What do websites know about you? — Cookies, trackers, fingerprinting Link to heading
Every time you visit a website, data changes hands - most of the time without you even realizing it. It’s not just about what you search for, modern tracking techniques go much deeper than that.
Cookies — the most well-known tool Link to heading
A cookie is a small text file that the website you’re visiting stores in your browser. Its original purpose is useful: it remembers whether you’re logged in, what’s in your cart, and which language you’ve selected, so you don’t have to re-enter this information every time.
The problem starts with third-party cookies. These are not placed by the site you’re currently visiting, but by an external provider, typically an ad network. The same cookie can be present on thousands of websites, and it records every time you’ve visited them. The result: a detailed map of your online behavior.
Trackers and pixels Link to heading
Beyond cookies, other methods also exist:
Tracking scripts: JavaScript codes that record mouse movements, clicks, scrolling, and time spent on the page.
Pixel: an invisible image consisting of a single pixel. When the browser loads it, the server records the IP address where it was loaded, the time, and the browser. They are often used in emails so the sender can tell if you’ve opened the message. When you open it, the server from which the pixel embedded in the email is loaded records the access properties.
UTM parameters: tags like ?utm_source=... visible in the URL, which show where you came from to reach a page.
Fingerprinting (browser fingerprinting) Link to heading
This is the most serious because it works even without cookies. The combination of your browser’s various characteristics forms a unique combination:
- Installed fonts
- Screen resolution and color depth
- Time zone and language
- Installed extensions
- GPU and sound card specifications
- Browser and operating system versions
Together, these form a unique identifier that recognizes returning visitors even after cookies are deleted. Anyone can check how unique their browser is at coveryourtracks.eff.org.
What can be done about it? Link to heading
| Method | What it solves | Limitations |
|---|---|---|
| Deleting cookies | Third-party cookies | Does not work against fingerprinting |
| Ad blocker (uBlock Origin) | Tracking scripts, pixels | Some sites block it |
| Firefox + built-in protection | Blocks known trackers | Partially effective against fingerprinting |
| Tor browser | Uniform fingerprinting | Slower, not suitable for everything |
| VPN | Hides IP address | Does not block trackers |
The most effective combination for everyday use: Firefox + uBlock Origin. It’s not perfect, but it drastically reduces the amount of tracking.
Summary Link to heading
Websites don’t just see what you give them. Cookies, tracking scripts, and fingerprinting techniques combine to paint a detailed picture of your browsing habits, often without requiring you to log in. The first line of defense is a good ad blocker.
This article is part of a series aimed at explaining the basics of online security in simple terms.