WebExtensions Community Group formed by Apple, Google, Microsoft and Mozilla
Apple, Google, Microsoft and Mozilla formed the WebExtensions Community Group to specify a model, permissions, and a common core of APIs for web browser extensions. The newly founded group is part of the World Wide Web Consortiums (W3C) and inviting "other browser makers, extension developers, and interested parties to join this effort".
The core goal of the group is to create future standards for WebExtensions to make it "easier for extension developers to enhance end user experience, while moving them towards APIs that improve performance and prevent abuse".
The group plans to use the existing extensions model and APIs of the browsers Chrome, Firefox, Safari and Edge as a foundation to work on a specification that brings current implementations "into closer alignment" and to "chart a course for future evolution".
Browser makers are free to develop their unique additions to the common ground, e.g. by creating APIs that are unique to the browser.
The current WebExtensions system, that is used by browsers of the founding members of the group, has lots of resemblance with the goal of the group. All four browsers support WebExtensions, after Apple announced last year that its Safari browser would switch to the extensions system as well. Mozilla specifically has created Firefox-specific APIs that extensions for the browser may utilize. These extensions are not supported in other browsers then. The controversial Manifest V3 for extensions will also not be implemented fully by all browsers who support extensions.
As far as compatibility is concerned, the group strives to "maintain and improve compatibility with popular existing extensions and extension APIs" to ensure that developers can release their extensions for different browsers without having to rewrite them completely.
The scope of the work is revealed on the project's GitHub page:
- An extensions model—the basic architecture of extensions and how the different pieces interrelate. This definition will include a description of the trust model, the differing trust between browsers and extensions and between extensions and web pages.
- A permissions model—what sorts of powerful features extensions may access, and how extensions may request user consent to access them.
- WebExtensions APIs—the interface extensions are built on.
- A packaging format, including a manifest format and how extensions are localized.
- Native Messaging—the API surface extensions use to exchange messages with native applications running on the host system.
The group won't define deployment mechanisms, including methods for signing extensions, and WebDriver integration.
Closing Words
From the sounds of it, it looks as if the group plans to use the current WebExtensions system as the fundament for creating a common grounds version of WebExtensions that all of the four major browsers will support in the future.
Now you: what is your take on the development?
Asking Apple, Google and Microsoft to produce anything that respects privacy and is truly based on openness is a truly baffling idea.
That said, I don’t really see the point. I never had trouble to find either Chrome-based or Firefox extensions for my need. If it helps to liberate the users of Chromium-based browsers from Google’s censored store, it’s a good thing. But if it leads to a corruption of addons like uBlock it’s a disaster. Time will tell.
I’m sure this will turn out well. My advice is quit relying on browser extensions for anything. Find alternatives, the sooner the better. These muppets in charge will ruin the model, by the looks of it sooner rather than later.
Microsoft uses google’s blink engine, firefox stays afloat with google’s money, apple’s safari is too insignificant to go against the grain. In practice it’s just google’s club.
It’s open source, anyone can contribute.
@ChromeFan
And I am sure their good contributions will be merged automatically!
The point is the policy decisions, not what solutions are available.
Manifest V3?
@ChromeFan
No. Anyone can copy the code. But only someone and only what Google allows can contribute.
@Lemegeton
That’s too simplistic. You might not be able to contribute to upstream depending on Google’s goals, but you can contribute to forks that support your kind of patch.
As extension developer I’m super happy about this!
There is like 0 new cross-browser API being added to the web-extension ecosystem for the past many years!
All additions are browser specific :(
…and then there is Safari :D, I can’t express the pain I had to go through with Safari…
Why would Mozilla be part of this group? Its not like the other three would listen to anything they had to say. Its also clear that Mozilla will follow anything that Google does whether they are in the group or not. My guess is that Google wanted them there because of their antitrust concerns (as well as knowing that Mozilla wll do as they are told, anyway)
Remember, Mozilla is kept afloat by Google money only to be a controlled opposition so they can say “see? not a monopoly”
Why is Firefox there? 3% market share, and falling. Firefox has no place there.
I am happy to see Google there, never forget they have revolutionised the browser space with Google Chrome, and are the pioneers of the free web.
Long live Chrome!
this is sarcasm right?
Yes
Anyone still believing that Mozilla is going to keep the webRequest API after this? Manifest V3 incoming, hehe. Still laughing at the idea of built-in adblockers (e.g. Brave, Bromite)!?
this
@Iron Heart
If Brave and Bromite can make a built-in adblocker, Firefox also *can* and *will* if Manifest V3 comes. Some quotes from this very article -“Mozilla specifically has created Firefox-specific APIs that extensions for the browser may utilize. These extensions are not supported in other browsers then. The controversial Manifest V3 for extensions will also not be implemented fully by all browsers who support extensions.” Reading between the lines I don’t see immediate adoption of Manifest V3 in Firefox. Even if it becomes cumpulsory, there will be a workaround.
Personally I’m not a huge fan of built-in adblockers and adblocking at DNS level in browsers which is why Tracking Content is disabled in my Firefox. I prefer content blocking through Content Blockers add-ons. Built in adblockers also can’t offer more granular control over 3rd party scripts and so much more.
@Yash
If Firefox was interested in a built-in adblocker, they would already have one. Their current tracking protection is based on the ridiculously weak Disconnect lists (their entries do not exceed those of more powerful lists and are included in the latter), despite the fact that an adblocker would be one of the easiest to implement privacy protections imaginable, but here we are.
Semi-OT: Mozilla also talks a lot about the necessity of online advertising for content creators, at one point they were planning to let users pay a fee to a selected group of content creators in exchange for an ad-free experience on their websites (those plans were since dropped, presumably because nobody will pay for something that an adblocker could do for free). While I agree that ads are probably the only way to keep websites paywall-free, the current model does not respect user privacy, in that advertisers will track your activity around the web and store data about you on remote servers. Today’s adblockers are self-defense against surveillance capitalism – I and many others want website creators to earn their share, but not at the cost of trading our privacy for it. A more privacy-friendly and non-intrusive model of advertising needs to replace the current one in order to win the privacy-aware back, and in general to provide users with an incentive(!), and I think that projects like Brave provide a solution here (hence why I support them). Users have an incentive there to allow ads because they also profit in this new model. As far as I can tell:
– Mozilla: Either allow a privacy intrusion by advertisers or directly pay content creators for an ad-free experience, an ad-free experience which you could also obtain free of charge via adblockers.
– Expected and observed result: Most people will not pay for something they could otherwise get for free, screw the content creators. Privacy is also restored in the process of using an adblocker, again for free.
– Brave Software: Allow ads that are less distracting than the usual online ads and which do not violate user privacy, and let users earn a share of the money in the process. Otherwise block intrusive online ads free of charge.
– Expected and observed result: Growing tendency to enable Brave Rewards because profit awaits and user privacy is maintained.
It is obvious that the “Mozilla model” can’t work and won’t fix anything. “Let yourself be surveilled or pay” has an answer and it is free adblockers. We need alternative models.
@Iron Heart
The main problem as correctly mentioned by you in advertising is user privacy. No one had problem on cable TV ads back in the day but now its more than that. The Mozilla model was just a theoritical concept and was never going to materialise anyway so I won’t go deep into that. It was in its preliminary discussion mode like countless other things who get discussed but never see the day.
The reason why Mozilla has not made a powerful adblocker built-in is not to do with its inability but because there needs to be balance between convenience also. Users lose their mind because of PROTON design(or maybe those users are trolls anyway). Plus as long as Manifest V3 is not implemented, there is no reason for Mozilla to include more lists(plus Content Blockers will work in Firefox even after that). The current approach is much better. Those who want Content Blocker can go ahead and use it and those who don’t want it for whatever reasons other than privacy can leave it as it is.
Brave model is not perfect but that never stopped me from using Brave before. And I like people trying new things. So hopefully folks at Brave will make their model better and more transparent, maybe include more list in their adblocker so user can have two choices. Either allow normal ads on websites or use Brave method with all privacy exposing ads gone completely. Maybe build an extension to make it more configurable.
Away from all this, I remember you saying you use LocalCDN(I don’t use it as I’m not sure how much it can increase privacy after FPI). So Fastly went down for an hour, I’m sure you would’ve heard of that, did using LocalCDN prevented the shut down?
I know LocalCDN is not a complete solution but curious about that.
@Yash
> Plus as long as Manifest V3 is not implemented, there is no reason for Mozilla to include more lists(plus Content Blockers will work in Firefox even after that). The current approach is much better.
They are introducing a further bar here, though. Firefox is being advertised as a privacy-friendly browser, and the number of people I’ve seen believing that they have now achieved total privacy by installing and using unmodified Firefox is staggering. Yes, really.
Introducing people to uBlock Origin is an additional step and you lose people along the way, believe me or not. Adblockers are easy to implement, and are a very easy way of improving user privacy, the reason why Mozilla hasn’t one included IMHO is their financial ties to the biggest ad company in the world, Google. But that’s just speculation, take it for what it is.
Even Vivaldi includes an adblocker (they are probably feeling the pressure coming from Brave, especially on mobile), and with the lists they have selected by default, there will hardly be any breakage. Still much better than what Firefox does with Disconnect, though.
> So hopefully folks at Brave will make their model better and more transparent, maybe include more list in their adblocker so user can have two choices.
It is fairly transparent as it is, you can read up on how it works:
https://brave.com/intro-to-brave-ads/
The browser itself is open source, all monetary matters are also clearly stated. I think they can’t do much more here, take it or leave it.
Now, the only gripe I have with their system is its centralized nature, content creators have to register at Brave and they could worsen the terms if Brave becomes more popular than it is. On the other hand, there is nothing stopping other browser makers to compete with them doing the same thing, so if Brave reaches a certain popularity, one can be rather sure that others will step up and put some pressure on Brave Software that way. As far as the basic idea is concerned, I hope that their new model will prevail and supersede the current one which violates user privacy and leaves users in the dust monetarily as their reward, but that may be a pipe dream.
I don’t get the hatred Brave is getting for trying to fix a system that is inherently anti-user. Not just here, where it may or may not be related to myself, but also elsewhere, I see Brave being bashed for it. I really don’t get it, I think people are acting against their own interest here (again, as far as the basic idea is concerned, one does not have to like Brave Software in particular). I think the way they are going about it is also pro-user, you are being asked once during the setup process as to whether or not you want to allow Brave Ads, if you decline, they won’t ask again. How is that bad? Don’t really get it.
> So Fastly went down for an hour, I’m sure you would’ve heard of that, did using LocalCDN prevented the shut down?
No, LocalCDN would not have prevented it, because it not only affected libraries they (Fastly) distribute (which LocalCDN could have replaced), but their backend server infrastructure which they provide to many websites also went down, and you couldn’t turn that one back on. ;)
> Away from all this, I remember you saying you use LocalCDN(I don’t use it as I’m not sure how much it can increase privacy after FPI).
The CDN provider still gets a connection when you go to a website that uses their library. They receive the website you visit, your IP address, your user agent, and can of course log the time of the request.
Read this thread, the dev of LocalCDN explains it there:
https://old.reddit.com/r/privacytoolsIO/comments/jwjion/does_ungoogled_chromium_have_a_fpi/
Plus, you can increase performance because the libraries no longer have to be fetched externally, slightly increasing your speeds.
@Iron Heart
“Firefox is being advertised as a privacy-friendly browser, and the number of people I’ve seen believing that they have now achieved total privacy by installing and using unmodified Firefox is staggering.”
Yeah I can see many people(mostly normies) falling for that but IMHO current approach is much better as internal adblocker(no matter how good it is) is not as good as standalone ones. The main reason behind Mozilla not going fully down that route IMO is because of the outrage it would receive if a website doesn’t work for a normal folk. And because of that they would have to make custom rules for each website which in a way is not ideal. If I’m not mistaken that’s the same issue Brave suffers because of which they haven’t include many more good lists and even have custom rules for specific websites.
The main issue with Brave ads is that its not transparent in terms of how much can creator earn(average figure), and what about those who are unaware of this, plus it doesn’t publish yearly audit or something like that to get info about its potential(and yes its possible to publish that info in current Brave reward system). Plus they also need to built an extension so that a proper extension with full adblock and tracking support can remove all ads and tracking(not fingerprinting one coz that can never be stopped even if a website doen’t show ads or doesn’t track its users) and user doesn’t have to worry about tracking when using Brave rewards. Current approach is half-arsed as their adblocker is not perfect or anywhere close to it.
And I have no hate against Brave. See I’m a guy of simple taste. Brave has option to disable Brave reward and that’s fine. Same like FF, opt-out of telemetry is an option present, so no problem. Though I still wouln’t call them heroes as they *can* make a fork of FF if they’re truly into privacy or maybe have an extension available for tracker-free ads in other browsers as well or maybe have some tool for website host to imclude directly.
For LocalCDN yeah it prevent CDN tracking, but then comes the big thing. It doesn’t matter what type of script(good or bad for e.g. Browserleaks.org can get every information about Browser and in case of Chromium ones about device too even after disabling ads in that website) is being run in browser, every script needs info(fingerprinting in other words) about user. That’s why making changes in browser so that it is sending less data about itself is much more prefereable IMO. CDN in most cases I believe would still get request and info about user even after enabling LocalCDN, so the main benefit remains is saving bandwidth.
This is what I believe, then again I might be wrong. I just asked that for fun.
And now, the result will be new all the recently re-written extensions for Firefox will need to be re-written again.
Lets piss more users and developers off. Great business model.
more smoke and mirrors. TRUST huh? apple, google, m$ and mozilla have proven over and over they cannot be trusted. the only thing that matters to them is $ and you are the product they are selling. If I had to guess their goal here is to thwart ad blocking\tracking by becoming the gatekeeper of the webextension rules. The real question is what is it going to take for the average person to say enough is enough?
Instead of spewing your daily dose of Mozilla hate, you’d be better off getting a job. Also, in case you haven’t read: https://blog.mozilla.org/addons/2021/05/27/manifest-v3-update/
@”Iron Cringe” (mutilating other’s nicknames, how mature of you)
So they went for the most dumb solution, having to implement the declarativeNetRequest API in order to maintain parity with Chromium (this is what WebExtensions are all about, after all, parity and compatibility with Chromium’s extension ecosystem) while still trying to maintain the webRequest API which does the very same thing in many respects.
The new declarativeNetRequest API is objectively a security improvement; extensions can no longer directly monitor and intercept (and possibly redirect) traffic, they now have to “hand over” their requests to the browser which will execute it for them. The new inability to monitor traffic will make the creation of spyware extensions unattractive, the new inability of extensions to redirect traffic directly will help combat malware (especially phishing and drive-by attacks carried out with the assistance of extensions), possibly via the browser blocking malicious requests via an internal database. There are only two problems with the new API, you see:
– The artificial rule limit Google has imposed for extensions using the declarativeNetRequest API. This has nothing to do with the API itself and is just a dick move of Google. This artificial rule limit can be lifted with zero problems.
– The browser might enforce allowance of certain connections (e.g. to Google Analytics), even if an extension requests those to be blocked. The browser is the ultimate arbiter now more than ever. This can be somewhat mitigated by using open source browsers where such malicious practice would be discovered and could be proven at the code level, best practice would be the browser neutrally accepting all requests by an extension except for known malicious ones.
I think Google is doing the right thing here as far as the basic idea is concerned – it is a clear cut security improvement. However, I do not trust them to be neutral arbiters of extension requests, and their artificial rule limit speaks for itself, I think. Those two things could be resolved by Mozilla in its own browser with no issue, but instead, they opted for maintaining a known security risk, which will be hard to maintain all by themselves anyway and will eventually be dropped because there is no point to it (duplication of efforts). Bravo!
