Preventing browser fingerprinting

Discussion in 'privacy problems' started by Floyd 57, Oct 10, 2021.

  1. Floyd 57

    Floyd 57 Registered Member

    Joined:
    Mar 17, 2017
    Posts:
    1,296
    Location:
    Europe
    i just used this exact extension with random option and even on browser quit i still get the same signature, so it doesn't seem to work anymore

    i have ublock origin, localcdn, i also used canvas blocker, jshelter and user agent randomizer, but i just CANNOT get a new ID on https://fingerprint.com/demo/ , even after restarting the browser. On firefox i get a new one, but on ungoogled chromium which is the most private version of chromium and chrome, i get the same id each time. Is anyone able to get a new ID on https://fingerprint.com/demo/ with a chromium-based browser? Not firefox-based

    There must be something in firefox that makes fingerprintingjs think it's a new browser, but i am not sure what
     
  2. Lyx

    Lyx Registered Member

    Joined:
    Apr 4, 2009
    Posts:
    149
    I get a new ID after restart in using Brave.
     
  3. summerheat

    summerheat Registered Member

    Joined:
    May 16, 2015
    Posts:
    2,221
    On Firefox I get new IDs even in different tabs=containers (created by Tempory Containers) with CanvasBlocker and JShelter. Restarting Firefox isn't necessary.
     
  4. Floyd 57

    Floyd 57 Registered Member

    Joined:
    Mar 17, 2017
    Posts:
    1,296
    Location:
    Europe
    It seems like you can be tracked with the cached images and files thing in chromium, because unless i clear those i get recognized, i imagine brave clears them on exit, for which chromium has no in-built option. But i also had to use the "fingerprint spoofing" extension to get a new id. Funnily enough i didn't have to change ip address. I guess this is because in the US, ISPs are cheap scum and give everyone dynamic IP cuz they're too cheap to give them a static one, so because of that the fingerprinting scripts cannot assume you're the same person just from your ip being the same because in the us many people can share the same ip. However maybe they should make a list of countries where operators are likely go give out static or dynamic ips, altho i guess each country has operators that give out both, but personally for me i've almost always had a static one, only on one isp i had a dynamic ip.
     
  5. Floyd 57

    Floyd 57 Registered Member

    Joined:
    Mar 17, 2017
    Posts:
    1,296
    Location:
    Europe
  6. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    3,574
    Location:
    Italy
    With Edge + JShelter I got 3 different FP IDs.
    The first two images are with the settings at default in UBO:


    1.jpg
    2.jpg 3.jpg

    With Firefox FP ID always the same.
     
    Last edited: Oct 2, 2022
  7. caspian

    caspian Registered Member

    Joined:
    Jun 17, 2007
    Posts:
    2,363
    Location:
    Oz
    Why not create various browser with different configurations and maybe put each one om a USB or in a Veracrypt volume? Better yet, create various virtual machines for each personality?
     
  8. imdb

    imdb Registered Member

    Joined:
    Nov 2, 2011
    Posts:
    4,208
    that's the way i do it. :thumb:
     
  9. Azure Phoenix

    Azure Phoenix Registered Member

    Joined:
    Nov 22, 2014
    Posts:
    1,564
  10. summerheat

    summerheat Registered Member

    Joined:
    May 16, 2015
    Posts:
    2,221
    On the other hand it should be noted what Brave privacy engineer Peter Snyder wrote here:
    You'll also see a trust score of 0% with Firefox and JShelter. I think creepjs is probably the most rigorous fingerprinting site available. If even this site designates a trust score of 0% to Brave and FF + JShelter, other websites which don't expend such an extraordinary effort in fingerprinting their visitors certainly won't do a "better" job. And since most sites are using 3rd party fingerprinting this can rather easily be blocked with, e.g., uBlock Origin (and Dynamic Filtering in medium or hard mode).

    Now, Google services, e.g., might extensively fingerprint their visitors, indeed. The solution is simple: don't use them! There are excellent alternatives for Gmail, for Google Search (like SearxNG - https://searx.tiekoetter.com is one of the best instances I've found so far) and Youtube (Piped - a good instance is https://piped.kavin.rocks ).
     
