Those of us who use Tor are probably already concerned about privacy. So, in that sense, are you aware of your browser fingerprint?
For those unfamiliar with the term, browser fingerprinting is a method of tracking web browsers by the configuration and settings data that they make available to websites. This type of tracking reveals a considerable amount of information about you, whether you realize it or not.
We Know Everything About You…
There are a number of sites where you can check to see if your device has a unique fingerprint, as well as what kind of information you’re sending out about yourself. One of the better known ones is Panopticlick, by the Electronic Frontier Foundation.
Panopticlick, in a nutshell, tests whether or not your browser blocks tracking ads, invisible trackers, and other sorts of trackers.
If you then decide to view the details of the results, Panopticlick will display those in a chart. The chart shows such information as your screen size and color depth, limited supercookie test, browser plugin details, and time zone.
Of course, Panopticlick is only one such site that can test your device fingerprint, and some actually do more thorough tests than others.
JonDonym also offers a free fingerprinting test that actually goes into more detail than the Panopticlick test. Their tester can be found at IP check.
If you aren’t protected by any sort of anonymizing software or privacy enhancement, IP Check will show your true IP address, location, and user-agent (web browser and operating system), among other information. (Someone I know described this as “Panopticlick on steroids.”)
Besides these two fingerprint tests, there are others. Two you may want to try are Am I unique? and Browserprint (which is based on publicly available code from “Am I unique” and Fingerprintjs2, another open-source test.)
While you could write separate articles on each of these, here’s a quick summary. Like Panopticlick, Am I unique tells you how much you stand out based on what browser you’re using, which OS you’re running, what language you’re configured to use, and other settings.
If you so choose, you can view your fingerprint in detail as well. Browserprint, in the same vein, will try to determine if you have a unique fingerprint. Before starting the test, you can specify if you’re using a VPN, spoofing part of your fingerprint, etc. Like the others, it will reveal a lot about your machine!
All this to say – it’s a little scary how much information your device and/or browser can reveal about you. So, your next question may be, “How the hell can I protect myself?”
There are a number of ways, as a matter of fact.
If you try the Panopticlick test while using Tor, particularly at the highest security setting, it may say “Your browser has an almost-unique fingerprint.” (At least that was my experience.)
Part of the reason that the Tor browser reduces the uniqueness of your fingerprint is because by default, it includes the NoScript extension, which I’m sure most Tor users are familiar with.
Granted, some sites won’t function properly with NoScript running, which is why it has a whitelist function for particular sites. It also protects against attacks like Cross-Site Scripting and Clickjacking.
You can also install NoScript on a standard Firefox browser, and it will serve the same function that it does on Tor.
Anyhow, the basic point is that the more you appear to be like everyone else on the internet, the less of a unique fingerprint you have.
Suggestion: A Privacy Userscript
There is another tool which I came across that does not involve Tor, but can enhance your privacy while using Firefox.
Specifically, it’s a privacy-enhancing userscript for Firefox, developed by blacklight447.
Are you familiar with the term userscript? If not, it refers to an open-source licensed add-on for a browser that can change a web page as it’s loaded.
That being said, what this particular userscript does is to block some unsafe crypto-suites in Firefox, as well as blocking a number of standard scripts from running. It can be found at GitHub: blacklight447’s Firefox privacy enhancing userscript
While this userscript doesn’t provide full anonymity, it is an improvement over the standard Firefox browser settings.
For those of you who use Freenet, the same userscript is available on there as well – Freenet: blacklight’s privacy userscript. If any of you have a chance to try this out, feel free to share your experience in the comments.
JonDoFox and JonDo Proxy
As mentioned above, JonDo offers a number of privacy-enhancing tools (some of which are free, and some which you have to pay for). I’m more of a fan of the free stuff, personally.
Among these is JonDoFox, a profile for Firefox that’s optimized for anonymity and security. While it’s not as secure as using the Tor browser, it’s definitely an improvement. JonDoFox automatically uses the JonDo Proxy by default, as well as NoScript and a few other plugins.
So you may want to check this one out as well.
You Haven’t Seen Me…
These browsers and userscripts are just a few of the many tools that can reduce your browser fingerprint. It is, of course, something that’s good to become aware of, especially if you’re concerned about who’s tracking you and your browsing habits.
Or did you never wonder why those same underwear ads keep following you on every website you visit?