IP Check: Next generation of website tracking analysis
The IP check is a free and easy understandable anonymity test. The test shows at a glance which attacks a website may launch on your privacy. Moreover, you get recommendations for possible counter measures. It explains which data your own web browser sends to websites. A website may use this data to create an individual profile. By misusing such a profile, you may later get identified reliably on this or on another website.
Please note: The recommended values for this test aim, among other reasons, to standardize the values sent by the browser. The reason is that anonymous surfing is only possible if as many browsers as possible send the same values to websites, like JonDoFox does it.
The test is constantly being enhanced for considering newly discovered privacy attacks. Besides the IP check, the site also contains a list with links to many recommendable websites about the topic. You may moreover include your own free IP check as image on your website. If you like our IP check and would like to earn money, please have a look on our affiliate program.
What is the difference to the Panopticlick project?
Panopticlick is just a demonstration on how web browser data may be aggregated to profiles. In contrast, IP check analyzes thoroughly each chance to read data from the user`s browser, and intentionally circumvents various security mechanisms. In case of proxy servers, web proxies or VPNs, the test may even uncover the real IP address in many cases. This knowledge helps web surfers who strive for anonymous surfing to close "data leaks" in their browsers. If you are using the Tor or JonDonym anonymizer service, the IP check moreover shows you in detail whether the browser settings comply with the recommendations of the Tor project, or with the recommendations for JonDonym, respectively.
What is the difference to Evercookie?
Evercookie tries to show some active tracking mechanisms that contemporary tracking services might use to rediscover the same visitor. Evercookie currently fails to recognize the effect of advanced security mechanisms against tracking that are implemented regarding the current domain or tab. The IP Check, in contrast, shows both all known active tracking techniques and every further information that a visitor`s browser sends to websites. You will see that a combination of this data might be used for various passive kinds of tracking. The IP Check also recognizes advanced security mechanisms by a thorough browser analysis and gives recommendations for optimization.
IP location check
The location check uses freely available databases from the company MaxMind in order to explore for which located your IP address is registered. In many cases, it is thereby possible to correctly guess your location. You may let you show the location found on a map, and you may moreover analyse your IP address by clicking on the resprective links nearby.
The test moreover recognizes the use of most proxies and some anonymization systems like JonDonym and Tor, and performs several attacks on them. This may lead to uncovering your true IP address, even if you think it is hidden. The IP address makes it possible to track and trace you on the Intenet, and even to conclude your identity.
Anonymization service providers, please note: You would like to have this test adapted also to your very own anonymization service? That is: IP address and browser attribute recognition? We can do this for a small fee. Please contact us.
Web proxies like "Anonymouse", "Hide my Ass!" or "Proxify" are not suitable for anonymous surfing - while this fact should already have become general knowledge, still ten thousands of users think they are anonymous on the Internet by using these services. The IP Check now shows their privacy issues clearly to the public: Besides other sophisticated privacy tests, the site is now able to break the security all existing web proxies. (Estate: 2011-08-31)
Please note that JonDonym is NOT a web proxy! The system works differently and is secure against these attacks.
Details of the attacks
You might moreover keep in mind that web proxies break the browser`s SSL encryption to secure sites, as their principle is to act as man-in-the-middle site: They can see any data that you transfer, and your browser will not even be able to check the visited site`s SSL certificate. So you should avoid web proxies anyway if you would like to transfer private data.
The following list contains some web proxy providers, whose services are fully or partially broken by the anonymity test. This is only a small selection of the best-known sites. However, all currently existing web proxies are affected. Perform the test completely with one of these services in order to see the respective result.
|Hide My Ass!||-||Broken*||Broken|
|Guardster||-||Broken (if allowed)*||Broken|
|Megaproxy||Broken||(not available for free)||(not available for free)|
Broken : Your own IP address gets uncovered. Note that your private browser data is uncovered as well...
Plugin-Tests (Flash, Java)
- Use the Firefox Add-On NoScript in order to block plugins by default, and to activate them only if needed, e.g. if you would like to view videos. NoSript is already contained and correctly configured in JonDoFox.
