bullshoy55
Member
- Joined
- Dec 18, 2023
- Messages
- 10
- Likes
- 0
Or you can just use iVPN like a normal person. It has a built-in AntiTracker mode and Firewall, plus IPv6 and WireGuard support for Quantum Resistance.
-
WANTED: Happy members who like to discuss audio and other topics related to our interest. Desire to learn and share knowledge of science required. There are many reviews of audio hardware and expert members to help answer your questions. Click here to have your audio equipment measured for free!
Stop browser trackers once and for all
OP
- Thread Starter
- #22
Sure, it's a cat and mouse game. There's always interested parties that are looking for ways to fingerprint your identity online. Browsers and browser extensions are fighting back against fingerprinting. You're saying that the browser and browser extensions are losing this war, and that could be the case. But that doesnt mean consumers (or browser vendors) should stop trying to fight against fingerprinting.
Shocked pikachu face.
Your message is conflicting. According to you, I have to look at "views count", which doesnt exist on CreepJS. You probably meant "visits count". Also, you probably meant if you visit the page again (after closing tab) and if the "visits count" increases past 1, then the browser loses against real world tracking.You're supposed to look at total views count, not browser trust score. Visit creepjs, wait for a couple of seconds, close and reopen your browser, visit again. If the number is <1 — congratulations, your browser loses against real world tracking
If you open CreepJS and the "FP ID" on top keeps changing to a different value with every visit, this means the CreepJS will report the "visits count" as 1, because CreepJS thinks it's a different visitor with every visit. That's how you know the browser is randomizing your fingerprint on this website, with every visit.
I haven't published my results on this yet, but I'd like to know which browser you know that passes this CreepJS test. I await your results.
Sure, but Brave's Safe Browsing doesnt report your website visits to Google, as per official documentation.
Plus, if you're that paranoid of using Google's Safe Browsing technology, Safe Browsing in Brave can be disabled in the settings.
I really don't see this "Safe Browsing" as a threat to user's privacy, even if enabled.
Sure, but what operating system or browser doesn't track your telemetry?
You're saying this like it's unique to Brave or something.
Everybody on the internet is tracking your telemetry.
What libraries are you referring to?
Are these libraries publicly available?
OP
- Thread Starter
- #23
Changelog:
2023-12-19:
- Added colors to sections, for similar topics. Makes it much easier to see.
- Added 'Disable 3rd-party cookies (for all Android mobile browsers)'
- Added 'Enable Maximum Protection (for all Android mobile browsers)'
- Added 'Force 'Global Privacy Control' (for all Android browsers)'
- Added 'Device Fingerprinting Results for Android, using CoverYourTracks'
2023-12-19:
- Added colors to sections, for similar topics. Makes it much easier to see.
- Added 'Disable 3rd-party cookies (for all Android mobile browsers)'
- Added 'Enable Maximum Protection (for all Android mobile browsers)'
- Added 'Force 'Global Privacy Control' (for all Android browsers)'
- Added 'Device Fingerprinting Results for Android, using CoverYourTracks'
- Joined
- Feb 23, 2016
- Messages
- 20,771
- Likes
- 37,635
Have you tried adding noscript add ons for these tests?
OP
- Thread Starter
- #26
Good idea. I will test for that.
So far, I only did "Firefox + Noscript" for the CoverYourTracks fingerprint test on desktop.
OP
- Thread Starter
- #27
NSA has entered the chat.
OP
- Thread Starter
- #28
What's concerning me right now is why Firefox for Android keeps failing the 3rd-party GRC's cookie test!?
That's after I changed the settings to ensure all 3rd-party cookies are blocked:
Here's my Firefox for Android version 120.1.1:
For comparison, here's Firefox Focus (where 3rd party cookie blocking works after you make the setting change):
Can anyone else confirm this?
