| ▲ | codedokode 3 hours ago | ||||||||||||||||
Does it hide GPU name that is exposed via WebGL/WebGPU? Does it hide internal IP address, available via WebRTC? > block all third party content It's not going to work, because the fingerprinting script can be (and is often served) from first-party domain. Also imagine if browser didn't provide drawing API for canvas (if you would have to ship your own wasm rendering library). Canvas would become useless for fingerprinting and its usage would drop manyfold. And the browser would have less code and smaller attack surface. | |||||||||||||||||
| ▲ | drnick1 3 hours ago | parent | next [-] | ||||||||||||||||
> Does it hide GPU name that is exposed via WebGL/WebGPU? Does it hide internal IP address, available via WebRTC? My GPU is reported as simply "Mozilla" by https://abrahamjuliot.github.io/creepjs/. The number of cores is also set to 4 for everyone using this config and/or Tor. > It's not going to work, because the fingerprinting script can be (and is often served) from first-party domain. This may be true, but allowed third party content makes it trivially easy for Google and others to follow people around the Internet through fonts delivery systems among others. | |||||||||||||||||
| |||||||||||||||||
| ▲ | dminuoso 2 hours ago | parent | prev [-] | ||||||||||||||||
If I infiltrate someone else’s computer, secretly run code in order to to exfiltrate data I risk prison time because objectively it seems to satisfy criminal laws over where I live. How do prosecutors in any modern country/state not charge this behavior when done by a website owner? | |||||||||||||||||
| |||||||||||||||||