Group Project: Smudging your fingerprint

Post your tutorials for using Pale Moon or performing related tasks here.
Note: Not for "how do I...?" Questions!

Moderator: satrow

Forum rules
Tutorials and Howtos should only relate to Pale Moon, and not to third party applications. e.g.: Don't post a Howto for configuring your firewall.
If you have a question how to do something, you should use one of the support boards, not this board. It is meant for people to document and post instructions.
User avatar
gmaslin
Hobby Astronomer
Hobby Astronomer
Posts: 16
Joined: 2019-05-05, 18:48

Group Project: Smudging your fingerprint

Unread post by gmaslin » 2019-05-09, 18:40

Free speech is under attack and many websites have moderation teams infiltrated with those opposed to it. One of the ways to make it harder for websites to permaban you is to make yourself less identifiable. Have a look at this website to get a idea of how identifiable you are. Using a prior version of Firefox and optimized for privacy I was able to get my completely functional browser down to a 1 in 128 computer commonality (~8 bits of identifying information). The best I've gotten with Palemoon is ~17 bits (1 in 100,000 commonality). Tell us your result here and let's use that information to formulate a strategy to help us all become more anonymous.

User avatar
Isengrim
Astronaut
Astronaut
Posts: 747
Joined: 2015-09-08, 22:54
Location: 127.0.0.1
Contact:

Re: Group Project: Smudging your fingerprint

Unread post by Isengrim » 2019-05-09, 21:54

Assuming you mean the one on the EFF website. I honestly haven't paid too much attention to it, because the easiest way to avoid fingerprinting is to use a browser that looks like everyone else's - one of the later versions of Chrome, standard headers, not blocking too many APIs. Also they ding you for not setting the DNT header, which is nonsense.
Linux Mint 18.3 Cinnamon (64-bit)
Windows 7 (64-bit) (Sometimes)
Windows 10 build 1803 (64-bit) (Sometimes)
JavaScript is not Java

User avatar
F22 Simpilot
Moon lover
Moon lover
Posts: 87
Joined: 2019-01-06, 07:59
Location: From RLG fly heading 053 intercept 315 DVV look for the SAM

Re: Group Project: Smudging your fingerprint

Unread post by F22 Simpilot » 2019-05-10, 04:31

Your link links back here.
E pur si muove.
All problems in the universe have a solution no matter how complicated.

User avatar
Moonchild
Pale Moon guru
Pale Moon guru
Posts: 23434
Joined: 2011-08-28, 17:27
Location: 58°2'16"N 14°58'31"E
Contact:

Re: Group Project: Smudging your fingerprint

Unread post by Moonchild » 2019-05-10, 14:23

Link fixed.

By the way, I make my browser fingerprint unique ON PURPOSE and present a different unique fingerprint every time. That, IMO, is the only way to combat fingerprinting and tracking by fingerprint. Smudging won't help because the way around it is simply to come up with another variable to check that is unique. What tracking needs is a unique enough fingerprint that doesn't change otherwise. Smudging might make you briefly less identifiable because you'll be part of a slightly less unique group, and might make you feel better, but isn't actually effective. The recent common-sense documentation that trying to hide by disabling APIs being counterproductive only underlines my point that unique is good, as long as you are a different entity every time.

As explained before, this also hurts the trackers directly because they will get nonsensical or useless data in their databases from unique fingerprints that will never be seen again; and it will be impossible (or at least very difficult) to distinguish valid-but-fake fingerprints from valid-and-real ones.
Improving Mozilla code: You know you're on the right track with code changes when you spend the majority of your time deleting code.