Once upon a time Mozilla was the rebel that stood against the then landscape of browsers and was driven by community values fast forward to today it is an absolute shell of it once was.
Chrome was and is just the generations IE. I don’t credit it with much to be honest. It does not align with community values. Further proof as to how Chrome is this generations IE is by virtue of the power it now holds. Remember when IE was the be all, end all back then…yeah…
Hello Chrome!
Mozilla is too far gone, the old guard is gone and has been replaced by puppets…
A revolution is needed.
Cross platform isn’t gonna be a happy ending for anyone other than Google which will happily force everyone to accept its terms and system under the guise of cross platform compatibility. Honestly its disgusting.
Maybe this is the push that is need for a brand new browser to be born from the ashes and give everyone the finger and take back the internet and put it back into the hands of the community where it belongs.
I can absolutely see Manifest v3 coming and worse regardless but this will just expedite the process.
Browsers like Brave, vivaldi, palemoon, waterfox, otter etc are just small fries really and until they completely become independent in every single way they won’t be much of a real browser. I am sorry if people find that statement offensive but those are the absolute facts and I am one that uses such browsers. Don’t get me wrong, they are great browsers but how much are they shackled to their dark lord masters pulling the strings on a higher level. Pale Moon Probably has less ties back than the others but even then there seems to be a few growing pains and struggles there but I digress. Some of you know what I mean even if you are in denial, deep down you now it.
@Mystique:
“Pale Moon [p]robably has less ties back than the others but even then there seems to be a few growing pains and struggles there but I digress. Some of you know what I mean even if you are in denial, deep down you [k]now it.”
I’m well aware of Pale Moon’s “growing pains and struggles” (and have been on the receiving end of some of them, which I try not to take personally). That said, I’m gratified that I can still use it — happily, with intermittent grumbling about horribly maladapted and abusive scripting on YouTube — for 99% of my browsing. Coming fully back on topic, I appreciate that Pale Moon’s XUL/UXP extension framework allows extension developers to do just about *anything* without having to plead and grovel for support, in stark contrast to WebExtensions et al., where API support is doled out with a medicine dropper. Pale Moon extensions that take advantage of that freedom and power make my browsing markedly easier, and along with Pale Moon’s out-of-the-box privacy, they’re the reason I switch to my fallback browser (currently Brave) only when I really have to. (Seriously: the fact that *to this day* modern Firefox and chromium-family browsers support only a *tiny* subset of legacy Tab Mix Plus’s functionality is just *sad*.)
Go comment on https://github.com/w3c/webextensions/issues/5 if you are concerned.
With nonsense like Manifest V3, this is a bad idea having all companies with the same extension apis.
@Martin
I know this site doesn’t have a bunch of staff, but can you please approve comments more frequently?
The current delay of multiple hours/half a day kills the discussion (except for committed opinionated users in a war with each other who keep coming back to older topics).
@Iron Heart,
Off-topic, but I have a question. I was using Brave (with mostly your setup) but had a technical issue and had to switch. I switched to Ungoogled Chromium. What is your opinion of UC? If it is good, do you have a setup recommendation for UC similar to what you had for Brave?
Thanks
Devil advocates, but Mozilla wanted a seat of at the table so to speak b/c the situation right now is just Google dictating to everyone else in regards to extensions. Now whether they actually will make a difference or they want to b/c Mozilla and Google company ethos are basically the same soy valley sjw nonsense rotating employees with each other we will see.
@Anonymous
> I was using Brave (with mostly your setup) but had a technical issue and had to switch.
If you want to, describe the issue, maybe we can resolve it together.
> What is your opinion of UC? If it is good, do you have a setup recommendation for UC similar to what you had for Brave?
It is a decent browser project, in that Ungoogled Chromium is not phoning home to Google and is open source software. However, the focus of Ungoogled Chromium is to cut off all connections to Google (which it achieves, at times at the cost of hurting its own functionality, like e.g. installing and updating extensions becomes a hassle). That’s it. It does not do much to improve the privacy of your browsing activity, which is a focus of Brave. Examples?
– There is very little (if any) effort undertaken in Ungoogled Chromium to combat the fingerprinting threat. Extensions don’t fix that problem because using those instead of a browser’s built-in anti-FP defenses will make you stand out even more, not less. Brave’s anti-FP protections, while not perfect yet, are superior to those of Ungoogled Chromium and much more effort will go into it going forward. On mobile, Bromite (which uses UG Chromium patches) also aims to combat fingerprinting.
– Brave is the only Chromium-based browser that can do CNAME uncloaking: https://brave.com/privacy-updates-6/ They can do that because their adblockers implemented natively, i.e. it does not rely on extension APIs (like uBlock Origin does). Other Chromium-browsers won’t achieve parity here unless Google implements the missing API (or they create their own internal adblocker comparable to that of Brave).
– Ungoogled Chromium will lose powerful adblocking capabilities in general once Google enforces the use of Manifest V3 for extensions, UG Chromium will then come under the known rule limit that was artificially imposed by Google. The solution? UG Chromium implementing its own adblocker, don’t see it happening.
– Brave protects locally stored browsing data in a more extensive fashion; it supports Ephemeral Storage using the flag chrome://flags/#brave-ephemeral-storage … You can read more about that here: https://brave.com/privacy-updates-7/
etc. etc.
Again, UG Chromium’s focus is cutting off connections to Google, not improving your privacy in relation to your web browsing! However, if you are stuck with it, some basic things I would do, deviating from Brave:
– Next to all the extensions I recommended for Brave, install the HTTPS Everywhere extension (useful in UG Chromium, unnecessary in Brave since it’s already included in Brave by default).
– Some flags I would consider toggling:
1. Experimental QUIC Protocol – chrome://flags/#enable-quic – Disabled
reason (from the Brave blog, but applies to any browser): https://brave.com/quic-in-the-wild/ … Used to circumvent adblockers
2. Turn off caching of streaming media to disk – chrome://flags/#turn-off-streaming-media-caching-always – Enabled
reason: Removes unnecessary caching that might be used to re-identify you upon repeat visits.
3. Web Bundles – chrome://flags/#web-bundles – Disabled
reason (from the Brave blog, but applies to any browser): https://brave.com/webbundles-harmful-to-content-blocking-security-tools-and-the-open-web/ … Used to circumvent adblockers.
4. HTTP Cache Partitioning – chrome://flags/#http-cache-partitioning – Enabled
reason: As the flag itself says best, “Partitions the HTTP Cache by (top-level site, current-frame site) to disallow cross-site tracking.”
– Use the WebRTC leak protection setting of uBlock Origin in Ungoogled Chromium (in Brave, I recommend the built-in setting to avoid conflicts with extensions).
– Use the cookie settings I recommended for Brave in Ungoogled Chromium as well.
– In general, use privacy-respecting search engines like DuckDuckGo, StartPage, or Qwant in Ungoogled Chromium. This is an often overlooked aspect; if you don’t go to Google at all, you at least deprive them of your search history (they keep enough taps on you anyway via their omnipresent trackers on other websites, no need to give them your search history on top of it), use StartPage if you like the Google search results (StartPage fetches them from Google, but anonymizes your request).
– Consider disabling IPv6 in your operating system settings (Windows, Linux, macOS), NOT your browser settings. Disabling IPv6 will prevent your MAC address from leaking and most websites will fall back to IPv4 anyway (so you can still use them).
Those are my initial tips, anyway.
@Iron Heart
Thanks for reply.
1) Issue with Brave:
I am having same issue as this user described here on their support site:
https://community.brave.com/t/bug-load-from-bookmarks-file-doesnt-load-images/253991/4
Doesn’t sound like they are going to fix it, which makes Brave unusable, unfortunately.
2) Since this issue makes Brave unusable for me, is Ungoogled Chromium (with your above suggestions) the 2nd best browser on a Windows system? Or is their a better choice?
Thanks
@Anonymous
Yeah, it seems like it is a Brave-specific bug, unfortunately. Nothing one can do there really except reporting it. :(
Yes, Ungoogled Chromium is arguably the second best Chromium-based browser for privacy on the desktop (along with Vivaldi, which is similarly ungoogled). I think the most private desktop browsers, from best to worst, are:
BEST:
Tor Browser Bundle (special purpose browser not suitable for everyday use, though)
VERY GOOD:
Brave, modified Firefox
GOOD:
Ungoogled Chromium, Vivaldi
MEH:
Safari, unmodified Firefox
HELL:
Chrome, Edge, Opera
@Iron Heart,
Sometimes Brave doesn’t load pages normally for me. I thought it was my router, but now I think it is that bug that @Anonymous mentioned I think I may switch to either Ungoogled Chromium or Vivaldi.
1) Does Vivaldi have anti-finger printing protections? If not, are they adding any?
2) Vivaldi has an adblocker, can it do CNAME uncloaking too?
3) Since Vivaldi has an internal adblocker, will it still work when Manifest V3 is enforced?
4) Do you have a similar security suggestion setup for Vivaldi as you do for Ungoogled Chromium?
I used to use Firefox before I switched to Brave, and I prefer to stay away from Firefox (even if modified). If you had the pick between UC and Vivaldi (assuming you set both up the way you suggest), does one have an advantage over the other? Which would you choose between the two?
@Anonymous
> Sometimes Brave doesn’t load pages normally for me.
There are usually two possible causes of this:
1) Overzealous blocking by the adblocker.
2) Brave’s fingerprinting protections are introducing breakage.
Both of these things can be fixed on a per-site basis, meaning that you can turn off the adblocker or the fingerprinting protections on websites that refuse to work correctly with those things being enabled. Go to the Brave (lion) icon in the address bar, select “Advanced view”, then turn off ad and tracker blocking and / or the fingerprinting defenses on the website that refuses to work. More often than not, this fixes the issue.
As for your questions:
> Does Vivaldi have anti-finger printing protections? If not, are they adding any?
No, it doesn’t have any kind of fingerprinting protection as far as I’m aware. I also don’t know of any plan to add fingerprinting defenses to the browser.
Technically, Vivaldi’s adblocker is a kind of fingerprinting defense, because it blocks fingerprinting scripts – if the script analyzing your browser can’t run, then no fingerprinting takes place. The EasyPrivacy list is particularly recommended here, by the way.
That being said, I would give preference to uBlock Origin over Vivaldi’s internal adblocker (on the desktop, anyway, Vivaldi doesn’t support extensions on Android) any day, uBlock Origin is much more advanced.
IF a fingerprinting script is not getting blocked by your adblocker, Vivaldi will be defenseless, while browsers like Brave (or Bromite on Android) would still attempt to fool the script. That being said, widely used fingerprinting scripts will more than likely be on adblocking lists!
Mind you that even Brave’s or Firefox’s fingerprinting defenses are not the final solution, they too still leak info (however, they are already pretty good at protecting the most requested values). Beating fingerprinting is possible only with multiple virtual machines, WebGL being disabled (because, believe it or not, even cross-virtual machine fingerprinting is possible via WebGL), that is via Brave (Aggressive FP blocking setting) or Tor, since those are the only browsers on the desktop which have FP defenses enabled by default, meaning that you will be in a pool. Using multiple virtual machines with different operating systems are CPU cores and RAM assigned, adds further confusion. And even then, the threat of network-level leaks would still have to be tackled (except if you use Tor).
As you can see, if you are 100% serious about preventing tracking, you will have to invest a great amount of time and would have to have greater skill than most readers around here have (no offense meant to any particular commenter, most are amazing).
So, in summary:
Any browser + adblocker (the usual lists all enabled): Will take care of the great majority of fingerprinting threats by blocking the most popular scripts. No defense if a script gets through.
Brave, Tor etc. (no virtual machine): Same as the above, will attempt to fool scripts even if they get through, they succeed in the majority of cases (because most scripts only check a limited range of items) and are still improving.
Brave, Tor etc. (virtual machine): Same as the above, except now you further confuse even advanced scripts that specifically check for lesser known items that are not yet protected by Brave or Tor – you let them get those items, but if you run multiple machines and frequently create new ones with different settings (amount of RAM, CPU cores assigned, color depth, screen resolution etc), no valuable data on you can be obtained.
This is a longer text than I originally expected it to be, but I think that it is important to hint at the fact that the solutions presented here on gHacks only do so much, it really depends on how worried you are.
> Vivaldi has an adblocker, can it do CNAME uncloaking too?
It could, since it is a native implementation and not an extension, but currently it doesn’t. I also don’t know of any plans to implement this in Vivaldi.
CNAME cloaking is a very sneaky form of tracking and currently only Brave and Firefox + uBlock Origin can defend themselves against it. uBlock Origin on Chromium-based browsers won’t to anything because Chromium is lacking an extension API allowing for this, while Firefox has it. Only native (built-in) adblockers can defend against CNAME cloaking in Chromium.
> Since Vivaldi has an internal adblocker, will it still work when Manifest V3 is enforced?
Yes, it will continue to work. Manifest V3 only affects browser extensions (such as uBlock Origin or AdBlock Plus).
> Do you have a similar security suggestion setup for Vivaldi as you do for Ungoogled Chromium?
Settings –> Privacy
– Google Phishing and malware protection –> Disabled (Google SafeBrowsing improves security but lowers privacy, please judge this for yourself – SafeBrowsing might expose download hashes of your files to Google)
– Use a Google DNS Service to Help Resolve Navigation Errors –> Disabled
– Use Google Service to Assist in Form AutoFill –> Disabled
– Tracker and Ad Blocking –> Block Trackers and Ads
– Broadcast IP for best WebRTC Performance –> Disabled (uBlock Origin has a similar setting, please choose one of the two, using both might lead to conflicts)
– Ask Websites Not to Track Me –> Disabled (websites won’t respect this kind request in most cases and asking for it might make you – ironically – more easier to track, since it adds a further characteristic to the data they collect on you)
– Block Ads on Abusive Sites –> Enabled
– Block Third-Party Cookies –> Enabled
– Google Extensions –> Should be safe to disable Cloud Print, Hangouts, Chromecast Media Router (unless you personally aim use a Chromecast device)
Settings –> Search
Use DuckDuckGo, Qwant, or StartPage as your default search.
Settings –> Webpages
Default Permissions –> Leave this as is, changing it might make you more fingerprintable. If you uncomfortable with any “Allow”, however, change it to “Ask”.
Enable Widevine Plugin –> Depends if you use commercial streaming services (Amazon Prime, Netflix, Spotify etc.) in your browser; if yes, keep it enabled, if no, disable it ( https://smitop.com/post/reddit-whiteops/ )
As for extensions I recommend, HTTPS Everywhere of course, otherwise the advice I gave for Brave here applies:
https://www.ghacks.net/2020/11/17/brave-browser-gets-cname-based-adblocking-support/#comment-4480402
@Iron Heart
Good stuff on the UG setup and Vivaldi setups.
If you had the pick between UC and Vivaldi (assuming you set both up the way you suggest), does one have an advantage over the other? Which would you choose between the two?
@Anonymous
Oops, forgot to reply to this segment:
> If you had the pick between UC and Vivaldi (assuming you set both up the way you suggest), does one have an advantage over the other? Which would you choose between the two?
In terms of privacy, there is no noteworthy advantage to Ungoogled Chromium, especially not after you have altered a few settings in Vivaldi (like turning off Google SafeBrowsing). Vivaldi has the advantage of being highly customizable, so if you like altering the appearance of your browser, or are into managing a large amount of tabs, Vivaldi is great. It also comes with a Mail client built-in now and is backed by a company.