- Save videos using software like Video Download Helper or Unplug on your computer in order to view them in a media player instead of Flash.
- Deactivate Flash cookies or use a Cookie Manager.
- Use proxifier software in order to force Flash and Java to use your proxy, and thus to secure them against uncovering your IP address.
If you see the following image on the test site, your have Flash, but also NoScript, installed. Flash applications are often used to present videos. You may enable the application by clicking on the respective image. This image below is only a non-clickable demo, however
On the page with the test results, you may move your mouse pointer over the underlined fields in order to get detailed information:
Green underlined fields or fields rated as "good" show that the respective value complies with the best possible setting. If all fields are green, you are perfectly protected in the scope of this test. Note that the optimal solution would be if all web browsers would behave exactly the same, send exactly the same values and would allow tracking only while you visit the current website. Then, third-party tracking would be technically prevented.
Orange underlined fields rated as "medium" indicate a possible privacy problem. Several of these may, as a whole, lead to your identification.
Red underlined fields rated as "bad" highlight extremely critical privacy problems that may lead to your immediate identification. You should resolve them as soon as possible.
Cookies are small text files. Web sites may cause your browser to store them if you do not prevent it, and may then track you while you are surfing.
There are several privacy risks regarding cookies: Advertising and statistics services may misuse so-called third-party cookies in order to track you over several websites. But even if you block third-party cookies, websites may still recognize you using first-party cookies that may be set diretly from the resprectively visited website. In order to track you over a long peroid, providers and VPN services may even set such first-party cookies by themselves and - unnoticedly by you - may read them again using invisible redirect pages in the background. Technologies like this are for example used by the service provider Phorm (http://www.phorm.com) angeboten.
Cookies are the perfect method to track web surfers - as far as they are not blocked by you. If this is the case, there are however numerous other methods, as described in this test, how to track you, for example your IP address.
Use JonDoFox, or generally block Cookies and allow them for single web pages if needed only.
The very least thing you should do is to let your browser automatically delete all cookies on closing.
|Authentication||Many browsers allow web sites to send hidden authentication data to third party sites. Example:
<link rel="stylesheet" type="text/css" href="http://Session:email@example.com/auth.css.php">
|Your browser should not send any HTTP authentication data to third party sites.
Currently known to be affected are: Chrome, Safari, Firefox.
Use JonDoFox in order to protect yourself.
|Cache (E-Tags)||Websites may mark arbitrary pages on page load. Thereby, so-called e-tags are used. As long as the respective site remains in your browser cache, the mark is sent on any new request to the website again.
This is especially critical if the elements in the cache are ressources from third-party sites. This data has the same effect as third party cookies.
|Your browser should not cache any third party content at all, or should at least delete them upon moving to another site.
Firefox: Use JonDoFox. Alternatively, you may switch off the cache completely: about:config, browser.cache.disk.enable:false, browser.cache.memory.enable:false
|HTTP session||An HTTP session is generated, if your Internet or anonymization service provider can link several of your HTTP requests on the network layer. The longer the session lasts, the better this provider may identify you, even if you never transmit personal information.
If you are using direct access providers or VPNs, your HTTP session is always unlimited. For proxy providers this is also the case, with only a few exceptions like JonDonym or Tor.
|Use JonDonym or Tor in order to fix this Problem. Tor keeps a session for 10 minutes only. JonDonym is even completely stateless, if you switch off proxy-connection keep-alive in your browser.
Firefox: about:config, network.http.proxy.keep-alive:false
Please note that for this attribute, among other things, it is tested which service you are using. As there is currently no other service besides Tor and JonDonym which hides your browser session from the service provider itself, this attribute is automatically bad in all other cases.
The referer tells a web site which site you have visited before. This test simulates calling this site from a third-party site.Meanhwile, several web surfers change their referer for privacy reasons. Please note, however, that several of these settings may lead to incompatibilities with various web sites.
This test has a unique feature: It recognizes every possible, reasonable way to set a referer that a web browser may use:
|The referer should be hidden if you move to another website. It should remain unchanged as long as you move within the same website.
Firefox: Use JonDoFox.
