Are there any browser extensions or tools that effectively prevent fingerprinting including canvas fingerprinting? Or is this one of those privacy battles we just have to accept as unwinnable?
Safari adds some noise to canvas. So the website above will say it's unique, but each time Safari swaps its web process (when you load a different website or a new window or a new tab) it will change to a different one.
Wish all browsers, at least the big ones, would do this by default. It would save regular users like us from fumbling around trying to figure out what works.
Unfortunately, it didn't pass the fingerprint test. You can see the results here: https://coveryourtracks.eff.org/.
On the other hand, Brave does pass it. I'd like to use Brave for all my browsing, but for some reason the devs haven't been able to get hardware-accelerated video decoding to work in their latest builds. That's why I've been using Librewolf for a very long time.
I don't buy that cover your tracks applies to the Firefox strategy to privacy. The Firefox strategy is to make your browser incredibly unique every time. If you visit the same website twice, you look very unique but like two totally different visitors. This is effective for real privacy and cover your tracks doesn't account for it well
Cover Your Tracks shows this kind of obfuscation strategy as "Randomized Fingerprint", but it only shows it for Brave, not for Librewolf when I tested it. Brave fingerprint is unique but it randomizes, while Firefox doesn't.
It's a setting in Firefox that is off by default because it can make some websites super annoying to deal with. But it's easy to get to, and allows you to be totally random per request or per tab-session, iirc
having a unique fingerprint in a group (such as tor browser / resist fingerprint enabling browser) can be better than a individually semi random unique one
> Or is this one of those privacy battles we just have to accept as unwinnable?
It depends on what you want to win. There are two types of fingerprinting:
- Browser fingerprinting (what you see here): Make sure that your Chrome on Windows behaves like every other Chrome on Windows and it isn't really a bot pretending to be Chrome. This results in you being treated like a real user and getting less CAPTCHAs.
- User specific fingerprinting: Determining that your browser is unique among all the browsers the website has seen so that you can be tracked without cookies.
The latter is obviously bad. Some people would argue the prior is bad, but it is a LOT of work to make every browser behave like every other browser across operating systems for little privacy benefit.
Is it bad if I use fingerprinting to track anonymous users so that I can provide them with a great UX without requiring them to give me all their personal details? Or should I only use cookies, that the user might delete? I don't see an issue with either for this purpose.
Imagine you sat one of you users down, and explained the details of how your fingerpriting system worked.
You explain that their browser has all kinds of little, subtle leaks of information about what software they're using, what operating system they're using, whether it's up to date, what hardware they're running, whether they're in a public space or an office or a home, which city they're in, what ISP they use, how they've configured their monitor and screen, what settings they set in their browser, what language they use at home, etc etc
You explain that you can collect all this information without them knowing you were doing it, without them really being able to stop you if they wanted to, and that you can collate it into an identifier that lets you know every time they visit your site even if they don't tell you themselves in some way, and with no way to ask you to stop.
And you explain that you do this for them, to make their experience of your site better for them, and harder for them to accidentally break.
How do you think they'd respond?
To be clear, I'm not asking this as some rhetorical trick. There absolutely are users who wouldn't care in the least, and who might even see you as really clever for doing it.
But that's how you can know if it's bad or not. If you think your users would be creeped out or otherwise troubled by it, or might feel like you've invaded their privacy or their right to control their own experience in their own browser, then you already know it's bad. If you think they wouldn't mind, then -- and only then -- maybe it's not.
I think that's a solid model to use, however, I would argue that its safe to assume that: ** There absolutely are users who wouldn't care in the least, and who might even see you as really clever for doing it.** Makes up >= 95% of recurrent anonymous users by default.
You should be using a cookie for this purpose, you could in fact just store the ui settings directly in the cookie.
It becomes tracking once you say “I have an ID in a cookie, and I’m going to look up the settings for that ID in my own giant DB”.
What you’re suggesting - using fingerprinting - is the worst. It’s not reliable nor robust, it implicitly requires tracking (you have to record the fingerprint<=>setting db and look it up), and user cannot opt out of it nor trivially change state at will, etc.
There is fundamentally no legitimate reason to ever use fingerprinting over the actual explicit mechanisms for persistent storage.
Facebook, Apple and Google use people faces to track them. Governments use public cameras to track people. Google and Facebook also use other kind of tracking people.
But somehow it's immoral for average Joe to track not people but browsers.
Um, as far as I know apple does not use faces to track people.
I'm not sure about google, but my experience with the folk working their make me suspect that even they would not start correlating faces across accounts/users (though I suspect they aren't as careful as apple to avoid that information being visible to them).
But more to the point you're saying "if entity X tracks people it's immoral for anyone else to not track people" rather than "it's immoral for entity X to track people", which is some kind of gross mental gymnastics, and applies to pretty much anything: "if person X gets away with assault, then I should also get away with assault", etc
>- User specific fingerprinting: Determining that your browser is unique among all the browsers the website has seen so that you can be tracked without cookies.
I worked briefly for an ad company that not only did their own fingerprinting but bought a lot of fingerprinting data, along some other type of info: country, age cathegory, sex, income cathegory.
Funny anecdote: back in 2004-2006 when I held the Infosec 101 course at the university, I raised an obvious point in the privacy section. If an individual harvests data on other people and then uses that to track their movements, actions and behaviours - we'd call it stalking. When a company does that, we call it data mining.
The lecture used to shock the students from the economics department.
the only way to actually prevent fingerprinting is to never connect. your ip, os, tls cryptographic protocols (or lack there of), screen resolution, mouse speed+movement, keystrokes+keyboard layout and much much more all can be used to fingerprint a user. even the reduction of all these points can be a fingerprint.
since most of those are unlikely to actually happen (yet) with the usual dragnet ad surveillance, just using hardened firefox (arkenfox/librewolf/mullvad browser) with a vpn or just tor browser is sufficient.