False positives?

[Forbo]

Each time I run the test, it returns a different set of applications and gives me a different identifier. The number of applications returned varies from 3-6, although it most often returns four applications. I don't have any of the applications that it says I do. Not sure how I'm defeating this, it could be any number of the privacy oriented extensions I'm currently using. I will see if I can narrow it down.

Edit: In subsequent runs, I have now seen it report anywhere from 1-6 applications. I observed this in Firefox 88.0.1 on Ubuntu 20.04.

[spalt08]

Hey! Thanks for the feedback. Please provide information about your operating system and browsers you are testing.

[Forbo]

Sorry, I added that info after the fact in my edit. Quick response!

[Forbo]

Further testing with Chrome & Chromium yielded different results. Chromium said that I had all 24 applications installed. Chrome said I had 12 applications installed. However, Tor Browser appears to correctly detect that I have none of the applications installed, and does so consistently.

Oddly enough, Brave seems to be exhibiting the same behavior as Firefox, in that it returns a few results (3-6) that change each time. I figured the Chromium based browsers would all be pretty uniform in their results but it seems to be all over the place.

[spalt08]

Honestly, I haven't tested it on Linux much.

However the default Ubuntu setup with default FF and Tor should work correctly. Any Chromium browser will not work, since it opens every application through xdg-open (shows the launch confirmation popup for every app)

Also, the accuracy can be low because of:

• Custom browser settings or flags - The demo was designed for the default setup, but that doesn’t mean your custom setup is not vulnerable.
• Poorly performant hardware (including virtual machines) - Some timings are just hardcoded and were tested on the MacBook hardware.
• Fullscreen mode - The demo will work faster and more accurate if the browser is not in a fullscreen mode
• Slow internet connection
• Gestures during the process

[marvinborner]

I've got similar problems: Firefox on Linux returns 24/24 positives for me although I have like 5/24 actually installed. It tries to open using xdg-open for every protocol (which is the case in Chrom{e,ium}), I guess.

System: Debian, FF 78.7.0 - both almost default setup.

Btw: I get a Firefox error popup (yellow bar at the top) with 'The clearkey plugin has crashed' at the end of the analysis.

[spalt08]

If your Firefox opens applications via xdg-open - the demo will not work. You can test this by typing document.location = 'any-existing-scheme://' in the browser console.

I couldn't manage the demo to work this case.

[marvinborner]

Well, after a quick analysis this doesn't seem to be the case. My previous statement must be wrong then. The console returns Prevented navigation to “nordvpn://” due to an unknown protocol. (using nordvpn as an example as I don't have it installed). The schemeflood site does detect the presence of nordvpn though, which is weird.

[Mte90]

I am getting a lot of false positive on Linux.

I have just steam, telegram, discord and zoom. Also with another browser in the same pc the same detection.

[andmagdo]

I have a very custom firefox on linux and with the same browsing session, I have different fingerprints.

Edit: now detects correctly most of the time

[ancipital]

Another small data-point, an up-to-date Kali Linux's OOTB Firefox setup gives 23/24 apps installed for me- which is a pretty good false positive.

(Kali is easy to download as a usable VM image, if you want to test with it)

[spalt08]

This might be affected by #10 I've just deployed the patch.

[pachainti]

Hi, I'm on GNU/linux and I'm getting a lot of false positive on both firefox and brave.

[Forbo]

I've done more testing since the patch in #10, I see fewer apps being detected on Firefox (typically only about 1-2). Those are still false positives, and still appear to be seemingly random in which ones it detects across multiple tests.

[spalt08]

The result on Firefox may be affected by the config options in #14 as well

[ghost]

Tried today:

[mokanfar]

Tried today:

I have the same identifier show up for me I have only 5 out of 24 apps displayed installed from same list as yours.

Browser: Version 92.0.4493.0 (Official Build) canary (64-bit) (Chrome)

OS: Windows 10 Pro Version 20H2 Installed on ‎3/‎19/‎2021 OS build 19042.985 Experience Windows Feature Experience Pack 120.2212.2020.0