FF52 is supported but i assume that if there are problems with older versions of (Firefox <60) it will be investigated with lower priority. Edit: Announcement: drop active support for Firefox < 60
CanvasBlocker v0.5.4 Released (September 23, 2018) https://addons.mozilla.org/en-US/firefox/addon/canvasblocker/ Spoiler: v0.5.4 - New Features, Fixes Version 0.5.4: changes: - converted "API whitelist" to "protected API features" (automatic settings migration) - notification details are not stored by default - settings page reorganized - audio API notifies on every call - made audio cache url specific new features: - added save/load directly to/from file option - added protection for DOMRect (getClientRects) - added setting to control if notification details should be stored - state of the arrow for url specific values is saved - browser action icon gets grayed out if the page is whitelisted - added search to options page fixes: - window and audio API were always blocked when using any of the "block ..." modes - canvas content was not stored to be displayed when wanted - hovering over toolbar icon created error in the browser console - canvas content was not shown in ask mode any more known issues: - if a data URL is blocked the page action button does not appear
Yes. Not only on wilderssecurity.com but it is also blocked on other websites (The Register, Startpage, etc.) It is a new feature of CanvasBlocker v0.5.4: And it mitigates for example the following fingerprint technique: getClientRects() provides a persistent fingerprint #236
The Sphere Browser has a pretty sophisticated anti-fingerprinting system built in; https://sphere.tenebris.cc/#home It has a steep learning curve however, well maybe not for most here.
CanvasBlocker v0.5.5 Released (October 13, 2018) https://addons.mozilla.org/en-US/firefox/addon/canvasblocker/ Spoiler: v0.5.5 - New Features, Fixes Version 0.5.5: changes: - DOMRect uses double cache (value and complete DOMRect) new features: - added settings sanitation page - added search field to browser action popup fixes: - Google images did not work for some users - page action was not showing on Firefox Android - wrong content script does no longer trigger the settings load forcing known issues: - if a data URL is blocked the page action button does not appear
For Chrome: https://www.browserplugs.com/ Interesting the possibility of randomizing the hashes of the "getclientrects fingerprinting" test. Functionality not present in Scriptsafe. It remains to be verified if it works correctly (it's beta version).
The new Trace v2.0.1 for FF/Chrome has this feature https://chrome.google.com/webstore/detail/trace/njkmjblmcfiobddjgebnoeldkjcplfjb https://addons.mozilla.org/en-US/firefox/addon/absolutedouble-trace/
Works well on Chrome. GetClientRects protection not work on Firefox 52 ESR. TRACE P.S. "Screen Resolution Tracking" is inefficient with default values.
Thank you very much for this thread - I got Trace and Browser Plugs to test from it - thank you posters.
I recommend users who use Scriptsafe to perform some tests because I think the extension is outdated and does not protect some privacy setting.
But ScriptSafe does block the below tests which TRACE failed http://ubercookie.robinlinus.com/faq.html
That I agreed. With proper preferences settings FF does not support WebRTC so it's ok Chrome failed so need to use WebRTC Control extension. If you test it at browserleaks.com it'll show the same result as FF. So far I have tested no other extension can do such. But in using this extension and playing Youtube other clips cannot be shown. Ungoogled Chromium don't have this issue