Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
gruez 2 days ago

>Random User-Agent Switcher

Don't bother. User agent spoofing is easily detectable and it's trivial to figure out your real user-agent based on js implementation differences or TLS fingerprinting. All this does is get you banned/flagged by security vendors, on top of sticking out like a sore thumb.

>Canvas Blocker

>Font Fingerprint Defender

Also easy to easy to detect because randomized values will put you in the bucket of "uses privacy extension" users, which is probably a smaller bucket than whatever hardware profile you're on (eg. macbook pro m3 14").

Beijinger 2 days ago | parent [-]

Maybe.

>>Random User-Agent Switcher >Don't bother. User agent spoofing is easily detectable and it's trivial to figure out your real user-agent based on js implementation differences or TLS fingerprinting.

JS is blocked by default on my browser.

>Canvas Blocker >Font Fingerprint Defender

> Also easy to easy to detect because randomized values will put you in the bucket of "uses privacy extension"

Hm. How are they going to detect it is randomized? They would have to identify me first again as the same user and then conclude I randomize these values.

gruez 2 days ago | parent [-]

>JS is blocked by default on my browser.

The major browsers can still be differentiated via default headers and TLS fingerprints, none of which requires js. Moreover if they're inconsistent you'd get flagged with "spoofs user agent", which makes you more identifiable than something like "firefox on mac".

>Hm. How are they going to detect it is randomized? They would have to identify me first again as the same user and then conclude I randomize these values.

Because a given canvas/font metrics value should return the same result given the same graphics hardware/font set. If you randomize the results it basically guarantees that your fingerprint has never been seen before. This might seem like a good thing (because you're randomized every time), but any competent fingerprinting implementation is just going to flag you as "spoofs canvas/font information". The point isn't necessarily to identify you as any particular user, it's to use the fact you're spoofing canvas/font/user-agent to fingerprint you further.