    Last edited: Oct 28, 2022
  11. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    3,574
    Location:
    Italy
    In Chromium-based browsers this will not be feasible,unfortunately.
    Even my request for CSP blocking in UBO Lite seems,according to what Mr.Hill writes,unfeasible.
     
    Last edited: Oct 28, 2022
  12. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    3,574
    Location:
    Italy
  13. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    3,574
    Location:
    Italy
    Last edited: Mar 28, 2023
  14. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    3,574
    Location:
    Italy
  15. zmechys

    zmechys Registered Member

    Joined:
    Dec 29, 2012
    Posts:
    1,167
    Location:
    usa
  16. solitarios

    solitarios Registered Member

    Joined:
    Mar 28, 2016
    Posts:
    230
    Sin título.jpg
    Code:
    *##+js(aopw,navigator.clipboard)
    *proxy.js
    *##+js(noeval)
    *$csp=script-src 'unsafe-inline'
    I just added those few rules in uBo that I think are the ones that make it get those results. By the way, if you don't whitelist sites or domains, it breaks most sites.
     
  17. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    3,574
    Location:
    Italy
    @nicolaasjan

    I would be curious to know if TOR browser gets an Akamai Hash and Fingerprint Hash on this test.
    Obviously variable in 2 consecutive openings of the browser.

    Thank you very much:


    https://www.browserscan.net/tls

    P.S.

    I with Edge get an Akamai Hash that is always identical.
    And a JA3 Hash + Fingerprint Hash that is variable and therefore always different.
     
    Last edited: Feb 28, 2024
  18. nicolaasjan

    nicolaasjan Registered Member

    Joined:
    Sep 23, 2018
    Posts:
    943
    Location:
    The Netherlands
    It does and it is the same each time after restarting the browser.
    Even the JA3 Hash + Fingerprint Hash stay the same.

    Maybe it will be the same for each Tor user? :doubt:
     
  19. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    3,574
    Location:
    Italy
    I don't know.:)
    But it's definitely better if it's variable.

    The myth that every browser at default is less prone to fingerprinting,in my opinion is wrong.

    Except that it is a fact that can only be demonstrated theoretically.

    And then those who keep the browser at default,give up better security certainly.
    I also believe to better privacy.

    P.S.

    Obviously I'm excluding TOR (in this intervention of mine) because I don't know much about this browser other than that it's best to leave the settings at default.
     
  20. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    3,574
    Location:
    Italy
    1° Test:

    1.jpg

    2° test:

    2.jpg

    I retested with the Browserleak test:

    https://browserleaks.com/http2


    the result to the Akamai test is identical:

    3.jpg


    So in my browser it is subject to an HTTP/2 fingerprint with 100% accuracy.

    P.S.

    In Chromium-based browsers via the following command line:

    Code:
    --disable-http2
    you can disable HTTP/2.


    https://css-tricks.com/http2-real-world-performance-test-analysis/

    Now,I applied the command-line and it works.

    But it doesn't seem very convenient to block HTTP/2.
    Removed the command-line.

     
    Last edited: Feb 28, 2024
  21. nicolaasjan

    nicolaasjan Registered Member

    Joined:
    Sep 23, 2018
    Posts:
    943
    Location:
    The Netherlands
    Code:
    52d84b11737d980aef856699f885ca86
    I get that same Akamai hash in Ungoogled Chromium 122.0.6261.57 :D
    The other 2 are different though.
     
  22. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    3,574
    Location:
    Italy
    :thumb::)

    Interesting,so you hypothesize that all Chromium-based browsers have the same result,making HTTP/2 fingerprint unworkable?
     
  23. nicolaasjan

    nicolaasjan Registered Member

    Joined:
    Sep 23, 2018
    Posts:
    943
    Location:
    The Netherlands
    Not all Chromium browsers are equal.
    E.g. in Chromium-dev 124.0.6328.0 I get:
    Code:
    1f8d034a8cddf37ce421b5f8c4dc9a51
     
  24. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    3,574
    Location:
    Italy
  25. nicolaasjan

    nicolaasjan Registered Member

    Joined:
    Sep 23, 2018
    Posts:
    943
    Location:
    The Netherlands
    Btw, I get that same Akamai hash as yours in Edge 122.0.2365.59

    No...

    [Edit]
    But after turning on 'security.tls.enable_kyber' in 'about:config', it is now enabled. :)

    screenshot_20240228-2.png
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.