Technical notes index
Here is a typical server report (from Statcounter) when someone with an iPhone accessed one of my pages:


It shows the operating system, the general type of device, the screen size, your WAN IP number, from which your general location can be deduced (not always accurately) and the page you came to the current one from. (Statcounter works because I've placed a code on each webpage which passes the information on to it: the same information is available to my server in the logs but these can be less convenient to access.)

Though they know your IP number (because their server couldn't otherwise know where to send the page) they can't get your email address, your name, or your exact location (what they can deduce is the location of the local hub of your ISP).

Websites cannot download onto your device other than by disguising a download link as something else; and since they can know your WAN address but not the local IP number your device has on the network they can't access any other device in any other way.

(When you requests a site on wifi your router, which has allocated a local IP number to you, passes the request on to the website, identifying it by the internet IP allocated by your service provider: when it gets a response it know to pass it back to the device which made the request. The local IP number of the device is masked to the outside world.)

Most malware lands up on devices because people have requested a download which also contains the malware, usually from dubious sites.

Roger Wilmut.