thank you so much

Thank you so very much

much appreciated

I’m still bit confused. How rendering could result in fingerprinting? If canvas and other fingerprinting is disabled of course. how is ad render different from rendering other element on a webpage

Web pages are not allowed to list your extensions. They can indirectly surmise you have certain extensions based on how your requests differ from expectations. For example, if they have advertisements, but your browser never actually makes any requests to load the images, CSS, JS or HTML for the advertisements, they can deduce you have an ad-blocker. That’s a datapoint they now have to ID you: “has an ad-blocker”

Now let’s say they have an ad they know AdBlockPlus allows, but uBlock Origin doesn’t. They see your browser doesn’t load that ad. Another datapoint: “Not using AdBlockPlus”.

Based on what requests go back and forth between your browser and their servers, they map out a unique fingerprint.

Thank you so much that makes sense

Sincere thanks

@bjoern_tantau@swg-empire.de

Most of those things cannot be collected through JavaScript.

Local time can.

RAM can only be approximated to protect user privacy. Edit: And it’s not available on Firefox.

OS+version are already in your browser’s user-agent string that is sent out with every request you make.

Machine hardware cannot be enumerated. JavaScript can try to guess your GPU based on what it can do with WebGL.

There is no way to get a serial number or similar.

To spoof timezone/OS+version/browser+version … and disable WebGL, use https://sereneblue.github.io/chameleon/

• https://lemmy.world/post/31885153

I guess spoofing will not make me stand out?

how does ad render in the background compromise privacy?

deleted by creator

What HTML5 Canvas features does your browser support

Would you recommend disabling canvas?

thank you for the clarification

deleted by creator

by sensitive information I’m referring to

• local machine time
• local machine ram
• local machine operating system + version
• local machine hardware
• Serial Number
• Hardware ID
• UUID
• Windows Device ID
• Windows Product ID
• …

Can I prevent javascript from running specific command that retrieve these information?

I found chameleon which spoof local machine operating system + version and browser information. But I’m not sure about other information

thanks for the clarification

this helps, Thanksalot

Thanksalot my friend

Thanksalot

yeah just checked again it is cookie indeed.

Cookie AutoDelete doesn’t seem to delete duckduckgo cookie automatically

that is wierd

ManyThanks!

I still have a few questions:

• Does LineageOS supports muti profile like GrapheneOS (I thought all AOSP supports multiprofile feature)
• Can LineageOS supports Sandboxed Google Play with some tweaks?
• Does LineageOS supports full device encryption using some open source app? (like veracrypt on windows)
• If there is backdoor planted in pixel (which in my opinion is very likely), then I guess the “risk of an adversary gaining physical access to the phone” is quite equal for both of OS?

ManyThanks!

I still have a few questions:

• Does LineageOS supports muti profile like GrapheneOS (I thought all AOSP supports multiprofile feature)
• Can LineageOS supports Sandboxed Google Play with some tweaks?
• Does LineageOS supports full device encryption using some open source app? (like veracrypt on windows)
• If there is backdoor planted in pixel (which in my opinion is very likely), then I guess the “risk of an adversary gaining physical access to the phone” is quite equal for both of OS?

deleted by creator