still exist. It seems contrary to modern scientific understanding to suggest that hunter-gatherer groups don’t have their own cultures. But that was not what Tylor intended. Tylor was the first person to insist that hunter-gatherers had their own cultures, and their own forms of “civilization”, based on what he called the “uniformity” of human thought. It was a remarkably enlightened attitude for a person living at the height of the xenogamous British Empire.

Tylor’s concept of civilization differs from the one used elsewhere in this book. Elsewhere we will talk about civilization beginning with settled agriculture. Tylor, by contrast, rightly understood human development as a continuous searching for successful strategies. Agriculture was just one possible approach to survival. It just happened to be one that allowed its practitioners to outbreed those hunter-gatherers who stayed with the old ways. It was natural for Tylor to suggest from his perspective that civilization and culture are the same thing. Tylor’s civilization is nothing more (or less) than the cultural tools used by any particular group.

It is interesting that Tylor included laws in his definition of culture. Laws are now the primary tools of secular, Western governments today to encourage large-scale cooperation. It would be illegal for someone at my coffee shop to assault me, either physically or verbally. A policeman would readily intervene in an altercation if called. That fact deters most people, most of the time, from taking advantage of strangers.

There are other tools in our cultural toolbox. Most modern religions teach the benefit of cooperation, as do the customs passed down from parents to children, and reinforced in schools. Surprisingly, the combination of laws, beliefs, and custom can do a pretty good job at creating peaceful large-scale societies.

The successes of law do not come as cheaply as we might imagine. Although we have successfully used laws to mostly keep strangers from abusing each other, we need to have a lot of them. It no longer seems possible for anyone to determine exactly how many laws, or government regulations, exist in the United States today. We have federal laws, binding court decisions, and regulations. We have more at the state, territory, Native American tribe, and local levels. This is of course not to mention corporate regulations, or family rules. One estimate claims some millions of federal laws alone, with as many as forty thousand changes each year. A reference librarian at the US Library of Congress claimed in 2013, “We are frequently asked to estimate the number of federal laws in force. However, trying to tally this number is nearly impossible.”

Determining the laws appropriate to a given situation is often a first step in determining a course of action. One might consult a lawyer, or an accountant, or a policeman, or a county clerk. The scale of our societies demand such binding rules. We have accepted their complication as the price for living relatively peacefully with many others. Where they fail, the state uses fines, imprisonment, or forced service to punish offenders, all in an attempt keep individuals from carrying out their own justice.

Not all modern societies are peaceful, nor safe. I would happily turn my back on strangers in most parts of Japan, Australia, or Canada. I would have no trouble in most of India. But I would not risk it in the bus station in downtown Newark, New Jersey, any more than I would in the public portions of the Philippines, Columbia, Egypt, or Italy. “Culture” is as variant as it is ill-defined. Laws intertwine deeply with those other, softer, concepts of belief, morals, customs, and religion to create a complex tapestry of possibility.

In place of Tylor’s definition, I personally tend to prefer an almost throw-away line from anthropologists Ernest Schusky and Patrick Culbert: “Culture… includes all the things that we learn from other people.” That seems to sum up the complexities that we encounter when attempting to discuss culture, and yet gets to its underlying simplicity. We are born with a series of instincts, and reflexive actions. We have biases. We will react in many predictable ways, and at the same time have deep physiological structures that ensure that our behavior varies. We constantly learn from our sensory inputs, from the environment. But culture consists of all the things we learn from other people.

It is possible to refine the definition of culture even farther by looking at the relationship between culture and evolution. It was evolution that provided us our natural relationships to one another, and adapted us to a hunter-gatherer lifestyle. It was culture that allowed us to adapt more rapidly than evolution ever could to the challenges posed by the end of the last ice age.

Culture and evolution share many key features. A creature competes for resources, and looks for opportunities to create offspring. The offspring aren’t perfect copies. Random changes, mutations, creep into the copying process. This is Darwin’s “descent with modification.” Similarly, cultural ideas compete to be accepted by people. At each stage they are heard, and perhaps modified by the receiver’s understanding. Cultural ideas also undergo a version of descent with modification. Cultural ideas are frequently called “memes”, a word first proposed by evolutionary biologist Richard Dawkins to indicate a unit of cultural inheritance, analogous to a gene as the unit of physical inheritance.

More importantly to our story, culture and evolution are both fundamentally search algorithms. Culture and evolution are two ways to explore a space of possibilities to search for successful strategies. The lucky ones win, and the less fortunate lose. Mutations to genes allow natural experiments; each mutation is thrown up against the wall of Nature to see if it sticks. Planting and praying were two of probably many attempts to change the game faster than evolution could. Our ancestors passed their lessons to their children, which allowed them to adapt more quickly than waiting for a successful mutation.

Evolution enabled us to have the ability to create culture. Evolution endowed us with the ability to learn and, critically, to pass down our learning to our descendants. No other species does this as well as we do. This is our species’ super power. Evolutionary biologists call the advantages that we receive from passing down learning the Baldwin Effect, named after American psychologist James Mark Baldwin. Baldwin was the first to note that the ability to pass down learning could increase the chances for survival of a species. Planting could not have occurred without many generations of accumulated knowledge. Neither could prayer. Neither idea is simplistic enough to have occurred to a single individual in its complete form.

