On Librewolf i go 17.48 bits of information, on TOR browser 10.32 bits, but on Tails I managed to get only 9.3 bits.
It constantly gives me 17.5 bits on several browsers firefox, nyxt, gnu icecat, librewolf…
Number of bits can also depend on your UI scaling, resolution and timezone.
Default Google Chrome embedded on Android with nothing configured and googled up.
17 bits.
9.3 bits / 1:628.3
(ipadOS / safari)…how do they quantify 3/10 of a bit?..
They probably give entropy value, average number of, yes or no, questions that are needed to identify You. (Guess all the information that your browser provided)
With Vivaldi
Didn’t know Vivaldi had this capability, I just used it because it was the only decent browser with an on/off sidebar till zen
Your browser fingerprint appears to be unique among the 183,951 tested in the past 45 days.
Currently, we estimate that your browser has a fingerprint that conveys at least 17.49 bits of identifying information.
well shoot my mobile failed that test lmao
I got 17.5 on my Desktop Firefox lol
I got 17,49 as well!
I got exactly that number too, but also when I looked at the detailed results section lots of it was incorrect. It got that I was on some sort of Linux and using some sort of FF variant, but things like time zone, plugins, screen resolution and system fonts were all wrong.
So sending out 17.49 bits of largely identifying bullshit is still okay I think lol.
Could it be that the browser shares false information on purpose?
Vanadium: Your Results Within our dataset of several hundred thousand visitors tested in the past 45 days, only one in 61101.0 browsers have the same fingerprint as yours.
Currently, we estimate that your browser has a fingerprint that conveys 15.9 bits of identifying information.
Am I wrong to assume trying to blend in is a worse and contradictory strategy than trying to actively protect yourself from tracking?
If you want to not be unique, use default setting chrome without adblock. Your browser will look just like anybody else’s, but they will literally know who you are.
On the opposite side of the spectrum, you lock everything down and spike as a very special browser and… that’s all they know.
But then they can know a lot more since they don’t even need to drop a cookie to track you. But that’s a different threat model.
Privacy vs. anonymity
Right. The question is whether they can attach what they know to an identity. Depends on your threat model which goal you need to achieve.
I get 8.44 bits (1 in 347.34 browsers). I use Firefox with Arkenfox user.js applied on top, with some of my own custom overrides.
However, I think the biggest factor could be because I have Ublock Origin set to medium-hard mode (block 1st party scripts, 3rd party scripts and 3rd party iframes by default on all websites), so the lack of JavaScript heavily affects what non-whitelisted websites can track. I did whitelist 1st-party scripts on the main domain for this test (coveryourtracks.eff.org), but all the ‘tracker’ site redirects stay off the whitelist.
I actually had to allow Ublock Origin to temporarily visit the tracker sites for the test to properly finish–otherwise it gives me a big warning that I’m about to visit a domain on the filter list.
If you have canvas randomisation turned on (firefox) you’ll always be unique but also not traceable between sessions.
How do you turn on canvas randomisation in Firefox? I can’t seem to find anything about it.
I found this in about:config, defaults to true apparently:
privacy.resistFingerprinting.randomDataOnCanvasExtract
But you have to enable
privacy.resistFingerprinting
for it to work first. I enabled that and now the EFF test says “randomized” for the hashes but also Lemmy went from dark to light theme somehow.privacy.resistFingerprinting breaks a lot more than just themes. Many of the weird problems reported in Firefox (and forks) are just from enabling it.
It has some pros but also TONNES of cons. Everything from a completely blank page to wrong timestamps to poor textures and so much more. Sometimes you will be flagged as a bot and prompted with literally infinite puzzles, thus effectively banning you from a website.
Some of these problems get fixed but new ones also get born. I personally use it but I also expect breakage and worse performance.
Yup, canvas is heavily weighted in this test based on the results.
Your browser fingerprint appears to be unique among the 183,996 tested in the past 45 days.
:(
Despite having strong protection according to these results, I always get unique fingerprinting from them. Which is scary.
Edit: Now I tried Tor on my desktop and got:
Within our dataset of several hundred thousand visitors tested in the past 45 days, only one in 628.7 browsers have the same fingerprint as yours. Currently, we estimate that your browser has a fingerprint that conveys 9.3 bits of identifying information.
"Your browser fingerprint appears to be unique among the 183,614 tested in the past 45 days.
Currently, we estimate that your browser has a fingerprint that conveys at least 17.49 bits of identifying information."
Chat am I cooked?
Same result here. I’m using Gnome-web, which is already pretty niche, so that probably really lowers my score.
Huh mullvad browser got me the lowest. 10.44 bits and a non-unique fingerprint.
Compared against:
- Firefox with arkenfox user.js (macOS)
- Tor (macOS and android)
- Vanadium (android)
- Cromite (android)
- Mull (android)
I do a vast majority of my browsing on my phone, unfortunately. Vanadium scored the best, but it not having extensions (dark reader is a must) and the navigation bar not being movable to the bottom of the screen keeps me on Mull.
I don’t love using mullvad for day to day browsing as I can’t whitelist specific cookies to retain. Don’t love having to re 2fa daily.
What would be considered a high score on this? Is 16 too high?
If I tried twice and I got a unique id both times, does it mean Firefox is covering my track ?
if it ran the test again, I’d say yes. but if it just reloads the result page, doesn’t mean anything