Ungoogled Chromium is what the name says it is – a build of Chromium with all connections to Google stripped from it. Very minimalistic, if you are into that, if you don’t want a convoluted interface, this is the browser for you. It’s maintained by volunteers and security updates are lagging behind Vivaldi and Brave a bit in my experience, although there are no long delays.
You can just test both and see which one you like better… If you liked Brave before, Ungoogled Chromium is closer to that.
@Iron Heart:
I’m curious why Pale Moon didn’t make your list of browsers ranked by privacy.
@Peterc
Okay, so Pale Moon would be in the “GOOD” category here. The browser itself does not collect any data on you, there is no telemetry or other kind of direct data collection going on. No experiments backdoor like in Firefox, either. Its location services only request a minimal amount of data, no Google SafeBrowsing etc. So in terms of the browser collecting data on you, it would be like Vivaldi or Ungoogled Chromium, IMHO.
However, I don’t think Pale Moon does anything particularly great to protect you from online tracking (you in relation to web trackers, not you in relation to the browser developer, Pale Moon ticks the latter box). There is no fingerprinting protection aside from the canvas.poisondata setting, which aims to create a Canvas Poison Pill, but this is insufficient IMHO and rests on the wrong idea that making Canvas data unusable will make your fingerprint worthless, which it won’t. There is no isolation of local data, third party cookies are allowed by default (can be fixed), no tracking protection (can be fixed via adblocker), vulnerability to tracking via Alt-Svc (partially fixable via the HTTPS Always add-on, which will create false positives, but immunity to this kind of tracking like in Chromium would be better) etc. It’s not fantastic, you see.
It’s OK insofar as the browser developer doesn’t directly spy on you, but Pale Moon’s defenses (by default or even modified + add-ons) can’t be compared to a modified current Firefox or Brave, IMHO. It’s just what it is.
Pale Moon is an very insecure browser (in many ways) with severely lacking web compatibility. And yet you claim it’s GOOD. You’re rating it higher than Firefox. You cannot be taken seriously
You downgrade Firefox because it has telemetry, 99.99999999999999999% of which can be disabled with one tick – but more importantly, the telemetry contains zero PII, and uses PRIO and so on. You downgrade Firefox because it has a mechanism to push critical changes (which it has never abused). You downgrade Firefox because it ships with Safe Browsing (easily disabled), and as a default this is not terrible, considering most users are not that tech savvy. The only revealing data ever sent to google is for binary downloads. This is a sensible security default.
Instead of looking at the important things, like security (e10s, removal of XUL, rust usage, fission when it comes, and a hell of a lot more) and privacy (network partitioning is just one of dozens, hundreds even, of on-by-default privacy improvements), you focus on the immaterial trivial things to downgrade Firefox and try to consign in a SHIT bracket but nothing important to upgrade it: and you do the reverse with Pale Moon
You cannot be taken seriously
@”Anonymous”
– My post is not about security, if it were, I would rank modified Firefox lower than Brave, for example. Firefox holds no candle to Chromium in terms of security, it doesn’t even have a proper sandbox in 2021.
– I am not downgrading Firefox because of telemetry, although parts of it can only be disabled via hidden settings and run outside the browser itself which is fairly ridiculous (nobody else does this). Things that would cause Firefox to move down are speculative connections, default acceptance of third party cookies in 2021, usage of Cloudflare as the default DoH provider (LOL), opting users silently into DoH, Google getting both locations and dowload hashes from users, Firefox having a backdoor that allows for remote code execution etc.
– Firefox Experiments is not a “mechanism” to push critical changes, this is what the standard updater is for – usually critical security updates or similar are distributed via the standard updater of the application. Firefox Experiments are what the name says they are, it’s used for experimental features and studies.
– You claim that FF Experiments have never been abused, which is wrong: https://www.zdnet.com/article/firefox-tests-cliqz-engine-which-slurps-user-browsing-data/ and https://www.theverge.com/2017/12/16/16784628/mozilla-mr-robot-arg-plugin-firefox-looking-glass come to mind, please stop deceiving people here
– They used Firefox Experiments in a beneficial manner exactly once, that was to fix their own blunder when they remote-disabled all add-ons in all Firefox installations because they forgot to renew a certificate (which is security theater anyway, anyone can self-sign add-ons, this does nothing to enhance security), problem here is that a) they could have used the normal updater for that and b) a one time wonder beneficial use does not legitimize a backdoor that has already been abused in other instances. I am not arguing against a normal updater here, I am arguing against possible remote code execution.
– If I were downgrading Firefox because of SafeBrowsing alone, I would also have to downgrade Brave as well, which also does have SafeBrowsing enabled by default (although they proxy the connection, which is better). Think before you write, this can’t logically be the sole reason why I downgrade default Firefox.
– e10s – bog standard in 2021, Removal of XUL – Chromium never had that in the first place, Rust usage – minimal in the browser so far, call me again when they rewrite the most attacked parts in Rust, Fission *when it comes* – no better than Chromium and still in beta, embarrassing if anything, considering that years have gone by – My post is, again, not about the security, if it were, Firefox would certainly range above Pale Moon but would at the same time be significantly below Chromium.
– Network partitioning – is a cross browser development / trend, but OK, yeah. I see why this pushes Firefox over privacy nightmares like Chrome / Edge / Opera despite its other issues, hence the existence of the “MEH” category, as for “hundreds of other privacy improvements”, yeah maybe after a user.js is implemented, certainly not by default. Brave for example has vastly superior defaults.
– It is untrue that I am not valuing anything about Firefox, did you miss the fact that thanks to user.js it can be a very good browser according to me? Like, did you see that? But that doesn’t mean that Firefox’s defaults are great, they are just “meh” and not more.
> You claim that FF Experiments have never been abused
LEARN TO READ. I said no such thing. I said the “remote execution” has never been abused. My quote “because it has a mechanism to push critical changes (which it has never abused).”
The rest of your comments just show that you do not know what you are talking about, repeating the same irrelevant, immaterial, out-of-context, twisted rubbish that makes up your 10-point bullet list of misinformation to fling around.
For example, I was comparing Pale Moon to Firefox, but instead you rant on about chromium. What is your agenda here … to not stick to the topic, and to stick the knife into Firefox whenever possible
> VERY GOOD: Brave, modified Firefox
a modified Firefox is light years of anything Brave can do
Just one example is eTLD+1 isolation: not just a full comprehensive network partitioning by default, but Total Cookie Protection (or even FPI like Tor Browser) as opt in
Until Brave adds anything like that (I think they are going to call it ephemeral storage, and there are a lot of parts so don’t hold your breath) and gets up to speed on missing partitioning (which they can’t, they have to wait for and hope it is done upstream), then it doesn’t even come close – it’s not even a contest – game over.
A modified Firefox, excluding using the Tor protocol, is almost as good as Tor Browser. You can see this from the (very few) re-based patches at Tor Project. When you drop the ones not directly related to web content, there’s almost nothing left. And the only other difference would be that Tor Browser as a set of users with the same settings has a much tighter fingerprint
@Anonymous
Okay, what is “modified Firefox” to you? That can be almost anything between almost as bad as Chrome to almost Tor (minus the Tor network, obviously). This is too broad to discuss really, I think it only makes sense to discuss particular items, I think this is what you attempted when you mention certain features of Firefox, am I right?
I think we should mention that the things you claim as FF positives are opt-in, i.e. default Firefox would not have them, all in all getting Firefox to respecting your privacy requires extensive modifications + add-ons. You should also realize that “isolation” of local browsing data is a cross-browser trend. Safari begun with it in 2013, and Chromium is also moving in this direction (starting with the cache recently). Firefox has the most extensive, currently opt-in, isolation, but trust me when I say that they wouldn’t have implemented it if other browsers were not also moving in this direction, because that would have caused web compat issues only pertaining to Firefox.
When you say “not even a contest”, I think you are underplaying Firefox issues like lack of default-on fingerprinting protection (even among the small crowd of Firefox users, you further stick out by enabling RFP), Mozilla’s ability to hijack the browser with experiments (which I consider to be an opt-out backdoor), opting users (without notifying them) into DoH with Cloudflare(!) as the default, which breaks Pi-Hole and custom DNS setups, the address bar unnecessary speculative connections, acceptance of third party cookies by default (Seriously, why? Even Google wants to get rid of them…), implementation of trackers in the mobile version, inability to disable Google SafeBrowsing in the mobile version, usage of Google location services by default without even proxying them (like Brave) etc.
I mean, there is a reason why I rate a heavily modified Firefox highly, but you shouldn’t pretend that there are no issues, or that a default Firefox is anything to write home about. By default, Brave is vastly superior and I don’t think that a modified Firefox comes close, unless you go all the way and enable things like isolation etc. (at which point, you might also just use Tor)…
I specifically excluded things like Firefox’s security compared to Chromium, or its long-term prospects, or Mozilla’s antics as a company here, because they are unrelated, but would also have to be factored in if anyone were to use Firefox as their main browser.
Are you really being that obtuse? You said MODIFIED, so I am talking about modified (not forks) – i.e prefs. And I’m not talking about extensions as they are universal
So what do you do? You reply with an absolute wheelbarrow-full of nonsense about “opting-in” to features. Go look up the word modified. Then you parrot on with trying to compare default settings. For fucks sake.
Then you go on with this repeated nonsense about “isolation” and backstory of caching. Which is all immaterial
You act as if Firefox has nothing to do with it. Safari only implemented image caching back in 2013, and the concept was around long before then. Firefox implemented FPI and did so covering everything imaginable, not just images, and not just the few things other browsers have now done, and they did this starting over four years ago (2016-11-15, Firefox 51). If anything, it’s the other way round. Everyone else is copying Firefox. Oh, and don’t forget they have had the concept of containers (including per site) since before that. But who really cares? It’s all immaterial.
What is not immaterial, is that right now, only Firefox has “partitioned”, “isolated” or “cached” anywhere near all the parts required, especially the ones that are used in mainstream tracking: cookies, local storage, session storage, idb, service worker caches and the like. Only Firefox has implemented a full and real solution
THAT ALONE makes a “modified” Firefox vastly superior. What do you not understand about this?
> WTF
The rest of your commentary has nothing to with what I said either. RFP if you want to use it is at least the equal of Brave’s shield – i.e it fools most scripts. I’m not interested in your fingerprinting talk, you have been shown to be ignorant in this field many many times. I was comparing RFP in Firefox to Tor Browser. Brave fingerprinting is LIGHT YEARS behind: audio is bypassable, canvas was bypassable for over a year, and everything can be detected and ignored. Fonts, devicePixelRatio, language, additional languages, locale, timezone, various screen measurements, and fonts are some high entropy items not even covered yet. Don’t start spouting on about Brave being superior in this area when IT IS NOT. Don’t bother talking about fingerprinting or I will list and link to all the idiotic things you have said on this subject
“Mozilla’s ability to hijack the browser with experiments” – WTF does this have to do with anything. Aside from the addon-eddon 2, when have they ever used this? It’s not experiments, it’s a mechanism to push critical changes. If you can’t trust the developers, then why use their product? Don’t bother answering
“opting users (without notifying them) into DoH” – WTF does this have to do with anything. A modified Firefox can disable that being rolled out. And the roll-out asks the user – it is not done silently. And WTF are you to decide if DoH is good or bad? Don’t bother answering
> I specifically excluded things like..
No you didn’t, you just brought them up as more off topic noise. The security you’re talking about is almost immaterial (not irrelevant) as it only affects 0.0000000000000000001% of traffic. Android has extra issues, but desktop is not far off (e.g. fission and win32 API lockdown is a start). And comparing security is subjective, not something you can really measure. All mainstream browsers are inherently very secure. Mozilla’s “antics” has nothing to do with the software in front of me, and neither does it’s “long term prospects”. At 220 million users and fairly steady at that for two years, I don’t think there is necessarily a short term issue. Until it’s end-of-life, then it doesn’t matter.
> a heavily modified Firefox highly
It’s one click in the preferences to switch to ETP Strict Mode. That alone puts Firefox light years ahead of anything you can do in other browsers
It’s one pref to flip if you want RFP
So, Iron Heart, can you please address the statement, without all the irrelevant and off-topic noise, that a modified Firefox is light years ahead of Brave. And don’t go about the two or three default things Brave does that Firefox doesn’t. We are talking about a modified Firefox.
@”Anonymous”
I don’t know what you want from me here, to be honest. A default Firefox installation is not far ahead of godforsaken Chrome in terms of privacy, there are backdoors like FF Experiments and Mozilla thinks it has the right to opt users silently (they were not asked, stop lying, watch Switched to Linux’s review of the latest FF on YouTube, or the review of Mental Outlaw, both respected channels not known for lying) into DoH using Cloudflare, one of the greatest monopolists and censors of the Internet as a whole, as the default provider. That alone already disqualifies Firefox as a browser, these things are totally unacceptable in their own right. By default, there is no kind of adblocking going on beyond the weak as shit Disconnect lists, FF accepts third party cookies, isolates nothing, no fingerprinting protection etc. Brave is light years ahead out of the box, and that is what matters to most people (and even when modified, I wouldn’t use Firefox over Brave).
Do you think people go out of their way to download some obscure, totally irrelevant user.js almost nobody in the real world knows about, only to find that the browsing experience is bad? Think again. This is not what happens in the wild, what does happen is that people download Firefox, use it unmodified, and think they have enhanced their privacy, which is absolutely false. I am merciful by even listing “modified Firefox”, knowing that I am actually referring to 1% (if that) of all Firefox users here. Which is, as you would say, totally immaterial in real life.
You are downplaying Mozilla’s ability of remote code execution, running unauthorized code on the users system with the same privileges as Firefox, which is IMHO scandalous. This has been used for malware injection (Cliqz incident) already, but hey, I am sure they will never abuse it again. Trust once lost easily regained because it’s Mozilla, right? Laughable, this ability shouldn’t exist and actually doesn’t exist in browsers like Brave or Vivaldi. It does also exist in Chrome, though. What does that say about Firefox? Mozilla should remove the backdoor, or limit it to Nightly (which is alpha testing anyway), then we’ll talk.
Whatever I said about fingerprinting, it won’t come close to the completely dumb (and dangerous) assumption that one doesn’t need to crowd to hide in. Firefox doesn’t defend against fingerprinting by default, and the <1% of users enabling this setting aren't fixing anything because they are sticking out anyhow, default settings or not. Why do you think that Tor has to enable fingerprinting defenses by default? Don't bother answering.
I know by now that you have an axe to grind and obsess over my posts (hence you having a list of all my prior posts – seriously, get some help), because you somehow think that I am treating Firefox unfairly, when in fact I am treating it fairer than I should considering Mozilla's anti-user decision making and the out of the box state of the application (which you don't care about, despite the vast majority using Firefox that way, which is humongous). However, you should really watch your blood pressure considering that the browser most likely won't exist anymore in a few years time.
You are actively deceiving people by saying that the user base is stable (which it isn't), if Firefox's relative(!) share is sinking, no effort will go into fixing websites for it because the percentage of users using a certain browser is what the website admins monitor, not the absolute numbers that are also in decline.
Are we done here? Anything more to say to waste my time?
> I don’t know what you want from me here, to be honest. A default Firefox installation is not…
Once again
– I want you to not talk about defaults. We are discussing a MODIFIED browser
– I want you to not go off on irrelevant topics, this is a MODIFIED browser
Immaterial noise, some repeated
– DoH (apparently this disqualifies Firefox as a browser? WTF are you smoking?)
