On Mon, 05 Oct 2009 20:40:28 EDT, TJ said:
Isn't this really a security by obscurity argument?
No - security through obscurity is "security measures that only seem to work because you hope the attacker doesn't know how they are implemented". In this case, making sure somebody else can't aggregate data about you is more akin to making sure somebody else can't obtain your password. In this case, you're making it harder for the attacker because they *do* know how the security measure works - if you're IP-address hopping or using RFC4191 privacy, then they know they have to find other means to do the tracking.
Making it a bit harder for the attacker, relying on 'Eve' just not realizing who I am?
Actually, yes. If you're the type of person that is careful not to accept website cookies to prevent cross-session and even cross-website tracking, you probably don't want to make it easy for Multi-click or whoever to do their tracking by having an IP address that shouts "Hey I'm the same laptop that was in the Starbuck's in Chicago last Tuesday". That isn't making it a little harder, it's making it a *lot* harder. And there's something to be said for Eve just not realizing who I am - the only reason my father's family made it to the US was because a Soviet border guard didn't realize my grandfather was on a "take in the forest and shoot on sight" list. So sometimes being able to keep Eve from making that correlation is literally a life-or-death issue.
Most of those concerns are in fact mitigated by a well implemented Privacy implementation
Which is why I started off by mentioning RFC4191. ;)