search

ruffle-rs / ruffle

A Flash Player emulator written in Rust
https://ruffle.rs
Other
15.59k stars 809 forks source link

Avoid detection of Ruffle and spoof the fingerprint of it? #8274

Open Unknown78 opened 2 years ago

Unknown78 commented 2 years ago

Device or Browser Fingerprints has became major privacy issues to end users.

Assume that Play Flash content in Ruffle option is enabled.

If we open: https://browserleaks.com/flash We could see the version of Shockwave Flash 32.0 r0' and file name of ruffle.js

Is there any way for Ruffle to spoof it?

If we open: https://coveryourtracks.eff.org or https://amiunique.org/fp The whole list of plugins got leaked, Plugin 0: Chrome PDF Plugin; Portable Document Format; internal-pdf-viewer; (Portable Document Format; application/x-google-chrome-pdf; pdf). Plugin 1: Chrome PDF Viewer; ; mhjfbmdgcfjbbpaeojofohoefgiehjai; (; application/pdf; pdf). Plugin 2: Native Client; ; internal-nacl-plugin; (Native Client Executable; application/x-nacl; ) (Portable Native Client Executable; application/x-pnacl; ). Plugin 3: Shockwave Flash; Shockwave Flash 32.0 r0; ruffle.js; (Shockwave Flash; application/futuresplash; spl) (Shockwave Flash; application/x-shockwave-flash; swf) (Shockwave Flash; application/x-shockwave-flash2-preview; swf) (Shockwave Flash; application/vnd.adobe.flash.movie; swf). Plugin 4: Shockwave Flash; Shockwave Flash 32.0 r0; ruffle.js; (Shockwave Flash; application/futuresplash; spl) (Shockwave Flash; application/x-shockwave-flash; swf) (Shockwave Flash; application/x-shockwave-flash2-preview; swf) (Shockwave Flash; application/vnd.adobe.flash.movie; swf).

Why does the whole list of plugins get leaked on those sites when we enable the play flash content option?

I've only tested the web build as Chrome extension. I don't understand how desktop build might be affected by fingerprint or not by the flash apps that may connect to the internet.

n0samu commented 2 years ago

This is "by design" - the Ruffle extension "polyfills" the original Flash plugin, which requires it to be able to fool Flash detection scripts. Many Flash websites use Flash detection JavaScript code that checks the navigator.plugins property to see if the plugin is actually available. If Ruffle didn't add this entry to navigator.plugins, many Flash websites would display a "get Flash Player" message instead the Flash content, even with Ruffle enabled.

JavaScript fingerprinting techniques are not applicable to the Ruffle desktop app because Ruffle (and Flash) does not run JavaScript. Flash does have its own similar APIs such as System.capabilities that Ruffle hasn't really implemented yet. I assume fingerprinting concerns will be considered when implementing them in Ruffle.

Unknown78 commented 2 years ago

@n0samu

  1. But why the whole list of plugins got leaked? Wouldn't just one plugin of ruffle shall suffice in that list?

  2. Could we spoof the filename of ruffle.js to default old adobe file name for example?

n0samu commented 2 years ago
  1. The goal is to resemble the plugin object created by the real Flash Player as closely as possible. It looks like Ruffle is registering that it handles two MIME types that the latest Flash Player does not register itself for (application/x-shockwave-flash2-preview and application/vnd.adobe.flash.movie) so that might be something for us to think about removing. I'm not sure if they were registered by previous Flash plugin versions though.
  2. Yes that would be possible to change, but that filename always differed depending on the user's platform, Flash Player version number, and browser, so using a constant filename may be better for user privacy.
ActionWavele commented 1 year ago

constant filename 👍