what is ETP>Custom>Suspected fingerprinters [A: FPP]

[privacyguy123]

Noticed this new setting pop up randomly and not sure where better to ask about it.

Any idea what this is doing under the hood?

[Thorin-Oakenpants]

It's FPP (finger print protection) and is enabled by default in ETP strict mode - see #1716

[privacyguy123]

It's FPP (finger print protection) and is enabled by default in ETP strict mode - see #1716

I would assume that running those settings on + addons like CanvasBlocker and JShelter is not recommended?

[Thorin-Oakenpants]

we currently use RFP so FPP is not used - RFP overrides it

if not using RFP, private browsing windows use FPP, otherwise ETP Strict also uses FPP - the exact releases these are/were/will-be hooked up is not worth me checking - e.g. FF119 hooks FPP to ETP Strict

At some point, arkenfox will move to FPP. i.e it will be on by default in all windows because we set ETP = strict. And RFP + letterboxing and webgl will be commented out - but users can add them to overrides and RFP overrides FPP. Simple huh!

And with FPP, when it's ready, it does what we want - it subtly randomizes canvas which is good enough for now for a Firefox threat model, and way more compat friendly. Over time FPP will add more and more protections. Hopefully they do something about webgl, because we'll never get that in the RFP world (at this rate, since TB just kinda nuke it)

And yes, when FPP is ready and we move to it, even CanavsBlocker will no longer be recommended

---

JShelter has never been recommended, it's a piece of shit - it's so ridiculously dumb (for gecko) it needs to be in it's own museum.

dumb

• randomizing audio when there was virtually no entropy to start with (it was OS + arm vs x86 diffs only) and now there is none (except arm vs x86) - AND audio is a smaller subset of the entropy in math, so it can be bypassed
  • ^ so utter failure to protect the entropy
• fucking with timing
• randomizing or spoofing (not sure which) plugins, mimetypes and pdfEnabled. There are only two possible results here - none or a hardcoded value. What is the point of trying to lie about this?
• lots of the BS and is UNIQUELY exposed in navigator by returning e.g. get - so dumb
• lots more is exposed in proxy lies
• they fuck with geo, which is gated FFS
• they have to kill service workers so they don't leak real values = breakage

extensions are fucking dumb for resisting FPing - end of story

[Thorin-Oakenpants]

lols (yes I changed the title)

what is ETP>Custom>Suspected fingerprinters

reminder #1334 do not ask about ETP Custom

[Thorin-Oakenpants]

also #1388 - JShelter is shit - my comments towards the end in several posts

[privacyguy123]

also #1388 - JShelter is shit - my comments towards the end in several posts

Interesting, I see that your website detects a lot of its changes while RFP is not detected ...

I rememeber in it's infancy RFP broke fucking everything and made browsing the web a chore and unfun - perhaps it's time to give it another whirl.

[Thorin-Oakenpants]

ok, so I don't want to get into a discussion about TZP, but it's changed over time, it's basically a non-stop prototype

RFP has never tried to hide itself, and RFP can always be detected. I am not marking RFP as lies because RFP doesn't actually lie - that's the real values actual values the browser code is returning. The exception being canvas, and I am going to remove those as lies, because I am testing for protection, not entropy. So you can see this RFP "detection" in the health checks, but probably the easiest way is to check timing has sub ms precision (and no other timing fuckery e.g. extensions) - but even then you can actually bypass RFP's timing with two prefs (not going to say which ones). But I am not trying to detect RFP as a boolean, that's pointless - because an RFP metric might change, or regress, or get disabled and we already have all the FP data

Also, I no longer bother to do bypasses. I only did this to show that a lot of "protection" is rubbish, mainly to show all those extensions were shit - bypasses were all done based on the current data, via JS, client side. In reality you can just do this on the backend. This saves a on code complexity

I also no longer bother to return a lot of stuff as lies, instead I just try to catch them in errors, e.g. if it's an unexpected typeof or an invalid value, or a timeout etc. All errors are in the errors FP, and the actual FP just returns "error". Errors are not lies, so it helps keep the noise down and simplifies code a little. And the errors help paint methods (e.g. "typeof error got array expected object").

Additionally, all the prototype and proxy lies are a fingerprint - it's not like I need to highlight each metric to show this

I also have a smart mode, a basic mode, and a blocked mode. So basically what this does is remove a lot of checks and code complexity by trapping a lot of nonsense as errors which also creates a fingerprint, and by simplifying checks to the current ESR cycle.

But don't let any of this let you think that things aren't what they seem. Fingerprints are a snapshot in time and are considered fuzzy, and all the data is there to bypass some (not all) extension nonsense or leaks, especially via service workers (I am yet to add this phase)

PS: if you don't know what a test is doing, then don't make assumptions

tl;dr extensions are SHIT at fingerprint protection and due to low usage just make you unique - always said you need to use built in browser solutions - see RFP (solid as FUCK but missing webgl), now FPP (which will grow protected metrics), Brave's Shield (also growing but getting quite mature - even if a lot of randomness is bypassed, it still protects the real value or reduces entropy)

[Thorin-Oakenpants]

I rememeber in it's infancy RFP broke fucking everything and made browsing the web a chore and unfun

It's only ever "broken" about 5 or 6 things

• canvas and you can add a site exception
  • personally I never have any breakage cuz I don't seem to use any sites that require it. OK, I lie, I added an exception for tor project forums and gitlab
• timing can cause yank
  • used to be about animations but that's fixed now at 60FPS, so the issue now is those with a higher frame rate can have issues with e.g. video playback and dropped frames etc
• alt keys for shortcuts or on some web apps like google docs
• mismatched headers/UA - soon to be fixed
• old version numbers (but you got that with ESR anyway) - fixed for about the last year

Things that are NOT broken (i.e the website is not broken). These are usability issues, not compat issues

• prefers-color-scheme = light
• timezone = UTC

Quite frankly, being on windows so no mismatched headers/UA, and having 60hrtz monitors, and not being into streaming services or using google docs or whatever - I have zero issues with RFP. That's why you make a choice, as per the wiki. If you can put up with what may break for you, then use it, if not then you have options

^ and of course that option will be moot/reversed, instead it will be we use FPP and the option is to upgrade to RFP + disable webgl + enable letterboxing instead if you can live with it - depends on how you look at it and one assumes you mask your IP, but for now I consider this superior with more protections, e.g. timing mitigations, no averaging of canvas for bypasses, etc

end of thread, please don't post anything else

[privacyguy123]

end of thread, please don't post anything else

sorry not sorry prefers-color-scheme = light is complete dogshit and devs need to 180 on their weird decision making behind it

[Thorin-Oakenpants]

@privacyguy123 dude, drop it. Tying prefers-color-scheme to RFP is exactly the thing that SHOULD be done

• read

• I am not interested in debating issues with non-experts

FYI: and I honestly don't know why I'm wasting time typing this, prefers-color-scheme is not an accessibility issue, it is a personal preference - if you can't handle it or understand why, that is not my problem. It's not even a global solution, providing dark + light themes is only arbitrarily used on a tiny fraction of sites (albeit some large ones) and often the dark theme is an afterbirth afterthought and quite shit TBH. If you need dark for accessibility, there is already the means to do that in settings and in your OS.