top | item 42482111

(no title)

jocoda | 1 year ago

We have kernel level anti cheat systems for games. So how about kernel level anti tracking?

Browsers use system calls to provide the information used for fingerprinting the device, so why not intercept these calls and lie. Have all users present an identical fingerprints and we're back to pre google times. Yes, we lose some important functionality, but maybe it's a price worth paying?

Never mind the other elephants in the room that do worse than track your browsing habits...

discuss

wibbily|1 year ago

I see this going in the opposite direction first - TPM-backed kernel level fingerprinting. Surely you have nothing to hide…

hsbauauvhabzb|1 year ago

This page only works on digitally signed supported operating systems. Please consider migrating to a supported system by Microsoft, Apple or an Android device officially supported by Google.

3eb7988a1663|1 year ago

This is my conspiracy theory as to why Win11 made TPMs mandatory hardware.

surajrmal|1 year ago

Fingerprinting or attestation?

CivBase|1 year ago

The outcome will be that many sites simply refuse to work on any browser that does this. Users will blame the browser for not working and switch to one that is supported. Most people are happy to trade their privacy for convenience - especially since most people don't even realize they are doing it.

FridgeSeal|1 year ago

How would they know? The point of returning “standard” values, is that you are indistinguishable from any number of legitimate users.

Asraelite|1 year ago

It's more complicated than that. You can use subtle differences in hardware and GPU rendering so that syscalls aren't even relevant. And you can never really prevent timing attacks, because you can just use a network request to get the current time from the server.

I've been wondering how hard it would be to make a completely fingerprint-proof browser.

One idea would be to run it in a deterministic emulator. All machine code instructions would be guaranteed to take exactly the same amount of time to execute on every machine, as far as is observable to the browser, and threads would be scheduled in the same order every time. Zero access to the host system through fonts, WebGL etc.

This would mean a massive performance penalty, but modern computers are fast enough that it might be usable for many sites. You could have a small number of discrete speed tiers, where you use the fastest tier that your computer is capable of.

cookiengineer|1 year ago

I first read it as a joke, but come to think of it...this would be actually quite awesome for malware isolation and sandboxing. Giving software/apps different fake profiles that look like different identities on the filesystem would be quite the feature.

You would have to have some kind of launcher where you can select the isolated chroot/sandbox you want to run that specific program in.

Implementation-wise this could actually be done with eBPF, as most if not all syscalls can be intercepted and "farbled" (Brave's terminology) there. Features-wise this would probably be a separate filesystem for each program context, plus the things that firejail implements in userspace. Shared libraries would have to be loaded separately into memory, and glibc would have to be changed to not use any environment variables or debugging related function calls.

Welp, maybe docker+xorg is easier.

thecrash|1 year ago

This is what the Tor Browser is designed to do, and it does it very well (all in userspace no less). The main drawback is that some sites don't render as nicely and occasionally a site simply doesn't work.

Asraelite|1 year ago

The most important anti-tracking feature Tor has other than IP masking is disabling JavaScript by default. That's a complete non-starter for the modern web.