Jump to content

Web Fingerprinting Sees Through VPNs and Incognito Mode


msfntor

Recommended Posts

Web Fingerprinting Gets Frighteningly Good: Sees Through VPNs and Incognito Modehttps://www.ghacks.net/2023/03/21/web-fingerprinting-gets-frighteningly-good-sees-through-vpns-and-incognito-mode/

Look on fingerprinting online tests...

Use JShelter now? What are your thoughts on this idea?

JShelter extension on Web Store: https://chrome.google.com/webstore/detail/jshelter/ammoloihpcbognfddfjcljgembpibcmb?hl=en-US

 

Edited by msfntor
title changed slightly...
Link to comment
Share on other sites


Fingerprinting TESTS:

LIVE DEMO (of Fingerprint PRO): See Fingerprint in Action, YOUR VISITOR IDhttps://fingerprint.com/

....the other links from Fp PRO abovehttps://eun1.fptls.com/  https://eun1.fptls2.com/ https://eun1.fptls3.com/

hidester BROWSER FINGERPRINT TESThttps://hidester.com/browser-fingerprint/

Scroll down and look for "Your browser fingerprint": http://valve.github.io/fingerprintjs/

Fingerprintjs2http://valve.github.io/fingerprintjs2/

No-JS fingerprintinghttps://noscriptfingerprint.com/  - that's all, thank you!

 

AudioContext Fingerprint Test Page: https://audiofingerprint.openwpm.com/

Bromite fingerprinting mitigations testhttps://www.bromite.org/detect

CreepJShttps://abrahamjuliot.github.io/creepjs/ - this one don't work in my machine?...

amiunique.org: My browser fingerprinthttps://amiunique.org/ -or better with fp: https://www.amiunique.org/fp

Cover Your Trackshttps://coveryourtracks.eff.org/

 

- All this is to finish you off...LOL :thumbup

Unique doesn’t necessarily mean identifiable...

Edited by msfntor
links added
Link to comment
Share on other sites

On 3/25/2023 at 2:18 PM, msfntor said:

Use JShelter now? What are your thoughts on this idea?

My thoughts are that I visit so few websites and whatever they get from my browser, what will they do with it? They must know I'm a hopeless case and they can't sell me anything.

Link to comment
Share on other sites

On 3/26/2023 at 3:41 PM, UCyborg said:

My thoughts are that I visit so few websites and whatever they get from my browser, what will they do with it? They must know I'm a hopeless case and they can't sell me anything.

Yes, these are my impressions as well... But I like to play with new extensions to see if they can improve this crazy world... 
So, to increase your curiosity about the extensions that take care of your "privacy" and "security", here are some things that might interest you; checked by me and secure (sorry if you already know them):

 No History (this with Size 33.09 KiB): https://chrome.google.com/webstore/detail/no-history/hdifnhiliocdiomkphonngpedadhinof?hl=en-US

Referer Controlhttps://chrome.google.com/webstore/detail/referer-control/hnkcfpcejkafcihlgbojoidoihckciin?hl=en-US

Reject Service Worker (Size12.63KiB): https://chrome.google.com/webstore/detail/reject-service-worker/falajmifjcihbmlokgomiklbfmgmnopd?hl=en-US

 

CSS Exfil Protection mike gualtieri

Clear This Page

 

Edited by msfntor
Link to comment
Share on other sites

8 hours ago, msfntor said:

to increase your curiosity about the extensions

Thank you ! Do you know a solid, trusted extension that has an auto setting to delete cookies upon each exit ?

Link to comment
Share on other sites

7 hours ago, D.Draker said:

Thank you ! Do you know a solid, trusted extension that has an auto setting to delete cookies upon each exit ?

Haha DéDé, I see you are in a good mood today, you always had to get out of bed with a good foot! To answer your pertinent (still!) question: NO! Because my preferred browsers already delete those cookies on exit...:whistle:-here you see these cookies that lift the browser while running...

I use Referer Control ext. - To test its presence, click on : ADS-B Exchange - track traffic livehttps://globe.adsbexchange.com/ - if there are no airplanes, it means that this extension works well ! (you will see the window: "Problem fetching data from the server: 403")
Tell me rather do you know, do you check some of these extensions I posted links... do you know other efficient and light extensions about "privacy" and "security" worthy to be used by me, please?

Edited by msfntor
airplanes
Link to comment
Share on other sites

20 hours ago, UCyborg said:

My thoughts are that I visit so few websites and whatever they get from my browser, what will they do with it? They must know I'm a hopeless case and they can't sell me anything.

