uMatrix: block everything 3rd party by default, enable on a site-basis. Also enables toggling of User agent spoofing, Referer spoofing and Strict HTTPS.
Privacy Settings: has some nice buttons for toggling features depending on mood; using it to block things like geolocation, battery API etc.
Cookie AutoDelete: remove all cookies, unless whitelisted. I whitelist a few pages that I use enough that it’d be a bother to having to log in on every visit.
I often pop open a clean Chromium (using chromium --temp-profile) or create a new Firefox profile if I’m visiting sites that for some reason don’t work/don’t want to fiddle with uMatrix settings to get it to work.
And of course, Tor Browser for an easy way to browse sites that I really don’t want to know me. And in the extreme that I’d want to be even more secure I’d make a Raspberry Pi dropbox with a wifi dongle and set it to run a VPN (or just SSH) as a tor hidden service and drop it with a battery near a coffee shop/McDonalds/library. …or use my Ubiquiti NanoStation to connect to an open wifi a few hundred meters away…
Having so many extension that inspect and intercept all network requests is unfortunately really bad for browser performance (and the JS/C++ context switches for everyone of those really add up). I recommend picking one of those blockers and figuring out how to make a restrictive superset.
Alternatively you could blocklist/nullroute things via /etc/hosts or somewhere else deeper in the network stack.
Gives you free anti-tracking in your other applications too.
Great website, but keep in mind that it doesn’t do anything remotely fancy that could be used for tracking. Nothing like using a unique ETag, nothing on the TCP layer, nothing like JavaScript feature tests, etc.
In other words: There certainly are lots of ways to improve it and if you really invest time into that you might come up with many additional tests.
But then I think the purpose is also to show how easy it is in general.
What is the “Hash of canvas fingerprint” value I see in the test? For me it carries the bulk (10 bits out of 18) of the information they report. The rest of the parameters I see seem to be data that applications need to function correctly, so I don’t think it’s feasible to block that.
You may consider enabling certain features on a per-site basis. That means unneeded features won’t be exploited on sites where you don’t care about webgl animations and your fingerprint will not match across all these sites.
Had the same problem; just installed CanvasBlocker and while it doesn’t change the conclusion of the test, the hash changes on every test meaning that it just got harder to track me.
On my android with firefox i get the following results:
How do you guys stop people tracking you on the internet?
Tor browser (note that their fingerprint doesn’t include IP address), or you don’t. Welcome to the modern Web.
So, the only way to protect from fingerprinting is Tor? There must be another lighter-weight solution out there…
Let us know, if you find something :-)
And now also CanvasBlocker…
I often pop open a clean Chromium (using
chromium --temp-profile) or create a new Firefox profile if I’m visiting sites that for some reason don’t work/don’t want to fiddle with uMatrix settings to get it to work.And of course, Tor Browser for an easy way to browse sites that I really don’t want to know me. And in the extreme that I’d want to be even more secure I’d make a Raspberry Pi dropbox with a wifi dongle and set it to run a VPN (or just SSH) as a tor hidden service and drop it with a battery near a coffee shop/McDonalds/library. …or use my Ubiquiti NanoStation to connect to an open wifi a few hundred meters away…
Having so many extension that inspect and intercept all network requests is unfortunately really bad for browser performance (and the JS/C++ context switches for everyone of those really add up). I recommend picking one of those blockers and figuring out how to make a restrictive superset.
Alternatively you could blocklist/nullroute things via /etc/hosts or somewhere else deeper in the network stack. Gives you free anti-tracking in your other applications too.
Thanks for the advice – I’m well aware of the cost, but in day-to-day use it’s not really noticeable.
Haven’t gotten around to setting up hosts files on my PCs/the gateway but I should find time to do that soon…
Thanks for Privacy Settings addon. I fiddled with about:config for some time, but the addon is much more convenient.
NoScript for Firefox on Android https://noscript.net/nsa/
18.62 bits for the system fonts. I wonder why the system fonts are exposed from the browser?
Hmm interesting, looking at this question, the culprit should be Flash.
So, if I disable the Flash add-on, the bits are reduced to 9.98.
That’s odd. I use Firefox without Flash I still get around 16 bits.
Great website, but keep in mind that it doesn’t do anything remotely fancy that could be used for tracking. Nothing like using a unique ETag, nothing on the TCP layer, nothing like JavaScript feature tests, etc.
In other words: There certainly are lots of ways to improve it and if you really invest time into that you might come up with many additional tests.
But then I think the purpose is also to show how easy it is in general.
What is the “Hash of canvas fingerprint” value I see in the test? For me it carries the bulk (10 bits out of 18) of the information they report. The rest of the parameters I see seem to be data that applications need to function correctly, so I don’t think it’s feasible to block that.
http://cseweb.ucsd.edu/~hovav/papers/ms12.html
You may consider enabling certain features on a per-site basis. That means unneeded features won’t be exploited on sites where you don’t care about webgl animations and your fingerprint will not match across all these sites.
The problem in a nutshell.
Had the same problem; just installed CanvasBlocker and while it doesn’t change the conclusion of the test, the hash changes on every test meaning that it just got harder to track me.