search

underrobyn / AbsoluteDoubleTrace

A web extension to block browser fingerprinting (Manifest V2)
https://absolutedouble.co.uk/trace/
Other
343 stars 48 forks source link

Trace does not protect against Browser user account leaks #37

Closed molitar closed 4 years ago

molitar commented 4 years ago

Is there anyway to protect against this type of leak?

https://privacy.net/analyzer/

When I ran it.. it detected I was logged into a gmail account and disqus for an example.

underrobyn commented 4 years ago

How this leak works is that a request is sent to the login page for a site, if the page redirects you and returns a HTTP 302 or something similar then it knows you're logged in. However these results aren't always accurate, for instance the example on Browserleaks couldn't detect me being logged in to Twitter.

I can't really see any way to protect against this in Trace without causing other issues with sites.

I also don't feel as though protecting against this type of leak will significantly help with making the end user's fingerprint more unique.

Thanks