"If you want to build a better world for yourself, you have to be willing to build one for everybody." -- Coyote Osborne

User avatar
gmaslin
Hobby Astronomer
Hobby Astronomer
Posts: 16
Joined: 2019-05-05, 18:48

Re: Group Project: Smudging your fingerprint

Unread post by gmaslin » 2019-05-10, 14:35

@Moonchild
Sometimes you read posts that completely change your perspective on things. Yours was one of those. Okay, so if I understood you, the idea is to make a completely unique and identifiable browser that is constantly changing. I'm assuming this means the use of a spoofing agent or some kind of browser randomizing. What's the extension set favored by Palemoon? I tried using the Canvas extension but it cripples my browsing

User avatar
Moonchild
Pale Moon guru
Pale Moon guru
Posts: 23434
Joined: 2011-08-28, 17:27
Location: 58°2'16"N 14°58'31"E
Contact:

Re: Group Project: Smudging your fingerprint

Unread post by Moonchild » 2019-05-10, 14:54

You don't need to randomize much. Just a few things or maybe even just one thing which is commonly checked. Canvas hash is such a thing -- so, go into about:config and set canvas.poisondata to "true" and there you go, you're unique every time.
User agents should be left alone -- unfortunately this is used everywhere to determine browser capabilities in lieu of actual capability checking so randomizing that will break things much worse.
Improving Mozilla code: You know you're on the right track with code changes when you spend the majority of your time deleting code.

"If you want to build a better world for yourself, you have to be willing to build one for everybody." -- Coyote Osborne

User avatar
gmaslin
Hobby Astronomer
Hobby Astronomer
Posts: 16
Joined: 2019-05-05, 18:48

Re: Group Project: Smudging your fingerprint

Unread post by gmaslin » 2019-05-10, 18:51

@Moonchild
Thanks, I set my canvas.poisondata to true and deleted my canvas extension. I'm guessing I will be vulnerable to identification within the same browser session but not when I restart my browser. Is this correct or will simply opening a new window suffice?

Falna
Lunatic
Lunatic
Posts: 315
Joined: 2015-08-23, 17:56
Location: UK / France

Re: Group Project: Smudging your fingerprint

Unread post by Falna » 2019-05-11, 00:42

You don't even need a new window; it changes for every page reload / new tab too, if canvas is in use. You can verify that yourself at https://browserleaks.com/canvas.

User avatar
gmaslin
Hobby Astronomer
Hobby Astronomer
Posts: 16
Joined: 2019-05-05, 18:48

Re: Group Project: Smudging your fingerprint

Unread post by gmaslin » 2019-05-11, 17:30

@Falna
HaHaHa, that's just beautifully elegant. Okay, so the only thing to worry about now is IP blocking, history cache and cookies. Cookies are easy to address, what's the preferred strategy for the others?

vannilla
Lunatic
Lunatic
Posts: 441
Joined: 2018-05-05, 13:29

Re: Group Project: Smudging your fingerprint

Unread post by vannilla » 2019-05-11, 18:52

gmaslin wrote:
2019-05-11, 17:30
IP blocking
The only way to stop someone from knowing your IP address is to not use the IP address, i.e. stop using the Internet.
What would hiding your address accomplish anyway?

moonie
Moonbather
Moonbather
Posts: 61
Joined: 2017-08-25, 12:59

Re: Group Project: Smudging your fingerprint

Unread post by moonie » 2019-05-12, 01:38

proxy servers like anonymouse were used for that sort of thing on a forum i used to go to decades ago.

ron_1
Board Warrior
Board Warrior
Posts: 1986
Joined: 2012-06-28, 01:20

Re: Group Project: Smudging your fingerprint

Unread post by ron_1 » 2019-05-12, 02:00

Moonchild wrote:
Canvas hash is such a thing -- so, go into about:config and set canvas.poisondata to "true" and there you go, you're unique every time.
So this makes me curious . . . why isn't the default "true"?

