Fingerprint test, show how private you are
- Thread starter CaffeineAddict
- Start date
So my question is, Does anyone's browser NOT have a unique fingerprint?
I ran this test on my Android phone in Vivaldi and Google Chrome, and on my Debian 13 computer in Firefox and Vivaldi. Every time, "Your browser has a unique fingerprint".
Next, I switched my phone to Mobile Data, which bypassed the pfSense router. Same thing in both browsers.
So if I wanted to, I couldn't hide.
No idea how to get "◕ your browser has a randomized fingerprint". Or if it's a good idea.
Last edited:
OP
CaffeineAddict
Well-Known Member
Yeah, mine:
It should tell "non-unique fingerprint".
I get it with QEMU/KVM and either tor or FF with ublock + noscript.
That worked! Thank you.
Terminal Velocity
Well-Known Member
| Blocking tracking ads? | Yes |
| Blocking invisible trackers? | Yes |
| Protecting you from fingerprinting? | your browser has a randomized fingerprint |
Just Brave, no extensions, no significant setup
Condobloke
Well-Known Member
I run Linux Mint Cinnamon 22.3
I downloaded Mullvad browser, from the Linux Mint Software Manager ...it is a system Package, not a flatpak.
I opened it and made no changes at all...zero.
I accessed : https://coveryourtracks.eff.org/
I clicked on 'Test your browser', without making any changes there at all.
The result is below:
I downloaded Mullvad browser, from the Linux Mint Software Manager ...it is a system Package, not a flatpak.
I opened it and made no changes at all...zero.
I accessed : https://coveryourtracks.eff.org/
I clicked on 'Test your browser', without making any changes there at all.
The result is below:
That is how you avoid fingerprinting. You want it to match as many other devices as you can. If you change your browser, you've changed your fingerprint. That makes you more unique.
It's like blending into a crowd. If you stand out, you're easier to spot. If you look like everybody else, it's harder to single you out.
Condobloke
Well-Known Member
I am going to experiment.
Firstly by entering my much used 'home' pages
if mullvad survives that without obvious changes etc etc.....I will then look through the browsers settings
Firstly by entering my much used 'home' pages
if mullvad survives that without obvious changes etc etc.....I will then look through the browsers settings
Condobloke
Well-Known Member
I added the above url's as home pages
Logged into Reddit. I do not log into the various news pages, ever.
Just out of interest, there is an icon in the top right hand corner of this browser that allows you to "reset your identity" That closes all windows and tabs, and all website sessions are lost. Mullvad browser is restarted. (I have not clicked on that, yet)
I note that Mullvad signs me out of anything I have signed into, when the browser is closed. (Reddit only at this stage....whether it signs me out of Linux.org remains to be seen)
After opening many web pages and perusing redit etc etc etc...I took another screenshot of the coveryourtracks results.
Next, I will look at the default system settings
Logged into Reddit. I do not log into the various news pages, ever.
Just out of interest, there is an icon in the top right hand corner of this browser that allows you to "reset your identity" That closes all windows and tabs, and all website sessions are lost. Mullvad browser is restarted. (I have not clicked on that, yet)
I note that Mullvad signs me out of anything I have signed into, when the browser is closed. (Reddit only at this stage....whether it signs me out of Linux.org remains to be seen)
After opening many web pages and perusing redit etc etc etc...I took another screenshot of the coveryourtracks results.
Next, I will look at the default system settings
Condobloke
Well-Known Member
Before I proceed, Mullvad does sign me out of Linux.org
That is a pain. I access linux.org constantly every day.
When I access the system settings, i will turn that setting off, and note any differences to the coveryourtracks result.
That is a pain. I access linux.org constantly every day.
When I access the system settings, i will turn that setting off, and note any differences to the coveryourtracks result.
Condobloke
Well-Known Member
Mullvad would not respond to 'make mullvad you default browser. I did set as the preferred application in Linux Mint's settings.
** I did install ONE extension, Bitwarden Password Manager. **
General:
No import of browser data
open links in tabs instead of new windows.....Only
Horizontal tabs
Letterboxing refers to the fact that the browser window does not extend to cover the screen. I left it alone.
Contrats control, Off
Fonts, caladea, (installed by me)
Downloads...saved in Downloads
Applications.....left it alone....ask whether to open or save files below that
performance...recommended settings
Browsing...all unticked -- pic in pic etc included
connection Settings...default is 'use system proxe settings.....left it there
Proxy DNS when using SOCKS v5 is ticked as default. Did not change it
Home: I set the custom url's as descibed above in post 48
Search: Default duckduckgo. Left it unchanged.
