How Dangerous is it?

I understand why you would do this below the surface web, but how dangerous is it to browse the web with a maximized browser day to day?
Is pixel counting a common problem?

Other urls found in this thread:

trac.torproject.org/projects/tor/ticket/7255
browserspy.dk/screen.php
twitter.com/NSFWRedditVideo

?

Apparently if your browser is maximized some people can use your browser as a "window" to count the pixels of your monitor and use that information to triangulate you or something

Tell us why browsing with a maximised browser is dangerous please.

Don't most people have the same resolution monitor?

>Apparently
>or something

Thanks for the info bro.

you stick out more by not having your browser maximized you dolt
99.999% of the internet leaves their browser maximized

>they count the pixels
>"he must have a 1080p monitor"
>this leads to you getting hacked

???? ??? ???????? ???? ??????

there's plenty of sizes beyond 1080p. and the window size will end up different on different OSes and configurations, since the amount of space the taskbar and the like take varies.

its a fingerprinting vector. This is why the Tor people tell you to not maximize the window.

Requires JS to do though, so kill JS and you kill this fingerprinting method. Random Agent Spoofer is the only way I've found to spoof it. I think RAS is dying in the Webextentionocalypse though, and idk if a webextention is able to implement spoofing this at all.

I just hacked you, nice 1920x1080 monitor bro, teach you to mess with me....

I guess the idea is that if you were to do something illegal and you got caught, they could compare the size of the full screen window to the resolution of your monitor as evidence to try to prove that it was you on that specific machine that accessed the site. It really just doesn't matter unless you're doing something shady and you're afraid of the big bad Faggot Bureau of Incompetence.

Alright, that makes more sense. Isn't it just as bad or even worse to have it at a static window size though? You'd have to change the window size every time you loaded a new page for this to be effective, right?

t. brainlet

I think the window size thing is like
>16:10 high res
>We know he's using Apple
>16:9
>He's probably a regular windows user.

The idea would be that you set it to something common, if the window size you want to use isn't. Or you just have it rotate the values it reports every X minutes or requests, like some people do with spoofing useragents.

ps, this is a less-common fingerprinting vector than many others, so worry about it after you've worried about cookies, ad and script blocking, canvas fingerprinting, font enumeration, etc.

Just install an extension that spoofs your window size. Also your timezone, performance characteristics, canvas ID, etc.

It's dangerous because it makes it easier to identify you, and connect you to your browsing history.

Just use some addon

Yes you can estimate the screen size from Javascript on websites.
No there's no reason to care anyone does that. It tells them nothing but the screen size unless you have the most unique screen size in the world and that's publicly available information. And even so. So what? A person identifying you can only tell that your window was a certain size. Not that your window was maximized. It'd be easier to track you through having gotten this silly idea that getting a relatively unique window size by manually sizing it. Having some standard size makes you less identifiable.
>tor people tell you to not maximize
I'd like you to point out which tor people so I can go and have a laugh at you with them.

>just install some addon
That's even worse. If you thought the window size issue was an issue then this should just be bells and whistles. Frankly when you're at this paranoia level you should assume these are people aiming to put out a trend and track you through their addon.

>I'd like you to point out which tor people so I can go and have a laugh at you with them.
here's a bug about it
trac.torproject.org/projects/tor/ticket/7255

>Using an unusual screen resolution was sufficient to identify me uniquely to panopticlick. With my portrait mode screen resolution of 1200 wide by 1920 high, the default window size of 1000x1765 was unique, no resizing or maximizing needed.

OK. So that's people encouraging the reverse. That's fine. It's just op being stupid.

This is how Terry Davis got staryed

Window size is just used in browser fingerprinting to track users, it tracks the user by checking if the size is unusual or unique (something that a majority of
browserspy.dk/screen.php users don't have).

...

Did you read that from TOR or something?

What the fuck

>what's a user agent

what's a spoofed useragent?

That can be the case, but is only one factor amongst many. Fonts are a much bigger factor in fingerprinting most browsers.

It's relevant to the Tor Browser Bundle because that browser attempts to be specifically hardened so that all users of the TBB present the same fingerprint - changing the window size could potentially help to differentiate you from the anonymity set then, although your actual IP address etcetera would still be protected by Tor.

On the regular web, use uBlock Origin to block ads. That also blocks the usual fingerprinting scripts.

I'm not afraid because I'm not doing something illegal.

Just buy a new monitor every week

>javascript in tor

not on tor

...

It only forms one part of the browser fingerprint, one that is shared by a large portion of people browsing the web. If you are careful about other fingerprint sources it won't matter.

It is just one of many identifying traits of your browser fingerprint. I think JavaScript automatically detects your whole screen resolution, so I don't think maximizing the window would be dangerous.

The Tor Browser is modified so that websites recognize only the pixels of the browser, thus making it dangerous to maximize (this is irrelevant if you have JS disabled, making detection impossible). So yeah it only matters if you're using Tor.

What if my taskbar is a pixel taller than yours?
Or the borders of my windows? Maybe I don't use scrollbars, maybe they're a little narrower?

if your business is being completely anonymous while browsing the web why would you have javascript on anyway?