Is Tracking Protection really useful? [Discussion]

[blackice]

To be effective canvas fingerprint blocker needs to fulfil the followings

1) To hide/fake/randomize the fingerprint
2) Not to expose its own(real) fingerprint

The 2nd one is difficult to achieve. So far I know CanvasBlocker for FF is the only one that can achieve both especially the 2nd one. There are some tests at github that can test for the 2nd one

Some discussions here on canvas fingerprint 2 yrs back

How to to stop browser fingerprinting and tracking?

Apparently, canvas fingerprint blockers are not effective according to the below How Canvas Fingerprint Blockers Make You Easily Trackable | Multilogin The most effective way seems to have a fake consistent fingerprint and that is to use CanvasDefender extension which utilizes the below -...

malwaretips.com

As ironic as it might be, are there any that work properly in Chrome/chromium? More curious than anything.

 

[oldschool]

are there any that work properly ...?

Highly doubtful. Which is why I keep coming back to basic, browser-integrated adblocking which is probably the least conspicuous. My view is that Firefox is the most "private" generally (whatever that actually translates into!??) by virtue of its first-party isolation and temporary containers capabilities.

 

[HarborFront]

As ironic as it might be, are there any that work properly in Chrome/chromium? More curious than anything.

Not that I know of. If you read my link you can see that many canvas fingerprint blockers were tested then and CanvasBlocker for FF came out top. That was in the year 2018

The tests are in the link. You can follow the test on some Chrome/Chromium canvas blockers

 

[blackice]

It seems then with Chrome maybe it’s better to hide in plain sight. Use Adblock Plus and Honey and cruise along...

 

[South Park]

I've tried various blocking add-ons over the years but stopped using most of them. Using canvas blockers made it hard to log into my e-mail or bank accounts, and user agent switchers often caused websites to malfunction or served me mobile sites on desktop. Even the built-in tracking protection in Firefox often interferes with websites that display charts or graphs, so I usually disable it.

I find that using uBO with Fanboy's enhanced tracking list (or AdGuard extension with its own privacy list) usually doesn't break anything, and I can troubleshoot any problems that are caused. These lists block the widely known fingerprinting scripts but are not so unusual as to attract more attention. I don't think perfect privacy is possible. (Using TOR on my current network would definitely attract attention.) I just aim for "reasonable" privacy without destroying usability.

 

[plat]

and “blockers” or “random submitters” will not keep you safe – in fact, they will make you more easily trackable.

The oxymoronic revelation that trying to make yourself invisible makes you visible, I heard of this concept at Wilders way back.

There's a uBlock Origin filter list by CHEF-KOCH that addresses this but guess what? I've had it block the offending site altogether (yeah! , that'll learn you). So, I'm still waiting for that perfect anti-fingerprinting add-on. Will pay for it, that's a promise.

Here's something interesting, though. But I find his lists too strict and over one's head for ordinary, average users (yours truly for 1).

CHEF-KOCH/Online-Privacy-Test-Resource-List

Privacy Online Test and Resource Compendium (POTARC) 🕵🏻 - CHEF-KOCH/Online-Privacy-Test-Resource-List

github.com

 

[JohnR]

Traverse the web wearing a unique cloak of invisibility

 

[Aggravatorx]

thank you for another great topic once again I am learning

 

[bayasdev]

Not really, you should go full offline for true privacy, hiding behind VPNs and using lots of unnecessary privacy extensions only makes you more unique and more trackable to the big 4.
You shouldn't worry about online privacy unless you have trade secrets, work for the govt, commit cybercrime/crime nor live in an authoritarian regime. I use VPN just for the MH and bypassing my uni firewall.

 

[blackice]

Not really, you should go full offline for true privacy, hiding behind VPNs and using lots of unnecessary privacy extensions only makes you more unique and more trackable to the big 4.
You shouldn't worry about online privacy unless you have trade secrets, work for the govt, commit cybercrime/crime nor live in an authoritarian regime. I use VPN just for the MH and bypassing my uni firewall.

Definitely. The number of people worried about the NSA looking at their traffic is insane! The NSA does not care that you are torrenting!

 

[Lenny_Fox]

Stitching unique visitors ID's across several devices really is not that easy as most marketing networks and FUD-POC's try to make you believe. For instamce during lunch you show to your co-workers that you are thinking about buying a new gadget. The IP (work Wifi or telco) and device (phone) characteristics and interest tags are stored (and often kept for 30 days). Later on (in the evening) you show your wife that you are really interest in buying that gadget. IP is from your home, device characteristics are most likely a tablet. After a day or two thing and you returning to the website with the gadget offering (on your companiy's laptop), you wife gives you the green light and you decide to buy it on your desktop.

Around 50 to 70 percent of these separate actions on different devices are accurately stitched together using simpler technology than all the scary fingerprinting POC's and webtest combined. I am not saying that no website or vendor uses these advanced/scary fingerprinting techniques, simply telling you (as a digital marketeer) there are easier and faster roads leading to Rome (indentifying unique visitors accross devices) so my take on this: @oldschool is right, better no anti-fingerprinting measures than half baked counter measures,

 

[oldschool]

After checking for new experiments in brave://flags I happened on these two sources from earlier this year:

Redirecting to Google Groups

groups.google.com

Google to phase out user-agent strings in Chrome

Chrome will move to a new technology called Client Hints, part of the newer Privacy Sandbox project.

www.zdnet.com

So, even Google is making some effort to reduce invasive tracking - but of course not ads - and the benefits flow to Chromium browsers, especially Brave.

 

[bayasdev]

even Google is making some effort to reduce invasive tracking

This confirms 2020 is a year of massive changes