Jump to content

A "potentially devastating and hard-to-detect threat" - "Gummy Browsers,"

XPerceniol

By XPerceniol
in Web Browsers

 Share

Recommended Posts


Mr.Scienceman2000

Mr.Scienceman2000

Posted
Posted

I wonder how script and element blocking will affect to that. I block everything by default for safety reasons.

 

As for fingerprinting feels whole HTTP (and HTTPS) is designed it on mind. User agent is good example. There is never use case to it. It is only used to part of fingerprinting, block you from accessing sites that are done by soydevs and other. Only real reason would be to use it detect what platform you try download program for but hey if you are dumb enough to choose from dropdown menu why are you downloading stuff to begin with?

 

I guess I go to gopher or gemini protocols for good

1
Link to comment
Share on other sites
Tripredacus

Tripredacus

Posted
Posted

The article talks about things involved in this fingerprinting that is beyond the User Agent, so likely the method being used to get this information from the client is going to be javascript. Obviously the answer here is to whitelist sites for javascript, meaning unless the known good site you visited is compromised (such as from ads or external includes) then you are more likely to be safe.

1
Link to comment
Share on other sites
Sampei.Nihira

Sampei.Nihira

Posted
Posted (edited)

Usually a hard setting of the browser for privacy prevents you from taking full advantage of the websites, that are broken.
The latest studies show that a compromise must be sought in normal browsing.
It is also advisable to install few extensions in the browser.

In the test below:

https://coveryourtracks.eff.org/

the ideal is to get the block of tracking ads + block invisible trackers without any extension or at the limit with only one extension.

Edited by Sampei.Nihira
1
Link to comment
Share on other sites
Mr.Scienceman2000

Mr.Scienceman2000

Posted
Posted (edited)
4 hours ago, Sampei.Nihira said:

Usually a hard setting of the browser for privacy prevents you from taking full advantage of the websites, that are broken.
The latest studies show that a compromise must be sought in normal browsing.
It is also advisable to install few extensions in the browser.

In the test below:

https://coveryourtracks.eff.org/

the ideal is to get the block of tracking ads + block invisible trackers without any extension or at the limit with only one extension.

decentraliseye, ublock origin, nss + umatrix on palememe based browser is good combination. Decentraliseye moves Content delivery networks into local system and can fight against this too is CND is used on attack

Edited by Mr.Scienceman2000
1
Link to comment
Share on other sites
XPerceniol

XPerceniol

Posted
  • Author
Posted (edited)
7 hours ago, Sampei.Nihira said:

Usually a hard setting of the browser for privacy prevents you from taking full advantage of the websites, that are broken.
The latest studies show that a compromise must be sought in normal browsing.
It is also advisable to install few extensions in the browser.

In the test below:

https://coveryourtracks.eff.org/

the ideal is to get the block of tracking ads + block invisible trackers without any extension or at the limit with only one extension.

spacer.png

This is With Serpent 52. However, unless its chrome on windows 7 (I think) we're gonna be unique. Same results with New Moon, but FF52.9.1 wont load results - just keep going and going?

I've stopped using Do Not Track as @ArcticFoxie recommends against using it when discussed previously in the 360 thread.

I have my browsers heavily disabled and I've been experimenting all day trying to tighten up JavaScript, but it slows things down pretty badly. I do have the following disabled:

user_pref("javascript.options.asmjs", false);
user_pref("javascript.options.shared_memory", false);
user_pref("javascript.options.wasm", false);
user_pref("javascript.use_US_english_locale", true);

However, when I disable ion and baselinejit, it slow things down to a crawl, so I left those alone. @Roytam1 already has javascript.options.asyncstack; defaulted to false. Setting javascript.options.strict to true also caused site issues, so I left that as is.

Edited by XPerceniol
Link to comment
Share on other sites
XPerceniol

XPerceniol

Posted
  • Author
Posted (edited)
3 hours ago, Mr.Scienceman2000 said:

decentraliseye, ublock origin, nss + umatrix on palememe based browser is good combination. Decentraliseye moves Content delivery networks into local system and can fight against this too is CND is used on attack

Thank you for those recommendations. Sad to admit, I don't much (anything at all) about CND. How would I disable that?

