Reviews for CanvasBlocker
CanvasBlocker by kkapsner
412 reviews
- Rated 5 out of 5by zhaqenl, 6 years ago
- Rated 5 out of 5by Firefox user 13202285, 6 years ago
- Rated 5 out of 5by The Beard Below My Chin, 6 years agoNice works.
Please note I test the audio fingerprint at https://audiofingerprint.openwpm.com/ and it causes browser slowdown.Developer response
posted 6 years agoI know - this page is not written in a peformant way. You can test the audio fingerprint at http://kkapsner.github.io/CanvasBlocker/test/audioTest.html as well. - Rated 5 out of 5by Firefox user 14156124, 6 years agoNice works.
Please note it does not detect (and block) the code embedded in a url through the
"data:text/html" directive.
I don't know if this method it's exploitable in a web page
example: paste the following code on your navigation bar
(It's a dots wave single pixel plotter, so it uses getImageData and it works even if you block the readout API):
edit: sample code moved to pastebin (sorry, pasting the code here does not works):
https://pastebin.com/pFvdgKNNDeveloper response
posted 6 years agoGood point. I will see if this is exploitable. But please open an issue at https://github.com/kkapsner/CanvasBlocker/issues where we can discuss the implications and findings. Also communication is much easier there. - Rated 5 out of 5by GregDT, 6 years ago
- Rated 3 out of 5by Clemens Ratte-Polle, 6 years agoWhere can i test the success of CanvasBlocker?
Does it make problems with twitter header image upload?
i got probsDeveloper response
posted 6 years agoYou can go to http://kkapsner.github.io/CanvasBlocker/test/test.html and check if the displayed hash changes on every reload.
I know of no problems with twitter. But if you think that it is CB related please open an issue at https://github.com/kkapsner/CanvasBlocker/issues - there we can communicate much better. - Rated 4 out of 5by Jezze, 6 years agoDoesn't make my canvas fingerprint less unique. amiunique.org still tells me that my similarity ratio is below 0.1% which means I have a very unique canvas fingerprint.
Developer response
posted 6 years agoIn the default settings the canvas fingerprint is changed on every page reload (you can test that on http://kkapsner.github.io/CanvasBlocker/test/test.html). Yes - this makes the fingerprint unique but since it is not constant you cannot be tracked.
If you want further information/discussion please open an issue on https://github.com/kkapsner/CanvasBlocker/issues where we can communicate nmuch easier.
PS: similar issue on github: https://github.com/kkapsner/CanvasBlocker/issues/154 - Rated 5 out of 5by Firefox user 13835690, 6 years agoThank you for this extension (and for keeping it opensource). Nowadays it's getting harder and harder to get a sense of real privacy. CanvasBlocker + AdGuard for Windows + Privacy Badger + HTTPS Everywhere + custom user.js helps me feel safer on a growing data collection frenzy.
- Rated 1 out of 5by Mozilla Dev, 6 years ago
Developer response
posted 6 years agoPlease provide a reason why you gave one star. Maybe I can fix the issue or improve CB with your input. - Rated 3 out of 5by Firefox user 14072583, 6 years agoDoes not work according to fingerprint test at https://panopticlick.eff.org/
Developer response
posted 6 years agoWhat do you mean with "does not work"? Please open an issue at https://github.com/kkapsner/CanvasBlocker/issues where we can communicate better and therefore I can help better. - Rated 5 out of 5by ©®°˜, 6 years ago100% unique mean that is not really natural, canvas should not be unique but changed in order to be natural.
Unique canvas fingerprints will do much worse.
Is like you said you have a device that never exist.
To better understand how this work :
Google already have a full database with all kind of canvas signatures from all worldwide devices (iphone, android, computers, etc...), and if your canvas signature will not match on them database then you fail, it is a prove that your canvas is fake. If you try to spoof the signature then image pixel parameters will not match and again you fail so is almoust imposible to pass canvas.
On default settings may make it pass the google test.
For example google will not ask for SMS confirmation when a new gmail account is created because he trust the device you use.
Most of people must understand why unique signatures is bad practice and all softwares that spoof parameters will make traking services to detect the device much easyDeveloper response
posted 6 years agoPlease open an issue at https://github.com/kkapsner/CanvasBlocker/issues where we can discuss this. AMOs rating comments are too limited to have a good conversation.
One small comment on unique signatures: they are not bad by itself as long as they are not persistend (i.e. the timestamp you connect to the server is very likely to be a unique signature but it's not persistent). This is the case in the CB default settings. - Rated 5 out of 5by Firefox user 14039775, 6 years ago
- Rated 4 out of 5by Firefox user 14037398, 7 years ago
- Rated 5 out of 5by Gummi, 7 years agoCan't seem to get version 0.4.4b working with Firefox ESR 52.7.2, there's just no icon visible anywhere on the UI.
Edit: My bad! I remember that this addon had an icon before but nowadays it hasn't. Works great!Developer response
posted 7 years agoThis Addon does not have an icon that is always visible. Only a fingerprint icon is displayed in the adress bar when some canvas data was faked for the web page. You can test at http://kkapsner.github.io/CanvasBlocker/test/test.html
If you still think that it's not working properly try version 0.4.4a and open a new issue at https://github.com/kkapsner/CanvasBlocker/issues
EDIT: no problem. Glad that it works for you. - Rated 5 out of 5by Firefox user 13870378, 7 years ago
- Rated 4 out of 5by Firefox user 13224783, 7 years ago
- Rated 1 out of 5by Firefox user 13793914, 7 years agoNot good. Had partial protection before installing add-on. This add-on makes my browser 100% unique.
Developer response
posted 7 years agoYes, in the standard settings of CB the fingerprint that is produced with CB is quite unique but not persistent. That means the browser itself (and therefore you) cannot be indentified by it. (The same issue was reportet on github: https://github.com/kkapsner/CanvasBlocker/issues/154 - if you want further informations you can explore the issues there or post a new one.)
Also there are a lot of options which change the behaviour of CB (just mark the expert mode). If you want a less unique fingerprint you can use the "white" random number generator which will result in fingerprints similar to those of the Tor browser. - Rated 5 out of 5by Salsa, 7 years ago
- Rated 5 out of 5by containers-everywhere, 7 years ago
- Rated 5 out of 5by citizenserious, 7 years ago
- Rated 3 out of 5by #98374, 7 years ago