Suggestion to implement user.js way to hide navigator.buildID

Talk about code development, features, specific bugs, enhancements, patches, and similar things.
Forum rules
Please keep everything here strictly on-topic.
This board is meant for Pale Moon source code development related subjects only like code snippets, patches, specific bugs, git, the repositories, etc.

This is not for tech support! Please do not post tech support questions in the "Development" board!
Please make sure not to use this board for support questions. Please post issues with specific websites, extensions, etc. in the relevant boards for those topics.

Please keep things on-topic as this forum will be used for reference for Pale Moon development. Expect topics that aren't relevant as such to be moved or deleted.
User avatar
pale guru
Moonbather
Moonbather
Posts: 61
Joined: 2021-11-06, 11:10
Location: Tyskland

Suggestion to implement user.js way to hide navigator.buildID

Unread post by pale guru » 2022-10-22, 02:03

Palemoon lets every Jack and Bob know when the browser version was build via Javascript's navigator.buildID.

Is there any way to switch it off? Otherwise I suggest to implement something similar, as this is quite a unique feature to fingerprint people's browser.
… tanning in dimmed LCD light. – Evry 1′s a beginner, baby, that's the truth…

User avatar
jobbautista9
Keeps coming back
Keeps coming back
Posts: 782
Joined: 2020-11-03, 06:47
Location: Philippines
Contact:

Re: Suggestion to implement user.js way to hide navigator.buildID

Unread post by jobbautista9 » 2022-10-22, 02:33

As a workaround you can set general.buildID.override in about:config to override the default build id. I suggest setting it to 20181001000000 to match with Firefox.

Mozilla has bug #583181 to always spoof navigator.buildID to 20181001000000 for web content, just like how the gecko slice is always spoofed to 20100101. Should we do the same too for UXP by backporting this bug? Doesn't seem too complicated to backport to me.
Image

merry mimas

XUL add-ons developer. You can find a list of add-ons I manage at http://rw.rs/~job/software.html.

Mima avatar by 絵虎. Pixiv post: https://www.pixiv.net/en/artworks/15431817

Image

User avatar
Moonchild
Pale Moon guru
Pale Moon guru
Posts: 35477
Joined: 2011-08-28, 17:27
Location: Motala, SE
Contact:

Re: Suggestion to implement user.js way to hide navigator.buildID

Unread post by Moonchild » 2022-10-22, 08:40

I guess it's fine to build this in for content (without the mozilla.org override, obviously - their double standards showing there again "Oh we exclude mozilla.org so we can fingerprint the hell out of our users"... and since Google foots their bill you can wonder where that goes eventually), but do keep in mind we explicitly expose our build ID in the UA as well, already, depending on the UA mode in use, so I'd say this should be linked to whether Firefox compatmode is being used or not to keep things consistent... Or perhaps build in a stricter privacy mode pref would be even better to cover these corner cases for people who think it actually helps in a significant way. Note that this is only potentially an issue if people build their own and aren't using official binaries.
"Sometimes, the best way to get what you want is to be a good person." -- Louis Rossmann
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite

User avatar
jobbautista9
Keeps coming back
Keeps coming back
Posts: 782
Joined: 2020-11-03, 06:47
Location: Philippines
Contact:

Re: Suggestion to implement user.js way to hide navigator.buildID

Unread post by jobbautista9 » 2022-10-22, 09:42

I've taken a look again, and I realize backporting this bug is kinda useless for us IMO. Changing the general.buildID.override doesn't change the build ID shown in about:support, so I'm at a loss at why did all that code for bug #583181, other than for exempting Mozilla sites from the anti-fingerprinting measure obviously (but I think there's a better way of doing that, which I will explain next). If I were the one doing the bug, I would've simply changed the default value for general.buildID.override to 2018yadayada. And if I wanted to exempt Mozilla sites from the override, I would create a boolean pref called general.buildID.override.enabled.mozilla.org with the default value false, and make the code for general.buildID.override check if a pref with the current domain's name exists, and if it's set to false, don't override navigator.buildID. Not only is this more logical IMO, it also provides a way for the user to control which sites get exempted from build ID spoofing, which this bug doesn't allow.

Am I missing something here?
Moonchild wrote:
2022-10-22, 08:40
without the mozilla.org override, obviously - their double standards showing there again "Oh we exclude mozilla.org so we can fingerprint the hell out of our users"...
I think the exemption is there probably for bugzilla, where an accurate build ID might be needed for a bug report. But then I guess if that was the intention they would've only made bugzilla.mozilla.org exempt from the spoofing, not mozilla.org and all its subdomains...
Moonchild wrote:
2022-10-22, 08:40
do keep in mind we explicitly expose our build ID in the UA as well, already, depending on the UA mode in use, so I'd say this should be linked to whether Firefox compatmode is being used or not to keep things consistent...
Makes sense to me. And if we go this route we should also enable spoofing if an SSUAO is active, regardless of the current compatmode.
Moonchild wrote:
2022-10-22, 08:40
Note that this is only potentially an issue if people build their own and aren't using official binaries.
It's definitely a potential issue for self-builders (like me), but it's also a potential issue for Linux users in general, where there are so many contributed builds. stevepusser's builds alone are already many, tailored for specific versions of Debian and Ubuntu. Theoretically, an adversary can probably guess what distro you're using from navigator.buildID. Though admittedly I'm not sure how significantly useful that would be, when there are other, more effective ways of fingerprinting...
Image

merry mimas

XUL add-ons developer. You can find a list of add-ons I manage at http://rw.rs/~job/software.html.

