Chameleon highlights and protects you from browser fingerprinting in Chrome

Martin Brinkmann
Jul 22, 2014
Updated • Aug 7, 2019
Google Chrome, Google Chrome extensions

Browser fingerprinting refers to methods to profile a browser based on information transferred automatically when connections are made to websites or services, or generated with the help of scripts and technologies.

It is unclear how widely browser fingerprinting is being used on the Internet but it is clear that it is used by some companies to track users online. Often, it is used in conjunction with traditional tracking methods such as cookies or LSO.

I analyzed Canvas Fingerprinting yesterday, one of the many fingerprinting techniques, and Chameleon for Chrome was one of the extensions mentioned in the guide.

While it does not protect against this particular method yet -- it only highlights the use -- it is designed to highlight and protect you against fingerprinting attacks.

Note: The extension has not been updated since 2014. While it still works in Chromium-based browsers, the lack of updates means that it won't highlight or protect against new fingerprinting methods.


chameleon for chrome

Chameleon is not available on the Chrome Web Store which means that installation of the extension is not as straightforward as usual. Here is what you need to do to install it in Chrome or Chromium-based browsers:

  1. Visit the GitHub project page and download the latest working version to your system. You find the download link under Installation on the main page (scroll down).
  2. Extract the zip file to a local directory.
  3. Open the Extensions Manager by loading chrome://extensions/ in Chrome.
  4. Check the Developer Mode box in the top right corner of the screen.
  5. Select Load Unpacked Extensions from the menu and browse to the chrome folder of the directory you have installed the extension to.
  6. Follow the instructions to complete the installation.


chameleon chrome extension

Chameleon adds an icon to Chrome's main toolbar that indicates if the extension is active, and how many tracking elements it has discovered on the active page.

As far as detection is concerned, it supports the following fingerprinting techniques:

  1. window.navigator values
  2. window.screen values
  3. date/time queries
  4. font enumeration
  5. canvas image data extraction

On the protection side of things, it supports the following (meaning it will block requests or modify them):

  1. request header values
  2. window.navigator values
  3. window.screen values
  4. date/time queries

The developer plans to add additional techniques to the extension including CSS media queries, JavaScript rendering engine differences or checksum generations if the browser allows for that.

When you click on the icon it displays the property access count and scripts used on the page in a summary at the top, and below that the list of hostnames and which properties they have accessed.

Not all requests are used to fingerprint the browser or user. Websites may for instance requests the window width and height to display contents properly in the browser window.

Tip: you may want to use a script blocker if you notice hostnames that are used a lot while you are browsing the Internet. You can use an add-on like uMatrix for that (read our review of the extension here, and the review of uBlock here which is a lightweight alternative).

You can disable the extension at any time with a click on its icon and the selection of disable in its interface. That's also the way how you enable it again.


Chameleon is an excellent extension for the Chrome web browser that is informing you if a website uses techniques that can be used to fingerprint the browser.

Besides providing you with information about these techniques, it is also protecting you against some of them automatically.

software image
Author Rating
5 based on 4 votes
Software Name
Software Category
Landing Page

Previous Post: «
Next Post: «


  1. Stan Duncan said on September 17, 2020 at 11:59 pm

    Why are there no download links to ANY of the tools or projects mentioned in ANY of the articles on this site? Every single link just links to another Ghacks article. VERY VERY frustrating.

    1. Martin Brinkmann said on September 18, 2020 at 6:45 am

      Stan, the download links are in the summary box below the article.

  2. TheAslan said on July 23, 2014 at 5:37 pm

    I just tested µBlock, and it’s so much better than Adblock Plus, there’s more features and it feels more effective.

  3. J said on July 23, 2014 at 5:52 am

    It’s strange to build a privacy extension only for Chrome. Google is a data mining company and their browser doesn’t have as many features for protecting privacy. People should be encouraged to use Firefox, which is produced by a non-profit organization that doesn’t have an interest in tracking users.

  4. jasray said on July 22, 2014 at 6:09 pm

    The work the article on “Chameleon” requires deserves a lot of thanks.

    However, I share the same feeling as “The Aslan.” By the time a person has covered his/her tracks (or at least has attempted to do so), using the Internet becomes an exercise in futile evasion. The simple fact that a person is logged on to a machine with Internet access is enough to eliminate any and all measures taken to avoid detection at some level by some entity. What to do? Add another extension? And another? And another? And . . . ?

  5. TheAslan said on July 22, 2014 at 5:50 pm

    There’s a lot to choose from, i.e:

    Avira Safe Search / Avira Browser Safety
    HTTPS Everywhere
    Adblock Plus

    But all of these extensions will guarantee your browser slowness. I prefer to use only Adblock Plus.

    1. Martin Brinkmann said on July 22, 2014 at 5:55 pm

      Adblock Plus won’t protect you from fingerprinting.

      1. Ray said on July 22, 2014 at 8:23 pm

        It does if you block the domains of the sites that use Canvas fingerprinting like

      2. Martin Brinkmann said on July 22, 2014 at 10:20 pm

        But for that, you need to know which do it ;)

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.