Edited by XPerceniol
Link to comment
Share on other sites
XPerceniol

XPerceniol

Posted
  • Author
Posted
8 hours ago, Tripredacus said:

The article talks about things involved in this fingerprinting that is beyond the User Agent, so likely the method being used to get this information from the client is going to be javascript. Obviously the answer here is to whitelist sites for javascript, meaning unless the known good site you visited is compromised (such as from ads or external includes) then you are more likely to be safe.

That is pretty much as I suspected ... just visiting a malicious or compromised site could cause this to happen. Thank you for your advice.

Link to comment
Share on other sites
Mr.Scienceman2000

Mr.Scienceman2000

Posted
Posted (edited)
4 hours ago, XPerceniol said:

I don't much (anything at all) about CND. How would I disable that?

you cant. Content delivery networks are from big companies like google and exist on many sites. Blocking connection to them with umatrix helps partially but decentraliseye does better job by redirecting code running on CND into local browser cache. In short CND is (from cloudflare)

Quote

A content delivery network (CDN) refers to a geographically distributed group of servers which work together to provide fast delivery of Internet content.

A CDN allows for the quick transfer of assets needed for loading Internet content including HTML pages, javascript files, stylesheets, images, and videos. The popularity of CDN services continues to grow, and today the majority of web traffic is served through CDNs, including traffic from major sites like Facebook, Netflix, and Amazon.

ironic they say improve security when it can risk someone site if main CDN is compromised. Instead of being compromised all does

Edited by Mr.Scienceman2000
1
Link to comment
Share on other sites
j7n

j7n

Posted
Posted

Cover Your Tracks somehow maxes out the information content in its elements at 17.85 bits. It read a long list of unique fonts I have installed myself, the unique browser versions of 77.7 and 6.6.6, and the existence of PDF-Xchange plugin, which together are globally unique. I'd think that would be more information.

Link to comment
Share on other sites
Tripredacus

Tripredacus

Posted
Posted

Well it is 16 hours later and it still didn't change from the "Testing your browser" screen. I doubt it will ever return and show me the results. Now this doesn't particularly mean that the site didn't work on their end. It may well have recorded information and just isn't showing me the results screen.

Link to comment
Share on other sites
Sampei.Nihira

Sampei.Nihira

Posted
Posted (edited)
13 hours ago, j7n said:

Cover Your Tracks somehow maxes out the information content in its elements at 17.85 bits. It read a long list of unique fonts I have installed myself, the unique browser versions of 77.7 and 6.6.6, and the existence of PDF-Xchange plugin, which together are globally unique. I'd think that would be more information.

This information is incorrect as you can see from the image below:

Screen.png

Firefox is also not set to achieve maximum privacy, because my daughter does not like to maximize the browser window at the opening.

Another example Android Opera without VPN:

Screenshot.jpg

_________________________________________________________________________________________________

In non-legacy Firefox-based browsers it is better to replace Decentraleyes with LocalCDN.

Edited by Sampei.Nihira
1
Link to comment
Share on other sites
Mr.Scienceman2000

Mr.Scienceman2000

Posted
Posted (edited)
10 minutes ago, Sampei.Nihira said:

This information is incorrect as you can see from the image below:

Screen.png

Firefox is also not set to achieve maximum privacy, because my daughter does not like to maximize the browser window at the opening.

_________________________________________________________________________________________________

In non-legacy Firefox-based browsers it is better to replace Decentraleyes with LocalCDN.

i do not trust firefox anymore since funded by big g and out of box it is pretty spyware. https://spyware.neocities.org/articles/firefox.html compare that with Palememe https://spyware.neocities.org/articles/palemoon.html and there is browser called Webbrowser on linux that removes palememe antifeatures and for windows I use tweaked mypal. I disabled WASM and Webgl totally

Edited by Mr.Scienceman2000
1
Link to comment
Share on other sites
Sampei.Nihira

Sampei.Nihira

Posted
Posted (edited)
8 minutes ago, Mr.Scienceman2000 said:

i do not trust firefox anymore since funded by big g and out of box it is pretty spyware. https://spyware.neocities.org/articles/firefox.html compare that with Palememe https://spyware.neocities.org/articles/palemoon.html and there is browser called Webbrowser on linux that removes palememe antifeatures and for windows I use tweaked mypal. I disabled WASM and Webgl totally

I am perfectly capable of removing Telemetry,Pocket.......etc...... and whatnot in Firefox.:yes::hello:

Edited by Sampei.Nihira
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...