Web Fingerprinting Sees Through VPNs and Incognito Mode

[msfntor]

Web Fingerprinting Gets Frighteningly Good: Sees Through VPNs and Incognito Mode: https://www.ghacks.net/2023/03/21/web-fingerprinting-gets-frighteningly-good-sees-through-vpns-and-incognito-mode/

Look on fingerprinting online tests...

Use JShelter now? What are your thoughts on this idea?

JShelter extension on Web Store: https://chrome.google.com/webstore/detail/jshelter/ammoloihpcbognfddfjcljgembpibcmb?hl=en-US

 

Edited April 10 by msfntor
title changed slightly...

[msfntor]

Fingerprinting TESTS:

LIVE DEMO (of Fingerprint PRO): See Fingerprint in Action, YOUR VISITOR ID: https://fingerprint.com/

....the other links from Fp PRO above: https://eun1.fptls.com/  https://eun1.fptls2.com/ https://eun1.fptls3.com/

hidester BROWSER FINGERPRINT TEST: https://hidester.com/browser-fingerprint/

Scroll down and look for "Your browser fingerprint": http://valve.github.io/fingerprintjs/

Fingerprintjs2: http://valve.github.io/fingerprintjs2/

No-JS fingerprinting: https://noscriptfingerprint.com/  - that's all, thank you!

 

AudioContext Fingerprint Test Page: https://audiofingerprint.openwpm.com/

Bromite fingerprinting mitigations test: https://www.bromite.org/detect

CreepJS: https://abrahamjuliot.github.io/creepjs/ - this one don't work in my machine?...

amiunique.org: My browser fingerprint: https://amiunique.org/ -or better with fp: https://www.amiunique.org/fp

Cover Your Tracks: https://coveryourtracks.eff.org/

 

- All this is to finish you off...LOL 

Unique doesn’t necessarily mean identifiable...

Edited March 30 by msfntor
links added

[msfntor]

You can also see and compare the JShelter results with Policy Control - JavaScript and Flash blocker different sets of policy rules: https://chrome.google.com/webstore/detail/policy-control-javascript/eekommagmgepaafaaegimeldlnnnolgn?hl=en-US

[msfntor]

Don't forget to test Your disguise level (and IP)...: https://whoer.net/

JavaScript Browser Information AND Document Referrer (then click..): https://browserleaks.com/javascript

 

Edited March 25 by msfntor
link added

[msfntor]

Persistent Fingerprinting Beats Most Modern Browser Protections

March 21, 2023 By Heinrich Long — 8 Comments

On restoreprivacy.com: https://restoreprivacy.com/persistent-fingerprinting-beats-most-modern-browser-protections/

[UCyborg]

On 3/25/2023 at 2:18 PM, msfntor said:

Use JShelter now? What are your thoughts on this idea?

My thoughts are that I visit so few websites and whatever they get from my browser, what will they do with it? They must know I'm a hopeless case and they can't sell me anything.

[msfntor]

On 3/26/2023 at 3:41 PM, UCyborg said:

My thoughts are that I visit so few websites and whatever they get from my browser, what will they do with it? They must know I'm a hopeless case and they can't sell me anything.

Yes, these are my impressions as well... But I like to play with new extensions to see if they can improve this crazy world... 
So, to increase your curiosity about the extensions that take care of your "privacy" and "security", here are some things that might interest you; checked by me and secure (sorry if you already know them):

 No History (this with Size 33.09 KiB): https://chrome.google.com/webstore/detail/no-history/hdifnhiliocdiomkphonngpedadhinof?hl=en-US

Referer Control: https://chrome.google.com/webstore/detail/referer-control/hnkcfpcejkafcihlgbojoidoihckciin?hl=en-US

Reject Service Worker (Size12.63KiB): https://chrome.google.com/webstore/detail/reject-service-worker/falajmifjcihbmlokgomiklbfmgmnopd?hl=en-US

 

CSS Exfil Protection mike gualtieri

Clear This Page

 

Edited March 30 by msfntor

[D.Draker]

8 hours ago, msfntor said:

to increase your curiosity about the extensions

Thank you ! Do you know a solid, trusted extension that has an auto setting to delete cookies upon each exit ?

[msfntor]

7 hours ago, D.Draker said:

Thank you ! Do you know a solid, trusted extension that has an auto setting to delete cookies upon each exit ?

Haha DéDé, I see you are in a good mood today, you always had to get out of bed with a good foot! To answer your pertinent (still!) question: NO! Because my preferred browsers already delete those cookies on exit...-here you see these cookies that lift the browser while running...

I use Referer Control ext. - To test its presence, click on : ADS-B Exchange - track traffic live: https://globe.adsbexchange.com/ - if there are no airplanes, it means that this extension works well ! (you will see the window: "Problem fetching data from the server: 403")
Tell me rather do you know, do you check some of these extensions I posted links... do you know other efficient and light extensions about "privacy" and "security" worthy to be used by me, please?