– something about a backdoor (which is actually a security mechanism that has never been abused, get over it)
– something about Cliqz which was an experiment three years ago, not “remote execution” – it was actually part of an install, nothing remote about it
– something about “weak” blocking lists
– something about a user.js (my example was two changes)
– something about “FF accepts third party cookies, isolates nothing” – did you known that Brave accepts third party cookies, and that Firefox isolates far more than Brave by default
– and a half dozen more things about defaults
So you clearly have no answer: I want you to talk about how in your view a MODIFIED Firefox only matches Brave, when clearly it has some very major advantages, and is clearly light years ahead
But you can’t answer, because to do so truthfully would expose your your ignorance and hate-filled bias. So instead you obfuscate and make noise
> assumption that one doesn’t need to crowd to hide in
The only person I have ever seen claim this is YOU. Many times you stated that randomizing couldn’t be detected and that “farbling” was the world’s best ever and only effective solution. It took months to sink in that all randomizing can be detected and returned as a static value. It took you a year, despite being told, to understand that RFP also has randomizing
You need to stop acting like you know anything about fingerprinting
> I am merciful by even listing “modified” Firefox
Clearly you are some sort of internet browser messiah and we are blessed by your nonsense
> Don’t bother answering
You do this a lot. Mimicry is the sincerest form of flattery
@”Anonymous”
Maybe you want to talk about a modified Firefox (because you know that this is the only way Firefox might hold a candle to Brave, :D), but that doesn’t mean that I have to. See, I have the numbers on my side: Maybe 1% of Firefox users are using it with some obscure user.js file, whereas the vast majority is using Firefox with the defaults and those are nowhere near Brave. Guess which argument holds more water in real life, yours or mine. Don’t bother answering.
I didn’t say that DoH disqualifies Firefox per se, this is you putting words in my mouth, altering what I said (again). What does disqualify Firefox though is silently opting users into DoH without asking them, with Cloudflare as the default provider no less.
Firefox Experiments is not a way to push critical changes, this is what the application updater is for. Stop lying. They used it once to fix their own add-on signing blunder (they could also have used the updater for that), but they also used it to push stuff like the Mr. Robot paid promotion of which most users initially thought it was malware.
Cliqz was also a Firefox Experiment, but you are right, they didn’t use their ability to remote-hijack Firefox with it as they did in the case of Mr. Robot, oh no, they hijacked the downloaded binaries(!) right away without ever informing users. They even had a discussion going on where a dev claimed that users knowing that data was collected about them would skew the results, so better not inform them (which is what happened in the end, users weren’t informed about the spyware experiments). Disgusting company, to put it mildly.
Disconnect being weak is just a fact and is ignored by you out of convenience, compared to other blockers, Firefox hardly blocks anything.
Brave doesn’t accept third party cookies by default, stop lying. Brave only accepts first party cookies by default, while Firefox happily accepts third party (mostly tracking) cookies. Which year is it? Even Google wants to move away from third party cookies.
You misleadingly claim a modified Firefox matches Brave. First of all, a “modified Firefox” can range between almost Chrome to almost Tor, this is too broad to discuss, narrow it down. You are specifically referring to stuff like containers and isolation and RFP etc., at which point one might as well use Tor. I don’t see a use case for a modified-in-this-manner Firefox really. If you care about isolation you probably also care about protection at the network level, hence Tor. By the way, modifying Firefox won’t fix its lack of security or its web compat issues (can’t even properly run Skype, haha), which is not what we are discussing here, but saying that people should use it over Brave now which has none of these issues is fairly ridiculous.
> your ignorance and hate-filled bias.
What about your biases? Turning a clearly laid out backdoor into a way to push critical changes (which only happened once, in a sea of otherwise anti-user experiments), ignoring the defaults despite most people using those, not wanting to talk about the lack of tracker blocking, lying about Brave’s defaults etc. You have no right to criticize me here, if anything, I am overrating Firefox, which by virtue of its defaults should be at the very bottom, slightly above Chrome. That I am actually discussing <1% of all Firefox users using an obscure user.js is in fact mercy and a great deal of fairness on my part, because most people in reality would be better served with a browser that does all of this by default.
I didn't say that randomizing can't be detected – randomizing does produce results that are implausible and thus detectable. But it being detectable is totally irrelevant, what is important is that no canonical fingerprint emerges, and it does achieve that. RFP is also 100% detectable and known by advertisers because they know of Tor, what of it? Does that reduce its effectiveness according to you?
It will take you more than a year, I am sure, to no longer maliciously alter things I said in your favor, and to understand that the <1% of all FF users running an irrelevant user.js don't fix anything (not even the fingerprinting fears of those Mimicry is the sincerest form of flattery
Can also be interpreted as me don’t giving a shit about your one liners and mocking you. Guess which one is more likely.
Typical Iron Heart blathering …
> I didn’t say that DoH disqualifies Firefox per se, this is you putting words in my mouth
Quote “… DoH using Cloudflare, one of the greatest monopolists and censors of the Internet as a whole, as the default provide. That alone already disqualifies Firefox as a browser”
> I didn’t say that randomizing can’t be detected
You have, many times, arguing with Pants, that farbling couldn’t be detected or beaten. You’re also said that a common fingerprint can identify a user on a single site. You’ve claimed adding a metric to a fingerprint script makes a poison pill no longer work. You’ve claimed returning gibberish in metrics is better.
> You misleadingly claim a modified Firefox matches Brave
I said no such thing. I said it is LIGHT YEARS AHEAD of anything Brave can do. You’re the one who said it matches
> as they did in the case of Mr. Robot
Mr Robot was also an experiment, not a “remote execution”
> a way to push critical changes (which only happened once
So you agree then that it was only ever used once, to push a critical change (which was addon-geddon 2)
> Maybe you want to talk about a modified Firefox
YOU are the one who ranked the browsers and YOU added an entry called “modified Firefox”. But when asked about it, you can’t talk like a grown up, and have to resort to non-modified and irrelevant rubbish
> You have no right to criticize me here
I have every right in the world to reply and criticize anything you post, including your inability to stick a topic and deal in facts and context, and including showing up your repeated lack of knowledge, ignorance, and constant twisting and lies, which makes you untrustworthy
> no canonical fingerprint emerges
Brave does not protect fingerprinting, as it does not cover enough metrics. Also, canvas leaked for over a year, and audio still leaks – how’s that protecting the real value working out for you? Clearly RFP is massively superior. Do go and read up on Information Theory and learn about surprisals and how entropy works.
—
In what way is Firefox with TCP + RFP only on a par with Brave, when TCP alone makes it massively superior? Please reply why something like TCP is not important in Brave. Please explain how RFP is not as effective, at a bare minimum, in protecting fingerprints in Firefox just like Shields is in Brave. Tell me how other modified settings in Firefox don’t trump Brave’s default?
I have shown that a modified Firefox with just RFP and TCP is light years ahead of anything Brave can do. None of your arguments have even addressed this.
@”Anonymous” (why don’t you give yourself a nickname, I recommend “trousers”)
> Quote “… DoH using Cloudflare, one of the greatest monopolists and censors of the Internet as a whole, as the default provide. That alone already disqualifies Firefox as a browser”
Shortened quote. :D Do you assume that people can’t follow a conversation? Do you think people are literally too stupid to read?
Me (unshortened quote): >>A default Firefox installation is not far ahead of godforsaken Chrome in terms of privacy, there are backdoors like FF Experiments and Mozilla thinks it has the right to opt users silently (they were not asked, stop lying, watch Switched to Linux’s review of the latest FF on YouTube, or the review of Mental Outlaw, both respected channels not known for lying) into DoH using Cloudflare, one of the greatest monopolists and censors of the Internet as a whole, as the default provider. That alone already disqualifies Firefox as a browser, these things are totally unacceptable in their own right.<>DoH (apparently this disqualifies Firefox as a browser? WTF are you smoking?)<>I didn’t say that DoH disqualifies Firefox per se, this is you putting words in my mouth, altering what I said (again). What does disqualify Firefox though is silently opting users into DoH without asking them, with Cloudflare as the default provider no less.<>Quote “… DoH using Cloudflare, one of the greatest monopolists and censors of the Internet as a whole, as the default provide. That alone already disqualifies Firefox as a browser”< Pants
Education? Achievements? Work experience? Still waiting!
> that farbling couldn’t be detected or beaten.
If correctly implemented, it is hard to beat, as studies show. “Unbeatable” is just hyperbole being put in my mouth by you, yet again. Nothing is totally unbeatable. Implausible results resulting from andomization can also be detected as such, you fool. I never claimed otherwise, but then, it doesn’t(!) matter, because the goal is no canonical fingerprint emerging, and it achieves that whether it’s detectable or not. It producing obvious fake values does not mean that the real values leak. That is a totally false equivalency you are claiming I made, but I didn’t. Stop manipulating the discussion and deceiving readers.
> You’re also said that a common fingerprint can identify a user on a single site.
Lie by omission. I said that Tor’s of FF’s common fingerprint using RFP doesn’t work in real life because users would usually soften the settings, because there is too much breakage, starting with Canvas. If Canvas falls, and if WebGL isn’t protected short of disabling it and might have to be softened again by enabling it ’cause breakage, why do it at all? That’s insane leakage as a result, and an approach doomed to fail.
Can’t wait for the next shortened, totally ripped out of context quote that you’ll present to “prove” (LOL) I ever said something that was in fact only said in your vivid imagination.
> You’ve claimed adding a metric to a fingerprint script makes a poison pill no longer work.
???
The poison pill might become useless if all your extensions leak, if WebGL leaks, and if e.g. your fonts leak. With these three values alone, I can have 99%+ certainty that it’s you. I don’t even need the MAC address leaking via IPv6, although that might help as well. Canvas is not the be all and all. If you think it is, you are a fool.
> You’ve claimed returning gibberish in metrics is better.
Has oftentimes better web compat results than returning nothing, yeah. Point in case: See WebGL, Brave works in most cases, Firefox with most obscure user.js scripts applied (WebGL disabled) doesn’t.
> I said no such thing. I said it is LIGHT YEARS AHEAD of anything Brave can do.
Modified Firefox can be anything between almost Chrome and almost Tor. By default, Firefox is pure shit. Guess how most people use their browser… Yeah.
> Mr Robot was also an experiment, not a “remote execution”
>>In computer security, arbitrary code execution (ACE) is an attacker’s ability to execute arbitrary commands or code on a target machine or in a target process. An arbitrary code execution vulnerability is a security flaw in software or hardware allowing arbitrary code execution. A program that is designed to exploit such a vulnerability is called an arbitrary code execution exploit. The ability to trigger arbitrary code execution over a network (especially via a wide-area network such as the Internet) is often referred to as remote code execution (RCE).< So you agree then that it was only ever used once, to push a critical change (which was addon-geddon 2)
No, I don’t. I agree that it was once used for something beneficial, to unfuck the add-on armageddon caused by Mozilla’s own incompetence and insistance on security theater. That was its one time beneficial(!) use – and was avoidable because they could also just have used the application updater. It otherwise also gets used all the time by Mozilla to run junk code on the user’s system, downloaded from Mozilla’s servers. At worst, this can turn out to be adware (Mr. Robot) or spyware (Cliqz) – both were system add-ons.
> YOU are the one who ranked the browsers and YOU added an entry called “modified Firefox”.
Not sure what you want from me here? I was more fair than I should have been here by taking 1% (again, generous estimate in your favor!) of all Firefox users who might run some user.js into account. I could also have overlooked this because it is a deviation from the default (which is utter shit in Firefox) and would have been right to do so because comparing the defaults is a useful comparison, a comparison that is more true for 99% of users out there than discussing fringe use cases is. You are literally attacking me for being too fair here by even mentioning obscure user.js scripts that make FF better. Good luck with that going forward, it ain’t working.
> I have every right in the world
Going by your own history? Nope.
> which makes you untrustworthy
Still more trustworthy than someone with no proven skill level having to put words in other people’s mouth to score a point.
> Brave does not protect fingerprinting
Brave (default) does more to protect the fingerprint than Firefox (default), because Firefox literally doesn’t do anything. For simple scripts, even with FF’s fingerprinting defenses enabled, FF doesn’t do anything more than Brave. For more advanced scripts, you better have a crowd, which Firefox doesn’t have, and will never have (Tor exists for a reason).
> Clearly RFP is massively superior.
:D
Not in terms of breakage caused, and even when it’s used it only works in Tor for more advanced scripts than what Brave can also beat, because there is not a crowd of Firefox users with irrelevant user.js files running and there never will be one.
> Please reply why something like TCP is not important in Brave.
I don’t have to. It’s a cross browser development, everyone including Apple and Google are moving in this direction. As stated many times above, why do you refuse to listen?
> Please explain how RFP is not as effective, at a bare minimum, in protecting fingerprints in Firefox just like Shields is in Brave.
Wait a second, YOU are claiming that RFP is ahead of Brave: >>Clearly RFP is massively superior.<<
However, it isn't. There is no crowd to hide in ( Tell me how other modified settings in Firefox don’t trump Brave’s default?
Tell me which modified Firefox settings aside from “Total Cookie Protection” (marketing term for something all browsers will eventually have in the near future, and does nothing against a first party tracking you) and RFP (which does nothing more for you than what Brave does, because you are using it outside the Tor crowd, and causes lots of web compatibility headaches starting with Canvas) DO beat Brave’s defaults? Good luck, there isn’t anything. In exchange for these utter irrelevancies, I get worse performance, worse web compatibility, worse security, and no future. Thanks, but I am sticking with Brave.
> I have shown that a modified Firefox with just RFP and TCP is light years ahead of anything Brave can do.
I have, but it doesn’t matter. It is not convincing anyone to install Firefox because there are other factors involved that heavily speak against the product. Do you think the two marketing terms you throw around relentlessly make up for FF’s shortcomings? If so, LOL.
DoH is NOT silently enabled in any roll-out (limited to a few countries). Even if it did (it doesn’t), that does not apply to a modified Firefox
https://support.mozilla.org/en-US/kb/dns-over-https-doh-faqs
> Will users be warned when this is enabled and offered an opt out?
> Yes, a pop-up will display and will not disappear until the user makes a decision about enabling or disabling DNS privacy protections
> I agree that it was once used for something beneficial
So you DO agree then, that it was only used once and never abused. Not to be confused with “experiments” which can be disabled, which is what you are doing .. deliberately mixing up items
> The poison pill might become useless if all your extensions leak, if WebGL leaks
And there it is again. The poison pill does not change because of other metrics. Each metric is independent. You need to stop talking about fingerprinting. Stop repeating the same rubbish – https://www.ghacks.net/2021/05/05/how-to-disable-javascript-in-pdf-documents-in-firefox/#comment-4494261
Also, WTF does extensions have to do with anything? The same applies in any browser. Also, WTF does IPs have to do with it. The same applies in any browser (except Tor Browser). This useless noise adding and absurd lack of knowledge on your part makes it pointless talking to you, except to show that you do not know what you are talking about
> Brave (default) does more to protect the fingerprint than Firefox (default)
Why are you talking about defaults? I am talking about a modified Firefox, because YOU RANKED A MODIFIED FIREFOX. Stick to the point and man up and defend YOUR ranking why Brave is the equal here, instead of falling back to a completely different comparison
Brave’s default does nothing more that adding an extension can do. All Brave does is fool naive scripts and does nothing anywhere near what RFP can do
> Not in terms of breakage
You’re confusing compatibility with effectiveness. RFP compat is not a major issue, 95% of it is canvas which can be enabled per site, permanently or per session. There are solid reasons why Tor Uplift decided to randomize per execution, this is not a bug. Get over it. And allowing canvas on select sites is not a tracking vector: canvas tests are not universally identical, and canvas alone is not enough.
