Quote:
Well most of the sites require javascript to provide decent experience. But javascript is not needed for tracing see example. There are ways to trace user. VPN with Webrtc leakage is just an example showing that if one bought VPN, then chrome based browsers will not cut. Can you manipulate referer settings in chromium for example? WebRTC can be easily disabled in FF without messing with javascript. So chrome based browsers are not similar to FF. Most have analytics embedded: as Google Chrome derivatives. If chromium ungoogled is free of analytics, still it leaks information. If you like konqueror or seamonkey that is fine. If you want to disable javascript, you can but this will cause problems with a lot of sites. |
https://amiunique.org
This page is very interesting to analyze the information your browser "leaks" about you. One of the issues with adding security features or enabling security settings, is that those features makes you more unique. The "goal" should be to look as generic as possible, while having an optimal working browser still, and as many custom features (including security) added as one want. In my case, somewhat strangely it reported me as Windows 11, which I thought was a good thing, but it actually was a bad thing, because my other result combined with Windows 11, made me even more unique, because I use GNU/Linux, and those results were very abnormal with Windows 11 (but is normal with GNU/Linux). One of the most revealing features was that I use another search engine than most people use. This was revealed with the "referer" flag. However, this flag is possible to turn off in Firefox about:config.. Code:
network.http.sendRefererHeader 2 Another option that does create issues, but might be worth changing is this one.. Code:
privacy.resistFingerprinting false https://www.mozilla.org/en-US/firefo...ingerprinting/ The problem with this option is the same as it is meant to protect from, which is a kind of alternate version of "cookies", which is "fingerprinting". In some cases, like cookies, these features might be a good thing, and like with cookies, if you block them, blocking fingerprinting might also lead to some less fortunate results when you browse different pages. While you're at it, you might want to isolate cookies to first party cookies (only to the website you visit, and not external ones on that page).. This however could create problems with important redirect functions, like payment systems, possibly.. Code:
privacy.firstparty.isolate false While on the topic of privacy and Google.. You might want to disable Google Geolocation Service in Firefox.. (seemingly Google get what they pay for from Firefox) Code:
geo.enabled true Overriding the browser user agent is a bad idea, but it's possible (and complicated).. You can do so by ADDING this to about:config Code:
general.useragent.override However, both spoofing and changing your browser user agent is possible with that string, but you should probably take care to enter a valid widely recognized string. Otherwise, pages might not show at all, and you could have some major issues browsing the web. If one part of the string is incorrect, you might as well type nothing into it at all and report an empty user agent. There are various websites where you can search and find "correct" user agent strings. Like this: https://explore.whatismybrowser.com/useragents/explore/ Some things to consider, and some things to better stay away from, but nonetheless options. |
Quote:
If I were to go off that, the only real unique thing I see is the user agent; using firefox on linux. Apparently their data suggests this almost never happens! The other "unique" thing is that I don't allow javascript. (BTW people, it's never really been any issue at all for me to run this way) I find that considering that people DO hand over information using javascript is the more concerning. If that you're going to fingerprint people that is. Having javascript off is one category, but a very bland one that reduces fingerprinting. It would only confuse things further if people actually block the same information as I do. So if these people think that no javascript people are worth any bother, I would suspect they do not. So I would think that people with javascript on are going to provide essentially a unique ID versus people that don't of any case, are going to be hard to distinguish. I don't turn off javascript for fingerprinting reasons. The reason is simply not letting anyone execute code on my machine. It makes my machine run faster, and it's going to be much more secure. Quote:
|
Quote:
However, despite all that, and pretty much any measure you take, it's still quite difficult to accomplish an "anonymous" fingerprint, or a generic one, or whatever to call it. You really have to work on the weakpoints to get rid of them one by one, and some are nearly impossible to get rid of. And well, like I said, some "good" settings that you really want, will end up making you more unique because so few other people use those, and combinations of those. Probably you would also have to configure a set of "random" settings (10 or so fingerprint related ones), and use an RNG mechanic to set them randomly each time you start Firefox. Ps. Default "no javascript" on that page with 2 million+ different fingerprints is at the rate of 0.50%.. |
Quote:
It takes ~5min to secure one's FF: get https://github.com/yokoffing/Betterf...ain/Fastfox.js or https://github.com/arkenfox/user.js/blob/master/user.js or https://codeberg.org/Narsil/user.js/...esktop/user.js these are current popular, well maintained hardening user.js add uBlock original and add this filter https://raw.githubusercontent.com/Da...LShortener.txt Maybe ClearURLs That is all I don't see any point of going beyond these settings because internet should be usable. |
Increase (width) Firefox scrollbar.
about:config Code:
|
Quote:
TKS |
Quote:
|
Quote:
|
Quote:
TKS |
Hey, I'm kinda inactive here this year, have had some IRL stuff that needs to be done.
Got some news for you guys, from web browser space, hopefully useful: According to calendar the new 115.8_esr is supposed to drop on February 20. Also, the new openh264-2.4.1 has dropped, I've compiled/tested it's all good so far. And last but not the least, ublock origin 1.56.0 has dropped, not yet reviewed by mozilla team. |
|
Quote:
Nevermind, X-Day is on the 5th. Got it confused with Last Dead Show day. |
Quote:
I probably wouldn't have understood a word of what you said :D |
I wish FireFox still let me have RSS favicons. :( It will never be my main web browser again until they return that (rather than the Pale Moon fork of better/classic FireFox).
|
All times are GMT -5. The time now is 03:58 PM. |