• JustVik@lemmy.ml
    link
    fedilink
    English
    arrow-up
    2
    ·
    7 days ago

    It constantly gives me 17.5 bits on several browsers firefox, nyxt, gnu icecat, librewolf…

      • Boomkop3@reddthat.com
        link
        fedilink
        arrow-up
        7
        ·
        9 days ago

        …as long as you are blocking tracking cookies, and aren’t on a session with a website that’s tracking you.

        Otherwise, you just have a nice unique hash in your cookies. A password manager could help here.

  • Viri4thus@feddit.org
    link
    fedilink
    arrow-up
    54
    ·
    9 days ago

    If you have canvas randomisation turned on (firefox) you’ll always be unique but also not traceable between sessions.

    • ipkpjersi@lemmy.ml
      link
      fedilink
      arrow-up
      4
      ·
      8 days ago

      How do you turn on canvas randomisation in Firefox? I can’t seem to find anything about it.

      • Muehe@lemmy.ml
        link
        fedilink
        arrow-up
        3
        ·
        7 days ago

        I found this in about:config, defaults to true apparently: privacy.resistFingerprinting.randomDataOnCanvasExtract

        But you have to enable privacy.resistFingerprinting for it to work first. I enabled that and now the EFF test says “randomized” for the hashes but also Lemmy went from dark to light theme somehow.

        • perfectly_boiled_pizza@lemmy.world
          link
          fedilink
          arrow-up
          2
          ·
          5 days ago

          privacy.resistFingerprinting breaks a lot more than just themes. Many of the weird problems reported in Firefox (and forks) are just from enabling it.

          It has some pros but also TONNES of cons. Everything from a completely blank page to wrong timestamps to poor textures and so much more. Sometimes you will be flagged as a bot and prompted with literally infinite puzzles, thus effectively banning you from a website.

          Some of these problems get fixed but new ones also get born. I personally use it but I also expect breakage and worse performance.

  • ExcessShiv@lemmy.dbzer0.com
    link
    fedilink
    arrow-up
    27
    ·
    edit-2
    9 days ago

    With browser settings that actually let me use the internet in a way that’s not overly cumbersome and annoying, I get 16bits or something and a “nearly unique fingerprint”

    • themoonisacheese@sh.itjust.works
      link
      fedilink
      arrow-up
      10
      ·
      9 days ago

      Block any and all ads, then it doesn’t matter that they have your data if they can’t make money off of it (they still will do that by creating data aggregates but you can’t control that)

  • akkajdh999@programming.dev
    link
    fedilink
    arrow-up
    19
    ·
    9 days ago

    "Your browser fingerprint appears to be unique among the 183,614 tested in the past 45 days.

    Currently, we estimate that your browser has a fingerprint that conveys at least 17.49 bits of identifying information."

    Chat am I cooked?

    • yonder@sh.itjust.works
      link
      fedilink
      arrow-up
      8
      ·
      9 days ago

      Same result here. I’m using Gnome-web, which is already pretty niche, so that probably really lowers my score.

  • dwindling7373@feddit.it
    link
    fedilink
    English
    arrow-up
    17
    arrow-down
    1
    ·
    8 days ago

    Am I wrong to assume trying to blend in is a worse and contradictory strategy than trying to actively protect yourself from tracking?

    If you want to not be unique, use default setting chrome without adblock. Your browser will look just like anybody else’s, but they will literally know who you are.

    On the opposite side of the spectrum, you lock everything down and spike as a very special browser and… that’s all they know.

      • underwire212@lemm.ee
        link
        fedilink
        arrow-up
        3
        ·
        8 days ago

        Right. The question is whether they can attach what they know to an identity. Depends on your threat model which goal you need to achieve.

      • dwindling7373@feddit.it
        link
        fedilink
        English
        arrow-up
        2
        ·
        7 days ago

        Not what I meant: https://github.com/arkenfox/user.js/wiki/3.3-Overrides-[To-RFP-or-Not]#-fingerprinting

        "If you do nothing on desktop, you are already uniquely identifiable - screen, window and font metrics alone are probably enough - add timezone name, preferred languages, and several dozen other metrics and it is game over. Here is a link to the results of a study done in 2016 showing a 99.24% unique hit rate (and that is excluding IP addresses).

        Changing a few prefs from default is not going to make you “more unique” - there is no such thing."

        Basically making yourself less unique is impossible so there’s no sensible tradeoff to be made (other than in the context of Tor and Mullvad Browser).

    • ivn@jlai.lu
      link
      fedilink
      English
      arrow-up
      13
      ·
      edit-2
      8 days ago

      But then they can know a lot more since they don’t even need to drop a cookie to track you. But that’s a different threat model.

  • muhyb@programming.dev
    link
    fedilink
    arrow-up
    13
    ·
    edit-2
    9 days ago

    Despite having strong protection according to these results, I always get unique fingerprinting from them. Which is scary.

    Edit: Now I tried Tor on my desktop and got:

    Within our dataset of several hundred thousand visitors tested in the past 45 days, only one in 628.7 browsers have the same fingerprint as yours. Currently, we estimate that your browser has a fingerprint that conveys 9.3 bits of identifying information.

  • mac@lemm.ee
    link
    fedilink
    arrow-up
    12
    ·
    edit-2
    9 days ago

    Huh mullvad browser got me the lowest overall. 10.44 bits and a non-unique fingerprint.