> Lie by omission / I never claimed otherwise
Yes you have: you have claimed so many incorrect basic assumptions about tracking, linkability, fingerprints, metrics, methods to get fingerprints, methods to counter fingerprints, entropy and more, that at this point it’s just a running joke to get you to make more clangers, such as the next one
You keep making up arguments against the wisdom and knowledge of a decade+ of thousands and thousands of Tor and Mozilla devs, independent researchers, tests, the-entire-world, studies, papers. So who is right – them or the mighty ignorant Iron Heart?
@”Anonymous”
> DoH is NOT silently enabled in any roll-out (limited to a few countries). Even if it did (it doesn’t), that does not apply to a modified Firefox
Still dancing around the fact that they are silently opting users into DoH? Ask the users and it would be OK, but then, the Cloudflare deal, the money etc…
> So you DO agree then, that it was only used once and never abused.
No. It was used hundreds of times so far, but only once in a beneficial way. The rest of the time they installed junk code and at times also spyware. Seriously, even a three year old can comprehend what I said.
> Not to be confused with “experiments” which can be disabled, which is what you are doing .. deliberately mixing up items
False, Normandy and Firefox Experiments and Studies are synonymous. They are the same thing. Kudos for your skill as a manipulator of words, though.
> The poison pill does not change because of other metrics. Each metric is independent. You need to stop talking about fingerprinting. Stop repeating the same rubbish –
Poison pill doesn’t matter if they can identify you with 99% accuracy using other metrics anyway. They could in fact totally exempt Canvas (= not even collect it) and would be able to tell that it’s you. In theory, your MAC address or fonts + WebGL alone suffice in most cases. Do you some Canvas fakery will make your FP worthless if other values can already identify you with extremely high accuracy? :D Never mind he fact that the Canvas fakery is detectable as such, haha.
> Also, WTF does extensions have to do with anything?
Playing dumb? Those are a vector as well, if they leak, they can identify you with high accuracy. Especially on Firefox, where each extension is assigned a unique per-user UUID.
> Also, WTF does IPs have to do with it.
I referred to the static MAC addresse, not IP addresses that rotate anyway. Seriously, I addressed this topic in another post below, are you this *self-censored*?
> Stop repeating the same rubbish –
How about you set an example here? You are coming up with the same bullshit over and over again, hijacking exchanges I have with other people, where your presence was totally unasked for and contributed nothing of substance. Do you have nothing else to do?
> I am talking about a modified Firefox
Cool, but that doesn’t mean I have to. The numbers are on my side, almost nobody uses Firefox with an obscure user.js in the real world! Even considering the 1% of FF users who do is an act of fairness on my part that has little to do with how Firefox is used by most people in real life. What you say is 100% inconsequential for the masses of people who would be better served with Brave thanks to its better defaults.
> Stick to the point and man up and defend YOUR ranking why Brave is the equal here,
I told you several issues with Firefox (hijacking with random experimental code via backdoor, opting users into DoH with Cloudflare as default, unproxied SafeBrowsing with possible download hash leak, Google location services being used unproxied, hardly any tracking protection by default, acceptance of third party cookies in 2021 when even Google aims to drop them etc.) – by default, Brave is much better. A modified Firefox is not as good as Brave unless you go all the way including RFP, at which point you might as well use Tor. I don’t even see a big use case for FF + some obscure user.js that gets its settings 1:1 from Tor. If you care about things like isolation and RFP and that type of stuff, you would also protect the network level, which is what Tor is for.
> Brave’s default does nothing more that adding an extension can do.
FP protection? CNAME uncloaking? Degoogling the browser? Prxying remaining Google connections? Third party cookie blocking? Alt Svc not working? FLoC blocking? Ephemetal storage? Hello? What year is it?
All better than the pile of shit that is Firefox out of the box, perhaps you should man up to the fact that Mozilla is providing a shitty browser to the masses (And no, obscure user.js files that 1% of all FF users use aren’t fixing this for the majority!), despite Brave showing them how it can be done? How about that? Your theoretical bickering about “modified Firefox” (creating a shitty browsing experience, see RFP Canvas issues for more info) has no real world impact.
> You’re confusing compatibility with effectiveness.
False. Web compat issues prevent RFP from being enabled by default, and the fact that it is disabled by default currently reduces its effectiveness against advanced scripts, because there is no crowd to hide in. You act as if the two are not linked to each other, which is BS.
Plus, users might have to relax settings because of breakage, which also reduces the overall effectiveness. Stop playing dumb, Mozilla marketing department.
> and canvas alone is not enough.
What about the breakage disabling WebGL causes for 3D rendering, and the leak when it’s enabled? Hm…
What about the extension leak that is also uniquely identifying you in FF?
> Yes you have
You claiming that I was incorrect using shortened, ripped out of context quotes, is not proving anything and is not convincing at all. You are just dumb if you believe that Firefox with RFP has any chance against advanced scripts without serious crowd building. You are dumb if you ignore WebGL leaks, extension leaks, Canvas web compat issues and accompanying leaks resulting from a relaxation of Canvas settings via user input. You are dumb if you believe defaults are irrelevant (part of crowd building). And so on and so forth, you had your share of dumb utterances.
> You keep making up arguments against the wisdom and knowledge of a decade+ of thousands and thousands of Tor and Mozilla devs, independent researchers, tests, the-entire-world, studies, papers.
Sounds very impressive, your little list. There is a bit of a problem here, though: Tor admits the Canvas web compat issues, they admit that they haven’t a solution for WebGL other than disabling it yet, extension leaks are also admitted on Bugzilla by the very Mozilla devs you mention etc. It’s not like I am making this stuff up, and the persons on your list and independent tests and what not confirm what I say.
* [Editor: removed, you know why]
@Iron Heart
I don’t know if you are same person like the one in comments above or different coz right now it feels more like ranting.
Look you mention Mental Outlaw, no disrespect to that channel its fine though certainly more opinion type that fact type. That guy is not as smart as he thinks he is. In his Firefox privacy guide video with using user.js, he compared and analysed his results on panopticlick.eff.org and said look my fingerprint is not unique. Anyone who has any sort of fingerprinting knowledge(Device plus Browser fingerprinting in Chromium Browsers and just Browser fingerprinting in FF) knows to not compare the results of panopticlick.eff.org or amiunique.org but rather go through individual options to check your browser details and see what sort of information your browser is sending which can be seen by any script – good or bad.
As for other things if you think the way you wrote above which is factually incorrect that’s fine, but remember one thing in chromium browsers there are no options to stop Device Fingerprinting nevermind Browser fingerprinting. And there are currently no backdoor experiments in FF or DNS fiasco. To verify this, I simply create a new profile and till this day I’m waiting for things you mentioned. Plus you don’t need a crowd to hide in to prevent Browser fingerprinting coz that crowd thing doesn’t exist in internet world, if you think otherwise good for you.
@Yash
> I don’t know if you are same person like the one in comments above or different coz right now it feels more like ranting.
Still the same. Also, ranting? Do you mean my undertone giving away that I’m annoyed because I am confronted with misinformation again? If so, well spotted.
> Look you mention Mental Outlaw, no disrespect to that channel its fine though certainly more opinion type that fact type.
I was accused of lying in a very specific case (claiming that Mozilla opts users into DoH silently), and I refuted this by pointing to respectable channels where the same thing I said was reported to have happened. Nothing more, nothing less.
> but rather go through individual options to check your browser details and see what sort of information your browser is sending which can be seen by any script – good or bad.
Sorry, but this is not how it works. You don’t just create your individual fingerprint by individually judging which info to hide, this is dangerous and counterproductive. The goal is to blend in with a crowd, this is the only way of becoming non-unique. Please understand that. “No result” is also a recordable result just like any other result. To cite one historical example, you claimed that it was good to hide device info. When I correctly asserted that this is done by but remember one thing in chromium browsers there are no options to stop Device Fingerprinting nevermind Browser fingerprinting.
???
Do you think it is impossible to protect those values in Chromium? Bromite should tell you otherwise, it is possible. Not that hiding / changing every value is desirable, mind you. See above. Hiding the device might do more harm than good, but it is certainly possible.
> And there are currently no backdoor experiments
The backdoor is still there and active by default, search for “normandy” in about:config. If you trust Mozilla completely and want them to hijack your browser with experiments, experiments that also contained spyware in the past, why don’t you re-enable the backdoor? According to “Anonymous” above, if you don’t trust the browser dev completely, why use their product at all? Might as well go for it. :D
> or DNS fiasco
The FF 89.0 update silently opts users into DoH with Cloudflare as the default provider, I’d call that a fiasco. I mean, at least ask users for their approval here…
> To verify this, I simply create a new profile and till this day I’m waiting for things you mentioned.
Ever heard of “staged rollouts”? A single profile of you is no evidence for anything. They are starting to opt users into DoH: https://www.youtube.com/watch?v=8UUs0b31rmk
As for FF Experiments, I’ve already told you where you can find the related settings, and it is most certainly enabled in every fresh profile out there. To claim otherwise is dishonest.
> Plus you don’t need a crowd to hide in to prevent Browser fingerprinting coz that crowd thing doesn’t exist in internet world, if you think otherwise good for you.
“Don’t need a crowd.” and “Crowd doesn’t exist.”, wrong on both accounts. Research what Tor is, research then why it has fingerprinting defenses enabled by default, then understand what that means for the crowd building and why a crowd to hide in is obviously important. Good luck.
@Iron Heart
I will try to keep this as short as possible.
There are three popular ways to track users(whether its ethical to do this depends on use case) – 1. IP address, 2. Cookies, 3. Browser Fingerprinting in case of Tor if one *changes* the default setup and Device Fingerprinting in case of Chromium browsers which includes Bromite as well(I have that installed in my phone). Some can argue cookies should be on first place, no problem with that.
To stop IP address tracking, first disabling of IPV6 at router, device, browser level(Firefox support that) is necessary so no chance of IPV6 leaking out. Then if feasible use VPN or Tor depending on use case and threat level.
To stop cookie tracking, first disable third party cookies. In FF there are measures against supercookies and cross site tracking even in its default state so it is best in that regard than any other browser. There are more ways to stop cookie tracking – read user.js file.
Now comes the big one – Browser Fingerprinting(or BFP). The general approach that can work against it can be found in Tor Browser. To stop BFP is to make a browser that is revealing less about itself IOW only revealing those values which are necessary and are generalised which is not possible in case of Chromium browsers. See an average user can say look I use Chrome, now I can hide in among its huge userbase or I use Brave so I have a crowd to hide in. This theory unfortunately doesn’t work in real world. Chrome reveals everything not about itself but about device(Smartphone/Laptop) as well. It reveals Device name in User Agent, GPU Info, RAM and many more things which includes even Battery status plus one important information as well(stay tuned). To truly defeat BFP, users would have to use same devices plus same RAM and GPU configuration, heck even same Battery status. Then an average user can think look BFP is no more. But Chrome also reveals *REAL CANVAS DATA* and so even after using the exact same device configuration BFP can still track users individually. This is the reason why having a crowd to hide-in doesn’t work in Chrome or in any other Chromium Browser. Even Brave reveals all real values bar WebGL and battery status, but then hiding two values in which WebGL is still enabled(security issue) is not good enough.
Firefox even in its default configuration hides more values than any other Chromium browser in Desktop category. In smartphone category, only Bromite hides some values in its default config which default Firefox doesn’t. Bromite hides Device name like Firefox but also hides Android Version and it also hides local WebRTC address. But those two values can be still hidden in Firefox by using RFP and disabling WebRTC through either add-ons or about:config. Though by enabling RFP, Firefox would also prevent Canvas leak, connection info and other metrics as well, no option for that in any Chromium browser. To check Canvas leak, visit browserleaks.org/canvas If image size is in thousands bytes, it means Canvas is leaking. If it is around 250 bytes that means Canvas fingerprinting is prevented.
This is the reason why having a popular smartphone or laptop, and using a popular browser to defeat BFP theory falls flat on ground. Smartphones launches happen in yearly cycle, in some cases even 6 months, and same Laptop can have different GPU and RAM configurations. A Chromium browser which reveals everything can’t prevent BFP because of this. In default Firefox however many things are generalised and a user only needs to change three main things to hide remaining Device Info – ENABLE RFP and disable WebGL plus WebAudio(though I’m not entirely sure about WebAudio as audio fingerprint is already generalised in Firefox, but better safe than sorry).
Saying things like look Firefox already has less users and even less users enable RFP undermines that even using a popular browser can’t prevent the identification of users on individual level.
It then comes down to this – whether you want to reveal your Canvas data and other metrics in Brave which will reveal you on individual basis even though you are using *popular* model and what not. Or reveal yourself to website with your *real canvas data* hidden and other identifying metrics generalised.
That’s what I meant with crowd hide-in. Plus even in Firefox, you can’t hide every value one-by-one, it haplens mkstly with two or three switches max. and so when I said to only compare values in panopticlick.eff.org, I was referring to cross-check if one has enabled only main values like RFP rather than going through non-RFP values(which has a section on user.js file)
@Yash
I didn’t even have to read your comment to know that it will fall into the following wrong assumptions again:
– According to you, hiding a value is always better than revealing a value. FALSE. You can stick out more by hiding some things than by just revealing them. The fact that you are hiding them is VISIBLE. It is VISIBLE that you are not revealing e.g. the smartphone model in your user agent. How many people hide the model? Below Saying things like look Firefox already has less users and even less users enable RFP undermines that even using a popular browser can’t prevent the identification of users on individual level.
It can, if fingerprinting defenses are enabled by default in said popular browser. You’ll then have both the reduction of attack surface or alteration of values, and a sizable crowd to hide in with this. See Tor. It just so happens that no major browser bothers to fight fingerprinting by default (Chrome, Edge, FF, Opera etc.), which is a problem for those doing it outside of Tor, we can only hope that browsers that fight FPing by default become more popular.
> Even Brave reveals all real values bar WebGL and battery status,
Nope. Brave covers more than just WebGL and battery status, pal:
Fingerprinting methods randomized
Canvas
WebGL
Web Audio
Plugins
Hardware Concurrency
Enumerate Devices (order)
Fingerprinting methods blocked
WebRTC IP leakage
HSTS fingerprinting
Client Hints
Battery Status API is disabled because the battery level can be used as a tracking signal.
Web Bluetooth is disabled on desktop due to us not seeing much benefit to enabling it right now
source: https://github.com/brave/brave-browser/wiki/Fingerprinting-Protections
There are still metrics missing, but then, it’s still a work and progress and new ones are added on a continual basis. Which is great, mind you, because Brave has the numbers behind it to actually make this a thing (effective FP protection outside of Tor).
> To truly defeat BFP, users would have to use same devices plus same RAM and GPU configuration, heck even same Battery status.
Do you know what is IMHO necessary to conclusively defeat browser fingerprinting on the desktop?
– Multiple virtual machines using OSes with different video drivers, each used for a different purpose
– All VMs with different settings re. RAM, CPU cores assigned, different video memory, different screen resolution, different color depth
– Install browsers that block WebGL by default and provide you with a reasonable(!) crowd to hide in, should be either Brave (Aggressive FP blocking) or Tor
– IPv6 globally disabled because the MAC address might ruin everything
– Run different VPNs in each VM or use the Tor network
– Set the browser to frequently delete cookies & other local data if it isn’t set that way already (Tor is already pre-configured)
What you and most here do (including myself) is actually insufficient because it doesn’t protect against some values browsers, even Tor, still leak. You’d need an elaborate multi-VM setup, isolated from your main OS, to counter possible known and unknown leaks, you must literally compartmentalize. Who is going to do that? I don’t, and you do not, either.
