this post was submitted on 18 Jul 2024
42 points (97.7% liked)
Privacy
31890 readers
612 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
Chat rooms
-
[Matrix/Element]Dead
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Any extensions or mitigations you use can be detected and used to increase the fingerprint of your browser/device even more.
https://abrahamjuliot.github.io/creepjs/
If I visit that page I get a "fingerprinting activity detected" warning from JShelter and then a mostly blank page with "FP ID: Computing..." at the top, and a bunch of javascript errors in the console.
Most sites are fine with the settings where I normally leave them, but it's not much of a surprise for one that's devoted entirely to browser fingerprinting to be broken by JShelter. Stopping or at least making more difficult most fingerprinting attempts is among the things it does. It can't stop all of them of course, but it's one component that helps to work against them.
WebWorker is disabled by default in JShelter which is required for creepjs to work. If you set just that function to Strict instead of just the default Remove, then creepjs still works fine.
But creepjs could be modified to work without webworker if you were thinking JShelter really does something useful to hide your fingerprint from someone who wants it bad enough. And you can still be fingerprinted many other ways even without JavaScript at all.
Yeah my main browser is easily fingerprinted due to the many ways it is non-standard. I'll use torbrowser or something if it actually matters. But JShelter does not really make that problem worse for most people, and it probably frustrates some fraction of attempts — including those that rely on web workers apparently.
The page load time of creepjs would not be acceptable for use in real life. Anything with that much creepy js is going to get itself blocked by other means.
Well any site that uses fingerprinting tech, regardless of what it is, is just going to have it load silently in the background so I don't think it would be noticeable anyways.
That depends on what's making it take so long, among other things. But with sufficient effort I suppose the more sneaky fingerprinters (those which aren't aren't already blocked by other extensions) could probably be made difficult to notice for unprepared users. JShelter popping up a big warning about a "very high" level of fingerprinting activity is a pretty good hint though, and I take it as a suggestion to add some rules for ublock if I expect to visit that site again.
As it continues to get more common, maybe it's time to go back to using noscript as well.
Mullvad browser uBlock jshelter privacybadger NoScript