dillbyrne
commented
10 years ago I can block this but it will probably make the browser stand out more if the whole feature set is blocked. I'll look into it
Open oceandweller007 opened 10 years ago
dillbyrne
commented
10 years ago I can block this but it will probably make the browser stand out more if the whole feature set is blocked. I'll look into it
lawrencehartkog
commented
9 years ago Currently RAS blocks some of the features listed at browserleaks when some user flags are set. However, this makes the browser fairly unique. Randomizing would be better.
dillbyrne
commented
9 years ago Hello @lawrencehartkog
Eventually the plan is to have spoofed attributes for most of the common fingerprinting vectors and htm5 options, but it is a big undertaking between keeping the browser profiles up to date, trying to research the methods used to fingerprint and how to defeat them and addressing feature requests. I still have other core stuff to do such as handling the plugins and cookies for example and lots more to improve upon.
Where some features are "blocked" in RAS for now can be seen as a building block. The initial step is to block them in a harm reduction approach, then from there we can examine the best way to spoof them or selectively allow them.
So in short I agree with what you are saying and I do plan to address this but I have a lot of stuff to get through first. In the meantime if you would like to play with the code and experiment with javascript spoofing options to see what works best you can modify the inject.js file.
lawrencehartkog
commented
9 years ago A standardized browser is urgently needed - this issue is way too important to leave it upon extensions. People really don't get what is done to their lives and society in the long term with total Internet tracking.
I appreciate your efforts, if it weren't for people like you, we would have nothing against the privacy-invading personal analytics sickos.
lawrencehartkog
commented
9 years ago Torbrowser does a fair job against network fingerprinting, but against a broad browser features detection script it is powerless since at least 2010, so one can't install many addons. Fonts and resolution return values have open bugs for years now.
Currently, the only option is a vanilla Tails for this. This shouldn't be necessary just to browse some shopping sites. But since CDNs engage in fingerprinting nowadays, 3rd party script blockers are useless, so Tails is the way to go. Sad, but true.
I'm not sure if this can be done without breaking websites, but I thought you might be able to figure something out (http://www.browserleaks.com/modernizr). I'm not sure what happens if Modernizr is disabled or if some of the values detected are randomized.