@Iron Heart
I guess there is no constructive debate/criticism possible with you. You, in the comments above, mentioned Mozilla’s antics(funny there isn’t a single line about Brave or Google antics) and what not and yet when it comes to Brave, took the words straight from Brave team.
“Brave covers more than just WebGL and battery status, pal:
Fingerprinting methods randomized
Canvas
WebGL
Web Audio
Plugins
Hardware Concurrency
Enumerate Devices (order)
Fingerprinting methods blocked
WebRTC IP leakage
HSTS fingerprinting
Client Hints
Battery Status API is disabled because the battery level can be used as a tracking signal.
Web Bluetooth is disabled on desktop due to us not seeing much benefit to enabling it right now”
Seriously even Brave team might pull you off for mentioning Canvas, WebAudio because they have issues for these things as things stand. Plus it doesn’t take a genius to look beyond Brave team’s words coz they don’t even hide WebRTC address and other metrics. Check it yourself mate and then see the real data. See I’m not gonna be pissed off for someone using Brave, fine no problem, but atleast don’t say things the way you want about Firefox but rather use some truth and FACTS. And more importantly analyse things properly.
@Yash
> I guess there is no constructive debate/criticism possible with you.
It’s possible, but not in an environment of ignorance. You are claiming that reducing the attack surface is all that is necessary to combat fingerprinting – but it’s not. Reducing the attack surface can be counterproductive is the value you are hiding or faking is low entropy, you might draw more attention to yourself if you hide certain values than you would if you just revealed them. Apart from that, crowd building is very important for defending against fingerprinting. You can’t just disable stuff on your own and think you are safe now, you have to hide within a big number of users with the same settings (see Tor for an example of this). Reducing the attack surface on your own, without your set of settings being that of a great amount of other people, is fixing nothing, because “No result” is a result just like any other result. For example, you think that hiding your phone model is a great idea – it’s not. Advertisers can see that this info is missing from your user agent because everyone else reveals it, and those who are hiding it are well below 1% of all smartphone users. This is the group you belong to now, below 1% of all smartphone users. You think this will make it harder to track you? LOL, give me a break. You don’t turn invisible by disabling stuff, they can record the lack of data (example: “Galaxy S21” and “model missing” are both results, guess which one appears more often), and you are fairly unique with this lack of data, UNLESS there is a group of other people sharing your settings (there isn’t, going by what you use, your approach would be respectable if you did use Tor and refrained from changing its settings).
> You, in the comments above, mentioned Mozilla’s antics(funny there isn’t a single line about Brave or Google antics)
Well, what is there to comment on? There hasn’t been shady behavior on the part of Brave Software yet on the level of opting users into DoH with Cloudflare as default (haha), or the CEO coming out and saying that a heavily censored web is desirable (“Deplatfoming isn’t enough.”) etc. Just face it, Mozilla has had bad PR disasters, but rest assured, if Brave Software does something of that magnitude, I won’t be a hypocrite and stand idly by. Won’t happen. That being said, for me to say something against them, some bad stuff on their part would have to happen first, as a precondition.
And commenting on Google? Why? They are a known data harvester, even my neighbor’s dog knows this. However the issue with Mozilla in particular is, they are playing white knight still despite being shadier than most of their competitors, except maybe Opera who are even worse.
> Seriously even Brave team might pull you off for mentioning Canvas, WebAudio because they have issues for these things as things stand.
Do you expect perfection in a nascent fingerprinting defense? Perhaps reconsider your expectations, Firefox wasn’t perfect in its first year either, and in fact needed the Tor project as an external party to lend them some skill.
> Plus it doesn’t take a genius to look beyond Brave team’s words coz they don’t even hide WebRTC address and other metrics.
Neither does Firefox by default, pal. Brave has a setting for this, and so does Firefox. Hiding this stuff by default breaks web chats, which is why it can’t be a default.
> Check it yourself mate and then see the real data.
???
I am aware of the real data, I am aware of my own expectations, I am also aware of the fact that browser choice is determined by multiple factors, of which privacy is just one (there is also security, web compatibility, performance etc.). I chose Brave as my default for a reason, if you use something else, fine, I mean whatever. I guess you have your reasons as well, valid or not. Just like it is for me.
> but atleast don’t say things the way you want about Firefox but rather use some truth and FACTS.
I am of the opinion that I am treating this project with greater respect than what it would be deserving of in 2021.
@Iron Heart
Seriously the amount of times you have contradicted yourself in the few comments in this article alone is just amazing. Brave doesn’t hide particular thing because it may break Web, and then in case of Firefox usual-usual ranting. How many times have you said oh look some things are not enabled from default in Firefox and in case of Brave, web breakage, laughable.
You say oh look I’m using Brave but that’s my choice which is good, but then false accusations over Firefox and some which holds no value on real world. You mentioned Web Compatibility, Security and what not above, well bothered to elaborate those points or were those part of usual ranting.
You mentioned Brave link which details Brave attempts to prevent BFP, well half or more than half of the metrics they say have been changed are still visible and shows REAL data. But then Brave team also said this – “Brave’s system for protecting users against fingerprinting works differently. Instead of trying to make Brave users look identical (a goal that is not achievable for many users in many cases, without breaking websites or turning off useful browser functionality), Brave tries to make you look as different as possible, for each website, for each session. This prevents browsers from identifying you when you visit other sites, or when you return to the same site in the future.
Brave uses this anonymity-through-randomization approach for several reasons including i) it better protects users with browser / computer / language / etc configurations, and ii) its more web compatible, since it doesn’t require disabling browser features.”
First what they said here totally eliminates your already false concept of crowd hide-in and all the other nonsense. But even then what Brave team said is false – how are they going to protect users when they are going to be revealing same *real* values of a particular user every single time which would reveal its user identity. These quotes along with your usual ranting can even make Tor Browser look like a Toddler doing a tantrum(sounds familiar). user.js guide makes all users look same so website would not be able to identify even a single metric about user, even if only one user.js file user visits a particular site. Coz no value revealed there would be able to link it back to user. A website would only find I’m using Windows with all metrics disabled when in reality I would be using Mint with laptop of Dell.
Unless you don’t want to accept reality, no chromium browser can prevent either BFP and not even Device fingerprinting. And I would like to see some real world explanation if you think otherwise.
Anyway time is precious, look what nearly happened to Eriksen, so if a user wants to use Chrome/Brave/Firefox no problem. But don’t throw mud at other when you can’t prove your point.
@Yash
> Seriously the amount of times you have contradicted yourself in the few comments in this article alone is just amazing.
Where for example?
> Brave doesn’t hide particular thing because it may break Web, and then in case of Firefox usual-usual ranting. How many times have you said oh look some things are not enabled from default in Firefox and in case of Brave, web breakage, laughable.
Again, where?
> but then false accusations over Firefox and some which holds no value on real world.
“False accusations”, once again, where precisely? The issues I cited are provable and in particular in case of leaks, compat issues also admitted by Mozilla or the Tor project.
> You mentioned Web Compatibility, Security and what not above, well bothered to elaborate those points or were those part of usual ranting.
You already know the sources from prior discussions and dismissed them without proving them wrong or even attempting to argue against them (because you can’t). Do you think this is some Monty Pythonesque scenario, do you think I will post them all over again so that you can dismiss them again? No way.
> well half or more than half of the metrics they say have been changed are still visible and shows REAL data.
I doubt it. Of the vectors they cover, they will only reveal randomized data, which is a result, but not a true one. There is a known Canvas issue that they are looking at, but really apart from that? Please prove your allegations.
> “Brave’s system for protecting users against fingerprinting works differently. Instead of trying to make Brave users look identical (a goal that is not achievable for many users in many cases, without breaking websites or turning off useful browser functionality), Brave tries to make you look as different as possible, for each website, for each session. This prevents browsers from identifying you when you visit other sites, or when you return to the same site in the future.
Yeah, you can either attempt to make all people look the same / as generic as possible, or you can try to make people look unique every time, in order to destabilize the canonical fingerprint. These are general outlines and Brave differs from the Tor approach here, but both are valid. It’s also not “either – or” as Brave produces some generic results and Firefox produces some randomized results in its fingerprint, this is being decided by both on a per-vector basis. I am just talking general outlines here.
> First what they said here totally eliminates your already false concept of crowd hide-in and all the other nonsense.
No, it doesn’t. It is just a different but equally valid concept. I talked about the necessities of crowds in the sense that most browsers based on FF will try to make you look as generic as possible, and why your way of thinking is incompatible with that (reducing attack surface on your own thinking it does anything, ignoring the crowd etc.)
Plus, Brave users are also forming a crowd, because randomization is detectable, so you could also find out that e.g. “All Brave users randomize Canvas”. They are just not a generic(!) crowd, because Brave is not following that general approach (although, as said, there is overlap).
> But even then what Brave team said is false – how are they going to protect users when they are going to be revealing same *real* values of a particular user every single time which would reveal its user identity.
Uhm, I hope you realize that Brave’s FP defenses do not yet cover all vectors, which is why I called it “nascent” before. Of course, if a script that is not getting blocked is checking for values that Brave does not yet protect, it will get real values that are not changing.
> user.js guide makes all users look same so website would not be able to identify even a single metric about user, even if only one user.js file user visits a particular site.
Funny considering that this is coming from you, who disabled the Web Audio API despite what is advised by these obscure user.js scripts. This is a problem; you are leaving the crowd of same-looking users with this. This highlights one of several issues:
– If people like you further customize settings, RFP can’t work as intended.
– RFP creates web compat issues for Canvas and settings will have to relaxed by users in some cases.
– Firefox and Tor can be told apart at the network level or via simple feature detection, meaning that you are not among the crowd of Tor users just because you have enabled RFP.
– Speaking of which, you still have no network level protection, if you use Firefox + user.js + VPN or Tor onion routing, may I ask the question: What differentiates this poor Tor imitation from actual Tor then?
– There are still leaks going on even with RFP, e.g. extension leaks.
– Even with just Firefox + user.js, the user numbers (of those maintaining discipline, not those blindly further customizing settings like you, who have left the crowd via their nonsense anyway) are so low that you will be unique anywhere you go. Think about it, you use a 4% market share browser and are among the 1% of that 4%. How effective is that? …
> would not be able to identify even a single metric about user
False, there are still leaks e.g. extensions. Plus, Firefox + user.js is so low usage that you are unique anyway especially with no network level protection. Snake oil at its finest.
> Coz no value revealed there would be able to link it back to user.
No comment, LOL. See above.
> A website would only find I’m using Windows with all metrics disabled when in reality I would be using Mint with laptop of Dell.
No, they see a pretty unique set of values (more than ever, because you fail to maintain discipline even within the borders of RFP, which in its own right doesn’t have many users to begin with) + they have the network level. Also possibly extension leaks, as said.
> no chromium browser can prevent either BFP and not even Device fingerprinting.
Provably false, ask Brave and Bromite. Firefox + user.js doesn’t protect you, either. Run Tor in some VM or plain Whonix and then we’ll talk.
> But don’t throw mud at other when you can’t prove your point.
Can’t argue against ignorance. You think nobody sharing your set of settings is irrelevant, you think reducing the attack surface is a fix for fingerprinting without ever questioning the plain necessity for some values, and you fail to understand the implications of “No result” also being a visible result. Can’t help you until you look into those gross errors of judgement.
@Iron Heart
Ladies and Gentlemen, Iron Heart has done it *again*. You ask where? Well in this article alone you have contradicted yourself multiple times, feel free to read your comments again if you can, about RFP, adblocking, fingerprinting script and many more. Seriously you even questioned the credentials of Pants again. I believe even Martin B response would not be enough for you. Then you ask where?
https://www.ghacks.net/2021/05/05/how-to-disable-javascript-in-pdf-documents-in-firefox/
This is the link of another article where you revealed your true nature and ignorance about things you don’t even understand.
But then again, like many good Firefox users have proved in the past, you can’t prove a single thing and then when you can’t, get frustrated and goes full accusation mode.
Time is precious Iron Heart. Use your favourite browser Brave, live freely thinking you have a complete browser, donating BTC to whoever you like. There are many more important things than wasting time on something for which you have false agenda.
And as for your usual I PROVIDE SOURCES, feel free to mention some links so I can check how credible they are. Yes me an average internet user who doesn’t claim he knows everything but analyse everything properly on its pros and cons without getting sucked into a company’s words.
@Yash
> Ladies and Gentlemen, Iron Heart has done it *again*.
Yes, I’ve shown again why your ideas are faulty. QED.
> Well in this article alone you have contradicted yourself multiple times (…)
If it ever happened, you would have gleefully pointed at it by now, I am sure.
> Seriously you even questioned the credentials of Pants again.
Of course, why not? Is she somehow above questions? I haven’t seen anything yet beyond her maintaining a user.js file that gets its settings 1:1 from Tor. This fails to impress me, I have no respect for that, and see no necessity to feign any.
When I get to see conclusive proof of actual skill, I’ll shut up. Not before.
> This is the link of another article where you revealed your true nature and ignorance about things you don’t even understand.
Do you realize that it is self-refuting that you cite Pants as a “credible” source (*cough*), yet fail to heed her advice by further fiddling with the recommended settings!? Fine, I guess? You are not even consistent within the concept you are defending, and fail to understand the implications of it, so how can you possibly accuse me of having no skill? Is this comedy?
> But then again, like many good Firefox users have proved in the past,
:D
Don’t think so.
> you have false agenda.
At least I am not supporting a totalitarian mindset that is totally off the rails, contrary to you and the other pseudo-experts around here: https://odysee.com/@Lunduke:e/MozillaCensorship:4
I can still look in the mirror because I do not encourage suppression of free speech (human right) with my choices. Not so sure about you…
> feel free to mention some links so I can check how credible they are.
No, you had your chance. You obviously have a posting history of mine, just dig them out and refute them before I post anything again. Start with Daniel Micay’s assertions about the futility of obscure user.js files.
Iron Heart * [Editor: removed, please stay polite]
1. “Beating fingerprinting is possible only with multiple virtual machines, WebGL being disabled (because, believe it or not, even cross-virtual machine fingerprinting is possible via WebGL), that is via Brave (Aggressive FP blocking setting) or Tor, since those are the only browsers on the desktop which have FP defenses enabled by default, meaning that you will be in a pool.”
Time for some real world testing, Brave doesn’t have an option to disable WebGL unlike Tor, infact it removed that functionality around 6 months ago. Firefox has that option. And Brave Aggressive FP blocking setting reveal every real metric bar battery, even WebGL is revealed as its not disabled(like in Tor, in user.js).
2. “Brave, Tor etc. (no virtual machine): Same as the above, will attempt to fool scripts even if they get through, they succeed in the majority of cases (because most scripts only check a limited range of items) and are still improving.”
Bothered to elaborate the specific items that are checked apart from Canvas, WebAudio, WebGL of course as those are revealed in Brave.
