Follow us

Testing your browser for fingerprinting resistance within seconds.

3 tools to test fingerprinting of your browser in 2021 and fingerprinting mitigation strategy from A to Z.

Updated: September 15, 2021 By Darina Shramko
Add comment

Title image for Testing your browser for fingerprinting resistance within seconds

Image source – freepik.com

Do you know you leave invisible fingerprints every time you open a browser page?

You've probably thought about cookies, but I'll surprise you − there is a much more dangerous technology that can become a devil's plaything in the hands of hackers.

When surfing the Internet, each time, we leave behind unique traces like fingerprints. These traces are browser fingerprints that identify us, our data, and our lifestyle.

According to the results of numerous studies, it has found that the accuracy of user identification using a browser fingerprint is 99.24%. Changing one of the browser settings reduces the accuracy of user identification by only 0.3%.

Well, make yourself comfortable, because we will have a fascinating conversation about what kind of electronic traces we leave and what to do to get out of the total surveillance system.

📑 Table of Contents

Disclaimer: All information provided in the article is published solely to inform Internet users about the possible negative consequences of using a browser fingerprint. Any illegal use and distribution of the article materials is prohibited by copyright rights.

What are browser fingerprints?

Browser fingerprint is a way to track data visitors on websites. Each site visitor has a unique identifier that use to initialize and collect user data.

It's beneficial for marketers and advertising companies: using digital fingerprints, it's easier to collect statistics about an advertising product and track the location and data of users.

The browser fingerprint contains a lot of information about the settings and capabilities of the user's browser.

In addition, the browser fingerprint allows sites to track behavioral patterns to subsequently identify users even more accurately (time spent on the Internet, clicks on links, search queries, etc.)

The uniqueness of a browser fingerprint comes down to the fingerprint of a person. But…People's fingerprints are collected by the police to investigate criminal cases, and browser fingerprints are automatically tracks without our consent.

Why is browser fingerprint technology needed?

The main goal of browser fingerprint technology is cross-platform site optimization. In other words, the browser fingerprint helps to customize the correct display of the site, regardless of what the user is using − a phone, tablet, or PC.

Also, one of the main reasons for using fingerprints in the browser is the data mining for ads that I mentioned earlier.

For example, advertisers can use browser fingerprints to recognize users with the monitor's low definition. Thus, these users will mysteriously begin to see advertisements for new laptops and computers with high definition.

The targeting accuracy when using browser fingerprints is much higher than when using cookies.

In general, the technology usage of cookies and browser fingerprints is very similar: these collect information about users (sometimes even for good purposes).

In addition to advertising purposes, browser fingerprint technology is needed to:

  • Botnet recognition. Early recognition of botnets is a helpful feature for banks and financial institutions. Browser fingerprints help distinguish user behavior from malicious activity.
  • Defining VPN and proxy users. Governments may use this method to track Internet users with hidden IP addresses (such as Internet scammers or cybercriminals).

The bad news is, browser fingerprints can use by hackers to hack devices. For cyber-criminals, this is easy: a hacker can create a phishing site using a fingerprint script.

As you can see, browser fingerprint technology has more disadvantages than advantages.

How browser fingerprint works

So, the working principle of a digital fingerprint is simple: your browser communicates with a web server when you request a website address. In a normal situation, sites and services assign a unique identifier to the user (for example, fh1d944gljflr172ff111xxf).

A unique identifier is a collection of random letters and a number that helps the server recognize you and associate your browser with you. Actions that you take on the Internet will be assigned approximately the same code.

For example: if you have a page on Instagram, all this data automatically associate with the same identifier.

Identification code ties to a specific device and is changing depending on which browser or device you are using.

So how do sites collect user data? I can say that this is a complex two-tier process that works both server-side and client-side. Let's take a closer look at these two methods.

How browsers tracking users data

Image source − arstechnica.com

Server-side

1) Site access logs

In this case, we are talking about the collection of data sent by the browser, namely:

  • Requested protocol
  • Requested URL
  • You’re IP.
  • User-agent

2) Headings

Your browser sends headers to the webserver. The headings are needed to make sure the requested site works correctly with your browser.

3) Cookies

We discussed with you a few months earlier how cookies work, so you remember that web servers always exchange cookies with browsers. If you specify the ability to work with cookies in the browser settings, they are saving on your device and sent to the server.

4) Canvas Fingerprinting

This method uses the HTML5 canvas element, which WebGL also uses to render 2D and 3D graphics in the browser.

Canvas usually forces the browser to process graphical content, including images, text, and other elements.

