We may want to have some estimate in the amount of entropy we are leaking to find out what is the current fingerprinting capability of a given adversary when using Dillo. Setting the user agent to Dillo already cuts the whole population to probably less than 1ppm, but that is easily solvable.
Not having support for JavaScript certainly helps, but we may be still leaking some information in HTTP headers or in the way we deal with the sockets.
AFAIK, there is no tool to measure uniqueness that works without JS.
rodarima
commented
1 month ago
We may want to have some estimate in the amount of entropy we are leaking to find out what is the current fingerprinting capability of a given adversary when using Dillo. Setting the user agent to Dillo already cuts the whole population to probably less than 1ppm, but that is easily solvable.
Not having support for JavaScript certainly helps, but we may be still leaking some information in HTTP headers or in the way we deal with the sockets.
AFAIK, there is no tool to measure uniqueness that works without JS.
https://www.w3.org/TR/fingerprinting-guidance/ https://2019.www.torproject.org/projects/torbrowser/design/#fingerprinting-linkability