3. “By default, there is no kind of adblocking going on beyond the weak as shit Disconnect lists, FF accepts third party cookies, isolates nothing, no fingerprinting protection etc. ”
Well whatever you say about weak Disconnect lists, its equivalent to Brave built-in adblocker. Try to visit a certain major Wrestling news website or APK download platform in Brave, it requests to disable adblocker and stops content from loading until adblocker is disabled(ironically according to you, related to fingerprinting protections – everything is getting mixed eh), so much for your so called built-in adblocker. And before mentioning Manifest V3 read Mozilla blog(which you have but would still rant about it) as Ublock Origin will work fine even after that in Firefox. “Firefox isolate nothing” – visit Firefox v86 article on gHacks. No fingerprinting protection, well as I have always said, Brave even in its advanced mode reveals more than default Firefox. Feel free to mention even one metric which Firefox reveals more than Brave even in its default state and Brave in its advanced(lol) mode.
4. “Do you think people go out of their way to download some obscure, totally irrelevant user.js almost nobody in the real world knows about, only to find that the browsing experience is bad? Think again. This is not what happens in the wild, what does happen is that people download Firefox, use it unmodified, and think they have enhanced their privacy, which is absolutely false. I am merciful by even listing “modified Firefox”, knowing that I am actually referring to 1% (if that) of all Firefox users here. ”
Bad browsing experience with user.js – name some websites which doesn’t load properly.
And about Skype, Brave doesn’t hide WebRTC address unlike Bromite as it reveals local IP address even in its so called advanced mode which in real world is the equivalent to Firefox default mode. So if you’re going to mention Skype(and Zoom) in user.js not loading websites, visit a doctor so you can understand the purpose of user.js.
And since you kindly mentioned 1% of Firefox users, here is some hard truth. Brave userbase is way less than Firefox and because of its so called Fingerprinting protections, its users can be easily identified as Brave users and can be separated from Chrome and any other browser, certainly not much. Plus since it reveals most metrics, more than even default Firefox, including device name, screen resolutions and what not the crowd doesn’t exist(it doesn’t exist in Chrome either because of all metrics revealed which makes the concept of crowd impossible) and its users can be identified by BFP. Plus even Brave team says its main goal is to randomise values as it knows crowd doesn’t exist(though Iron Heart doesn’t know even this) although they haven’t even done that properly(for more information, visit Brave Github issues – Canvas, WebAudio). Seriously if you mention this percentage of user, crowd hide-in and what not, even Brave team would have to pull you aside.
Now comes the best Iron Heart quote which is true but unfortunately only to Brave’s fingerprinting protection demise –
5. “I didn’t say that randomizing can’t be detected – randomizing does produce results that are implausible and thus detectable. But it being detectable is totally irrelevant, what is important is that no canonical fingerprint emerges, and it does achieve that. RFP is also 100% detectable and known by advertisers because they know of Tor, what of it?”
Brave reveals Canvas and all metrics, and because of that it reveals real(and thus unique which can be used to identify users) canonical fingerprint unlike user.js file in Firefox and in Tor(RFP is built to stop that – if you know). Canonical fingerprint is randomized to the point by RFP that no two visits can be linked to one, not through BFP anyway. See Iron Heart that’s why user.js is light years ahead and because randomizing(which is revealing real and unique data of users anyway which isn’t being changed in Brave) can be detected in Brave, its inferior to even default Firefox.
6. “I said that Tor’s of FF’s common fingerprint using RFP doesn’t work in real life because users would usually soften the settings, because there is too much breakage, starting with Canvas. If Canvas falls, and if WebGL isn’t protected short of disabling it and might have to be softened again by enabling it ’cause breakage, why do it at all? That’s insane leakage as a result, and an approach doomed to fail.”
Please mention websites breakage by giving some names.
Plus WebGL an insane leakage, see that’s true but unfortunately Brave doesn’t disable it and it removed that functionality so Brave approach doomed to fail?
7. “Poison pill doesn’t matter if they can identify you with 99% accuracy using other metrics anyway. They could in fact totally exempt Canvas (= not even collect it) and would be able to tell that it’s you. In theory, your MAC address or fonts + WebGL alone suffice in most cases. Do you some Canvas fakery will make your FP worthless if other values can already identify you with extremely high accuracy? :D Never mind he fact that the Canvas fakery is detectable as such, haha.”
Since Brave reveals 99% of true metrics, according to you, its doomed(its fingerprinting protection are already bad). Plus Brave reveals REAL canvas data. Not to mention it does fakery on top of that which is detectable and can be linked back to the user which in other words is called Browser Fingerprinting, not the case with RFP in Firefox.
8. “Brave only accepts first party cookies by default, while Firefox happily accepts third party (mostly tracking) cookies. Which year is it? Even Google wants to move away from third party cookies.”
Mostly tracking, haven’t used Firefox, eh stupid Iron Heart. Mention of Google yeah, Google did bring a new thing called FLoC. How low can you go?
There were way more quotes from you(of WebGL and much more) which are totally false and contradict even what you write literally in every second para. I only picked these because atleast a tiny part is true but only to Brave fingerprinting protection demise, in simple language so you can easily understand.
* [Editor: removed]
@Yash
At this point, I am not sure if you are just lacking knowledge, making you draw wrong conclusions that you then defend as if your life depended on it, or if you just lie, or if you otherwise have any axe to grind. Probably a mixture of all three, but whatever the case, basically the entirety of your post is factually incorrect. Let’s go, shall we:
> Brave doesn’t have an option to disable WebGL unlike Tor,
False. Brave’s fingerprinting defenses set to “Aggressive” disable WebGL: https://github.com/brave/brave-browser/issues/9189#issue-599209227
> Firefox has that option.
Yes, but it’s utterly useless to fight fingerprinting:
“Providing the offer to disable features to reduce attack surface can be useful. Doing it to prevent fingerprinting is utter nonsense since by changing any settings that sites can detect you have made yourself far more easily fingerprinted. Disabling WebRTC and WebGL would make you far easier to fingerprint, not harder. These sites encouraging things like that is a problem.”
source: https://old.reddit.com/r/GrapheneOS/comments/ciizae/vanadium_and_bromium_privacy/ev6m2ot/
Truer words have never been spoken.
> And Brave Aggressive FP blocking setting reveal every real metric bar battery, even WebGL is revealed as its not disabled(like in Tor, in user.js).
> Bothered to elaborate the specific items that are checked apart from Canvas, WebAudio, WebGL of course as those are revealed in Brave.
Blatantly false. You have never used Brave, or have used an incorrect setting in Brave (Standard, or FP defenses turned off entirely), or you are just lying. Anyone can see that Brave protects certain values on browserleaks.com.
> Well whatever you say about weak Disconnect lists, its equivalent to Brave built-in adblocker.
False. Brave by default uses the EasyList, EasyPrivacy, Peter Lowe’s list, and a specific list for the language set. The first three alone already exceed Disconnect’s entries by several thousand percent. Again, either you have never used Brave or you are lying. Brave is close to the default of uBlock Origin, if anything.
> Try to visit a certain major Wrestling news website or APK download platform in Brave, it requests to disable adblocker and stops content from loading until adblocker is disabled(ironically according to you, related to fingerprinting protections – everything is getting mixed eh), so much for your so called built-in adblocker.
I don’t recall we’ve ever talked about that type of thing (wrestling website). I also don’t recall to have ever claimed that anti-adblock scripts are related to Brave’s fingerprinting defenses. Turning off Brave’s FP defenses is not the appropriate response to this, you need some “adblock blocker blocker” list.
> Ublock Origin will work fine even after that in Firefox.
Do you like extensions being able to directly monitor, intercept, and redirect your traffic? If yes, then Firefox’s solution is great. If not, a built-in adblocker or lifting the limitations of the declarativeNetRequest API would have been strongly preferable. But then, Firefox wasn’t known for its sound security before, so…
> “Firefox isolate nothing” – visit Firefox v86 article on gHacks.
Ah yes, do you realize that Safari already does this since years and that Firefox has only done this recently because Google is also doing it right now? That’s called a cross-browser development, yet you are trying to sell it as if Mozilla has just discovered the fire (if anything, Apple pioneered it). Pathetic.
> Brave even in its advanced mode reveals more than default Firefox.
False. Firefox by default reveals everything, there is no kind of FP protection at all. Brave, by default, protects Canvas, WebGL, Web Audio (remember, the thing you stupidly disabled), Plugins, Hardware Concurrency, Enumeration of Devices etc.
source: https://github.com/brave/brave-browser/wiki/Fingerprinting-Protections#fingerprinting-methods-randomized
> Bad browsing experience with user.js – name some websites which doesn’t load properly.
Everything that uses Canvas and WebGL is an absolute shit show with user.js. Every newer 3D animation breaks because they utilize WebGL etc. I don’t see any point in mentioning specific websites, you’d dismiss them with some stupid one liner like “Who uses those etc.” Since the technologies that are broken with user.js are widely used, I need no further thing to prove, that this is an issue should be self-explanatory.
> including device name, screen resolutions and what not the crowd doesn’t exist(it doesn’t exist in Chrome either because of all metrics revealed which makes the concept of crowd impossible)
Again, do you realize that Brave is not yet covering every single metric? Still not getting it? Perfection in year 1 is impossible to achieve, sorry to disappoint you. And I don’t understand what Brave not covering every single metric YET has to do with the crowd principle? Like, what? What does me trying to explain a basic idea has to do with Brave’s current implementation?
> And about Skype, Brave doesn’t hide WebRTC address unlike Bromite as it reveals local IP address even in its so called advanced mode which in real world is the equivalent to Firefox default mode.
Wow, you are wrong again. Of course Brave reveals the local IP address for WebRTC-based chats, because those can and so break otherwise. This is a sane default because, well, chats are popular. One can disable the WebRTC IP reveal under brave://settings/privacy (perhaps you should try this before babbling nonsense, btw), but it’s clear as day why this can’t be a sane default! Firefox, too – contrary to what you falsely claim – reveals the local IP address for WebRTC-based chats by default, much for the same reason Brave does. You have literally ZERO clue.
> So if you’re going to mention Skype(and Zoom) in user.js not loading websites, visit a doctor so you can understand the purpose of user.js.
It’s a shitty web experience with user.js, you see (also, Skype doesn’t work in Firefox anyway, user.js or not – LOL). Privacy protections shouldn’t render a browser unusable. You can only protect what you can actually use.
> Brave userbase is way less than Firefox and because of its so called Fingerprinting protections, its users can be easily identified as Brave users and can be separated from Chrome and any other browser, certainly not much.
Brave has crossed the 30 million user mark recently, doubling its user base in a very short time, and all of them have FP defenses enabled by default. Firefox had 207 million users on May 31, 2021, down from 253 million users on January 28, 2019. source: https://data.firefox.com/dashboard/user-activity
Yeah, I don’t think things are looking too bright for Mozilla (can’t say that I am sorry). Of those 207 million users that still haven’t given up on the dying product, if 1% have RFP defenses enabled, that would amount to 2.07 million users, which is likely still a strong overestimation on my part. Yeah, certainly a great pool you hide in, LOL.
Plus, no browser can hide that it is itself. Firefox can’t hide that it’s Firefox because of rendering patterns of Gecko, Chrome can’t hide that it’s Chrome for the same reason (Blink engine rendering patterns). Brave can’t hide that it’s Brave mainly because of certain behavioral patterns of its Shields and because several APIs are disabled which would be enabled in Chrome etc. However, all this DOESN’T MATTER, because the Brave crowd is large enough by now that one can hide in it even(!) if it can be differentiated from Chrome. Can’t say the same about the Firefox user.js community, eh?
> Plus even Brave team says its main goal is to randomise values as it knows crowd doesn’t exist(though Iron Heart doesn’t know even this) although they haven’t even done that properly(for more information, visit Brave Github issues – Canvas, WebAudio). Seriously if you mention this percentage of user, crowd hide-in and what not, even Brave team would have to pull you aside.
You are showing that you have zero clue, again (unsurprising by now). Brave users do of course form a BEHAVIORAL CROWD, because all of them are randomizing and the randomization can be detected (which is not the same as real values leaking, I am just saying that advertisers can see that the randomized values are improbable, without ever getting real values). Brave users are all “randomizers”, so to speak. Firefox and Tor aim to create a GENERIC CROWD where all users are looking the same (and not unique every time, like in Brave). Both are crowds, you fool, Brave just isn’t a generic crowd.
Brave doesn’t randomize all values, either, for example, “WebGL = disabled” isn’t randomized, this is a static value. Likewise, Firefox doesn’t only produce static values, it does randomize Canvas, for example. This is being decided on a per-vector basis and there is overlap between the approaches. Do you ever read what I write, I have already stated something to that effect above, yet you act as if was never stated? This is wasting my time, you see.
> Brave reveals Canvas and all metrics, and because of that it reveals real(and thus unique which can be used to identify users) canonical fingerprint unlike user.js file in Firefox and in Tor(RFP is built to stop that – if you know).
You are still claiming that Brave reveals all values, and you are still wrong. Firefox’s RFP won’t protect you since there is no sizable crowd, and even if it did, you would have destroyed said protection by further meddling with the settings (RFP doesn’t disable the Web Audio API, but you did – if any script checks for that, you are even sticking out of the small crowd of RFP users).
> Canonical fingerprint is randomized to the point by RFP that no two visits can be linked to one, not through BFP anyway.
One can still easily catch RFP users at the network level, or by checking for extension leaks (UUID or behavioral leaks), or via feature detection differentiating different browser versions, or… So many possibilities, I didn’t even broadly mention the collection of several performance metrics that can be hidden only insufficiently, because knowing you, what would be the point?
People like you, who further meddle with the settings, are even easier to catch.
> that’s why user.js is light years ahead
:D
> Brave, its inferior to even default Firefox.
Firefox by default doesn’t protect anything, Brave by default protects several values. You lying about Brave to drag it to the level of FF’s defaults doesn’t exactly change that.
> Plus WebGL an insane leakage, see that’s true but unfortunately Brave doesn’t disable it and it removed that functionality so Brave approach doomed to fail?
Not doomed to fail, because Brave does protect WebGL despite you falsely claiming otherwise.
> Since Brave reveals 99% of true metrics, according to you,
Uhm, what? I never claimed that, this is your false claim repeated ad nauseam, this time by saying that it’s supposedly my claim in actuality. :D
> Not to mention it does fakery on top of that which is detectable
Yes, of course it’s detectable, because randomizing might lead to implausible results.
> and can be linked back to the user which in other words is called Browser Fingerprinting
It can’t be linked back to the user. That’s the whole premise of randomizing, one is unique every single time, no canonical fingerprint and no linkability emerges. Is Brave perfect just yet? No, but it’s developing in the correct direction.
> not the case with RFP in Firefox.
RFP is nonsense snake oil unless it gets enabled by default in Firefox at some point, there is no crowd building going on, at all.
> Mostly tracking, haven’t used Firefox, eh stupid Iron Heart.
Firefox allows 3rd party cookies by default, Brave doesn’t. Do you have anything more to say?
> which are totally false and contradict even what you write literally in every second para
The only thing that is false is your interpretation, deliberately or not. I have also shown you where you got it wrong, probably to no avail. I am not contradicting myself anywhere here so far, as far as I can tell.
Man, this is getting tiresome, your lack of understanding (still unfixed) is now paired with lies and / or lack of knowledge and an axe to grind. Waste of time. Are we done here?
@Iron Heart
“At this point, I am not sure if you are just lacking knowledge, making you draw wrong conclusions that you then defend as if your life depended on it, or if you just lie, or if you otherwise have any axe to grind. Probably a mixture of all three, but whatever the case, basically the entirety of your post is factually incorrect.”
Lets check it, who unnecessarily attacks Firefox in every comment like your life depends on it, well said Iron Heart.