Once the process is complete, canvas fingerprinting turns the graphics into a hash, which becomes the unique identifier I mentioned above.

This method reads data from your device about:

  • Graphics adapter
  • Graphics driver
  • Processor (if there is no dedicated graphics chip)
  • Installed fonts.

Tracked data

Image source − Icdn.gologin.com

Client-side logging

Your browser is exchanging a lot of information using Adobe Flash, JavaScript, and cookies.

  1. Adobe Flash and JavaScript

If you have enabled JavaScript, then all data about plug-ins or technical characteristics of the equipment is recorded and transmitted to third parties.

With Flash, things are much worse because it collects everything about you, down to the small details:

  • Your time zone
  • OS version
  • Screen resolution
  • Complete list of fonts installed on the system.
  1. Cookies

The web server receives a sufficient amount of information about your device and search queries. Even if you disable cookies, sites will still receive some information about you.

3 best tools to test fingerprinting of your browser

Finding quality services to check your device's anonymity and browser fingerprint was not so easy, but I was still able to identify the top 3 free apps that know everything about your device (and even your time zone and battery status).

Cover Your Tracks

CoverYourTrack Main Page

Image source − coveryourtracks.eff.org

It is a free online resource that tests your browser for fingerprint and other data.

To test the browser, you need to click on a button on the main page and wait a few seconds while the data is processed.

As a result of the test, it turned out that my browser has a unique identification code.

Results of CoverYourTracks testing

Image source − coveryourtracks.eff.org

The app also provides all the detailed information about your browser and device. You can select any item from the list to find out all the details.

Results of CoverYourTracks testing

Image source − coveryourtracks.eff.org

I Am Unique

I Am Unique main page

Image source − amiunique.org

It’s a free online app that verifies the uniqueness of your browser fingerprint and provides all the data about your device.

Let's see how unique my browser fingerprint is:

Results of I Am Unique testing

Image source − amiunique.org

The Safety

The Safety main page

Image source − thesafety.us

It’s a helpful free online resource that tests your browser. The peculiarity of this app is that it warns you of possible danger and keeps statistics for each tested component (for example, how protected your browser is from third-party trackers).

I tested the Google Chrome browser, so it is not surprising that the utility informed me about a possible danger because, from my articles, you already know how insecure this browser is.

Results of The Safety testing

Image source − thesafety.us

How to protect against browser fingerprint identification

It is impossible to remove or block the browser fingerprint, but not everything is as fearfully as it seems.

I know of several methods that will help to neutralize the malware influence of the browser fingerprint as much as possible:

  • Pay attention to the Mozilla Firefox browser, which blocks reading a digital fingerprint. The browser system has built-in special utilities that block the actions of reading the browser's fingerprint, thereby blocking intrusive ads and keeping your data safe
  • Change the time zone on your device
  • To protect against Canvas fingerprints, install extensions that block the HTML5 Canvas element (for example, CanvasBlocker in Firefox)
  • Change the scale of web pages
  • Disable JavaScript in your browser, or configure the list of trusted sites where JavaScript will be allowed
  • Change screen resolution
  • To protect against digital browser fingerprint identification, mask browser and system information using utilities (for example, Random Agent Spoofer in Firefox)
  • Change your browser or OS language
  • Regularly clear your browser cache to remove saved ETags that transfer along with temporary files

I recommend:

  • Don’t use transparent non-anonymous proxies and low-quality VPN services
  • Don’t use the Tor browser without a VPN connection
  • Don’t use browser Turbo mode to ensure anonymity
  • Use special utilities to hide IP and encrypt traffic (for example, Privatix)

The Privatix VPN app

Image source – privatix.com

Conclusion

Data tracking methods are impressive in their unscrupulousness and insolence. Corporations are ready to keep people under control in all ways, without thinking about their boundaries.

We are already used to cookies, but a new problem has arisen − digital browser fingerprints, which cannot turn off or deletes. Moreover, many of us had no idea that the browser gave us a unique identifier that tracks our entire life.

One way or another, forewarned is forearmed. Now you know what data browser fingerprints collect about you and what to do so that their presence doesn't affect your security.

I hope that you have learned a lot of new and useful things for yourself! If you know other ways to test browser fingerprints ─ share them in the comments, it will be helpful for other readers and me.

I am happy to share my knowledge with you, so if you have any topics that you would like to discuss with me − let me know, please!

Don't leave fingerprints and be careful!

Tags: 
Data Protection
Author
Darina Shramko
Cybersecurity specialist and researcher.

Write a review

click to select