this post was submitted on 27 Jun 2024
52 points (93.3% liked)

Privacy

31996 readers
659 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

I did the tests on fingerprint.com/demo/ and https://coveryourtracks.eff.org/ and they both said I have a unique fingerprint, even when I enabled privacy.resistFingerprinting to True.

top 20 comments
sorted by: hot top controversial new old
[–] [email protected] 28 points 4 months ago* (last edited 4 months ago) (2 children)

Use Tor Browser. Don't waste your life on micro-optimisation. You will get a lot more privacy with stuff like getting all your friends on Signal/SimpleX, etc.

[–] [email protected] 5 points 4 months ago

You're absolutely right micro-optimization, I found that I did too much of that in 2022 and 23 and really cut down on that this year, I found that doing so is basically never worth it. I'm not gonna do that with privacy either, I'm focusing on what actions I can take that will make big improvements to my privacy rather than tweak every little thing.

[–] [email protected] 1 points 4 months ago (1 children)

Use Tor.

Do you mean Tor Browser? Because using Tor alone won't stop fingerprinting.

[–] [email protected] 2 points 4 months ago* (last edited 4 months ago)

Yeah, edited.

[–] [email protected] 9 points 4 months ago* (last edited 4 months ago) (1 children)

Both my browser and network level dns blocker blocked the test attacker site from loading but in general there are 2 approaches to this: minimize your fingerprint data points or change them to blend in with the crowd.

I think for the most part selectivly blocking js and cookies will do a lot for you. You can also block the canvas and limit fonts too. I'd also recommend a vpn as they can associate it with your ip too.

[–] [email protected] 4 points 4 months ago

All good tactics..

It will limit some web functionality but you will notice the services that do that shit are some clown data harvesters...

My bank never gives me an issue... Why does reddit jaja

[–] [email protected] 9 points 4 months ago (1 children)
[–] [email protected] 2 points 4 months ago

Do you know if these folks actively develop it or do they just apply patches to the Firefox codebase ?

Like do they just pre configure a bunch of about config settings and the pre installed search or do they harden the binaries at compile time ?

I've not kept up with this but I'm curious if there is any real advantage of this over Firefox after it has been configured. If not I would stick with Firefox as it will get security updates quicker by people who know the source code intimately.

Anyway not shitting on anyone's choices here just curious.

[–] [email protected] 7 points 4 months ago* (last edited 4 months ago) (1 children)

I finally made a Lemmy account just to comment on this 😅

When this option is active, of course your fingerprint is unique because of how it works.

Every time a website fingerprints you with this option turned on, firefox makes sure that the ID is as unique as possible, so no correlation can happen. 😊 Verify this by visiting that site two times and check the hash to make sure it change between the two requests.

EDIT: fingerprint.com probably use Cookies and/or localstorage so the ID is the same when refreshing, but Firefox have protection in place for cross-site tracking and cookie sandboxing, etc (I won’t pretend like I know how everything work), but those protections helps against that type of services from what I recall.

[–] [email protected] 3 points 4 months ago (1 children)

So does Firefox make this more unique or something? I didn't know this was a thing but I'm interested in privacy and it sound like something I should be looking into.

[–] [email protected] 3 points 4 months ago* (last edited 4 months ago) (1 children)

In essence: It makes it random. (Hence fingerprinting checkers find the ID uniqiue")

Although sometimes you need some features that interfere with it. I use the add-on "Toggle Resist fingerprinting" to easily toggle it off when I want a website to draw canvas (canva.com is a funny example lol) and then toggle it back when I'm done.

Some nice things, but it can interfere with some daily use cases: Timezone is changed to UTC. Canvas shows random data.

Nice rabbit hole read: https://wiki.mozilla.org/Security/Fingerprinting

(Its like Wikipedia. You can't stop clicking on links to find out more xD)

EDIT: fingerprint.com probably use Cookies and/or localstorage so the ID is the same when refreshing, but Firefox have protection in place for cross-site tracking and cookie sandboxing, etc (I won’t pretend like I know how everything work), but those protections helps against that type of services from what I recall.

[–] [email protected] 2 points 4 months ago
[–] [email protected] 7 points 4 months ago

Tor Browser is the best way.

[–] [email protected] 6 points 4 months ago* (last edited 4 months ago)

You can try playing with Arkenfox, installing uBlock Origin, fiddling with about:config, and giving yourself an aneurysm...

...or you could try Mullvad Browser. It's a fork of Firefox, co-developed by Mullvad and The Tor Project, with impressive fingerprinting resistance (according to Cover Your Tracks). It's like Tor Browser without Tor.

Also, install NoScript. It helps a lot.

[–] [email protected] 5 points 4 months ago

Try out Librewolf it's Firefox fork which is hardened out of the box so you don't have to mess with settings too much.

[–] [email protected] 3 points 4 months ago (1 children)

https://addons.mozilla.org/en-US/firefox/addon/no-canvas-fingerprinting/

https://addons.mozilla.org/en-US/firefox/addon/font-fingerprint-defender/

https://addons.mozilla.org/en-US/firefox/addon/webgl-fingerprint-defender/

There's a collection of similar extensions that worked for me to throw fingerprint.com off each time I opened an incognito window. Idk I've heard that having too many extensions can actually make the fingerprint problem worse. If this is a bad approach, I'm sure someone will correct me :D

[–] [email protected] 3 points 4 months ago
[–] [email protected] 1 points 4 months ago

use Tor Browser.

If your concern is fingerprinting, that is undeniably the best there is out of the box.

If you want Tor Browser without having to use the Tor Network, Mullvad is basically just that; Tor Browser without the Network.

[–] [email protected] 1 points 4 months ago

Use LibreWold and/or Mullvad. Done.

[–] [email protected] -1 points 4 months ago* (last edited 4 months ago)
  • Use a fork of Firefox (librewolf), or a different open source browser
    • even if you modify Firefox to remove all telemetry, Mozilla are bad actors, and will update to add new telemetry like Anonym or Cliqz by default after an update. Unless you really trust your package maintainer, use a fork or a different browser
  • Force a common useragent
  • Disable javascript everywhere, or use a browser without javascript, whenever possible
    • trying to defend against fingerprinting with javascript enabled is futile, even things like your number of cpu threads (navigator.hardwareConcurrency), list of fonts, webgl support, supported codecs, browser permissions, and variations in canvas rendering can be used in fingerprinting
      • tor browser is the only project I know of that can come close to avoiding fingerprinting with javascript, but even then you're advised to avoid using javascript with tor browser
    • use 3rd party clients for things like youtube that would normally need javascript