cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Browser fingerprinting compromise

Shaun
Making moves

Please see the attached screenshot. 

Any information or feedback will be much appreciated.

1 REPLY 1

luis123456789
Making moves

It depends on the fingerprinting detection systems and what does each web test look for specifically, but the tl;dr is: privacy is not anonimity and viceversa. Some of the techniques used to block fingerprinting would include, for example, randomizing certain values, or denying access to certain APIs, but while they prevent an external actor from reading real data, they *would* likely also result in whatever randomness the test reads out to look more unique. And that's assuming the fingerprinting protection works in the first place.

 

Without knowing more about the site and the test used in the picture, all one can do is suggest to Mozilla as a fellow Firefox user  that more and better fingerprinting controls need to be implemented. In particular, things like:

 

* Site Preferences-level Device Profiles for CSS media queries (ej.: making a certain site read as if it was always on fullscreen mode, faking a color profile, or preventing a given site to obtain screen/window size and coordinates);

* Site Preferences-level control of what features does the Javascript engine have access to:  JIT / optimizer, reading navigator / device properties, writing to the DOM, generating code with eval-like functions, creating timers or hooks or other objects that can be injected before user input. 

 

All this becomes more and more important with things like the recent leak on the Cloudflare WebGL fingerprinting and the announcement of Cloudflare Precursor. Without correct protections at the browser level, this kind of fingerprinting CAN NOT be avoided.