| ▲ | ArcHound 4 hours ago |
| You missed one of our best guarded secrets: ja3 hashes and their successors. Basically, we can identify browsers based on the supported ciphers in TLS handshake (order matters too AFAIK). Then when your declared identity is not matching the ja3 hash, you're automatically suspicious, if not blocked right away. I think that's the reason for so many Capchas. |
|
| ▲ | peetistaken 3 hours ago | parent | next [-] |
| I built a nice tool to visualize that: https://tls.peet.ws.
Its not that secret anymore though, more and more libraries are starting to allow spoofing for browser tls configs.
There isnt really a cat/mouse game here - once you match the latest chrome, there is nothing to fingerprint |
| |
| ▲ | johnisgood 3 hours ago | parent [-] | | I do not think I understand that website. I see that JA3 always gets changed after refresh, but not sure what JA3 is. Why is it always different, and is it good or bad? | | |
| ▲ | Retr0id 3 hours ago | parent [-] | | Modern browsers randomise parts of the handshake, which results in an unstable ja3. ja4 and others normalize the relevant details to make the fingerprint constant again. | | |
| ▲ | johnisgood 2 hours ago | parent [-] | | How effective is it at "un-anonymizing" me? I value privacy. What do you think I can do about "any" of this? | | |
| ▲ | Retr0id 2 hours ago | parent [-] | | It tends to identify your platform/browser version, with relatively low granularity. Unless you have an unusually rare OS/browser config, it won't deanon you on on its own. But it can be combined with other fingerprinting vectors. |
|
|
|
|
|
| ▲ | mike_d 3 hours ago | parent | prev | next [-] |
| JA3/JA4 are useless now. At best they identify the family of browser, and spoofing it is table stakes for bad actors. https://github.com/lwthiker/curl-impersonate |
| |
| ▲ | ArcHound 2 hours ago | parent [-] | | Slight correction: Spoofing it is table stakes for ever so slightly capable actors. These will still help against the masses of dumb actors flooding your stuff. |
|
|
| ▲ | 1over137 4 hours ago | parent | prev [-] |
| What’s ja3? |
| |
