- When I see discussion around browser fingerprinting, the proposed defense generally seems to be that you should blend into the crowd by aquiring a common fingerprint.
I wonder how difficult to implement a solution where instead you randomly adjust your fingerprint as you move between sites would be.
by coffeecoders
4 subcomments
- Hi HN,
I’ve been experimenting with ways to reduce my browser fingerprint and exploring techniques to anonymize fingerprint data.
So I built this.
This is kind of like a lighter, more thorough version of CreepJS but entirely client side. I don’t maintain massive lists of time zones or do server-side comparisons to calculate uniqueness. Instead, it automatically surfaces everything a browser exposes, explaining each item in detail.
- Is it possible and cost-covering to create an ad-sponsored service that discloses what ad networks collect about users - i.e. age, location, preferences, interests, pregnancy, illnesses etc?
Because let’s be honest - all of us know that a lot of data points are being collected about us, countless articles have been written about the insanity of cookie and user-data monetization networks - still it appears to be a privilege to few to tap into that data trove.
I personally haven’t seen an effort to try and make this transparent. Efforts like this page are commendable and informative, much like amiunique or other services - still they lack the tangible information that sharing this information with “the world” reveals about an affected individual.
Why hasn’t this been done yet? Why is this seemingly not trivial?
- If you reload the page a few times, and you're using a modern browser, you'll almost certainly find it's a different fingerprint every time. Most modern browsers add in a randomization so that fingerprinting cannot be used for tracking.
So yes, your fingerprint is unique, but it's a different unique every time, making it pretty useless for anything.
- I tried various browsers, even the Tor browser, but it keeps showing 'Unique to 1 in 17.179.869.184+ devices'?
- EFF has a similar tool: https://coveryourtracks.eff.org/
No idea how representative either tool is.
- Interesting!
For me it says 1 in 17,179,869,184+, but scrolling through all the variables, the vast majority should be the same for any MacBook Chrome user.
It would be great to see the stats of each individual characteristic.
by Santosh83
4 subcomments
- What we need is VPB. Virtual Private Browser like VPNs. Essentially standardised cloud browsers that can execute your requests and send you back the result as bitmap buffers.
by evgpbfhnr
2 subcomments
- I get a new fingerprint id everytime I refresh the page (firefox, linux) -- so that might be sampling a tiny bit too much.
audio and canvas fingerprint are constant though so it's probably plenty enough...
by conartist6
0 subcomment
- I could not be more thrilled to see tools like this being built. Without tools to see the problems, we will never fix them
by adhambadr
3 subcomments
- Yet on the flip side, if I’m trying to auto identify my own phone for a login-less private app i tried to build I couldn’t get to reliably generate a consistent fingerprint on safari private mode, it regenerates 50% of the time, I’ve tried several libraries like fingerprintjs and co..
by simianparrot
1 subcomments
- Seems like the fingerprint ID is unique on each refresh in Safari, so fingerprint protection working as intended I presume?
by stevetron
1 subcomments
- It reports that my OS is Windows 10 on two different browsers, even though my OS is Windows 7.
by peterspath
0 subcomment
- It’s just a blank page for me on iOS 26.1 Safari with Lockdown Enabled.
by TazeTSchnitzel
0 subcomment
- The currency and telephone number prefix info is highly misleading. Those are being assumed based on my IP, not being reported by the browser. Knowing some of this data is fabricated like this makes the site seem less credible.
by reconnecting
1 subcomments
- May I ask if this code is the result of 'vibe coding'?
by informal007
1 subcomments
- Does I expose my latitude and longitude after visiting a url?
- I want to know how much of my porn habits reddit/fb/google/whoever keep on file.
- "System Platform" : "MacIntel"
Even though the Graphics Renderer is "Apple M1, or similar".
by Levitating
0 subcomment
- There's no hint of what the fingerprint ID is supposed to be?
Also I think somebody on HN recently pointed out that the language accept header can be used to fingerprint chromium users.
by QuantumNomad_
2 subcomments
- If two people have the same model iPhone and same version of iOS how different or similar would the fingerprints be?
My iPhone is allegedly unique to 1 in 2,147,483,648+ devices.
But I wonder how true that is, given how many people use the same model and iOS version as me.
by BinaryIgor
1 subcomments
- Super interesting project! Out of curiosity, how do you calculate Unique Fingerprint ID and Canvas Deep Fingerprint Hash?
- ERROR> https://neberej.github.io/exposedbydefault/assets/index-3936...: Uncaught ReferenceError: speechSynthesis is not defined
by nervysnail
1 subcomments
- I wait for the day when all this data collection explodes in a life threatening way for millions of people.
- this seems incredibly variable as to be almost useless as any type of "fingerprint" - running the latest version of Chrome on Android, the ID at the top of the page changes each reload.
- > Doesn't even load with JS
> Impossible to "expose"
The perks of disabling JS on every site!
- This is really cool, the audio thing estimating how many voices are nearby is sort of terrifying
- Here's another one: https://scrapfly.io/web-scraping-tools/browser-fingerprint
They actually delve much deeper, with a wealth of additional data and interesting details.
For example, in the DRM section, they extract the Security Level, like L3 – Software Decode (SW_SECURE_DECODE).
Their WebRTC test is also unique: they utilize a TURN server as a feedback mechanism. That means even if you tamper with WebRTC JS in the browser (like some extensions do), it can still expose your real IP by leveraging UDP and bypassing the proxy altogether.
https://scrapfly.io/web-scraping-tools/webrtc-leak
- seems like brave works well and isn't getting correctly fingerprinted
- My understanding that attempts to defeat fingerprinting are often useless because they can tend to make you more, rather than less, unique.
So instead I wonder if we could build an open database of “identities” that our browsers could clone.
That is your browser deliberately reports the whatever is currently the most popular of a set of general identities.
- Here's another one: https://amiunique.org/fingerprint
It's important to point out fingerprinting, yet no ordinary user cares.
- This is useless. I think you misunderstand the point of fingerprinting. A powerful fingerprinting algo should strive to detect you as the same person (aprox) while you use two different browsers. A more powerful one will detect you while you use another device. This only detect your current refresh.
by sloppy_startup
0 subcomment
- [dead]
Hacker News