“False. Brave’s fingerprinting defenses set to “Aggressive” disable WebGL: https://github.com/brave/brave-browser/issues/9189#issue-599209227”
Visit Browserleaks.com or any other site in Brave, see if WebGL is disabled or not, and find yourself that you were lying. I have never said that(feel free to point where I said this) Brave should disable WebGL but rather give user the option to do so, which because it is based on Chromium can’t do this, Google and Chrome monopoly. It removed that functionality and that’s why I uninstalled it, Bromite still has that mind.
“Providing the offer to disable features to reduce attack surface can be useful. Doing it to prevent fingerprinting is utter nonsense since by changing any settings that sites can detect you have made yourself far more easily fingerprinted. Disabling WebRTC and WebGL would make you far easier to fingerprint, not harder. These sites encouraging things like that is a problem.
source: https://old.reddit.com/r/GrapheneOS/comments/ciizae/vanadium_and_bromium_privacy/ev6m2ot/”
That link again, this whole paragraph is a lie and nonsense, hiding real data that can be used for tracking is dangerous, wow good analysis, though you do remember that it was you who brought up the Brave WebGL GitHub link which falsely claim it disable WebGL which according to this link is dangerous. Only one can be true, either this reddit link or Brave’s GitHub link.
“Blatantly false. You have never used Brave, or have used an incorrect setting in Brave (Standard, or FP defenses turned off entirely), or you are just lying. Anyone can see that Brave protects certain values on browserleaks.com.”
Unlike you who just spread disinformation, I have used Brave. Mention any certain values Brave protects not covered by default Firefox setup either in Smartphones or in Desktop variants.
“False. Brave by default uses the EasyList, EasyPrivacy, Peter Lowe’s list, and a specific list for the language set. The first three alone already exceed Disconnect’s entries by several thousand percent. Again, either you have never used Brave or you are lying. Brave is close to the default of uBlock Origin, if anything.” and
“I don’t recall we’ve ever talked about that type of thing (wrestling website). I also don’t recall to have ever claimed that anti-adblock scripts are related to Brave’s fingerprinting defenses. Turning off Brave’s FP defenses is not the appropriate response to this, you need some “adblock blocker blocker” list.”
Good of you to mention uBlock Origin which is available even in smartphones in case of Firefox, unlike Brave which allows for more customisability and superior content blocking.
In replying to a user on earlier comments of this thread, you said disabling adblocking also disables anti-fingerprinting measures. Well ads, tracking and browser fingerprinting are different things, don’t mix them. I can copy paste that line if you want.
“Do you like extensions being able to directly monitor, intercept, and redirect your traffic? If yes, then Firefox’s solution is great. If not, a built-in adblocker or lifting the limitations of the declarativeNetRequest API would have been strongly preferable. But then, Firefox wasn’t known for its sound security before, so…”
Sound security before, another lie.
And yes I do prefer uBlock Origin as its far more customisable than Brave in built solution and is light years ahead, as it stop more things than just ads which are just the visible tip of iceberg.
“Ah yes, do you realize that Safari already does this since years and that Firefox has only done this recently because Google is also doing it right now? That’s called a cross-browser development, yet you are trying to sell it as if Mozilla has just discovered the fire (if anything, Apple pioneered it). Pathetic.”
Another user revealed the difference between Safari doing it and then Firefox doing it the *proper* way, you igonored that like always. Funny isn’t this, Safari’s approach is half-arsed and was involved in PRISM like its maker Apple. Google is doing this right now – any link would be welcome which can back up what you are saying, plus FPI was not introduced in 2020, years before that, so tell me what Google is doing that made Firefox to do it as well.
Cross-browser development – well done for mentioning this. See Firefox did First Party Isolation better than Safari which still holds its ground after years unlike Safari’s solution and Google has no alternative for that, yet you still trash Firefox for that, and Brave even after all those years reveal Canvas data which even Brave team admitted, its a risk, no problem in that Iron Heart. So much for your Cross-browser development. And what is Brave going to do about ManifestV3, don’t tell me they already block ads, because uBlock Origin(and content blockers in general) does more than that if you know that.
“False. Firefox by default reveals everything, there is no kind of FP protection at all. Brave, by default, protects Canvas, WebGL, Web Audio (remember, the thing you stupidly disabled), Plugins, Hardware Concurrency, Enumeration of Devices etc.
source: https://github.com/brave/brave-browser/wiki/Fingerprinting-Protections#fingerprinting-methods-randomized”
Again another lie. Brave reveals these values in its advanced mode same as Firefox in its default mode. I did said another line when mentioning WebAudio but you in your usual rant ignored that. I said WebAudio in Firefox is generalised unlike Brave(for more imformationvisit Brave Github issues). You are lying here which is very much like you. Again Brave team might have to pull you to one side, as they have issues in Github regarding even the link you mentioned which even you admitted in above comments.
“Everything that uses Canvas and WebGL is an absolute shit show with user.js. Every newer 3D animation breaks because they utilize WebGL etc. I don’t see any point in mentioning specific websites, you’d dismiss them with some stupid one liner like “Who uses those etc.” Since the technologies that are broken with user.js are widely used, I need no further thing to prove, that this is an issue should be self-explanatory.”
You do know that Firefox support multiple profiles, nearly every Firefox user and to an extent every browser user knows that. And so Zoom and certain websites are advised to not open in user.js profile. User.js webpage on Github has mentioned this already, didn’t you know that?
Seriously you would be complaining Oh look I can’t stream live matches in Tor because of DRM. Read every instruction carefully Iron Heart and first understand things before speaking.
“Again, do you realize that Brave is not yet covering every single metric? Still not getting it? Perfection in year 1 is impossible to achieve, sorry to disappoint you. And I don’t understand what Brave not covering every single metric YET has to do with the crowd principle? Like, what? What does me trying to explain a basic idea has to do with Brave’s current implementation?”
First you were having a problem with Firefox implementing complete solution in FPI late than Safari incomplete one, then lied about metrics covered by Brave and then here you contradicted your earlier point by saying perfection in year 1 is impossible. This is what many Firefox and also me was saying – Brave’s fingerprinting protection are not complete and are comparable to default Firefox right now. I mean if have you say this now, why didn’t you accepted this earlier?
And crowd principle was brought forward by you in response to user.js, and when I mentioned some hard truth about this(for more information please copy paste my full para about it than single line), you’re now asking what does it has to do with Brave current implementation? Contradiction again.
“Wow, you are wrong again. Of course Brave reveals the local IP address for WebRTC-based chats, because those can and so break otherwise. This is a sane default because, well, chats are popular. One can disable the WebRTC IP reveal under brave://settings/privacy (perhaps you should try this before babbling nonsense, btw), but it’s clear as day why this can’t be a sane default! Firefox, too – contrary to what you falsely claim – reveals the local IP address for WebRTC-based chats by default, much for the same reason Brave does. You have literally ZERO clue.”
I said Brave’s current approach is equivalent to default Firefox, and I didn’t claim Firefox hides local WebRTC address, don’t know why you’re lying about something I didn’t said and even in your copy paste line, its clear I said Brave approach is equivalent to default Firefox. Why are you lying as if your life depends on it?
“Plus, no browser can hide that it is itself. Firefox can’t hide that it’s Firefox because of rendering patterns of Gecko, Chrome can’t hide that it’s Chrome for the same reason (Blink engine rendering patterns). Brave can’t hide that it’s Brave mainly because of certain behavioral patterns of its Shields and because several APIs are disabled which would be enabled in Chrome etc. However, all this DOESN’T MATTER, because the Brave crowd is large enough by now that one can hide in it even(!) if it can be differentiated from Chrome. Can’t say the same about the Firefox user.js community, eh?”
Again even Brave team said its main goal is randomising, and for your information its you who always brought the userbase and crowd hide in, not me. And every browser reveals whether it is Brave, Firefox, Chrome or Tor but its you who mix everything up especially in case of Firefox and Tor. Brave reveals its Brave and yet it also reveal every metric bar battery which is enough to identify users. Even Brave team knows this – read their link. And for god sake, understand the concept of Browser fingerprinting properly along with Device fingerprinting.
“You are showing that you have zero clue, again (unsurprising by now). Brave users do of course form a BEHAVIORAL CROWD, because all of them are randomizing and the randomization can be detected (which is not the same as real values leaking, I am just saying that advertisers can see that the randomized values are improbable, without ever getting real values). Brave users are all “randomizers”, so to speak. Firefox and Tor aim to create a GENERIC CROWD where all users are looking the same (and not unique every time, like in Brave). Both are crowds, you fool, Brave just isn’t a generic crowd.”
Randomising can be detected, well spotted but it becomes more dangerous when its also revealing real values unlike Tor or RFP. It comes down to whether reveal real values or randomize them properly for which currently there are opened issues in Brave Github. Again you are manipulating facts.
“You are still claiming that Brave reveals all values, and you are still wrong. Firefox’s RFP won’t protect you since there is no sizable crowd, and even if it did, you would have destroyed said protection by further meddling with the settings (RFP doesn’t disable the Web Audio API, but you did – if any script checks for that, you are even sticking out of the small crowd of RFP users).”
Again you mentioned crowd which even Brave team denies. Plus WebAudio is disabled in user.js along with others, and I said one more line when mentioning WebAudio but in this comment alone you have lied about that twice.
“One can still easily catch RFP users at the network level, or by checking for extension leaks (UUID or behavioral leaks), or via feature detection differentiating different browser versions, or… So many possibilities, I didn’t even broadly mention the collection of several performance metrics that can be hidden only insufficiently, because knowing you, what would be the point?”
If one can catch RFP, it then can’t be linked back to user unlike Brave’s approach(see their issues), and RFP hides different browser versions as well as behavioral leaks, in other words, dynamic fingerprinting which one user mentioned in another article and that user also shared a research paper before you mentioned in this comment. You haven’t used RFP yet otherwise you wouldn’t have said that.
“Firefox by default doesn’t protect anything, Brave by default protects several values. You lying about Brave to drag it to the level of FF’s defaults doesn’t exactly change that.” and
“Not doomed to fail, because Brave does protect WebGL despite you falsely claiming otherwise.”
Please mention any website to check values or better you can go ahead and visit Browserleaks.org or websites lile that, and then check for yourself. Who is lying here will be revealed.
“It can’t be linked back to the user. That’s the whole premise of randomizing, one is unique every single time, no canonical fingerprint and no linkability emerges. Is Brave perfect just yet? No, but it’s developing in the correct direction.”
Visit Brave Github issues :-) and find for yourself.
“Firefox allows 3rd party cookies by default, Brave doesn’t. Do you have anything more to say?”
Visit any Firefox article on this website called gHacks and find more about measures Firefox has against tracking cookies, supercookies not found in Brave.
And finally to you Iron Heart, if you’re going to mention what I said, please copy paste whole paragraph than single line, because in this comment alone you have manipulated what I wrote in above comments.
A special thanks to Editor if full comment gets published.
@Iron Heart
I could not find HTTP Cache Partitioning – chrome://flags/#http-cache-partitioning in Ungoogled Chromium. Any help appreciated.
Thanks
@Anonymous
Google enabled cache partitioning in Chromium 86 (October 2020). Since UG Chromium is based on newer versions now, no additional steps are required. Sorry for confusing you, I had the flag enabled still, but “Enabled” is now the default anyway, no user interaction required.
@Iron Heart
Very informative information you gave that individual on UC.
First, Brave should fix that bug, do you have any influence with them?
Second, why do you recommend disabling IPv6? Is IPv6 a security concern? Does Brave do anything on this or is this a general recommendation? Also, I can set IPv6 on or off on my router, would setting it off there be better than setting it off at the OS?
Thanks
@Anonymous
> First, Brave should fix that bug, do you have any influence with them?
I have no say in the company, I am just another Brave user. I occasionally raise issues on GitHub, but so do hundreds of other people. Ideally, they should look at bugs, provide a schedule, and fix them. However, this is not how it really works. As in other software projects, bugs are assigned a priority, and if your bug is considered low priority, an immediate fix will be out of the question. If more people raise the issue, it will become evident that they need to look at it / give it a higher priority. That’s the only way, until then, one can only use another browser if the issue is detrimental to one’s workflow.
> Second, why do you recommend disabling IPv6? Is IPv6 a security concern? Does Brave do anything on this or is this a general recommendation? Also, I can set IPv6 on or off on my router, would setting it off there be better than setting it off at the OS?
IPv6 is primarily a privacy concern. Any device you own has a so called MAC address, which is essentially a unique hardware address exposed at the network level:
https://en.wikipedia.org/wiki/MAC_address
It is important to note that the MAC address is static / unchanging, while IP addresses usually rotate (exceptions exist here, though). So, you internet servie provider might occasionally rotate your IP address, but your MAC address will remain the same. The internet protocol IPv6, if it is actually used anywhere you go, will expose your MAC address to the website. This is uniquely identifying you even if your IP address should rotate. Think of it this way, even if you had a hundred IP addresses used every day, the MAC address would still give away that it’s you. Now, not every connected device supports IPv6, so there will usually be an IPv4 fallback, meaning that you can still browse the website even if IPv6 is disabled, it will just switch back to IPv4. IPv4 does not expose the MAC address of your hardware, but rather only your IP address (which rotates). Since most people do have IPv6 enabled, disabling it might introduce a slight fingerprinting risk (although any kind of info gained here would be low value, because as I said, not all devices support IPv6, so even if is disabled, you are still in a big pool), in order to fix this, one would have to spoof (feign) random new MAC addresses, perhaps on every restart of the computer / smartphone / whatever. There is software which does that, but disabling IPv6 is usually the easier route and is actually fail-safe.
Brave itself does nothing in relation to IPv6; Brave follows whatever you decree in the network settings of your operating system, if IPv6 is disabled there, Brave will only work with IPv4. Firefox has a setting called network.dns.disableIPv6, which disables IPv6 in the browser only while leaving it enabled at the operating system level (it can still be used by any application aside from Firefox if the Firefox setting is being used), however, there is no advantage here.
Disabling IPv6 in your router instead of your OS has advantages if you have more than one device connected to your network. Disabling it in your router will make the use of IPv6 impossible for any device connected to it. However, if your device (e.g. laptop, smartphone) leaves your own WiFi network, for example in a hotel, you will again be using IPv6 because you have not disabled it in your OS (Windows, Linux, macOS etc.) settings.
Disabling it in the router –> Make it impossible to use IPv6 for any device connected to your own WiFi network.
Disabling it on your device –> Make it impossible to use IPv6 on that device no matter which network you are connected to.
Those are two different use cases.
Zelanium said on June 7: “Asking Apple, Google and Microsoft to produce anything that respects privacy and is truly based on openness is a truly baffling idea.”
It is indeed. Any initiative involving Google will be another contribution to The Big Data Robbery.
> Apple, Google, Microsoft and Mozilla formed the WebExtensions Community Group to specify a model, permissions, and a common core of APIs for web browser extensions.
>> Mozilla
You were the Chosen One! It was said that you would destroy the Sith, not join them! Bring balance to the Force, not leave it in darkness!
Great info on Ipv6, IronHeart. Thanks bro.
@Iron Heart
Thanks for those setup settings you gave on Ungoogled Chromium and Vivaldi (and previously on Brave). I find these comments among the most helpful information here on Ghacks.
@Ghacks
You should consider giving @Iron Heart a page or Sticky Thread where he can post his current Browser recommendations. The first page or comment could be editable by him with his current recommended settings. That way, those of us that want this information would have one location here on Ghacks to find it.
Thanks
No fucking way. There’s nothing stopping Iron Heart creating his own blog page so everyone can find and ridicule it