Are there any browser extensions or tools that effectively prevent fingerprinting including canvas fingerprinting? Or is this one of those privacy battles we just have to accept as unwinnable?
Safari adds some noise to canvas. So the website above will say it's unique, but each time Safari swaps its web process (when you load a different website or a new window or a new tab) it will change to a different one.
Wish all browsers, at least the big ones, would do this by default. It would save regular users like us from fumbling around trying to figure out what works.
Unfortunately, it didn't pass the fingerprint test. You can see the results here: https://coveryourtracks.eff.org/.
On the other hand, Brave does pass it. I'd like to use Brave for all my browsing, but for some reason the devs haven't been able to get hardware-accelerated video decoding to work in their latest builds. That's why I've been using Librewolf for a very long time.
> Or is this one of those privacy battles we just have to accept as unwinnable?
It depends on what you want to win. There are two types of fingerprinting:
- Browser fingerprinting (what you see here): Make sure that your Chrome on Windows behaves like every other Chrome on Windows and it isn't really a bot pretending to be Chrome. This results in you being treated like a real user and getting less CAPTCHAs.
- User specific fingerprinting: Determining that your browser is unique among all the browsers the website has seen so that you can be tracked without cookies.
The latter is obviously bad. Some people would argue the prior is bad, but it is a LOT of work to make every browser behave like every other browser across operating systems for little privacy benefit.
Is it bad if I use fingerprinting to track anonymous users so that I can provide them with a great UX without requiring them to give me all their personal details? Or should I only use cookies, that the user might delete? I don't see an issue with either for this purpose.
>- User specific fingerprinting: Determining that your browser is unique among all the browsers the website has seen so that you can be tracked without cookies.
I worked briefly for an ad company that not only did their own fingerprinting but bought a lot of fingerprinting data, along some other type of info: country, age cathegory, sex, income cathegory.
the only way to actually prevent fingerprinting is to never connect. your ip, os, tls cryptographic protocols (or lack there of), screen resolution, mouse speed+movement, keystrokes+keyboard layout and much much more all can be used to fingerprint a user. even the reduction of all these points can be a fingerprint.
since most of those are unlikely to actually happen (yet) with the usual dragnet ad surveillance, just using hardened firefox (arkenfox/librewolf/mullvad browser) with a vpn or just tor browser is sufficient.
galad87|1 year ago
dngit|1 year ago
DeathArrow|1 year ago
jszymborski|1 year ago
https://support.mozilla.org/en-US/kb/firefox-protection-agai...
uncharted9|1 year ago
mike_d|1 year ago
It depends on what you want to win. There are two types of fingerprinting:
- Browser fingerprinting (what you see here): Make sure that your Chrome on Windows behaves like every other Chrome on Windows and it isn't really a bot pretending to be Chrome. This results in you being treated like a real user and getting less CAPTCHAs.
- User specific fingerprinting: Determining that your browser is unique among all the browsers the website has seen so that you can be tracked without cookies.
The latter is obviously bad. Some people would argue the prior is bad, but it is a LOT of work to make every browser behave like every other browser across operating systems for little privacy benefit.
TechDebtDevin|1 year ago
DeathArrow|1 year ago
I worked briefly for an ad company that not only did their own fingerprinting but bought a lot of fingerprinting data, along some other type of info: country, age cathegory, sex, income cathegory.
SoothingSorbet|1 year ago
e.g. For me it shows a new unique fingerprint each refresh.
xyzal|1 year ago
begueradj|1 year ago
dngit|1 year ago
DeathArrow|1 year ago
tech234a|1 year ago
akimbostrawman|1 year ago
since most of those are unlikely to actually happen (yet) with the usual dragnet ad surveillance, just using hardened firefox (arkenfox/librewolf/mullvad browser) with a vpn or just tor browser is sufficient.
OptionOfT|1 year ago