Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
Browsers
Web Extensions
JShelter - JavaScript Restrictor
Message
<blockquote data-quote="ForgottenSeer 92963" data-source="post: 972254"><p><span style="font-size: 22px">Request to JShelter developers: don't add nonsense, add noise!</span></p><p><strong><span style="color: rgb(226, 80, 65)">Technical definition of noise: irregular <u>fluctuations</u> that accompany a transmitted electrical signal but are not part of it and tend to obscure it.</span></strong></p><p></p><p>This morning I got another email notification from Github (<a href="https://github.com/polcak/jsrestrictor/issues/166" target="_blank">Better to provide real world values than random or faked values for three spoofs WebGL, Plugins and Fonys · Issue #166 · polcak/jsrestrictor</a>) telling me again that the WebGL vendor and renderer values are correctly randomized with non-existing fake values. They don't seem to grasp that they are adding identifying nonsense in stead of obscuring noise.</p><p></p><p>Trace for instances does this (half) right by adding a list of real world GPU models to obscure WebGL vendor and renderer. To do this perfectly right the end-user has to limit this list to DirectX and WebGL versions which the end-user's own GPU model does accept (as explained in red in the picture). So when you have a Intel 620 HD Graphics model, you should limit the list to generation 9 Intel GPU's all excepting DirectX 12_1 (the 5xx and 6xx family Intel graphics GPU's).</p><p></p><p>[ATTACH=full]263644[/ATTACH]</p><p></p><p></p><p>I only get responses (probably from tech people) that they are implementing what the BLOG tells them to (<a href="https://jshelter.org/blog/" target="_blank">link</a>). Sadly there seems to be no big-data expert and digital marketeer involved who can explain them what they are doing is putting a huge pink elephant (non-existing value) in a herd of sheep and thinking they won't stand out, so until further notice</p><p></p><p><span style="font-size: 26px">DON'T USE THIS EXTENSION</span></p><p></p><p><span style="font-size: 10px">*) This is yet another example of the much posted advice in security forums that it is better to add no fingerprinting protection than wrong obfuscation. Remember that only a limited percentage of the websites use these advanced fingerprinting techniques (5 to 10 at most is my guess) because the digital marketeers using these systems are often only trained in the top3 most prevalent tracking systems and have to proof (every two to three) years that they still know how to operate these analysis/tagging/tracking systems. </span></p></blockquote><p></p>
[QUOTE="ForgottenSeer 92963, post: 972254"] [SIZE=6]Request to JShelter developers: don't add nonsense, add noise![/SIZE] [B][COLOR=rgb(226, 80, 65)]Technical definition of noise: irregular [U]fluctuations[/U] that accompany a transmitted electrical signal but are not part of it and tend to obscure it.[/COLOR][/B] This morning I got another email notification from Github ([URL='https://github.com/polcak/jsrestrictor/issues/166']Better to provide real world values than random or faked values for three spoofs WebGL, Plugins and Fonys · Issue #166 · polcak/jsrestrictor[/URL]) telling me again that the WebGL vendor and renderer values are correctly randomized with non-existing fake values. They don't seem to grasp that they are adding identifying nonsense in stead of obscuring noise. Trace for instances does this (half) right by adding a list of real world GPU models to obscure WebGL vendor and renderer. To do this perfectly right the end-user has to limit this list to DirectX and WebGL versions which the end-user's own GPU model does accept (as explained in red in the picture). So when you have a Intel 620 HD Graphics model, you should limit the list to generation 9 Intel GPU's all excepting DirectX 12_1 (the 5xx and 6xx family Intel graphics GPU's). [ATTACH type="full" alt="1642409453418.png"]263644[/ATTACH] I only get responses (probably from tech people) that they are implementing what the BLOG tells them to ([URL='https://jshelter.org/blog/']link[/URL]). Sadly there seems to be no big-data expert and digital marketeer involved who can explain them what they are doing is putting a huge pink elephant (non-existing value) in a herd of sheep and thinking they won't stand out, so until further notice [SIZE=7]DON'T USE THIS EXTENSION[/SIZE] [SIZE=2]*) This is yet another example of the much posted advice in security forums that it is better to add no fingerprinting protection than wrong obfuscation. Remember that only a limited percentage of the websites use these advanced fingerprinting techniques (5 to 10 at most is my guess) because the digital marketeers using these systems are often only trained in the top3 most prevalent tracking systems and have to proof (every two to three) years that they still know how to operate these analysis/tagging/tracking systems. [/SIZE] [/QUOTE]
Insert quotes…
Verification
Post reply
Top