That's after I changed the settings to ensure all 3rd-party cookies are blocked:
Here's my Firefox for Android version 120.1.1:
For comparison, here's Firefox Focus (where 3rd party cookie blocking works after you make the setting change):
Can anyone else confirm this?
Last edited:
- Joined
- Feb 23, 2016
- Messages
- 20,771
- Likes
- 37,635
I get same results as you on both versions of Firefox. Using an Android phone.
OP
- Thread Starter
- #30
I figured it out.
Steve Gibson (the creator of GRC.com's cookie test), said that after Firefox introduced the Total Cookie protection by default in June 2022, the GRC's cookie forensics test started failing.
Security Now Episode 876:
Security Now Episode 877:
In summary, Steve didn't have the time to fix his Cookie Forensics test, in order to take into account Firefox's new "Total Cookie Protection" technology, since he's busy with other projects.
In other words, this looks like a false positive. Great news!
Firefox for Android was always safe to use!
Last edited:
FP ID value is based on a multiple fingerprinting techniques. different FP ID doesn't necessarily mean that fingerprinting libraries can't track you down, since, if one metric jumps within a certain pattern/stays the same, a tracking algo will eventually figure it out. creep.js is the only good enough fingerprinting demonstration i could find.
Yes. But there's no way to change chromium engine properties on-the-fly, hence why spawning new browser session, not closing tab, is necessary.
How so? There used to be a trust score rating instead of the total views count, i swear
Tor Browser, Arkenfox.js, one nasty, close sourced Anti-detect browser for affiliate marketing purposes can pass the creep.js test as well as fool a real world tracking.
Cool. It used to proxy Safe Browsing requests.
Different flavours of *NIX, many browsers.
Unfortunaely, no. I have to plug the "trust me bro" assertion on that.
All i'm saying is that Tor Browser is the only consumer-friendly option that really protects your privacy. Everything else gives users a false feeling of privacy, and, essentially, is a privacy theatre. Simply disabling 3rd party cookies and turning Firefox Enhanced Tracking protection won't harden your browser at all.
Last edited:
@sweetchaos no iOS browsers are “based on chromium”. Apple enforces that they all use the same rendering engine as Safari i.e. WebKit.
I tend to think the only way to truly block tracking from the people you'd care about (Google, Amazon, Facebook, Apple) inside a normal browser, is to block all Javascript and cookies. This breaks many websites, so you'd probably have to use several browsers to achieve something approaching this. Some browsers you'd use with scripts/cookies disabled, others with these things enabled (where you need to login to a website), essentially various browsers for various activities. It becomes messy/difficult to sustain quickly.
Google APIs and Amazon AWS are used by so many websites (this website uses Google APIs), it is borderline impossible to stop those companies knowing a fairly significant amount of what you're up to, without blocking these things & making many websites inoperable.
Google APIs and Amazon AWS are used by so many websites (this website uses Google APIs), it is borderline impossible to stop those companies knowing a fairly significant amount of what you're up to, without blocking these things & making many websites inoperable.
Last edited:
OP
- Thread Starter
- #34
In the latest episode of Security Now (with Steve Gibson), Steve talks about the latest Chrome change to eliminate 3rd-party cookies by 2nd half of 2024.
Starts at 31min:41sec
Ends at 39min:24sec
In summary, 3rd-party cookies are about to be killed by Chrome and seeing how Chrome has 62% marketshare, this is huge news (as I've stated in my intro post).
Hence, my initial interest in this thread, just to see what all the browsers are doing.
Firefox really did the world a favor by implementing their Total Cookie Protection by default, since April 2023... Bravo!
I find it kind of ironic, since Google always had 3rd-party cookies enabled by default and even prior to announcing this major change in 2024, they rolled out this new tracking technology "Topics" like 3 months ago, just so they can maintain their $ generating stream. Plus, the YouTube agressive anti-adblocking behaviour that started a few months ago, also explains their panic to maintain as much ad revenue as possible before completely being forced (by the industry) to kill 3rd-party cookies once and for all.
