A tracking pixel is an external image loaded from a server for analytics purposes. All web technologies facilitate this. Pictures, css, fonts, video, audio, javascript, and all the new Web* tech. Requests link you together on different servers. Scripts actively spy on you by logging keystrokes and more, then funneling that to a surveillance company who launder it for the government. Rendering tech like canvas and webgpu help uniquely identify the machine by carefully timing and positioning things.
Can't the server already kind of uniquely identify a machine using the IP, User Agent, timing of requests, times of visit, navigating patterns, etc., without even relying on any client-side data?
If I connect to example.com how does google spy on me when I do that when not using chrome? Answer is example.com instructs your browser to load google's spyware.
(Note: the real example.com might not do that, it is merely an example)
Yes this is called fingerprinting and it only takes ~7 pieces of entropy (iirc) to uniquely identify you from every other device on the internet. Javascript alone hands over dozens.
JS is truly a cancer that really only benefits advertisers and intel agencies.
Unfortunately, some major ad tracking companies are using WebGL capabilities to aid in their fingerprinting of browsers.
As WebGPU is rolled out, they'll probably add WebGPU capabilities to their collection list as well.
These companies do not single out WebGL or WebGPU for fingerprinting but they query any optional browser feature they can in order to develop as complete and robust of a fingerprint as possible.
