It does. It’s yet another data point used in fingerprinting, and not many people enable it. 'tis but a single setting, but combined with everything else they can track about your browser it is effective.
In case you want to run a test to see how fingerprinting affects your browser:
Yes and no. There are still plenty of things that get tracked regardless of JavaScript, and disabling JavaScript is it’s own mark they can track.
Do Not Track is one such request, but screen size, viewport size, language, timezone/region, whether you block ads or not, browser/engine version, and many more are all things that do get tracked without the need for JS.
All have legitimate reasons, but can also be abused by being tracked server-side.
The cover your tracks page on eff.org has some pretty good explanations for most things.
Fun fact, the reason the TOR browser launches in windowed mode is so that this viewport size tracking is less of a marker.
I just have a hard time wrapping my head around why certain things have to be reported back. Like screen size - you can request a desktop site, so why not just let the browser request the page, the browser gets the information and displays how it needs to - why bother reporting that information back to wherever? Why not just have the browser not send back that info, or send back randomized/fake info?
It does. It’s yet another data point used in fingerprinting, and not many people enable it. 'tis but a single setting, but combined with everything else they can track about your browser it is effective.
In case you want to run a test to see how fingerprinting affects your browser:
The only way to really stop this is to disable JavaScript?
Yes and no. There are still plenty of things that get tracked regardless of JavaScript, and disabling JavaScript is it’s own mark they can track.
Do Not Track is one such request, but screen size, viewport size, language, timezone/region, whether you block ads or not, browser/engine version, and many more are all things that do get tracked without the need for JS.
All have legitimate reasons, but can also be abused by being tracked server-side.
The cover your tracks page on eff.org has some pretty good explanations for most things.
Fun fact, the reason the TOR browser launches in windowed mode is so that this viewport size tracking is less of a marker.
I just have a hard time wrapping my head around why certain things have to be reported back. Like screen size - you can request a desktop site, so why not just let the browser request the page, the browser gets the information and displays how it needs to - why bother reporting that information back to wherever? Why not just have the browser not send back that info, or send back randomized/fake info?