User avatar
Isengrim
Astronaut
Astronaut
Posts: 747
Joined: 2015-09-08, 22:54
Location: 127.0.0.1
Contact:

Re: Group Project: Smudging your fingerprint

Unread post by Isengrim » 2019-05-12, 04:17

ron_1 wrote:
2019-05-12, 02:00
So this makes me curious . . . why isn't the default "true"?
The pref can have performance issues when set to true, so it isn't always a good thing.
Linux Mint 18.3 Cinnamon (64-bit)
Windows 7 (64-bit) (Sometimes)
Windows 10 build 1803 (64-bit) (Sometimes)
JavaScript is not Java

User avatar
New Tobin Paradigm
Knows the dark side
Knows the dark side
Posts: 5243
Joined: 2012-10-09, 19:37
Location: Sector 001

Re: Group Project: Smudging your fingerprint

Unread post by New Tobin Paradigm » 2019-05-12, 04:24

Also, some of his can't afford to or don't want to waste all of our foil making hats no matter how snazzy they may be.
Image

- Ask not what XUL can do for you. Ask what you can do with XUL! -
http://binaryoutcast.com/ | http://thereisonlyxul.org/

User avatar
Moonchild
Pale Moon guru
Pale Moon guru
Posts: 23434
Joined: 2011-08-28, 17:27
Location: 58°2'16"N 14°58'31"E
Contact:

Re: Group Project: Smudging your fingerprint

Unread post by Moonchild » 2019-05-12, 11:44

moonie wrote:
2019-05-12, 01:38
proxy servers like anonymouse were used for that sort of thing on a forum i used to go to decades ago.
A warning about using proxy servers of any kind is that you may be making things worse. You'll be sending all of your traffic neatly bundled together through a single host that can monitor and record every page you visit. Using "public proxies" is therefore a huge risk of worse things than being tracked on websites.
Improving Mozilla code: You know you're on the right track with code changes when you spend the majority of your time deleting code.

"If you want to build a better world for yourself, you have to be willing to build one for everybody." -- Coyote Osborne

moonie
Moonbather
Moonbather
Posts: 61
Joined: 2017-08-25, 12:59

Re: Group Project: Smudging your fingerprint

Unread post by moonie » 2019-05-12, 12:18

No reason to doubt what you're saying anyway Moonchild, but I can absolutely believe that about proxies.

User avatar
gmaslin
Hobby Astronomer
Hobby Astronomer
Posts: 16
Joined: 2019-05-05, 18:48

Re: Group Project: Smudging your fingerprint

Unread post by gmaslin » 2019-05-12, 17:51

I very much like my tin foil hats and I think they should be all the rage by now. I especially like the ones that name all the Senior Executive Service (see SES on aim4truth.org) members in all our political parties as the treasonous rodents they are. Those are truly the smartest ones :)

(prior text edited out)

Some of you may have noted from my posts that I'm a big fan of unhindered speech. Unfortunately, that has made me persona non-grata on many forums where I have been effective in providing people with truths closer to reality. Until people begin to understand how nonsensical the narrative permitting individual organizations or private citizens to bypass the HUMAN RIGHT TO SPEAK FREELY is, the ability to mask or misdirect an IP address is a critical tool of information warfare. You may attempt to silence me but my thoughts will be heard, one way or another. What do you guys use to keep your bookmarks from being read?
Last edited by gmaslin on 2019-05-12, 17:58, edited 2 times in total.

User avatar
Moonchild
Pale Moon guru
Pale Moon guru
Posts: 23434
Joined: 2011-08-28, 17:27
Location: 58°2'16"N 14°58'31"E
Contact:

Re: Group Project: Smudging your fingerprint

Unread post by Moonchild » 2019-05-12, 17:55

I do like to remind you at this point of Forum rule 1f:
This forum focuses first and foremost on support and development of the Pale Moon browser.
Don't post politically, ideologically, religiously or socially sensitive topics on this forum, especially if they revolve around strong, polarized opinions and world views.
This to keep drama and heated tempers to a minimum.

If you want to discuss such topics, please go to dedicated fora for them. #
Please keep your general post content on-topic, especially outside of the general discussions board.
Improving Mozilla code: You know you're on the right track with code changes when you spend the majority of your time deleting code.

"If you want to build a better world for yourself, you have to be willing to build one for everybody." -- Coyote Osborne

Post Reply