search

ungoogled-software / ungoogled-chromium

Google Chromium, sans integration with Google
BSD 3-Clause "New" or "Revised" License
20.29k stars 821 forks source link

Fingerprint Protection #1226

Closed specter78 closed 2 years ago

specter78 commented 3 years ago

Describe the bug While running test on https://panopticlick.eff.org/, UC shows unique fingerprint. Running the same test on Brave, It shows "your browser has a randomized fingerprint".

To Reproduce https://panopticlick.eff.org/

Expected behavior Partial to full fingerprint protection

Environment (please complete the following information):

Additional context NA

indometacin commented 3 years ago

Brave has a number of defenses against fingerprinting that I believe are unique additions to the Chromium base they build upon. That said, when testing (using UC 86.0.4240.183/Windows 10) against Panopticlick, I showed up unique as well. Showed up unique testing it against https://www.amiunique.org as well. (I'll add that I've heard of criticisms of some of these testing sites, but I think they give you something of an idea of how much data is leaked, and is better than nothing.)

Should UC have fingerprinting defenses like Brave? Or is that out of scope for this project? If it's out of scope, perhaps we should experiment testing what extensions would suffice for countering fingerprinting (uMatrix? Other extensions? If any number of extensions would even really help?) to suggest for users? If it is within scope, what mechanism should be used for a fingerprinting defense? I'm aware of Chromium doing more work in this space), but also see Brave doesn't like the idea of a privacy sandbox much. Regardless of direction, I'd be happy to help if able.

victor03303 commented 3 years ago

I would love it if fingerprinting protection is implemented

ghost commented 3 years ago

Describe the bug While running test on https://panopticlick.eff.org/, UC shows unique fingerprint. Running the same test on Brave, It shows "your browser has a randomized fingerprint".

Ofcourse brave paid them. But I really hope to see some anti fingerprint feature in ungoogled chromium

DavidCreegan commented 3 years ago

Yep same here. I love the browser though so I hope it gets proper fingerprint randomization. Even with all 3 flags enabled relating to that, it still says I have a unique fingerprint.

ShawnNogi commented 3 years ago

Yeah it seems it should be a priority for development. Maybe even more important than floc...

TontyTon commented 3 years ago

I think being unique on panopticlick is a good thing. As even if 'you'(same browser) go to panopticlick twice, then each time your fingerprint is different, so your two sessions can't be linked by your browser fingerprint.

ShawnNogi commented 3 years ago

I think being unique on panopticlick is a good thing. As even if 'you'(same browser) go to panopticlick twice, then each time your fingerprint is different, so your two sessions can't be linked by your browser fingerprint.

when i visit browser leaks it always has the same uniqueness "https://browserleaks.com/canvas".

"99.74% (2090 of 793798 user agents have the same signature)"

On the other hand the brave browser always says "0 of 793798 user agents have the same signature"

I dont know of any evidence of brave "paying this site" as said above. from another user.

PF4Public commented 2 years ago

This is an old issue, that didn't show much activity recently — closing. If you have any more information to add, let us know.