EFF "cover your tracks" browser privacy test
coveryourtracks.eff.org Wanted to share this awesome tool to test your browser, also please do share your results in the comments.
coveryourtracks.eff.org Wanted to share this awesome tool to test your browser, also please do share your results in the comments.
powermaker450, somewhat related, is there any way at all to enable high refresh rates while using resistFingerprinting, or something I could use instead of it? this is the only thing keeping me away from resistFingerprinting on Mull and Librewolf.
WeLoveCastingSpellz, Ah so that’s the reason that Mull is limited to 60 hz. Sorry I have no idea
gazoinksboe, Any tips for iOS users? I got mid results
WeLoveCastingSpellz, maybe brave? I hate it but I can’t think of a better solution for IOS.
TheFriar, (edited ) I feel like Firefox is better. Or onion is probably even better. Set your privacy settings to strict. I use iOS and my results were strong.
Also go into your iOS settings and mess around. Disable all their bullshit. I’m not a super tech savvy person. My brother is in IT, but privacy is super important to me, so I go around, read stuff, turn off a bunch of their “share with” stuff, and their Siri bullshit and everything I can tinker with. There are a lot of iOS settings buried pretty deep in subpages. I’m not sure if the eff is checking those, but I’ve had to go down my list of apps and disable some Siri bullshit.
Sorry I can’t be more specific, like I said, I’m not the tech savvy one. I just use bare bones stuff, disable things that sound fishy. It’s all worked out for me so far lol
kinther, I’m not sure if it’s just me, but the page wouldn’t load at all. I’m using pihole for network DNS blocking + privacy badger + noscript. Even when I allowed all the domains via noscript temporary trusting it just sat there and spun forever.
foremanguy92_, What are your browser config and settings? (Extensions, settings, about:config…)
FlashMobOfOne, Our tests indicate that you have strong protection against Web tracking.
IS YOUR BROWSER:
Blocking tracking ads? Yes
Blocking invisible trackers? Yes
Protecting you from fingerprinting? ◕ your browser has a randomized fingerprint
Feels good man.
WeLoveCastingSpellz, fr
refalo, lol this site is almost pointless, real security experts know this is just for making uninformed people feel better.
creepjs will still positively fingerprint you every time. it’s simply impossible to be anonymous online.
WeLoveCastingSpellz, that needs javascript to work. I largely block javascript on my browser. you are no a security expert, just misinformed
refalo, (edited ) blocking javascript makes you stand out WAY more. that basically narrows down the pool of possible people from a million to 3.
WeLoveCastingSpellz, (edited ) tell that to my results of 1 in 360
trxxruraxvr, Anyone know if its possible to change the HTTP_ACCEPT header in Firefox on Android? Apparently that alone is enough to uniquely identify me :(
WeLoveCastingSpellz, I use “Mull” on android it is a firefox fork and is pretty much arkenfox mobile and more. You can try switching to that
dependencyinjection, Within our dataset of several hundred thousand visitors tested in the past 45 days, only one in 7748.22 browsers have the same fingerprint as yours.
Currently, we estimate that your browser has a fingerprint that conveys 12.92 bits of identifying information.
Using Arc on iOS.
Blocking tracking ads? Yes Blocking invisible trackers? Yes Protecting you from [fingerprinting] Partial protection
WeLoveCastingSpellz, pretty typical, not too bad if you aren’t protecting your fingerprint with the noscript addon
dependencyinjection, Is that available on iOS?
I realise my options are limited on this platform.
WeLoveCastingSpellz, noscript also exists on chromium, so if there a browser that supports addons on IOS it most prolly will have it. But I wouldn’t worry about it too much. I don’t have noscript installed on my phone either for convenience sake
brbposting, (edited ) Wow nice. Any opinions on how these fingerprinting evaluators compare?
CreepJS:
abrahamjuliot.github.io/creepjsEFF’s Cover Your Tracks:
coveryourtracks.eff.orgAm I Unique?:
amiunique.orgSad a pretty stock iPhone that’s blocking via some filterlists and using iCloud Private Relay (a “VPN”) is so detectable! Should be so many browsers appearing similar but there’s always this & that that mean I’m unique.
-my comment a month back & some discussion
lemann, I’m completely unique, both AmIUnique and the CreepJS test highlighted my installed fonts and two webcams (one of them is actually a virtual redirect for my primary webcam, since the drivers are DirectShow-based)
Would be interesting to see how my linux laptop performs, tbf it might be unique too considering it’s a mbp 2012. I remember running into at least one website I visited on it showing much higher prices compared to when I revisited the same website later from my windows desktop…
Syl, how did you reduce your fingerprinting ?
garfaagel, I use an addon called Chameleon that creates a random user agent that changes periodically.
Smokeless7048, similar, i used Random User Agent, it shows that i have a unique finger print… but the user agent of that fingerprint is not ‘my’ user agent, so in 30 mintutes i would appear as a different fingerprint
Artyom, In my experience, you have thee choices. You can use NoScript and avoid enabling domains required for fingerprinting, you can turn on privacy.resistFingerprinting in about:config, or instead of focusing on not being fingerprinted, focus on guaranteeing your fingerprint will keep changing.
