this post was submitted on 12 Jul 2024
98 points (96.2% liked)
Privacy
32309 readers
455 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Very strong disagree, I have seen and used many very widely used extensions that manipulate the DOM, which IMO satisfies your criteria of "something that can be observed" i.e. by javascript with a fingerprint tracker like creepjs.
Some examples:
ad blockers (uBO/uMatrix/etc.)
color/theme management (dark reader/dark theme/Stylish/etc.)
custom mouse cursor managers
page translators
addons serving in-browser ads
userscript managers (grease/tamper/violentmonkey etc.)
privacy blockers (CanvasBlocker/JShelter/etc.)
site-specific UI improvements (RES, SponsorBlock, youtube/SNS tweaks)
All of these can be detected and included as yet another bit of data that a unique fingerprint can be built from.
Yes, those could be detected.
Ill see how large that portion is on my system in a bit, but I would expect it to come out as the minority.
Non-detectible ones I can think of rn:
Many more of the ones you listed won't be detectable on most websites.
A userscript manager is by definition detectible only on pages you define or install a userscript for. Even then, modern userscript managers like tampermonkey are running scripts in a separate scope that is completely sandboxed from the actual websites js context, you can't even pass an object or function to the website and access it there, it will fail.
Youtube has actively fought some userscripts and failed, which they probably wouldn't have if those userscripts were detectible.
User theme managers should be similar, but I can't comment on them as I don't use any.
Translators are only detectible when enabled.
Why would you have an addon that serves ads?
Are site-specific, i.e. not detectible anywhere else
Please don't use those anymore, use only uBo. Same for uMatrix.
uBo is pretty good about not being detected, for obvious reasons.