Merged 2 posts from Canvas blocker on iOS?.
36
Anti Fingerprinting
23 days later
Vlad Well, but it will break those websites completely now, wouldn't it? I don't know if anyone has employed that technique in the wild yet, but it's a neat circumvention idea. I'm just not sure I described it clearly.
The idea is to hold a common third-party javascript library ransom, so you either have to break the site's functionality completely or agree with whatever that was added in that script.
Vlad Why is it not Orion's job to fix that? I don't see how that follows. I don't mean you need to "take on a job" right now literally, but rather that you do hold this anti-fingerprinting stance (and javascript blocking is being advertised as one of the defining features of Orion), and you do agree that fingerprinting should be avoided, and you also stated that the only reasonable way to do that is by blocking fingerprinter's javascript code from running, so no other ways that you want to consider. If we follow that logic, then when some entity decides to break (easily, at that) your only way of defence then you need to think of a better way, otherwise it makes the type of protection you offer pointless.
I don't see how just shrugging it off can make it work for Orion, or how advertising tracking safety in Orion can hold then. Certainly those entities can care less about their websites being broken in it.
Certainly those entities can care less about their websites being broken in it.
I agree. But I am counting on those entities not showing an infected JS to their users would be something they would care about. It breaking in Orion and Orion users reporting it to them would even help them realize that they are carrying infected, malicious scripts. But it is absolutetly website's job to fix that, not Orion's.
Vlad
You're making two points here:
- It's absolutely the website's job to fix a script hijacking issue, and
- You're counting on website entities to care about Orion users's opinion
Not arguing with any of those two points but simply extending that logic leads us to a conclusion that it's absolutely those entities's job to remove regular fingerprinting and tracking scripts from their products in the first place, given that users are complaining about them left and right, and not only Orion users at that. Which brings us to question why blockers even exist in Orion at all.
pibeh I am making just the first point. The other point I am making is that it is not Orion's job to fix maliciously infected websites, but to protect its users, which it does.
Blockers exist because most websites on the web are monetized by ads which people do not like. In addition blockers block tracking scripts, which contain fingerprinters, which is what this thread is about.
3 months later
Similar in the way we're able to set a custom User Agent, please also allow the ability to spoof the locale, timezone, and geolocation. This will add greater granularity to privacy with the browser.
Within the same area where a user can change their User Agent, also allow them to also change the locale, timezone, and geolocation to a specified setting.
joystmp We can use https://webbrowsertools.com/ or https://vytal.io/ to test if successful.
Merged 3 posts from Allow spoofing locale, timezone, and geolocation.
5 months later
tested dozen of browsers on fingerprint.com
@Vlad you mention advanced fingerprint is impossible to prevent. how come Brave browser wasn't "tracked" on the fingerprint.com website? (unlike Orion)
thanks! keep up the good work
2 months later
0xChain
In N. America, without VPN or something like tor, I don't see a way to hide geolocation for home user. It is from our IP addresses. TZ go hand in hand with geolocation.
lkjhfgds
I tried brave browser, 100% new install (never use it before), did not change any settings, no extension, went to fingerprint.com in both normal mode and private mode, and got the same "visitor id". I did get a different id if I use private + tor. Is there any settings I need to change for the test?
No one is typing