New YouTube install

Owner of a brand new iPad Pro, and installed all my apps. After I installed YouTube but before I logged in I got quite a shock when I loaded it. It was unrecognisable, a grid of sheer unpleasantness and bile, you can probably guess at some of the mix but there was such vile rubbish there, I was taken aback. The minute I clicked in, all gone of course, my bubble wrapped around me.

I got to wondering, a brand new device, not logged in, was this the top content in terms of engagement? Incredibly depressing if so.

I also got to wondering, given that I don’t stay logged in to Google or YouTube on a regular basis, but that I’d never seen the like before, what other means do they have of gauging likely interest, what digital crumbs they have me leave behind for non-logged in me to be guided to.

That’s interesting, if highly troubling (and I worry that you’re right about it being top content without other signals). I would think Google would do its best to store cookies and otherwise fingerprint you to ensure a consistent user experience to the extent possible, but that should be fairly easily subverted with another Mac, a virtual machine, a new browser, etc. if someone wanted to test.

One quick test. I opened up a Firefox private browsing window and went to the YouTube home page. Here are the videos presented:

Of course, the web page is an infinite scroll, so they go on forever, but nothing I would consider offensive in here. Maybe the iOS app is different.

I was thinking about private browsing, but I don’t think that inherently makes us completely anonymous to the remote site. See the yellow box on this page:

We know that fingerprinting can happen even without cookies, so YouTube could have an idea of who we are if Firefox wasn’t able to conceal our identities completely. Here’s what my Firefox private window showed, followed by what Brave’s private window showed (similar but not identical). Chrome and Safari were similar. And all of them are close to yours.



So perhaps @tommy tapped into a darker trending list.

1 Like

Yep, it looks like I did! Or maybe it was a bad day on YouTube…

Correct me if I’m wrong; Safari prevents fingerprinting by default. I just checked and the latest addition of Firefox does also. Chrome does not. I don’t know how, or if, Google plans eliminate fingerprinting; Google’s BS about its upcoming FLOC privacy sandbox doesn’t make it clear. But I’m positive that Google is laser focused on raking in as much money it can via advertising, much more so than it is on user experience or privacy. IIRC, fingerprints cannot be deleted. Users can delete cookies, but fingerprints get stuck on browsers.

Fingerprinting is a general term that applies to a wide variety of techniques for identifying a particular browser, so it’s not something that Safari or any browser can guarantee to block. It’s an arms race—the advertisers will continue to try to figure out ways of identifying and tracking users, and the browser makers will try to block those ways. The problem is that we never know which side is winning at any given time.

Eliminating fingerprinting is ultimately a no-win situation. While browsers do disclose a lot of useless information that can be used for fingerrprinting, much of the information is necessary for a good experience.

For instance, the user-agent string typically identifies every minuscule detail about your browser. While much of it is pointless, some of it (like the rendering engine used) is important because web pages and servers will use it to know what dialect of HTML your browser understands. Non-trivial pages will use this to make sure the content renders as intended by the author. It’s also important when identifying mobile browsers, so servers can serve up mobile style-sheets instead of ones meant for desktop screens.

Similarly, the language parameters are important so sites that support multiple languages will choose the one you prefer instead of something else.

If a browser would block these, it would degrade the web browsing experience. Pages would render incorrectly or display in the wrong language (especially if your browser/language is not the one used/spoken by the page’s author).

So, although browsers and firewalls can block a lot of fingerprinting content, they can’t (practically) block it all because users would not appreciate pages malfunctioning when web servers guess incorrectly about the missing information. Which means there there will always be some data that spammers can use to try and fingerprint you.