Address Bar only one ticked is now Browsing history
Search Shortcuts: left unchanged
Privacy & Security:
History:
Use custom settings for history. This means mullvad will delete cookies and site data from the session when the browser is closed. This means anything logged into will be logged out of.
Always use Private browsing mode has a tick as default. Left it at that.
Permissions: left them as default, including block pop ups etc with ticks
Security:
left the tick in Query ocsp responder servers etc
HTTPS-Only Mode is ticked. Left as that
DNS over HTTPS
I will try the browser for a while and then take a screenshot of the coveryourtracks results
** I did install ONE extension, Bitwarden Password Manager. **
General:
No import of browser data
open links in tabs instead of new windows.....Only
Horizontal tabs
Letterboxing refers to the fact that the browser window does not extend to cover the screen. I left it alone.
Contrats control, Off
Fonts, caladea, (installed by me)
Downloads...saved in Downloads
Applications.....left it alone....ask whether to open or save files below that
performance...recommended settings
Browsing...all unticked -- pic in pic etc included
connection Settings...default is 'use system proxe settings.....left it there
Proxy DNS when using SOCKS v5 is ticked as default. Did not change it
Home: I set the custom url's as descibed above in post 48
Search: Default duckduckgo. Left it unchanged.
Address Bar only one ticked is now Browsing history
Search Shortcuts: left unchanged
Privacy & Security:
History:
Use custom settings for history. This means mullvad will delete cookies and site data from the session when the browser is closed. This means anything logged into will be logged out of.
Always use Private browsing mode has a tick as default. Left it at that.
Permissions: left them as default, including block pop ups etc with ticks
Security:
left the tick in Query ocsp responder servers etc
HTTPS-Only Mode is ticked. Left as that
DNS over HTTPS
I will try the browser for a while and then take a screenshot of the coveryourtracks results
Condobloke
Well-Known Member
Coveryourtracks Result for the above settings.
Condobloke
Well-Known Member
And now I will introduce some changes for my convenience....aka being kept logged in to sites like linux.org and reddit.com etc
manage cookies and site data:
History:
The Result:
Mullvad marches to the beat of a different drum.
I cannot set the various settings I would like to. In other words, settings that are possible in Firefox and Librewolf are not possible in this browser.
I guess it is made that way to preserve Mullvads reputation.
It is based around HISTORY settings
Given the settings shown above, It remembers linux.org , but not reddit (go figure) something to do with the type of memory...
So, if I wish to remember History, I pay the price of mullvad restarting itself and taking on a boatload of cookies and associated crap which is what I wished to avoid in the first place !
SEE EDIT AT END OF THIS POST..... IT IS POSSIBLE TO REMEMBER HISTORY AND STILL KEEP NOMINATED SITES LOGGED IN.
But.....the result?
.....is the same !
Which tells me that if I am willing to see some part of my data sucked up by the many and various 'cooke monsters' then I go with 'remember history' ......
if I am not comfortable with that, I do not remember history and in that scenario, mullvad is Secure.
The rest of the coveryourtracks story is:
Within our dataset of several hundred thousand visitors tested in the past 45 days, only one in 562.85 browsers have the same fingerprint as yours.
Currently, we estimate that your browser has a fingerprint that conveys 9.14 bits of identifying information.
Only one in 562 have the same fingerprint.
For a standard browser with only 1 extension (add-on) I think this is a good result.
The browser is still quick
It appears reliable and solid
Much like their VPN, relaible and solid
Now, if I can figure out a way to make the login to linux .org etc quick and painless, I will have a real winner
EDIT: To be ULTRA clear: In browser privacy, put a tick in 'Delete cookies and site data when mullvad browser is closed.
THEN click on manage exceptions: type in linux.org (or whatever site you want to stay logged in) then click on Allow (ignore the two url names )......then add another if you need to:
Finish with 'Save Changes'
Those sites you have allowed will survive closing and opening the browser, reboots etc etc
BUT, if you click on browse in private Mode ONLY.....then all bets are off. Logins will be forgotten as soon as you close the browser
etc
manage cookies and site data:
History:
The Result:
Mullvad marches to the beat of a different drum.
I cannot set the various settings I would like to. In other words, settings that are possible in Firefox and Librewolf are not possible in this browser.
I guess it is made that way to preserve Mullvads reputation.
It is based around HISTORY settings
Given the settings shown above, It remembers linux.org , but not reddit (go figure) something to do with the type of memory...
