Yes. There is a firefox extension called Chameleon that does this.
Comment on Digital Fingerprinting: Google launched a new era of tracking worse than cookie banners | Tuta
Zarxrax@lemmy.world 1 month ago
Would it be possible for a browser or extension to just provide false metadata in order to subvert this type of fingerprinting?
kipo@lemm.ee 1 month ago
drmoose@lemmy.world 1 month ago
No. Anything that executes Javascript will be fingerprinted.
That being said it depends who are you fighting. For common commercial tools like Cloudflare fingerprinter it might work to some extent but if you want to safeguard against more sophisticated fingerprinting then TOR and no JS is the only way to combat this.
The issue is that browsers are so incredibly complex that it’s impossible to patch everything and you’ll just end up getting infinite captchas and break your browsing experience.
Ulrich@feddit.org 1 month ago
Yes but that metadata is also used to serve you the webpage, so if you spoof it, the page may not load properly.
fmstrat@lemmy.nowsci.com 1 month ago
Others have mentioned what Firefox/etc do, but another option is a PiHole. If you can’t look up the IP for an advertiser URL, you don’t load the JavaScript to begin with.
JackAttack@lemmy.dbzer0.com 1 month ago
So from what I understand, theres 2 common ways that browsers combat this. Someone add to or correct me if I’m wrong.
Browsers such as Mull combat this by looking the same as every other browser. If you all look the same, it’s hard to tell you apart.
Browsers such as Brave randomize metadata that fingerprinting collects so that it’s more difficult to piece it all together and build a trend/profile on someone.
These aren’t the only options, these are just ones I’ve read about recently. Online behavior, browswr window size, and I’m sure so much more also goes into it. But every little bit helps and is better than nothing.
mathemachristian@lemm.ee 1 month ago
Mull is discontinued unfortunately, although I think it got forked?
masterofn001@lemmy.ca 1 month ago
For mobile, mullvad (from the actual VPN folk) for desktop still exists.
Ulrich@feddit.org 1 month ago
Mullvad browser and Mull were not affiliated.
JackAttack@lemmy.dbzer0.com 1 month ago
Yeah maybe Tor Browser was the better example. Just trying to get the point out lol.
drmoose@lemmy.world 1 month ago
The first point is flawed and even TOR doesn’t execute javascript because it’s impossible to catch everything when you give the server full code running capabilities.
The second point is more plausible but there’s an incredible amount of work to do to fix this. Like, needing to rework browser engines from ground up and removing all of the legacy cruft. Brave is not capable of this and never will be no matter what they advertise because it doesn’t have it’s own engine.
That being said, these tools will get you quite far against commercial fingerprint products especially ones used for Ads but that will also ruin your browser experience as now you’re just solving captchas everywhere 🫠
JackAttack@lemmy.dbzer0.com 1 month ago
Thanks for adding! Could you clarify a bit on the points so I can better understand where I was wrong at?