Group Project: Smudging your fingerprint

Post your tutorials for using Pale Moon or performing related tasks here.
Note: Not for "how do I...?" Questions!

Moderator: satrow

Forum rules
Tutorials and Howtos should only relate to Pale Moon, and not to third party applications. e.g.: Don't post a Howto for configuring your firewall.
If you have a question how to do something, you should use one of the support boards, not this board. It is meant for people to document and post instructions.
User avatar
gmaslin
Hobby Astronomer
Hobby Astronomer
Posts: 16
Joined: 2019-05-05, 18:48

Group Project: Smudging your fingerprint

Unread post by gmaslin » 2019-05-09, 18:40

Free speech is under attack and many websites have moderation teams infiltrated with those opposed to it. One of the ways to make it harder for websites to permaban you is to make yourself less identifiable. Have a look at this website to get a idea of how identifiable you are. Using a prior version of Firefox and optimized for privacy I was able to get my completely functional browser down to a 1 in 128 computer commonality (~8 bits of identifying information). The best I've gotten with Palemoon is ~17 bits (1 in 100,000 commonality). Tell us your result here and let's use that information to formulate a strategy to help us all become more anonymous.

User avatar
Isengrim
Keeps coming back
Keeps coming back
Posts: 921
Joined: 2015-09-08, 22:54
Location: 127.0.0.1
Contact:

Re: Group Project: Smudging your fingerprint

Unread post by Isengrim » 2019-05-09, 21:54

Assuming you mean the one on the EFF website. I honestly haven't paid too much attention to it, because the easiest way to avoid fingerprinting is to use a browser that looks like everyone else's - one of the later versions of Chrome, standard headers, not blocking too many APIs. Also they ding you for not setting the DNT header, which is nonsense.
Linux Mint 19.2 Cinnamon (64-bit), Windows 7 (64-bit), Windows 10 build 1803 (64-bit)
JavaScript is not Java
"As long as there is someone who will appreciate the work involved in the creation, the effort is time well spent." ~ Tetsuzou Kamadani, Cave Story

User avatar
F22 Simpilot
Lunatic
Lunatic
Posts: 279
Joined: 2019-01-06, 07:59
Location: From RLG fly heading 053 intercept 315 DVV look for the SAM

Re: Group Project: Smudging your fingerprint

Unread post by F22 Simpilot » 2019-05-10, 04:31

Your link links back here.
If you're that smart and act like a dork, then you're not that smart after all. :geek:

User avatar
Moonchild
Pale Moon guru
Pale Moon guru
Posts: 24242
Joined: 2011-08-28, 17:27
Location: 58°2'16"N 14°58'31"E
Contact:

Re: Group Project: Smudging your fingerprint

Unread post by Moonchild » 2019-05-10, 14:23

Link fixed.

By the way, I make my browser fingerprint unique ON PURPOSE and present a different unique fingerprint every time. That, IMO, is the only way to combat fingerprinting and tracking by fingerprint. Smudging won't help because the way around it is simply to come up with another variable to check that is unique. What tracking needs is a unique enough fingerprint that doesn't change otherwise. Smudging might make you briefly less identifiable because you'll be part of a slightly less unique group, and might make you feel better, but isn't actually effective. The recent common-sense documentation that trying to hide by disabling APIs being counterproductive only underlines my point that unique is good, as long as you are a different entity every time.

As explained before, this also hurts the trackers directly because they will get nonsensical or useless data in their databases from unique fingerprints that will never be seen again; and it will be impossible (or at least very difficult) to distinguish valid-but-fake fingerprints from valid-and-real ones.
City of Heroes public server: https://www.moonshard.org/ -- Vote for it on cohservers.com

"If you want to build a better world for yourself, you have to be willing to build one for everybody." -- Coyote Osborne
Image

User avatar
gmaslin
Hobby Astronomer
Hobby Astronomer
Posts: 16
Joined: 2019-05-05, 18:48

