Killing the Botnet

Many of these require JS to use, which is why something lik uMatrix with default-deny scripts is so important.

Also the best way to deal with things like localstorage and cookies is to let sites put things there and then drop it all on the floor when the tab is closed.

Yes. It is used for data mining and ads. It's also the favorite way for governments to do surveillance, they don't need to pass laws or do anything illegal. Just let companies collect data and them come up with a meme excuse like terrorism, cp or piracy.

>Changes your fingerprint to some random one every X minutes, on every request or randomly.
No! It should just set the fingerprint to an immutable value. Changing randomly adds complexity and adds the additional treat vector of having to build a cryptographic secure random number generator.

This is why the Tor browser exists and why people also happen to use it for other protocols like i2p.

>No! It should just set the fingerprint to an immutable value.
Then you are going to be tracked. They just won't know your real setup.
An immutable value would be useful if everyone or at least a lot of people used it.
>Changing randomly adds complexity and adds the additional treat vector of having to build a cryptographic secure random number generator.
It doesn't. Any fucking thing has a secure a random number generator.

Citation needed. If you are a special snowflake you will be detained.

>amiunique.org/
>see idiots go to website
>website fingerprints browser/user
>congrats, you just got added to the botnet even if you didn't have a membership prior to visiting that site

I mean really, you fucking idiots never learn. All those websites that check most anything like browser security, browser identification, whether or not you're on some kind of email hacking database breach, and so on - the moment you go to one of those sites to get yourself "checked" you're just being added to yet another list to be cross-referenced.

>stupid fucking people will be the death of us all

>An immutable value would be useful if everyone or at least a lot of people used it.
That is what I am saying.

>It doesn't. Any fucking thing has a secure a random number generator.
It does add complexity and there are many real world examples of where random number generators turned out to be predictable.

Any website can do what that one is doing. For all you know, every time you load reCAPTCHA to post here Google could be fingerprinting you.

You want citation for the fact that proprietary software has government backdoors? There are the snowden leaks. But that is not the point, there can't be definitive proof that proprietary software have or do not have backdoors, exactly because it's proprietary. If you don't assume the worst you are a fool.

How am I going to be cross-referenced if they can't track me?

Literally any website can do the fingerprinting, that's why this website is there to warn you about this, and it's also open source and the source is available on github. And if your're talking about haveibeenpwned, then that site is made by a well-known security researcher. He would totally ruin his reputation by selling your data, not to mention that he already has ridiculous amounts of leaked crap from the actual breaches. Paranoid fuck.

>Many of these require JS to use
Precisely this.
Just block all the analytics scripts and you're (mostly) good

There are many that don't require JS. Do the test and look at the more detailed results.

>Do the test and look at the more detailed results.
Fairly sure when I tried it with JS blocked it didn't even show results.

That is still a way to track you. Disabled JS is uncommon + your user agent, language, timezone and possibly IP.

Meh I can't even remember the last time I saw ads so it's more or less valueless data.

I would be interested in a script that randomly browses in a semi-convincing manner to throw them off though
(also I don't fully buy that the randomization of all variables makes you more traceable that sounds retarded as fuck)

>Actually on Firefox
>Actually on Linux
>In 5min it'll say i'm on Chrome and Windows
Thanks Gorhill

>(also I don't fully buy that the randomization of all variables makes you more traceable that sounds retarded as fuck)
What do you mean? If you set all of them to a random value and forget about it they will be more or less unique and you can be tracked.
If by randomization you mean changing to common values every now and then, then it makes you less traceable.

>If by randomization you mean changing to common values every now and then, then it makes you less traceable.
Yeah this
>but user changing your signature all the time makes you more unique

Only if they know that you are changing your signature. And they can only know by the fingerprint, but you are changing that.

Think like using a mask and a fake ID for every different place you go. It is only suspicious if they know you are doing that.

>oh, it's that one guy switching user profiles. lmao, we've already ID'd him by his GPU and resolution

>you can effectively identify someone with only two of the most common parameters, one of which can be spoofed and both completely denied if no JS
gtfo strawman faggot

No. It spoofs that too.

It was just an example. There are a hundred other ways you are unique

Pro tip: disabling JS doesn't prevent that. Using Tor Browser with security setting at high does

>Pro tip: disabling JS doesn't prevent that.
Pro tip: It does, Tor minimizes your window so JS can't identify you easily cause most normie retards that use it don't disable scripts globally

>disabling JS doesn't prevent that.
go back to Sup Forums already

User agent is easy to randomize. IP can be handled by a VPN. I don't know about timezone, is there an addon that randomizes this? Language pretty much can't be helped, but en-us isn't exactly a unique identifier.

You could do your browsing in a VM and make your hardware look identical to everyone else using the same virtualization software.

>I don't know about timezone, is there an addon that randomizes this?
Yes. See OP.

>Pro tip: disabling JS doesn't prevent that.
It does.
Anyways also pic related for 'more'

I didn't know it did timezones as well as the useragent. cool

It randomizes all the fingerprinting. Check the list on their page.

I'm thinking of developing a VPN provider that charges on demand. You deposit a certain amount of bitcoins on it, if you use less than that it sends the remaining coins back.
Is there anything like that already?

Instead of refunding, why not just keep a rolling balance from a month to month basis and then when the customer runs out of BTC they have to deposit more for continued service? If they decide to cancel their membership then refund them.

There are providers that accept bitcoins, and other anonymous payment methods. But they all do so on the traditional $X/month basis, not on time connected or data transferred. Which makes sense if you think about it, since they have to maintain a certain amount of infrastructure to be ready for use, even if it doesn't actually get used.

That's a good idea.

my fonts gave me away

rip

Thanks

By rejecting anything proprietary!

TrueGNU~
>Skype-- No way! That's proprietary!

This
>mfw my amazing fonts give me away to the botnet

>TrueGNU~
>>Skype-- No way! That's proprietary!
Tell me that's not your '''signature'''

My fonts are default with the google ones that I got somehow. Hardly amazing. Still gave me out.

At first I didn't understand why that was there. Holy shit is this person autistic.

the one opera user left

>"Yes, you can be tracked"
>"Windows NT 6.3"
>actually using Linux
>second try
>"Almost"
>"Windows NT 6.1"
>mfw not even this website can fingerprint me

>amiunique.org/
Are you unique?
Almost! (You can most certainly be tracked.)

36.66 % of observed browsers are Chrome, as yours.

2.13 % of observed browsers are Chrome 52.0, as yours.

13.54 % of observed browsers run Mac, as yours.

4.94 % of observed browsers run Mac 10.10, as yours.

66.44 % of observed browsers have set "en"as their primary language, as yours.

But only 4 browsers out of the 307413 observed browsers (0.00 %) have exactly the same fingerprint as yours.
I win! None of this is true!

Linux rulez