So, if I wish to remember History, I pay the price of mullvad restarting itself and taking on a boatload of cookies and associated crap which is what I wished to avoid in the first place !
SEE EDIT AT END OF THIS POST..... IT IS POSSIBLE TO REMEMBER HISTORY AND STILL KEEP NOMINATED SITES LOGGED IN.
But.....the result?
.....is the same !
Which tells me that if I am willing to see some part of my data sucked up by the many and various 'cooke monsters' then I go with 'remember history' ......
if I am not comfortable with that, I do not remember history and in that scenario, mullvad is Secure.
The rest of the coveryourtracks story is:
Your Results
Within our dataset of several hundred thousand visitors tested in the past 45 days, only one in 562.85 browsers have the same fingerprint as yours.
Currently, we estimate that your browser has a fingerprint that conveys 9.14 bits of identifying information.
Only one in 562 have the same fingerprint.
For a standard browser with only 1 extension (add-on) I think this is a good result.
The browser is still quick
It appears reliable and solid
Much like their VPN, relaible and solid
Now, if I can figure out a way to make the login to linux .org etc quick and painless, I will have a real winner
EDIT: To be ULTRA clear: In browser privacy, put a tick in 'Delete cookies and site data when mullvad browser is closed.
THEN click on manage exceptions: type in linux.org (or whatever site you want to stay logged in) then click on Allow (ignore the two url names )......then add another if you need to:
Finish with 'Save Changes'
Those sites you have allowed will survive closing and opening the browser, reboots etc etc
BUT, if you click on browse in private Mode ONLY.....then all bets are off. Logins will be forgotten as soon as you close the browser
etc
Attachments
Last edited:
Great idea, I followed your track [to Mullvad, I mean
] and installed it to test as well. Since I wanted to check the tor browser, this seemed like an easy quick option - leaving all defaults on it. So, with regard to the VM I used to screenshot above, using Mullvad decreased the score from 13.x to 10.x and also shows a non-unique overall assessment.Then, looking through the sections of the test, it indeed appears to manage to set better defaults than the user.js I use with FF (timezone, language, etc). This also applies to the webGL discussed above, which now tests similar to what the OP showed for tor browser. For those who followed it: I did try with and without disabling "3D acceleration" and the test result is the same. (excellent; see below)
One issue I noticed is that the yubikey I use did not work in Mullvad. In terms of this thread that's not bad, but something that I'd have to address to use it seriously. Edit: That was easy to clear. One has to set
security.webauth.webauthn true in about:config and passkeys work. It may affect blending in, but the eff score shows 10.x still.Attachments
Last edited:
Bongripper666
New Member
Checking all boxes with Vivaldi, as expected. +uBlock, everything else comes with the browser.
Condobloke
Well-Known Member
Interesting page:
browserleaks.com
Browserleaks - Check your browser for privacy leaks
BrowserLeaks is a suite of tools that offers a range of tests to evaluate the security and privacy of your web browser. These tests focus on identifying ways in which websites may leak your real IP address, collect information about your device, and perform a browser fingerprinting.
Hah, the most of these "professional" detection tools think that I'm somewhere in the Saudi-Arabian desert! Good, good! 
And since I changed the name of the distro, they can't even tell which distro it is, they just display "Linux" and that's it.
And since I changed the name of the distro, they can't even tell which distro it is, they just display "Linux" and that's it.@CaffeineAddict referenced a Chromium article about Technical analysis of client identification mechanisms in post #36.
I've just came across a similar from Apple covering their Tracking Prevention in WebKit, which may be of general interest since a number of Linux browsers use it.
Curiously, it was linked in an article about serial-device control with Firefox, discussing how they rejected it for security reasons for decades and now suddenly appear to start implementing it.
I've just came across a similar from Apple covering their Tracking Prevention in WebKit, which may be of general interest since a number of Linux browsers use it.
Curiously, it was linked in an article about serial-device control with Firefox, discussing how they rejected it for security reasons for decades and now suddenly appear to start implementing it.
OP
CaffeineAddict
Well-Known Member
I see you didn't even bother to read info on the site, it explains how it works, limitations etc.
If you did you'd figure out the library behind it is "free" version from github, not a professional one which costs money.
Real world fingerprint implementation is more capable, but we'll probably never know how much.
Good link, added to bookmarks for study when I get time.
Rocketing-warp9
Well-Known Member
I did just notice something a little bit odd on mine. When I Fired it up on a VM on my ARM mac with Ubuntu server+Budgie, it still identified it as x32/x64 when it's ARM64. Not really important, but still interesting.
Similar threads
- DevynCJohnson
- Linux Other