Re: Group Project: Smudging your fingerprint

Unread post by gmaslin » 2019-05-10, 14:35

@Moonchild
Sometimes you read posts that completely change your perspective on things. Yours was one of those. Okay, so if I understood you, the idea is to make a completely unique and identifiable browser that is constantly changing. I'm assuming this means the use of a spoofing agent or some kind of browser randomizing. What's the extension set favored by Palemoon? I tried using the Canvas extension but it cripples my browsing

User avatar
Moonchild
Pale Moon guru
Pale Moon guru
Posts: 24242
Joined: 2011-08-28, 17:27
Location: 58°2'16"N 14°58'31"E
Contact:

Re: Group Project: Smudging your fingerprint

Unread post by Moonchild » 2019-05-10, 14:54

You don't need to randomize much. Just a few things or maybe even just one thing which is commonly checked. Canvas hash is such a thing -- so, go into about:config and set canvas.poisondata to "true" and there you go, you're unique every time.
User agents should be left alone -- unfortunately this is used everywhere to determine browser capabilities in lieu of actual capability checking so randomizing that will break things much worse.
City of Heroes public server: https://www.moonshard.org/ -- Vote for it on cohservers.com

"If you want to build a better world for yourself, you have to be willing to build one for everybody." -- Coyote Osborne
Image

User avatar
gmaslin
Hobby Astronomer
Hobby Astronomer
Posts: 16
Joined: 2019-05-05, 18:48

Re: Group Project: Smudging your fingerprint

Unread post by gmaslin » 2019-05-10, 18:51

@Moonchild
Thanks, I set my canvas.poisondata to true and deleted my canvas extension. I'm guessing I will be vulnerable to identification within the same browser session but not when I restart my browser. Is this correct or will simply opening a new window suffice?

Falna
Lunatic
Lunatic
Posts: 345
Joined: 2015-08-23, 17:56
Location: UK / France

Re: Group Project: Smudging your fingerprint

Unread post by Falna » 2019-05-11, 00:42

You don't even need a new window; it changes for every page reload / new tab too, if canvas is in use. You can verify that yourself at https://browserleaks.com/canvas.

User avatar
gmaslin
Hobby Astronomer
Hobby Astronomer
Posts: 16
Joined: 2019-05-05, 18:48

Re: Group Project: Smudging your fingerprint

Unread post by gmaslin » 2019-05-11, 17:30

@Falna
HaHaHa, that's just beautifully elegant. Okay, so the only thing to worry about now is IP blocking, history cache and cookies. Cookies are easy to address, what's the preferred strategy for the others?

vannilla
Astronaut
Astronaut
Posts: 573
Joined: 2018-05-05, 13:29

Re: Group Project: Smudging your fingerprint

Unread post by vannilla » 2019-05-11, 18:52

gmaslin wrote:
2019-05-11, 17:30
IP blocking
The only way to stop someone from knowing your IP address is to not use the IP address, i.e. stop using the Internet.
What would hiding your address accomplish anyway?

moonie
Moonbather
Moonbather
Posts: 62
Joined: 2017-08-25, 12:59

Re: Group Project: Smudging your fingerprint

Unread post by moonie » 2019-05-12, 01:38

proxy servers like anonymouse were used for that sort of thing on a forum i used to go to decades ago.

ron_1
Moon Magic practitioner
Moon Magic practitioner
Posts: 2014
Joined: 2012-06-28, 01:20

Re: Group Project: Smudging your fingerprint

Unread post by ron_1 » 2019-05-12, 02:00

Moonchild wrote:
Canvas hash is such a thing -- so, go into about:config and set canvas.poisondata to "true" and there you go, you're unique every time.
So this makes me curious . . . why isn't the default "true"?

