You really shouldnt need all of these extensions, and the more extensions you use the more fingerprint able you are. May I suggest stock LibreWolf/IronFoxn or Mullvad Browser instead?
No, I’m talking about extension detection being used as part of the process to fingerprint your browser to identitify you as a unique person.
That’s used to track you across websites for ad targeting and other shit such as but not limited to sites displaying different prices to different people based off information they’ve gathered on you and connected to your unique fingerprint.
Fingerprinting effects a lot more than the ads you don’t see due to blocking them and bot detection. Please read up on it more instead of running with assumptions.
This makes sense for extensions that respond to and directly process and interact with page elements, such as Flash or Silverlight.
This makes absolutely no sense if the app has no ability to load or interact with anything in the page. If there is no interactivity - and why would there be, with simple blocking? - there is nothing for an external script to “grab”.
Which security add-ins, an external script can tell - at most - that an in-page element was not loaded by the web browser, but then anyone doing the tracking needs to contend with the dozen-plus add-ins that have the capability to block an element like that. The exact add-in is still not identifiable, only the class or type of add-in that has the functionality to block said element.
I have read through a number of white papers that explore this technology, and to a T,
This is still largely experimental and proof-of-concept
Is still primarily meant to block bots that are trying to mimic humans, and to ensure that the site visitor is actually a salty bag of mostly water
Can only identify apps that are explicitly designed to produce a response, as a core aspect of their purpose and design. Which, by default, fails to include almost all security-based add-ins, which behave more as “black holes” that have never been designed nor have any capability to respond to external queries.
So when a website bitches about you having an adblocker installed, the site cannot tell WHICH ad-blocker is installed, only that ads are not loading because it is not getting any telemetry from them.
So the website cannot track you by your installation of uBlock Origin unless it has that mix of ads that uBlock’s particular DEFAULT blocking pattern can be identified with. And since you can add or remove black lists at will, this becomes an infinite game of whack-a-mole for anyone trying to track you. Plus, other adblockers can load the same black lists, giving the exact same pattern for any website not loading ads from many dozens of different sources.
I believe installed extensions are directly query-able through javascript or html5
The requirement for this is that those extensions need to directly interact with - and respond to - page elements.
Security add-ins are a “black hole” in that the vast majority of them only block, they don’t interact. There is absolutely no way for a website to tell which ad-blocker is installed from purely the ad-blocking component itself. Provided the add-on is constructed properly, it should never respond to any code either on the client-side or server-side, it should only block the browser from not even requesting certain assets in the first place. In fact, a good adblocker should be indistinguishable from a failure of DNS in providing the IP address of the ad server.
The list above is the vast majority of my add-ins. I don’t use any which are sufficiently duplicated in the browser or which are not required for enhanced security.
I am not one of those people with multiple dozens of add-ins.
You say you aren’t one of those people but i genuinely dont believe most of those extensions are needed if youre using hardened Firefox (LibreWolf/IronFox/Mullvad Browser/Tor)
You really shouldnt need all of these extensions, and the more extensions you use the more fingerprint able you are. May I suggest stock LibreWolf/IronFoxn or Mullvad Browser instead?
Problem with multiple adblockers is more with inefficiency and breakage. Use multiple solutions only if they don’t overlap.
Missed Privacy Tweaks, did ya? Look closer.
It lists these tweaks, none of which I understand to have anything to do with extension detection/fingerprinting:
So you’re talking about bot detection and bot denial of a website, then.
Well, I’m not a bot.
No, I’m talking about extension detection being used as part of the process to fingerprint your browser to identitify you as a unique person.
That’s used to track you across websites for ad targeting and other shit such as but not limited to sites displaying different prices to different people based off information they’ve gathered on you and connected to your unique fingerprint.
Fingerprinting effects a lot more than the ads you don’t see due to blocking them and bot detection. Please read up on it more instead of running with assumptions.
This makes sense for extensions that respond to and directly process and interact with page elements, such as Flash or Silverlight.
This makes absolutely no sense if the app has no ability to load or interact with anything in the page. If there is no interactivity - and why would there be, with simple blocking? - there is nothing for an external script to “grab”.
Which security add-ins, an external script can tell - at most - that an in-page element was not loaded by the web browser, but then anyone doing the tracking needs to contend with the dozen-plus add-ins that have the capability to block an element like that. The exact add-in is still not identifiable, only the class or type of add-in that has the functionality to block said element.
I have read through a number of white papers that explore this technology, and to a T,
So when a website bitches about you having an adblocker installed, the site cannot tell WHICH ad-blocker is installed, only that ads are not loading because it is not getting any telemetry from them.
So the website cannot track you by your installation of uBlock Origin unless it has that mix of ads that uBlock’s particular DEFAULT blocking pattern can be identified with. And since you can add or remove black lists at will, this becomes an infinite game of whack-a-mole for anyone trying to track you. Plus, other adblockers can load the same black lists, giving the exact same pattern for any website not loading ads from many dozens of different sources.
https://www.privacyguides.org/en/browser-extensions/
Please give this article a read
Notable section from the Wikipedia article linked there as “stand out”:
I’m not well versed on it, but I believe installed extensions are directly query-able through javascript or html5 on sites loaded by the browser.
The requirement for this is that those extensions need to directly interact with - and respond to - page elements.
Security add-ins are a “black hole” in that the vast majority of them only block, they don’t interact. There is absolutely no way for a website to tell which ad-blocker is installed from purely the ad-blocking component itself. Provided the add-on is constructed properly, it should never respond to any code either on the client-side or server-side, it should only block the browser from not even requesting certain assets in the first place. In fact, a good adblocker should be indistinguishable from a failure of DNS in providing the IP address of the ad server.
Preaching to the choir.
The list above is the vast majority of my add-ins. I don’t use any which are sufficiently duplicated in the browser or which are not required for enhanced security.
I am not one of those people with multiple dozens of add-ins.
You say you aren’t one of those people but i genuinely dont believe most of those extensions are needed if youre using hardened Firefox (LibreWolf/IronFox/Mullvad Browser/Tor)