Breaching privacy and thus also web fingerprinting could also be for the purpose of testing the vulnerabilities of your system and browsers to potential attacks.
Targeted phishing attacks are among them.

Link to comment
Share on other sites

9 minutes ago, Sampei.Nihira said:

Breaching privacy and thus also web fingerprinting could also be for the purpose of testing the vulnerabilities of your system and browsers to potential attacks.
Targeted phishing attacks are among them.

Have you ever been the victim of a targeted phishing attack, @Sampei.Nihira? This must be painful and difficult to survive, I think?
Do these extensions I publish do anything to help you avoid this sad fate sometimes?:}

Link to comment
Share on other sites

14 hours ago, msfntor said:

Yes, these are my impressions as well... But I like to play with new extensions to see if they can improve this crazy world... 
So, to increase your curiosity about the extensions that take care of your "privacy" and "security", here are some things that might interest you; checked by me and secure (sorry if you already know them):

CSS Exfil Protection mike gualtieri: https://chrome.google.com/webstore/detail/css-exfil-protection/ibeemfhcbbikonfajhamlkdgedmekifo?hl=en-US 

Referer Controlhttps://chrome.google.com/webstore/detail/referer-control/hnkcfpcejkafcihlgbojoidoihckciin?hl=en-US

No History (this with Size 33.09KiB of course): https://chrome.google.com/webstore/detail/no-history/hdifnhiliocdiomkphonngpedadhinof?hl=en-US

Reject Service Worker (Size12.63KiB): https://chrome.google.com/webstore/detail/reject-service-worker/falajmifjcihbmlokgomiklbfmgmnopd?hl=en-US

Clear This Pagehttps://chrome.google.com/webstore/detail/clear-this-page/jhmmoamfcbidmbmnphlimaombiflfalm?hl=en-US

 

With too many extensions you might get the opposite effect.
Check:

https://browserleaks.com/chrome

JShelter which has recently been updated (March 24, 2023):

https://jshelter.org/versions/

since its developers got new funds is preferable to use only in chromium-based browsers (except Brave) than other similar but too long outdated extensions.

Forget CSS Exfil Protection.

If you can get more privacy without using extensions,this is preferable:

https://apps.armin.dev/ping-spotter/

The Ping test above can also be passed in chromium-based browsers without extensions with a simple command line parameter.

Another important test to pass is this:

https://defo.ie/ech-check.php

and:

https://fmarier.github.io/brave-testing/query-filter.html

(cross-site test) if it is not passed, the adblocker configuration should be improved.

https://coveryourtracks.eff.org/

https://d3ward.github.io/toolz/adblock.html

Link to comment
Share on other sites

7 minutes ago, msfntor said:

Have you ever been the victim of a targeted phishing attack, @Sampei.Nihira? This must be painful and difficult to survive, I think?
Do these extensions I publish do anything to help you avoid this sad fate sometimes?
:}

Not causally targeted, but I was too inexperienced then.
No.
It would be better to use a protective DNS.
Better configure the browser + adblocker.
If you want to try:

https://phishtank.org/phish_search.php?valid=y&active=y&Search=Search

Uses a finite-length link.

Example:

1.jpg

JShelter shields you from web Fingerprinting.

Link to comment
Share on other sites

20 minutes ago, Sampei.Nihira said:

With too many extensions you might get the opposite effect.

I se this, of course..

Browserleaks chrome test response: Web Accessible Resources Detection Extensions - Detected 0 of 1000 Extensions

Protected WAR's timing attack - uBlock Origin × real: 16.61ms / fake: 14.49ms (22% of requests were slower) ... what this is?

... Privacy Badger    × real: 5.33ms / fake: 4.98ms (13% of requests were slower)

- but I don't have Privacy Badger, AdGuard, DuckDuckGo, Decentraleyes... so why these are listing here?

28 minutes ago, Sampei.Nihira said:

Forget CSS Exfil Protection.

Sure I don't use this.

28 minutes ago, Sampei.Nihira said:

The Ping test above can also be passed

Is passed here yesterday, result: all blocked. Thanks to JShelter "Strict" work.

defo.ie ECH check: SSL_ECH_STATUS: not attempted , two first are: none... what is that?

fmarier test result: NONE fbclid parameter, thanks to Neat URL ext.

coveryourtracks results: 

Blocking tracking ads? Yes

Blocking invisible trackers? Yes

Protecting you from fingerprinting? No - never, is normal, sadly...

"be unique among the 201,291 tested" - so be unique, I'm unique!

d3ward: 97% (I don't checked cosmetic filters cases in uBlock..., if checked: 100%)

-and your results from these tests, @Sampei.Nihira?

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...