Noticed that if I go to a particular corporation’s home page in Private Browsing mode, with shields up and having deleted all cookies for the website, it still seems to know it’s me (displays my name).
Shouldn’t that not be happening?
Do you also have fingerprinting shield up too?
Yes. “Block 3rd party fingerprinting.”
Wow.I have no words. I will see if I can find someone to refer you to
1 Like
Hi @mk7z,
Thanks for reporting.
Can you give a steps to reproduce the issue? So I can test it on my end.
Also, FYI, Private window will “forget” about you if you close the window. And when you open a new private window, it should “not know” you.
Thanks @eljuno, but you would only be able to reproduce what I reported if you had an account. Navigating to the webpage without an account there’d be no way you could be ‘known.’
Note that I didn’t ‘log in.’ The website was able to identify me before I even did that. In fact, I didn’t end up logging in. Instead I reported it here.
Private window ‘not knowing me’ is why I don’t understand where the apparent leakage came from. I didn’t close a window/tab and then reopen it. I just cleared all cookies for that site, checked that Shields were fully active, and only then went to the site’s homepage in a Private window.
Its ‘Hello’ greeting clearly identified me.
@mk7z,
Can you please share both the website in question and a screenshot of the site displaying your name (you can, of course, cover/blur your name before posting)? Do you have an account on the website? Is the site associated with your Facebook, gmail or some other website in which it already has access to?
@Mattches I’ve copied & pasted what’s displayed (‘as is’) from the webpage. Yesterday I experimented with screenshots and didn’t find a way to partially blur a screenshot. That is, the whole content was blurred. Did I miss a way?
FWIW, since I posted about this yesterday I’ve been through a BRAVE (Dev) crash that occurred while I was on a Google Hangouts call (using the version available within GMail). That crash & the reload of BRAVE that followed had no effect on Verizon being able to identify me when I simply went to verizon.com. In the current case (post-crash) it didn’t do identify me simply from going to the home page, but did as soon as I tried to do anything (i.e., click on an option on the home page).
The URL for the most recent specific webpage on which I see what’s shown below is: https://activate.verizon.com/register/useridlogin. But I’ve seen it on other webpages as well.
Again, I don’t see how you can ‘test’ this unless you/someone has a Verizon account. But if not, maybe another user who has one can volunteer.
There is no site association other than my Yahoo! email address. I don’t necessarily have that email account open at the same time that I’m navigating to Verizon, and even if I did it would be in a Private tab.
Note in the text below that it’s clear that the identification (of me) is occurring pre-login (i.e., I’m asked to sign in).
Welcome [name removed] .
You’re just minutes from enjoying your Fios service.
Sign in to My Verizon to activate your service and manage your account.
I have a Verizon account. Here’s what I see:
Landing page for account login – No name shown here:
After signing in, my name is displayed on the next page as expected:
Now, even if I stay logged in in standard tab, the sign-in page doesn’t display my name at the authentication screen as it would if I had a previously signed in session for the site:
Again, it would help quite a bit to see this in action. @mk7z, I know that you’re on macOS – use the built in screenshot/recording tool to capture images or video from your screen. Once captured, simply open it in “Preview”, select “Annotate” and edit the captured image by deleting, cropping or blocking them (as I did in the second image above – red rectangle) by drawing over them.
Sounds like the difference is that your name doesn’t appear until you’ve logged in.
As shown in the text I copied-&-pasted, mine is appearing before I log in.
What is the built-in MacOS video recording tool called?
Also, is there a way to partially blur a screenshot? I was only able to blur the entire thing (not selected parts of the screenshot image – maybe that can be done in Preview?).
- On your mac, hit
cmd+spacebar - Type
Screenshotand hit enter - The screenshot tool appears - use this to capture whatever you need to capture.
- Once screenshot is taken, locate the file and open in preview
- Hit the
Annotateicon next to the search bar in Preview - Use the various tools to markup/draw/block any content you wish to hide
- Save your image.
Thanks, is what you get from using that (Screenshot.app) any different than just hitting Shift-Ctl-Cmd-4 & then defining what you want in the screenshot with a mouse, etc.?
(Actually, that particular keystroke puts the screenshot in the Clipboard so you don’t have to save it to a file. Eliminating Ctl will save it.)
Here’s your reply in a screenshot using that keystroke:
1 Like
Looks good to me. Anything will do, I just want to confirm that we’re on the same page.
Here’s the screenshot.
Note that I’m not logged in (as you were before you saw your name displayed) — rather, I’m being prompted to log in (“Sign in to My Verizon… [etc.]”)
That was taken in a private tab?
@Mattches If of any informational value, I copied the URL from the Private window (the tab where my name was displayed, pre-login) and pasted it into a new tab in a normal window. My name didn’t appear this time.
So the Private window functioned as expected there. Why it didn’t do the same when I navigated to the same webpage while in the Private window remains a mystery.
Note below: my name isn’t displayed after “Welcome”.
I’m just now realizing that FIOs is internet too – dunno why I didn’t put that together but they may have your name already simply based off the fact that they’re your ISP ?
If it could identify me just from having its Internet service, wouldn’t that mean that Verizon is actively tracking every webpage I pull up?
And if I’m in a Private window shouldn’t that information not be available even to an ISP?
Also, why wouldn’t the same webpage display my name in a standard (non-Private) window?
I actually don’t have FiOS. That was a login webpage that for some reason assumes you want to sign up for FIOS. I don’t know why Verizon does that, since as of the current date it doesn’t yet offer it where I am. I’m stuck with its DSL until it does.
@mk7z,
It was just a line of thinking – if you don’t have FiOS then it’s not relevant anyway. Truth be told I have no idea why this is the case. Are you sure you don’t have any Verizon login data stored in cache/cookies?