Good riddance!
Ends at 39min:24sec
In summary, 3rd-party cookies are about to be killed by Chrome and seeing how Chrome has 62% marketshare, this is huge news (as I've stated in my intro post).
Hence, my initial interest in this thread, just to see what all the browsers are doing.
Firefox really did the world a favor by implementing their Total Cookie Protection by default, since April 2023... Bravo!
I find it kind of ironic, since Google always had 3rd-party cookies enabled by default and even prior to announcing this major change in 2024, they rolled out this new tracking technology "Topics" like 3 months ago, just so they can maintain their $ generating stream. Plus, the YouTube agressive anti-adblocking behaviour that started a few months ago, also explains their panic to maintain as much ad revenue as possible before completely being forced (by the industry) to kill 3rd-party cookies once and for all.
Good riddance!
OP
- Thread Starter
- #35
For years, I used to use NoScript for both Chrome/Firefox, where I was blocking javascript.
Blocking 1st-party javascript for website broke everything, which made the internet unusable. So I stopped doing that.
Then I just blocked all 3rd-party javascript, which made like 50% of websites usable and 50% unusable. So i started doing whitelisting approach to allow 3rd-party javascripts and maintain this list across multiple computers. This worked for a while, until you get annoyed just allowing 3rd-party javascript on new websites, just to make the website usable. So I stopped going that after a few years.
Then I just blocked 3rd-party cookies for as long as I can remember. Which made all website work again, and stopped me from fiddling with each website's javascript.
Javascript blocking is really not a user-friendly approach.
Last edited:
The problem is that cookies aren't the only things doing tracking. People clear cookies all the time and yet are still tracked, so javascript browser identification is what is being used. Without blocking javascript, how do you get around that? I'm not sure you can, which bring us back to this:
- Joined
- Feb 23, 2016
- Messages
- 20,771
- Likes
- 37,635
Which why this response to my question was informative, but discouraging. It means most of the web is constructed so you cannot use it without being tracked. Using Tor browser or noscript with a browser breaks so many things it is near useless.
Stop browser trackers once and for all
Intro: Mobile Browser Links Disable 3rd-party cookies (for desktop browsers) Disable 3rd-party cookies (for iOS browsers) Disable 3rd-party cookies (for Android browsers) Disable Topics (Chrome for desktop only) Disable Topics (Chrome for Android only) Enable Maximum Protection...
www.audiosciencereview.com
Some of the browsers you've mentioned are literally spyware. Not to mention they export browser profiles to their servers.
OP
- Thread Starter
- #39
After some quick browser testing, using Little Snitch (host-based traffic analyzer) for MacOS, along with a basic DNS ad-list, I don't trust or recommend this "Arc" browser.
In a period of about an hour, there's over 120 network attempts of sending data to
api.segment.io (which is data analytics platform hosted on segment.com). That's just me opening the browser and not visiting any websites, so it's running in the background. That's about 2 DNS entries for every minute that it's running. While you can block this easily with DNS, I don't see any reason to recommend this browser, knowing they do this at this frequency.I then looked at their documentation to see if they disclose the fact that they're tracking your telemetry data. Their site https://arc.net/security shows that they disclose it. Which is at least transparent enough. They claim they don't collect any personal data, so I guess you have to trust them? Anyway, I won't recommend a browser that does this by default.
By the way, none of the other popular browsers (Chrome, Firefox, Brave, Safari for MacOS) utilize this data analytics platform.
I'll rework OP, at some point in the future.
- Joined
- Feb 23, 2016
- Messages
- 20,771
- Likes
- 37,635
Chrome updates Incognito warning to admit Google tracks users in “private” mode
Warning added to Chrome Canary as Google settles Incognito class-action suit.
arstechnica.com
I like many knew that incognito mode is not to stop tracking, but many people get the wrong idea.