User avatar
Isengrim
Keeps coming back
Keeps coming back
Posts: 921
Joined: 2015-09-08, 22:54
Location: 127.0.0.1
Contact:

Re: Group Project: Smudging your fingerprint

Unread post by Isengrim » 2019-05-12, 04:17

ron_1 wrote:
2019-05-12, 02:00
So this makes me curious . . . why isn't the default "true"?
The pref can have performance issues when set to true, so it isn't always a good thing.
Linux Mint 19.2 Cinnamon (64-bit), Windows 7 (64-bit), Windows 10 build 1803 (64-bit)
JavaScript is not Java
"As long as there is someone who will appreciate the work involved in the creation, the effort is time well spent." ~ Tetsuzou Kamadani, Cave Story

User avatar
New Tobin Paradigm
Off-Topic Sheriff
Off-Topic Sheriff
Posts: 5685
Joined: 2012-10-09, 19:37
Location: Sector 001

Re: Group Project: Smudging your fingerprint

Unread post by New Tobin Paradigm » 2019-05-12, 04:24

Also, some of his can't afford to or don't want to waste all of our foil making hats no matter how snazzy they may be.
Image
- The universe is a spheroid region, 705 meters in diameter. -
http://binaryoutcast.com/ | http://thereisonlyxul.org/

User avatar
Moonchild
Pale Moon guru
Pale Moon guru
Posts: 24242
Joined: 2011-08-28, 17:27
Location: 58°2'16"N 14°58'31"E
Contact:

Re: Group Project: Smudging your fingerprint

Unread post by Moonchild » 2019-05-12, 11:44

moonie wrote:
2019-05-12, 01:38
proxy servers like anonymouse were used for that sort of thing on a forum i used to go to decades ago.
A warning about using proxy servers of any kind is that you may be making things worse. You'll be sending all of your traffic neatly bundled together through a single host that can monitor and record every page you visit. Using "public proxies" is therefore a huge risk of worse things than being tracked on websites.
City of Heroes public server: https://www.moonshard.org/ -- Vote for it on cohservers.com

"If you want to build a better world for yourself, you have to be willing to build one for everybody." -- Coyote Osborne
Image

moonie
Moonbather
Moonbather
Posts: 62
Joined: 2017-08-25, 12:59

Re: Group Project: Smudging your fingerprint

Unread post by moonie » 2019-05-12, 12:18

No reason to doubt what you're saying anyway Moonchild, but I can absolutely believe that about proxies.

User avatar
gmaslin
Hobby Astronomer
Hobby Astronomer
Posts: 16
Joined: 2019-05-05, 18:48

Re: Group Project: Smudging your fingerprint

Unread post by gmaslin » 2019-05-12, 17:51

I very much like my tin foil hats and I think they should be all the rage by now. I especially like the ones that name all the Senior Executive Service (see SES on aim4truth.org) members in all our political parties as the treasonous rodents they are. Those are truly the smartest ones :)

(prior text edited out)

Some of you may have noted from my posts that I'm a big fan of unhindered speech. Unfortunately, that has made me persona non-grata on many forums where I have been effective in providing people with truths closer to reality. Until people begin to understand how nonsensical the narrative permitting individual organizations or private citizens to bypass the HUMAN RIGHT TO SPEAK FREELY is, the ability to mask or misdirect an IP address is a critical tool of information warfare. You may attempt to silence me but my thoughts will be heard, one way or another. What do you guys use to keep your bookmarks from being read?
Last edited by gmaslin on 2019-05-12, 17:58, edited 2 times in total.

User avatar
Moonchild
Pale Moon guru
Pale Moon guru
Posts: 24242
Joined: 2011-08-28, 17:27
Location: 58°2'16"N 14°58'31"E
Contact:

Re: Group Project: Smudging your fingerprint

Unread post by Moonchild » 2019-05-12, 17:55

I do like to remind you at this point of Forum rule 1f:
This forum focuses first and foremost on support and development of the Pale Moon browser.
Don't post politically, ideologically, religiously or socially sensitive topics on this forum, especially if they revolve around strong, polarized opinions and world views.
This to keep drama and heated tempers to a minimum.

If you want to discuss such topics, please go to dedicated fora for them. #
Please keep your general post content on-topic, especially outside of the general discussions board.
City of Heroes public server: https://www.moonshard.org/ -- Vote for it on cohservers.com

"If you want to build a better world for yourself, you have to be willing to build one for everybody." -- Coyote Osborne
Image

Post Reply