Mima avatar by 絵虎. Pixiv post: https://www.pixiv.net/en/artworks/15431817

Image

User avatar
Moonchild
Pale Moon guru
Pale Moon guru
Posts: 35477
Joined: 2011-08-28, 17:27
Location: Motala, SE
Contact:

Re: Suggestion to implement user.js way to hide navigator.buildID

Unread post by Moonchild » 2022-10-22, 10:02

jobbautista9 wrote:
2022-10-22, 09:42
if we go this route we should also enable spoofing if an SSUAO is active, regardless of the current compatmode.
No that would not make sense. those overrides are for the user-agent only. And those overrides would not necessarily always override towards a firefox style, anyway. Some are explicitly excluding firefox-ness, for example. So if you wanted to do that you'd have to start making site-specific build IDs as well which is madness.
Keep in mind, I've never seen sites do feature detection based on BuildID which is why UA overrides are a thing to begin with. Any Build ID override would solely be for "privacy" reasoning, i.e. attempted anonymity or prevention of profiling. If that's a big concern then there are probably much better pieces of software to achieve that. I.e. i want to prevent scope creep here.

And I agree that there isn't really a reason to do this except for making a "convenient default override" since we already have build ID override as a pref.
"Sometimes, the best way to get what you want is to be a good person." -- Louis Rossmann
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite

User avatar
jobbautista9
Keeps coming back
Keeps coming back
Posts: 782
Joined: 2020-11-03, 06:47
Location: Philippines
Contact:

Re: Suggestion to implement user.js way to hide navigator.buildID

Unread post by jobbautista9 » 2022-10-22, 10:59

Moonchild wrote:
2022-10-22, 10:02
No that would not make sense. those overrides are for the user-agent only. And those overrides would not necessarily always override towards a firefox style, anyway. Some are explicitly excluding firefox-ness, for example. So if you wanted to do that you'd have to start making site-specific build IDs as well which is madness.
I thought the reason why you would want the build ID override to only apply for FF compatmode is because it uses a spoofed build id in the user agent string. And looking at the default SSUAOs which uses a "native" user agent string, they also spoof the Goanna build identifier, but to 20170101 instead of 20100101. Which is why I thought enabling build ID spoofing when there's an active SSUAO made sense.

But yeah, it would be ridiculous to have site-specific build IDs, since overriding the build ID doesn't really do anything when it comes to whether the site works or breaks, unlike user agents. My "fix" of making site-specific boolean prefs isn't really a suggestion for Pale Moon, but more like what I'd do if I were Mozilla...

If people want site-specific build IDs for whatever reason though, I think it could be feasible as an extension. Just save whatever is in "general.buildID.override" into a separate pref at browser start, then listen for OnLocationChange. If location changes, then check if "extensions.<insert extension name here>." + domain name exists in about:config, and if it does, change "general.buildID.override" to whatever is in that site-specific pref. If not, change it to the saved old override, or if it didn't exist, then clear said buildID override pref. Heck this hacky solution might even work for those wanting site-specific WebComponents support!

But really, a normal user would just change "general.buildID.override" if they're concerned about fingerprinting and leave it alone. :P
Image

merry mimas

XUL add-ons developer. You can find a list of add-ons I manage at http://rw.rs/~job/software.html.

Mima avatar by 絵虎. Pixiv post: https://www.pixiv.net/en/artworks/15431817

Image

User avatar
Moonchild
Pale Moon guru
Pale Moon guru
Posts: 35477
Joined: 2011-08-28, 17:27
Location: Motala, SE
Contact:

Re: Suggestion to implement user.js way to hide navigator.buildID

Unread post by Moonchild » 2022-10-22, 13:17

jobbautista9 wrote:
2022-10-22, 10:59
they also spoof the Goanna build identifier, but to 20170101 instead of 20100101. Which is why I thought enabling build ID spoofing when there's an active SSUAO made sense.
That's only because we didn't build in a system-replaceable variable like %OS_SLICE% for the BuildID, because it really doesn't matter (but operating system being accurate in UA sniffing does). Just to keep things simple - not because it was spoofed on purpose.
"Sometimes, the best way to get what you want is to be a good person." -- Louis Rossmann
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite

User avatar
pale guru
Moonbather
Moonbather
Posts: 61
Joined: 2021-11-06, 11:10
Location: Tyskland

Re: Suggestion to implement user.js way to hide navigator.buildID

Unread post by pale guru » 2022-10-23, 22:42

Thanks for the general.buildID.override hint.

If there is any a website that should know about the BuildID, it can be submitted in the URL. No need to make a big fuss about when to take what BuildID and respective overrides, and besides this even works when Javascript is off.
… tanning in dimmed LCD light. – Evry 1′s a beginner, baby, that's the truth…

Locked