Chameleon - Spoof your browser profile

Kongo

Kongo

Level 38
Thread author
Verified
Top Poster
Well-known
Forum Veteran
Feb 25, 2017
2,766
1
19,005
3,670
25
Germany

What is Chameleon?​


Chameleon is a Mozilla Firefox addon that spoofs your browser profile and includes a few privacy enhancing options. It is the spiritual successor to the popular addon Random Agent Spoofer.
Click to expand...

Website: Chameleon

I personally do not think much of User-Agent-Spoofing or Fingerprint-spoofing with the use of extensions but this one has quite a few additional features for the people that want to check it out.

@HarborFront already made a thread for this extension but it's quite old and not open for further replies. As the extension is receiving updates regularly I thought I'd mention it once again.
 
  • Like
  • Thanks
  • +Reputation
Reactions: Nevi, ForgottenSeer 92963, Gandalf_The_Grey and 7 others
SecureKongo said:
Website: Chameleon

I personally do not think much of User-Agent-Spoofing or Fingerprint-spoofing with the use of extensions
Click to expand...

What I have understood spoofing has to be consistent (e.g. language, time zone, geo location) and spoofing has to be within real life data boundaries (e.g. browser and OS or OS, hardware and videocard details*) and some spoofed data can impact functionality (e.g. accepts, screen size and CSS) and some data is duplicated or retrievable from different sources (e.g. user agent, navigator and browser API's).

This seems rather complex to do well, so I fully agree with your remark that it is highly unlikely a simple extension can do this this right. When an extension seems to have taken all variances into consideration (e.g. Cydec anti-FP), I highly doubt an average user knows how to configure a profile correctly .


* It is highly unlikely a 2 or 4 GB RAM configuration and hardware concurrency of 2 or 4 is used with the latest and most powerful gaming graphics card on an OS which does not has the proper driver for that GPU-beast yet
 
Last edited by a moderator:
  • Like
  • Applause
Reactions: oldschool, Kongo, The_King and 1 other person
HarborFront said:
You can install it and test its various features to see if they are effective. If any feature found ineffective, you can disable it and use another extension

Too bad it doesn't have many fingerprint protections like Scriptsafe, Trace etc
Click to expand...
You are missing the Achilles Heel of these pseudo and half baked privacy protections : the data can be retrieved from several sources and has to be spoofed consistently in a real world context. You have to hide in the crowd, not stand out with non existing and inconsistent values. My guess is that in 99% of the cases, you are not improving your privacy, but painting a huge, glow in the dark, tag mark on your forehead.
 
Last edited by a moderator:
  • Like
  • +Reputation
  • HaHa
Reactions: plat, oldschool, Kongo and 4 others
Kees1958 said:
You are missing the Achilles Heel of these pseudo and half baked privacy protections : the data can be retrieved from several sources and has to be spoofed consistently in a real world context. You have to hide in the crowd, not stand out with non existing and inconsistent values. My guess is that in 99% of the cases, you are not improving your privacy, but painting a huge, glow in the dark, tag mark on your forehead.
Click to expand...
Ok so I'm Arnold Schwarzenegger The Commando.......... very outstanding.

What do you want to do with me?
 
  • HaHa
  • Like
  • Applause
Reactions: Nevi, ForgottenSeer 92963, Kongo and 1 other person
Kees1958 said:
You are missing the Achilles Heel of these pseudo and half baked privacy protections : the data can be retrieved from several sources and has to be spoofed consistently in a real world context. You have to hide in the crowd, not stand out with non existing and inconsistent values. My guess is that in 99% of the cases, you are not improving your privacy, but painting a huge, glow in the dark, tag mark on your forehead.
Click to expand...
Indeed, all of these protections are best when built into the browser itself like Brave or FF.
 
  • Like
  • +Reputation
Reactions: Nevi, ForgottenSeer 92963, Kongo and 1 other person
oldschool said:
Indeed, all of these protections are best when built into the browser itself like Brave or FF.
Click to expand...
And enabled by default so that hopefully most of the herd is wearing them. Otherwise, you're just increasing your online presence and your footprint with doubtful benefits in return. It's like wearing the same clothes as everyone else, except you're also wearing sparkly ear-rings or something.

Trace user here. I can still be machine ID'd on this website (MalwareTips). This was my opinion somewhere else and it hasn't changed much. :D

www.wilderssecurity.com

Preventing browser fingerprinting

Hello, can anyone get a non-unique fingerprint from https://amiunique.org/ without blocking javascript or using Tor? And what do you think about an...
www.wilderssecurity.com www.wilderssecurity.com
 
  • Like
  • +Reputation
Reactions: Nevi, eonline, ForgottenSeer 92963 and 1 other person
@plat1098

Same situation here. My Asus mobo is so old, it even has a special device for Sata II (the dreaded Marvel 9128) and after replacing a first generation (4 core) intel i7 with a (6 core) Xeon X5675 it is easy to track me with an 'unclassified' CPU

Resistance is futile ....

:)
 
Last edited by a moderator:
  • Like
Reactions: oldschool, Nevi and eonline
plat1098 said:
And enabled by default so that hopefully most of the herd is wearing them. Otherwise, you're just increasing your online presence and your footprint with doubtful benefits in return. It's like wearing the same clothes as everyone else, except you're also wearing sparkly ear-rings or something.

Trace user here. I can still be machine ID'd on this website (MalwareTips). This was my opinion somewhere else and it hasn't changed much. :D

www.wilderssecurity.com

Preventing browser fingerprinting

Hello, can anyone get a non-unique fingerprint from https://amiunique.org/ without blocking javascript or using Tor? And what do you think about an...
www.wilderssecurity.com www.wilderssecurity.com
Click to expand...
TRACE cannot protect against all forms of fingerprints neither can any single extension.
 
Last edited:
  • Like
Reactions: Nevi and oldschool
I (think I) have an idea which values should be faked or added noise to, but when there are so many data points to track, chance of being identified with optimal protection still exist. This is because people more or less behave the same when LOOKING, SELECTING, DECIDING and BUYING stuff.

With privacy lists (AG+EL) and AdGuard's URL protection, you tackle most used tracking mechanisms and with paid Cydec Anti Fingerprinting you can fake/blur all other known data points used to track you.
 
Last edited by a moderator:
  • Like
Reactions: oldschool and Nevi
I used to install this kind of extension in my browser and realized it doesn't work or is not worth it. Currently, I'm using the latest version of Firefox with default settings in a Virtual Machine.
 
  • Like
Reactions: oldschool

You may also like...