    Compared against:

    • Firefox with arkenfox user.js (macOS)
    • Tor (macOS and android)
    • Vanadium (android)
    • Cromite (android)
    • Mull (different than mullvad) (android)

    I do a vast majority of my browsing on my phone, unfortunately. Vanadium scored the best (on mobile), but it not having extensions (dark reader is a must) and the navigation bar not being movable to the bottom of the screen keeps me on Mull.

    I don’t love using mullvad for day to day browsing as I can’t whitelist specific cookies to retain. Don’t love having to re 2fa daily.

  • AA5B@lemmy.world
    link
    fedilink
    arrow-up
    11
    ·
    9 days ago

    12.67 from Safari/iPhone, without changing any settings. This is my most commonly used browser

  • bdonvr@thelemmy.club
    link
    fedilink
    arrow-up
    11
    ·
    9 days ago

    Your browser fingerprint appears to be unique among the 183,996 tested in the past 45 days.

    :(

  • LastoftheDinosaurs@walledgarden.xyz
    link
    fedilink
    English
    arrow-up
    7
    ·
    9 days ago

    Within our dataset of several hundred thousand visitors tested in the past 45 days, only one in 91389.5 browsers have the same fingerprint as yours.

    Currently, we estimate that your browser has a fingerprint that conveys 16.48 bits of identifying information

    Doesn’t look good. How do you make it so that your browser doesn’t have a fingerprint at all?

    • InternetCitizen2@lemmy.world
      link
      fedilink
      English
      arrow-up
      17
      ·
      9 days ago

      You can’t not have a finger print. You can a best try and look like everyone elses.Sadly the free market won’t care and as such you won’t blend with normal users. Still you can try and look like ever one else in the privacy community

  • kekmacska@lemmy.zip
    link
    fedilink
    English
    arrow-up
    6
    ·
    8 days ago

    16.47 on Cromite. But most of the identify information is not even true, almost everything is spoofed. User agent, timezone, operating system, browser name, screen size and color depth, device, even the battery percentage

  • Pika@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    5
    ·
    8 days ago

    Your browser fingerprint appears to be unique among the 183,951 tested in the past 45 days.

    Currently, we estimate that your browser has a fingerprint that conveys at least 17.49 bits of identifying information.

    well shoot my mobile failed that test lmao

      • Random Dent@lemmy.ml
        link
        fedilink
        English
        arrow-up
        6
        ·
        8 days ago

        I got exactly that number too, but also when I looked at the detailed results section lots of it was incorrect. It got that I was on some sort of Linux and using some sort of FF variant, but things like time zone, plugins, screen resolution and system fonts were all wrong.

        So sending out 17.49 bits of largely identifying bullshit is still okay I think lol.

  • CubbyTustard@reddthat.com
    link
    fedilink
    arrow-up
    4
    ·
    8 days ago

    with budget vpn on: one in 22756.25 browsers have the same fingerprint as yours

    with budget vpn off and just apple safebrowsing on: one in 20231.22 browsers have the same fingerprint as yours.

    i have the worst vpn!

    • ivn@jlai.lu
      link
      fedilink
      English
      arrow-up
      4
      ·
      8 days ago

      A VPN is unrelated, it changes your IP but the IP is not used to fingerprint.

      • CubbyTustard@reddthat.com
        link
        fedilink
        arrow-up
        1
        ·
        edit-2
        8 days ago

        i got the above results every time i ran it with or without the VPN so you can say that but it’s obviously having an impact.

        just enabling/disabling the VPN between tests and clicking the link again.

        • ivn@jlai.lu
          link
          fedilink
          English
          arrow-up
          1
          ·
          8 days ago

          It might have a side effect but it’s still unrelated and useless for the purpose at hand.

          • CubbyTustard@reddthat.com
            link
            fedilink
            arrow-up
            1
            ·
            8 days ago

            so to what do you attribute the difference in score, when it’s different with the VPN on vs off I wonder?

            I’m amused at your insistence it does nothing when it clearly does.

            • ivn@jlai.lu
              link
              fedilink
              English
              arrow-up
              1
              ·
              8 days ago

              That’s side effects, the difference is irrelevant anyway.

              I insist because I think it’s important to understand this, both for you and for people reading these comments. The whole point of fingerprinting is to be able to track users without relying on cookies or IP. Changing IP does not protect against fingerprinting. I don’t want people to be mislead by your comment and think they are going to avoid tracking by just taking a better VPN.

              You can read more here:

              https://coveryourtracks.eff.org/about#browser-fingerprinting

              “Browser fingerprinting” is a method of tracking web browsers by the configuration and settings information they make visible to websites, rather than traditional tracking methods such as IP addresses and unique cookies.

              And you can check the source code to see there is no mention of IP address:

              https://github.com/EFForg/cover-your-tracks/blob/master/fingerprint/fingerprint_helper.py

                • ivn@jlai.lu
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  ·
                  7 days ago

                  It’s not worthless but it’s on only an indication, an example.

                  Isn’t the score change similar to the one you have when toggling Apple safebrowsing? (whatever that is)

                  A probable explanation is that your VPN client is somehow changing some of your browser settings. The VPN client, not the VPN itself.

                  Just check the detailed results to see what’s changed between the two. Whatever it is it could be changed manually, it’s does not require a VPN to change. But you probably don’t want to change it because your score with a VPN is worse than without.

                  But this has nothing to do with a VPN being the best or the worse.