It is the collection of all of our good ideas over generations that we call culture. Without the Baldwin Effect, we would be as stuck as any other animal that needs to rely solely upon instinct, or the collection of tricks learned in a single lifetime. Our ability to pass down information to our descendants allows culture to build up generation after generation, and to morph to fit new circumstances. We can discuss necessary changes, and take different actions. It is in this way that the first world United States culture emerged from colonial backwater, through the Industrial Revolution, to the victories of World War II, the Internet, and up to today. Few believe that our culture today is much like the early United States, when slavery was legal, native Americans were a military threat, and the height of technological development was the ability of a country to build a sailing ship.

The Baldwin Effect can help us to refine our definition of culture. Culture is what we learn from other people, and pass on to others. It is by this means that a large group can come to define itself.


  • Edward Burnett Tylor. Primitive Culture: Researches into the Development of Mythology, Philosophy, Religion, Language, Art, and Custom. 2nd ed., 2 vols., John Murray, London, 1873, pp. 1.
  • Ernest Lester Schusky and T. Patrick Culbert. Introducing Culture. Prentice Hall College Div, 1987, pp. 35.
  • J.M. Baldwin. “A new factor in evolution” in American Naturalist, vol 30, 1896, pp. 441-451.
  • Richard Dawkins. The Selfish Gene. 2 ed., Oxford University Press, 1989, pp. 192.

The Hidden Pattern of Human Group Leadership

In Chapter 1 of my new book, Humanity: An Unauthorized Biography, I argued that there is a hidden pattern of human group leadership that we have inherited from our hunter-gatherer ancestors. Specifically, I suggested that inward-looking leaders and outward-looking shaman formed such a close partnership that it “became embedded in our physiology.” In other words, evolution has encoded this relationship into our DNA.

That is a bold claim, so I had better provide some evidence for it.

I’ve expanded the Chapter 1 preview with new material to provide more scientific support for this claim. Here it is:

Is there then a “gene for” shamanism, or for leadership? The situation is almost assuredly not that simple. It appears that minor variations in the levels of certain neurotransmitters and hormones account for the expression of these ancient roles. Personal choice also sometimes applies, as does familial expectation. Some, to paraphrase an old saw, are born, some are made, and some have leadership or shamanism thrust upon them.

We know, for example, that leaders typically have lower than average levels of the stress hormone cortisol, and higher levels of testosterone. This is true for both men and women. These levels vary naturally depending on many factors, including genetics, environment, age, and levels of physical activity. They can also be intentionally changed through our actions. Adopting so-called “power” postures can reduce stress and increase feelings of confidence. A mere two minutes of standing with your feet widespread, your arms raised above your shoulders, and your chin lifted can decrease levels of cortisol, and raise levels of testosterone.

The opposite is also true. Sitting with an inward, closed posture, such as crossing your arms and legs, can raise cortisol levels and decrease testosterone. These are postures of concentration, and are commonly associated both with depression, and with deep insights. Those studying difficult topics, such as mathematics, or solving computer programming problems will typically unconsciously adopt such postures. They are postures of shamanism.

There is more. Leaders are most often gregarious extraverts, whereby shamans are most often introverted. These are not simply labels for personality traits. They relate to brain structure, and have been shown to have a genetic basis. Extraverts have a much lower threshold of emotional arousal, as mediated by the neurotransmitter dopamine. They get a bigger rush from the brain’s reward system than do introverts, especially when a gamble pays off. This extraverted behavior correlates well to the presence of a particular allele on the dopamine D2 receptor gene according to a 2005 study. The authors of that study noted, “These results demonstrate a link between stable differences in personality, genetics, and brain functioning.”

So leadership and shamanistic traits are unquestionably functions of the physical body. There are multiple genes that impact leadership and shamanistic behaviors as well as environmental, and behavioral factors. It takes more than a gene or two to make a leader, or a shaman, but the potential is encoded within us.

The references for those statements are:

  1. The use of ‘power poses’ to lower the stress hormone cortisol and raise testosterone have been studied by social psychologist Amy Cuddy and her colleagues at the Harvard Business School. Cuddy’s TED talk on the subject has been viewed more than 24 million times, and ranks as the second most popular talk published by that organization. An earlier version of her ideas were presented in a video published on the Harvard Business School blog.
  2. The study that demonstrated genetic differences between how introverts and extraverts process stimuli is Michael X. Cohen, Jennifer Young, Jong-Min Baek, Christopher Kessler, and Charan Ranganath. “Individual differences in extraversion and dopamine genetics predict neural reward responses” in Cognitive Brain Research, vol 25, no 3, December 2005, pp. 851-861. The authors specifically say, “Here, we show that individual differences in extraversion and the presence of the A1 allele on the dopamine D2 receptor gene predict activation magnitudes in the brain’s reward system during a gambling task.”
  3. Similarly, the study at Richard A. Depue and Yu Fu. “On the nature of extraversion: variation in conditioned contextual activation of dopamine-facilitated affective, cognitive, and motor processes” in Front. Hum. Neurosci., 13 June 2013 reported on varying responses to drug rewards by extraverts and introverts. The authors note that, “The findings suggest that extraversion is associated with variation in the acquisition of contexts that predict reward.” That is how an introverted shaman defines leadership traits!