It would be nice to hammer a manually created fingerprint into the browser and share that fingerprint around. When everyone has the same fingerprint, no one can be uniquely identified. Could we make such a thing possible?
Not really. The “fingerprint” is not one thing, it’s many, e.g. what fonts are installed, what extensions are used, screen size, results of drawing on a canvas, etc… Most of this stuff is also in some way related to the regular operation of a website, so many of these can’t be blocked.
You could maybe spoof all these things, but some websites may stop behaving correctly.
I get that some things like screen resolution and basic stuff is needed, however most websites don’t need to know how many ram I have, or which CPU I use and so on.
I would wish for an opt-in on this topics: So only make the bare minimum available and ask the user, when more is needed. For example playing games in the browser, for that case it could be useful to know how much ram is available, however for most other things it is not.
And this is really important. If you go on Google tracked websites without tor, Google will still know it’s you when you use tor, even if you’ve cleared all your cookies.
Tor means people don’t know your IP address. It doesn’t protect against other channels of privacy attack.
Tor browser is an additional piece of software built on top of it. Using the network(what everyone else means when they say tor) is unfortunately not enough to prevent fingerprinting.
Good point, that difference does matter. I guess other browsers like Brave use the Tor Network, and it would be misleading to suggest Brave has good anti-fingerprinting.
What kind of fingerprint avoidance are you suggesting then that the Tor browser cannot do that makes a difference?
If you enable JavaScript, you open Pandora’s box to fingerprinting (e.g. tracking mouse movements, certain hardware details, etc). If you don’t, half (or more) of the internet is unusable.
It would be nice to hammer a manually created fingerprint into the browser and share that fingerprint around. When everyone has the same fingerprint, no one can be uniquely identified. Could we make such a thing possible?
Not really. The “fingerprint” is not one thing, it’s many, e.g. what fonts are installed, what extensions are used, screen size, results of drawing on a canvas, etc… Most of this stuff is also in some way related to the regular operation of a website, so many of these can’t be blocked.
You could maybe spoof all these things, but some websites may stop behaving correctly.
I get that some things like screen resolution and basic stuff is needed, however most websites don’t need to know how many ram I have, or which CPU I use and so on. I would wish for an opt-in on this topics: So only make the bare minimum available and ask the user, when more is needed. For example playing games in the browser, for that case it could be useful to know how much ram is available, however for most other things it is not.
Unfortunately the bare minimum is in most cases already enough to uniquely fingerprint you.
Tor browser
And Mullvad browser
This is called Tor
No it isn’t.
And this is really important. If you go on Google tracked websites without tor, Google will still know it’s you when you use tor, even if you’ve cleared all your cookies.
Tor means people don’t know your IP address. It doesn’t protect against other channels of privacy attack.
Yes, it is… Tor prevents against fingerprinting as well. It isn’t just relay plumbing to protect your IP… This can easily be tested on any fingerprinting site with default config of Tor demonstrating a low entropy https://blog.torproject.org/browser-fingerprinting-introduction-and-challenges-ahead/
Tor browser is not Tor.
This is Tor https://en.m.wikipedia.org/wiki/Tor_(network)
Tor browser is an additional piece of software built on top of it. Using the network(what everyone else means when they say tor) is unfortunately not enough to prevent fingerprinting.
Good point, that difference does matter. I guess other browsers like Brave use the Tor Network, and it would be misleading to suggest Brave has good anti-fingerprinting.
What kind of fingerprint avoidance are you suggesting then that the Tor browser cannot do that makes a difference?
If you enable JavaScript, you open Pandora’s box to fingerprinting (e.g. tracking mouse movements, certain hardware details, etc). If you don’t, half (or more) of the internet is unusable.
No, it is not. Tor Browser != Tor. Get your shit right or be pwned.
*Tor browse
Leave everything default and you’ll look like every other Tor browser user.