Would it be possible for a browser or extension to just provide false metadata in order to subvert this type of fingerprinting?
-
Would it be possible for a browser or extension to just provide false metadata in order to subvert this type of fingerprinting?
So from what I understand, theres 2 common ways that browsers combat this. Someone add to or correct me if I'm wrong.
-
Browsers such as Mull combat this by looking the same as every other browser. If you all look the same, it's hard to tell you apart.
-
Browsers such as Brave randomize metadata that fingerprinting collects so that it's more difficult to piece it all together and build a trend/profile on someone.
These aren't the only options, these are just ones I've read about recently. Online behavior, browswr window size, and I'm sure so much more also goes into it. But every little bit helps and is better than nothing.
-
-
So from what I understand, theres 2 common ways that browsers combat this. Someone add to or correct me if I'm wrong.
-
Browsers such as Mull combat this by looking the same as every other browser. If you all look the same, it's hard to tell you apart.
-
Browsers such as Brave randomize metadata that fingerprinting collects so that it's more difficult to piece it all together and build a trend/profile on someone.
These aren't the only options, these are just ones I've read about recently. Online behavior, browswr window size, and I'm sure so much more also goes into it. But every little bit helps and is better than nothing.
Mull is discontinued unfortunately, although I think it got forked?
-
-
Mull is discontinued unfortunately, although I think it got forked?
Fennec is similar and is maintained
There is a fork of mull too
-
Mull is discontinued unfortunately, although I think it got forked?
Yeah maybe Tor Browser was the better example. Just trying to get the point out lol.
-
Mull is discontinued unfortunately, although I think it got forked?
For mobile, mullvad (from the actual VPN folk) for desktop still exists.
-
Would it be possible for a browser or extension to just provide false metadata in order to subvert this type of fingerprinting?
Yes but that metadata is also used to serve you the webpage, so if you spoof it, the page may not load properly.
-
For mobile, mullvad (from the actual VPN folk) for desktop still exists.
Mullvad browser and Mull were not affiliated.
-
Mullvad browser and Mull were not affiliated.
That's why I said (from the actual vpn folk)
The two were often conflated because "mull" in the name. They also used many of the same resources for the prefs.js and other tweaks. (Arkenfox, tor uplift, etc)
-
Would it be possible for a browser or extension to just provide false metadata in order to subvert this type of fingerprinting?
Yes. There is a firefox extension called Chameleon that does this.
-
Would it be possible for a browser or extension to just provide false metadata in order to subvert this type of fingerprinting?
Others have mentioned what Firefox/etc do, but another option is a PiHole. If you can't look up the IP for an advertiser URL, you don't load the JavaScript to begin with.
-
Would it be possible for a browser or extension to just provide false metadata in order to subvert this type of fingerprinting?
No. Anything that executes Javascript will be fingerprinted.
That being said it depends who are you fighting. For common commercial tools like Cloudflare fingerprinter it might work to some extent but if you want to safeguard against more sophisticated fingerprinting then TOR and no JS is the only way to combat this.
The issue is that browsers are so incredibly complex that it's impossible to patch everything and you'll just end up getting infinite captchas and break your browsing experience.
-
So from what I understand, theres 2 common ways that browsers combat this. Someone add to or correct me if I'm wrong.
-
Browsers such as Mull combat this by looking the same as every other browser. If you all look the same, it's hard to tell you apart.
-
Browsers such as Brave randomize metadata that fingerprinting collects so that it's more difficult to piece it all together and build a trend/profile on someone.
These aren't the only options, these are just ones I've read about recently. Online behavior, browswr window size, and I'm sure so much more also goes into it. But every little bit helps and is better than nothing.
The first point is flawed and even TOR doesn't execute javascript because it's impossible to catch everything when you give the server full code running capabilities.
The second point is more plausible but there's an incredible amount of work to do to fix this. Like, needing to rework browser engines from ground up and removing all of the legacy cruft. Brave is not capable of this and never will be no matter what they advertise because it doesn't have it's own engine.
That being said, these tools will get you quite far against commercial fingerprint products especially ones used for Ads but that will also ruin your browser experience as now you're just solving captchas everywhere ðŸ«
-
-
Mull is discontinued unfortunately, although I think it got forked?
Yep. It's fork is called ironfox
-
Fennec is similar and is maintained
There is a fork of mull too
I went back to Fennec. We'll see if a fork survives long term.
I just want Firefox on F-Droid, and Fennec has been that for years. I only switched because I got a new phone and figured I'd try Mull.
-
The first point is flawed and even TOR doesn't execute javascript because it's impossible to catch everything when you give the server full code running capabilities.
The second point is more plausible but there's an incredible amount of work to do to fix this. Like, needing to rework browser engines from ground up and removing all of the legacy cruft. Brave is not capable of this and never will be no matter what they advertise because it doesn't have it's own engine.
That being said, these tools will get you quite far against commercial fingerprint products especially ones used for Ads but that will also ruin your browser experience as now you're just solving captchas everywhere ðŸ«
Thanks for adding! Could you clarify a bit on the points so I can better understand where I was wrong at?
-
System shared this topic on
