Browser fingerprinting with NoScript

With recent revelations about browser fingerprinting, the race is on to find ways and means that will help reduce your browser’s fingerprint, and with it, make it difficult for it (and you) to be tracked.

After trying Panopticlick yesterday, a tool released by the Electronic Frontier Foundation to help users determine if their browser is safe against tracking and fingerprinting, I set out to find out how to make my browsers less unique to trackers.

For the very paranoid, the results are not good.

Under default settings, a browser like Mozilla Firefox and Iceweasel emit very unique fingerprints, as shown in the result of a Panopticlick test in Figure 1. “Default settings” implies that DNT (Do Not Track) is disabled, and cookies are accepted. Pay special attention to how many other browsers have the same fingerprint as the target browser.

Browser fingerprinting
Figure 1: Browser fingerprinting under browser default settings

Enabling DNT makes no difference to the result of the test.

Browser fingerprinting with DNT
Figure 2: Browser fingerprinting with DNT (Do Not Track) enabled

Even with DNT and cookies rejected globally, the browser still has a unique fingerprint which was even worse than when cookies were accept.

Browser fingerprinting no cookies
Figure 3: Browser fingerprinting with DNT (Do Not Track) enabled and cookies disabled

With Privacy Badger installed, still keeping DNT enabled and cookies rejected, the result is only as good as when DNT was enabled, which means not very good.

Browser fingerprinting with Privacy Badger
Figure 4: Browser fingerprinting with Privacy Badger installed

Throw NoScript in the mix, and your browser stands out like a sour thumb, which is counter to the expected result.

Browser fingerprinting with NoScript
Figure 5: Browser fingerprinting with Privacy Badger and NoScript plugins installed

On a KDE desktop, there’s an option in the System Settings that can be used to disable browser identification in Konqueror, the native KDE browser and file manager. It can also be used to give a fake identification to the browser.

 KDE Konqueror browser identification
Figure 6: KDE Konqueror browser identification

However, disabling sending browser identification is useless, as it still leaves your browser with a unique fingerprint.

fingerprinting test on Konqueror
Figure 7: Browser fingerprinting test on Konqueror

So despite all the browser tools and options that can be deployed and tweaked to give a browser a less unique fingerprint, nothing seems to make any real difference. And from what I’ve seen so far, the more plugins installed and the more options enabled/disabled, the more unique your browser becomes. It’s like getting your phone number on a “Do Not Call” list. To learn a bit more about this topic, the EFF has some suggestions here.

Related Post:  Getting Started with Swift on Linux

Share:

Share on facebook
Facebook
Share on twitter
Twitter
Share on pinterest
Pinterest
Share on linkedin
LinkedIn

Hola! Did you notice that LinuxBSDos.com no longer runs network ads?  Yep, no more ads from the usual suspects that track you across the Internet.  But since  I still need to pay to keep the site running, feel free to make a small donation by PayPal.

Subscribe for updates. Trust me, no spam!

Mailchimp Signup Form

Sponsored links

1. Attend Algorithm Conference, a top AI and ML event for 2020.
2. Reasons to use control panel for your server.
3. DHgate Computers Electronics, Cell Phones & more.

17 Responses

  1. I have Fedora 17 installed and it installed the Firewalld daemon during the initial clean install, I didn’t think I was installing a beta version either, which some say came with Firewalld, but that the final version of Fedora 17 should not have had Firewalld in it as there was no gui configuration tool at the time.

    However there’s still no Firewall-config available to fedora17 users, so I’m stuck until I uninstall firewalld, to revert it to the old firewall setup and use System-config-Firewall.

    My other machines have clean installs of Fedora18 and they seem to be complete with Firewalld and the Firewall-config components as expected.

  2. firewall-config is listed in the comps groups for MATE, GNOME, KDE, Xfce, LXDE and Cinnamon in F18. I just checked. Consequently it will be included in standard installs of all those desktops. You must have done either an upgrade from F17 (though you would not be automatically switched from iptables to firewalld in that case: you must have done it manually), or a very unusual install of F18, to hit this. The only package group which actually includes system-config-firewall at all is the admin-tools group, which is not selected by default.

    1. After double-checking, the system was actually an upgrade from 17 to 18. Sometimes it’s difficult to keep accurate track of things with so many installs going on at the same time. But no, nothing was installed manually on the system.

      That said, I think FedUp should be able to handle upgrading everything on a system in the future.

      Btw, FedUp is a great tool. Already pitched it to the guys at ROSA Laboratory.

  3. Let’s see. You upgraded an older system that had system-config-firewall installed. When you ran it, it told you you have to use a different tool now. This is because the underlying system changed. It tells you what tool as well. So it looks like Fedora did a great job of upgrading your system and telling you what you should do for the new functionality.

    And in a clean install (as was mine) it installs the new tool by default, and it works.

    I’m not entirely sure what Fedora is doing wrong here. They provided a clear explanation of the migration path. What more could you expect ?

  4. What’s the issue? I never use these kind of tools for configs. I’d like to control what’s exactly in the config and the only way to do this is edit manually…

  5. I think this was an upgrade from a previous installation, but even at that, it speaks to the thoroughness or lack of FedUp or whatever upgrade script was used.

    Because even if this was an upgraded system, the whole point of an upgrade is to upgrade an installation – apps and all.

    1. Are you saying that if I upgraded a system that was running the old firewall application, that the upgrade script will not install the new script?

    1. Another possibility is an upgrade issue if previously system-config-firewall was the norm. I, too, found firewall-config present with a format and clean install of the root partition.

Leave a Reply to Eddie Cancel reply

Your email address will not be published. Required fields are marked *

Get the latest

On social media
Via my newsletter
Mailchimp Signup Form

Partner links

1. Attend Algorithm Conference, a top AI and ML event for 2021.
2. Reasons to use control panel for your server.
3. DHgate Computers Electronics, Cell Phones & more.
Hacking, pentesting distributions

Linux Distributions for Hacking

Experts use these Linux distributions for hacking, digital forensics, and pentesting.

Categories
Archives

The authors of these books are confirmed to speak during

Algorithm Conference

T-minus AI

Author was the first chairperson of AI for the U.S. Air Force.

The case for killer robots

Author is the Director of the Center for Natural and Artificial Intelligence.

Why greatness cannot be planned

Author works on AI safety as a Senior Research Scientist at Uber AI Labs.

Anastasia Marchenkova

An invitation from Anastasia Marchenkova

Hya, after stints as a quantum researcher at Georgia Tech Quantum Optics & Quantum Telecom Lab, and the University of Maryland Joint Quantum Institute, I’m now working on superconducting qubit quantum processors at Bleximo. I’ll be speaking during Algorithm Conference in Austin, Texas, July 16 – 18, 2020. Meet me there and let’s chat about progress and hype in quantum computing.