gautamkrishnar
commented
2 years ago @Ghostbird sentry is used just for error monitoring. Not for fingerprinting. Fingerpinting code is hosted at: https://www.nothingprivate.ml/main.js
Closed Ghostbird closed 2 years ago
gautamkrishnar
commented
2 years ago @Ghostbird sentry is used just for error monitoring. Not for fingerprinting. Fingerpinting code is hosted at: https://www.nothingprivate.ml/main.js
Ghostbird
commented
2 years ago Then I made a wrong assumption. I'll close this.
Is your feature request related to a problem? Please describe. I assume the fingerprint functionality is loaded from sentry CDN. If the load is prevented, you might still be fingerprintable by non-external scripts. I visited the page, and it didn't manage to fingerprint me. However, I'm using NoScript and sentry-cdn is marked as untrusted. I've got at least one more layer of protection like it. Those layers do not protect against fingerprinting in-and-of itself. Instead they prevent known finger-print scripts from being loaded in the first place.
Describe the solution you'd like Consider hosting the fingerprint script on the page itself. If the script is self-hosted, several preventative layers of protection can probably be bypassed, which makes the page better test how fingerprintable the browser is.
Describe alternatives you've considered Maybe that's not what you want to test.
Additional context The trade-off is that updates to the fingerprint script are not automatically applied.