Edited March 27 by msfntor
airplanes

[Sampei.Nihira]

20 hours ago, UCyborg said:

My thoughts are that I visit so few websites and whatever they get from my browser, what will they do with it? They must know I'm a hopeless case and they can't sell me anything.

Breaching privacy and thus also web fingerprinting could also be for the purpose of testing the vulnerabilities of your system and browsers to potential attacks.
Targeted phishing attacks are among them.

[msfntor]

9 minutes ago, Sampei.Nihira said:

Breaching privacy and thus also web fingerprinting could also be for the purpose of testing the vulnerabilities of your system and browsers to potential attacks.
Targeted phishing attacks are among them.

Have you ever been the victim of a targeted phishing attack, @Sampei.Nihira? This must be painful and difficult to survive, I think?
Do these extensions I publish do anything to help you avoid this sad fate sometimes?

[Sampei.Nihira]

14 hours ago, msfntor said:

Yes, these are my impressions as well... But I like to play with new extensions to see if they can improve this crazy world... 
So, to increase your curiosity about the extensions that take care of your "privacy" and "security", here are some things that might interest you; checked by me and secure (sorry if you already know them):

CSS Exfil Protection mike gualtieri: https://chrome.google.com/webstore/detail/css-exfil-protection/ibeemfhcbbikonfajhamlkdgedmekifo?hl=en-US 

Referer Control: https://chrome.google.com/webstore/detail/referer-control/hnkcfpcejkafcihlgbojoidoihckciin?hl=en-US

No History (this with Size 33.09KiB of course): https://chrome.google.com/webstore/detail/no-history/hdifnhiliocdiomkphonngpedadhinof?hl=en-US

Reject Service Worker (Size12.63KiB): https://chrome.google.com/webstore/detail/reject-service-worker/falajmifjcihbmlokgomiklbfmgmnopd?hl=en-US

Clear This Page: https://chrome.google.com/webstore/detail/clear-this-page/jhmmoamfcbidmbmnphlimaombiflfalm?hl=en-US

 

With too many extensions you might get the opposite effect.
Check:

https://browserleaks.com/chrome

JShelter which has recently been updated (March 24, 2023):

https://jshelter.org/versions/

since its developers got new funds is preferable to use only in chromium-based browsers (except Brave) than other similar but too long outdated extensions.

Forget CSS Exfil Protection.

If you can get more privacy without using extensions,this is preferable:

https://apps.armin.dev/ping-spotter/

The Ping test above can also be passed in chromium-based browsers without extensions with a simple command line parameter.

Another important test to pass is this:

https://defo.ie/ech-check.php

and:

https://fmarier.github.io/brave-testing/query-filter.html

(cross-site test) if it is not passed, the adblocker configuration should be improved.

https://coveryourtracks.eff.org/

https://d3ward.github.io/toolz/adblock.html

[Sampei.Nihira]

7 minutes ago, msfntor said:

Have you ever been the victim of a targeted phishing attack, @Sampei.Nihira? This must be painful and difficult to survive, I think?
Do these extensions I publish do anything to help you avoid this sad fate sometimes?

Not causally targeted, but I was too inexperienced then.
No.
It would be better to use a protective DNS.
Better configure the browser + adblocker.
If you want to try:

https://phishtank.org/phish_search.php?valid=y&active=y&Search=Search

Uses a finite-length link.

Example:

JShelter shields you from web Fingerprinting.

[msfntor]

6 minutes ago, Sampei.Nihira said:

Not causally targeted, but I was too inexperienced then.
No.

Good for you! Me too, never...

[msfntor]

20 minutes ago, Sampei.Nihira said:

With too many extensions you might get the opposite effect.

I se this, of course..

Browserleaks chrome test response: Web Accessible Resources Detection Extensions - Detected 0 of 1000 Extensions

Protected WAR's timing attack - uBlock Origin × real: 16.61ms / fake: 14.49ms (22% of requests were slower) ... what this is?

... Privacy Badger    × real: 5.33ms / fake: 4.98ms (13% of requests were slower)

- but I don't have Privacy Badger, AdGuard, DuckDuckGo, Decentraleyes... so why these are listing here?

28 minutes ago, Sampei.Nihira said:

Forget CSS Exfil Protection.

Sure I don't use this.

28 minutes ago, Sampei.Nihira said:

The Ping test above can also be passed

Is passed here yesterday, result: all blocked. Thanks to JShelter "Strict" work.

defo.ie ECH check: SSL_ECH_STATUS: not attempted , two first are: none... what is that?

fmarier test result: NONE fbclid parameter, thanks to Neat URL ext.

coveryourtracks results: 

Blocking tracking ads? Yes

Blocking invisible trackers? Yes

Protecting you from fingerprinting? No - never, is normal, sadly...

"be unique among the 201,291 tested" - so be unique, I'm unique!

d3ward: 97% (I don't checked cosmetic filters cases in uBlock..., if checked: 100%)

-and your results from these tests, @Sampei.Nihira?