Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

You could try these:

Browser Plugs Fingerprint Privacy Randomizer

Clear URLs

[I don't care about cockies]

Privacy Badger

Random User-Agent Switcher

Temporary Containers

uBlock Origin

Canvas Blocker

NoScript

Font Fingerprint Defender

Not all sites will work with it. For banking and plan ticket booking, I always recommend a separate, but major (e.g. Chrome) browser without any plug-ins.



>Random User-Agent Switcher

Don't bother. User agent spoofing is easily detectable and it's trivial to figure out your real user-agent based on js implementation differences or TLS fingerprinting. All this does is get you banned/flagged by security vendors, on top of sticking out like a sore thumb.

>Canvas Blocker

>Font Fingerprint Defender

Also easy to easy to detect because randomized values will put you in the bucket of "uses privacy extension" users, which is probably a smaller bucket than whatever hardware profile you're on (eg. macbook pro m3 14").


Maybe.

>>Random User-Agent Switcher >Don't bother. User agent spoofing is easily detectable and it's trivial to figure out your real user-agent based on js implementation differences or TLS fingerprinting.

JS is blocked by default on my browser.

>Canvas Blocker >Font Fingerprint Defender

> Also easy to easy to detect because randomized values will put you in the bucket of "uses privacy extension"

Hm. How are they going to detect it is randomized? They would have to identify me first again as the same user and then conclude I randomize these values.


>JS is blocked by default on my browser.

The major browsers can still be differentiated via default headers and TLS fingerprints, none of which requires js. Moreover if they're inconsistent you'd get flagged with "spoofs user agent", which makes you more identifiable than something like "firefox on mac".

>Hm. How are they going to detect it is randomized? They would have to identify me first again as the same user and then conclude I randomize these values.

Because a given canvas/font metrics value should return the same result given the same graphics hardware/font set. If you randomize the results it basically guarantees that your fingerprint has never been seen before. This might seem like a good thing (because you're randomized every time), but any competent fingerprinting implementation is just going to flag you as "spoofs canvas/font information". The point isn't necessarily to identify you as any particular user, it's to use the fact you're spoofing canvas/font/user-agent to fingerprint you further.


Thanks! IMHO The portable versions of Chrome or Firefox are great when you want a completely separate browser instance.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: