XPost: alt.comp.software.firefox
From: marion@facts.com
On Sat, 9 Aug 2025 11:49:31 +0100, Andy Burns wrote :
>>> I don't know if there's a single
>>> well-known commonly suggested "fingerprinting prevention" extension.
>>
>> What I actually meant was: aren't you making your browser more and more
>> /unique/ by using all those add-ons? I feel like it's only going to make
>> your browser more and more unique and recognizable, so it would make
>> fingerprinting easier.
> Websites can't [directly] tell which add-ons you have installed.
>
> IME it's almost impossible to not show a unique fingerprint ID.
>
> I've tried making changes, such as finding the "most unique" identifiers
> and getting my FF to use "less unique" alternatives, such as a popular
> Chrome version user-agent, making my language preference and location
> USA rather than UK
Ah, my mistake. Mea culpa. Duh. I missed the point completely. Sorry.
I apologize for not understanding that s|b was suggesting that these
anti-privacy extensions could making us even more fingerprint unique.
It's a valid concern, especially considering the adversaries we're up
against are crafty, data-hungry giants like Google, Amazon, Apple,
Microsoft, Meta, Cloudflare, Tiktok/Bytedance, Palantir, Oracle, etc.
It's a concern if adding these 18 well-intentioned extension inadvertently
make us stand out more, much like a camouflage pattern that's too custom.
1. User-Agent Switcher and Manager : version 0_6_4
2. uBlock Origin : version 1_65_0
3. NoScript : version 13_0_8
4. Cookie AutoDelete : version 3_8_2
5. Font Fingerprint Defender : version 0_1_6
6. WebRTC Control : version 0_3_3
7. Location Guard (V3) : version 3_0_0
8. Referer Control : version 1_35
9. Skip Redirect : version 2_3_6
10. StayInTab : version 1_0
11. ClearURLs : version 1_26_0
12. Decentraleyes : version 3_0_0
13. LocalCDN : version 2_6_79
14. Trace - Online Tracking Protection : version 3_0_6
15. Canvas Blocker - Fingerprint Protect : version 0_2_2
16. Browsec VPN - Free VPN for Chrome : version 3_92_2
17. Privacy Badger : version 2025_5_30
18. CthulhuJs (Anti-Fingerprint) : version 8_0_6
We probably all agree the browser problem to overcome isn't just
fingerprinting as it's the ecosystem of surveillance capitalism that
thrives on any sliver of uniqueness, much of which starts with an account.
Remember the golden rule was never to create an account on the Internet if
you don't have to, and never pay for anything if you don't have to.
So all they have for fingerprinting is what we give them, much of which is
from the browser itself but a lot is from our computers (like time zones
and dates and IP addresses and screen sizes, etc.).
Herbert Kleebauer long ago wrote a script for me to change my time zone
every few minutes, but I noticed some of these extensions do it for me.
Likewise I've removed all my special fonts (like Frutiger & RoadGeek), but
again, I noticed some of these extensions do that for me also.
Similarly I've messed with my browser header, but again, some of these
extensions do it for me. I always open up to delete cookies, and again,
some of these extensions delete cookies dynamically, while browsing.
That said, I think the goal should be strategic opacity. Blending in where
it matters, and standing out only when it serves a purpose (like logging
into your Google Mail using only 1 browser, used for no other purpose).
Privacy isn't just about hiding. It's about choosing when and how to be
seen. To that end, I think that's critical to use one browser per account
that you actually have to log into something. This is a golden rule also.
Part of the problem with privacy is shown with VPN where Google & Apple
hate VPN, so they force you to prove who you are when you use VPN. Hence,
you really can't have privacy extensions on a browser that logs into
anything.
This is a critical point I haven't mentioned but it needs stating:
A. The browser that logs into things, can't be a privacy browser.
B. So the privacy browser is what is used for everything else.
I'm sorry I hadn't made this distinction before, as it's just natural to me
to (a) not log into anything, but, if I must (b) use a separate browser!
Luckily, there are so many web browsers that it's easy pick one and only
one browser that is used to log into any given account you must log into.
To Andy's point, I have been testing this DIY privacy-based browser only
for a week or two where previously I never used extensions (since I used
Epic as my daily driver), but I think, so far, every test shows me as
DIFFERENT (which is the point after all). No two tests show me as the same.
Hence, I'm not sure if we've achieved our goal of being DIFFERENT every
time (even if we're unique!) or not. Does it matter? I don't know.
Of course you want to look like everyone else - but that's difficult to do
as you've already noted. And Tor, while I use it when I must, is never
gonna be the general purpose browser even as it makes you look like
everyone else.
I'm not sure if this DIY build your own privacy browser project is worth it
or not, but I'm still working on it as it has only been a couple of weeks.
In summary though, I've modified the "golden rules" to the following...
a. Never create an account you don't have to
b. Never pay for anything you don't have to
c. Use only one browser only for each account you must log into
d. Use a DIFFERENT (privacy-based) browser for general browsing
This thread is about DIY building that general-purpose privacy browser.
Any other ideas?
--- SoupGate-Win32 v1.05
* Origin: you cannot sedate... all the things you hate (1:229/2)
|