Cryophilia, Funny thing is, I had to enable scripts on that website in order for the test to work lol
WeLoveCastingSpellz, you can o all 3 too >:3
astreus, I turned privacy.resistFingerprinting to true and now get an absolutely unique fingerprint on the tool
PumaStoleMyBluff, Be aware that any sites using HTML5 Canvas will probably be broken now. It breaks some other niche things too that may not be obviously related, so just keep that in mind if any site starts acting up.
Artyom, (edited ) That might be because it’ll be new every time.
Edit: I haven’t done my homework about how good this post’s test is, but I use amiunique.org to compare browser settings.
WeLoveCastingSpellz, blocking javascript using noscript
downpunxx, (edited ) Our tests indicate that you have strong protection against Web tracking.
Is your browser:
Blocking tracking ads? Yes
Blocking invisible trackers? Yes
Protecting you from fingerprinting? Your browser has a unique fingerprintYour browser fingerprint appears to be unique among the 178,285 tested in the past 45 days.
Currently, we estimate that your browser has a fingerprint that conveys at least 17.44 bits of identifying information.
Firefox/Windows 11/Privacy Badger/uBlock Origin
WeLoveCastingSpellz, very hard to circumvate fingerprinting, I use noscript for that
swayevenly, What are your settings for noscript? This test won’t complete after installing it.
MigratingtoLemmy, You have to enable the scripts for the page and leave everything else blocked
swayevenly, Doesn’t work.
MigratingtoLemmy, It’s a bit of manual work. Trial and error with just first party scripts, then add specific capabilities to scripts one-by-one
swayevenly, Best I get is with canvasblocker–without NoScript. At this point I’m not sure this screenshot is not photoshopped.
MigratingtoLemmy, We could ask the OP for their NoScript settings.
WeLoveCastingSpellz, in the noscriot settings default is set to “noscript and others” rest turned off, there is also ublock origin set to block 3rd party scripts, firefox fingerprinting settings are turned on
MigratingtoLemmy, What are your NoScript settings for this page?
WeLoveCastingSpellz, (edited ) everything is on default so every sibgle page it loads allows “noscript” and “others” as indicated by the noscript settings
MigratingtoLemmy, Thanks!
WeLoveCastingSpellz, firefoxes regular fingerprinting protection has canvas blocking try turning that on from about:config. no scrip allows only “noscript” and “others” to loaf by defsult and ublock origin is blocking 3rd psrty javascript.
WeLoveCastingSpellz, I have only “no script” and “others” enabled by default
DarkDarkHouse, Task failed successfully
Cryophilia, Just use brave
Our tests indicate that you have strong protection against Web tracking.
IS YOUR BROWSER:
Blocking tracking ads? Yes
Blocking invisible trackers? Yes
Protecting you from fingerprinting? ◕ your browser has a randomized fingerprint
WeLoveCastingSpellz, fuck brave
Cryophilia, I never got all the Brave hate. Just don’t do the crypto stuff.
WeLoveCastingSpellz, that in my opinion shouldn’t be in the browser in the first place, plus I don’t wanna support the chromium monopoly and instead wanna use a gecko based browser.
Cryophilia, It’s opt-in
MigratingtoLemmy, For me, I just dislike the feature bloat. I wonder if somebody has a brave fork, since brave has some of the best fingerprinting protection amongst all browsers
refalo, (edited ) LOL
abrahamjuliot.github.io/creepjs/
you don’t even need javascript to fingerprint anymore. html and css works too
WeLoveCastingSpellz, that needs javascript to work. I largely block javascript on my browser.
Hegar, I got almost the exact same result using DDG on a cheap android phone. Within .1 bits of identifying info.
panicnow, I get 17.45 on an iPad Pro. This is with all extensions disabled and my adblocker off. They say I am unique in the past 45 days. Looking through the info I don’t see how this works. Could it be that no one else has tested with an iPad Pro? It’s not like the hardware in this model is different from a similar one. You really just cannot meddle with it. It’s a fairly locked down ecosystem.
If I took an iPad, reset it and ran the test. Then reset it and ran the test again, would both be unique?
TragicNotCute, Thanks for posting this! I installed privacy badger and modified my user agent as a result of the test. Very helpful insight that I didn’t have before.
WeLoveCastingSpellz, privacy badger is outdated though, not needed anymore if you have ublock origin
TragicNotCute, I have ublock origin and failed the tracker checks without privacy badger.
WeLoveCastingSpellz, hm, mine is on medium mode so it blocks 3rd party scripts, maybe it’s that? do whatever works for you
aeronmelon, You should include a hyperlink to the actual site in your post.
WeLoveCastingSpellz, I forgot sorry! here it is: coveryourtracks.eff.org
pfaca, I don’t know if you posted a link to the actual site (I’m not seeing one, just a screenshot), https://coveryourtracks.eff.org/
WeLoveCastingSpellz, ye that’s the one, I forgot to put the url in the post
Add comment