You might also change the referer using the add-on Refcontrol: Block, only for links to other domains only. However, this is not support the optimal setting, as it does not handle sudomains correctly.
|Signature||The order and the content of the HTTP headers sent by your browser may be used to identify your browser type and to separate you easier from other web surfers. The value shown here is a hash over the browser headers that are relevant for this.||
Unfortunately, current web browsers do not allow to change the order of the headers sent by them. If you would like to reach the default values of JonDoFox, we therefore suggest you to use the Firefox browser. In the following, you see the recommended default values:
Generic header signature of Firefox
Individual JonDoFox header signature
user-agent: Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/17.0 Firefox/17.0
accept-encoding: gzip, deflate
|User-Agent, Language, Charset, Encoding, Content types||On each access to websites, your browser sends so-called header data, that contains information about your browser, operating system settings and installed applications! Combined with each other, this data may be used to recognize your browser, and thereby YOU, on later visits.||The header values recommended by these tests are compatible to practically all websites. The goal is to standardize them for all users.
Firefox: Most of the values are configurable over about:config. We however recommend using JonDoFox, were these values are already configured correctly.
|Do-Not-Track||"Do-Not-Track" is a technology that enables users to opt out of third-party web tracking, including behavioral advertising. For this purpose, the browser sends a special header, that advertising and statistics services may honor - or not. As such, it is less a technical, but more an organizational protection. We recommend this setting nevertheless, as it does not harm.||Firefox: You may switch on this feature in the privacy settings.|
Chrome: Go to Settings, Options, Under the hood, Content settings, Plugins. Deactivate all Plugins except for: Chrome PDF Viewer, Google Update, Flash
|Mime types||The "Mime Types" describe the file types that your browser can interpret. The more plugins you have installed, the more Mime types will be sent by your browser, and the better identifiable you are.||As few MIME types as possible should be sent. The optimal setting is automatically reached if you configure your plugins correctly.|
|Tab name||Using the attribute "window.name", a website may give the current tab a name. The attribute "window.name" may get misused for marking your current tab. It remains the same over several websites until a site you visit sets a new value.||The name of the current tab should be deleted once you are surfing to a new website domain.
Firefox: Use the JonDoFox profile or the Tor Browser Bundle.
Chrome: Use the extension "window name eraser".
You may delete its value also by closing this browser tab.
|Tab history||Using the attribute "history.length", this web site can see how many pages you have visited before.||The number of visited pages should be reset to 2 whenever you change to a new domain.
Firefox: Update to Version 4 or higher. Open about:config and set "browser.sessionhistory.max_entries" to 2.
|Local storage||Using the local storage (sometimes called "web storage" or "DOM storage") it is possible to save up to 5 MB large super-cookies in your browser. This is independent of your cookie management.||Local storage (sometimes called "web storage" or "DOM storage") should be disabled.
Firefox: Open about:config and set "dom.storage.enabled" to "false".
|Screen||The screen resolution describes the size of your monitor. In combination with other attributes, your computer might be easier identified thereby.||Currently availbale browsers unfortunately do not allow to alter this setting! We are working on that...
If such a setting is possible some time, the following values would be recomended: 1800x950, 1350x750, 1150x600 or 600x450 pixels with 32 bit color depth
|Browser window||These values show the size of your browser window.||Your browser should send the same values as for your screen.
Unfortunately, contemporary browsers do not allow to configure this.
|Browser bars||The browser bars provide relatively harmless information about the presentation options of your browser.||Use the default settings of Firefox: MenuBar PersonalBar StatusBar ToolBar ScrollBars LocationBar|
Firrefox: Open about:config and set "webgl.disabled" to "true".
Firefox: Open about:config and set "browser.display.use_document_fonts" to 0. For a better font readability, you should moreover set Settings:Content:Default font to Arial, Helvetica or Sans-Serif.
|Browser history||In your browser history, your browser may store the address of every website that you have visited. Thereby your whole usage profile of the WWW may get stored.||Modern browsers should not be affected by this attack. If you still have an old web browser, please update it as soon as possible!
Firefox: Update your browser to version 4 or higher.