Browser fingerprints

What fingerprints my browser lefts in web.

 

 

browser privacy FINGERPRINTS with browser and Net security|lower

Check your browser for leaked fingerprints

1. Use browserleaks.com for test leakage.
2. How do they get browser fingerprints:
2.1. Server side.

It analyses IP4, IP6(android) and HTTP.
It checks location of your ISP (internet provider).
It checks by HTTP header address of previous web-page (referrer).

How to disable referrer?
In firefox about:config -> Network.http.sendRefererHeader set to 0; Network.http.referer.XOriginPolicy set to 2; Network.http.referer.spoofSource set to TRUE
JavaScript also reveals referer by document.referrer object.

It checks your system language.
DNT (Do not track) is an useless feature.
Http header also sent (User Agent) it says what browser you use and what operation system.
There is also Sec-CH-UA in header. It shows Browser and OS.
Header’s Sec-Fetch-Site shows if request from another website or from the same website. It could restrict access from outside.
Sec-Fetch-User shows if user initiate request. Probably it helps detect bots. Need to research how it works deeply.
Sec-Fetch-Mode helps to detect how user requested a page. Probably it helps in a bot detection.

2.1.1. Cookie saves some user identification info in key-value manner.
2.2. TCP/IP could shows somehow:

OS type detection its covered in nmap.org OS detection methods;
Shows how many hops (it potentially could help to recognize VPN if distance too big);
MTU is a pocket size in bytes. Path MTU discovery techique uses ICMP and allows server to calculate hops (tracert works same manner)
TCP could shows the time of the last reboot. Block ICMP echo replies to protect from it.
If one open and one closed TCP port found. OS detection probably impossible in this case.

2.3. Pages theoretically could realize TOR detection. It isn't a technique but csv file with TOR ip addresses listed within.

JS

3.1 JS referer. F12→console→document.referrer // I’ve already showed how to disable it in the browser prefernces (see above).
3.2 JS tells all screen information to web page. JS object named window. window.innerWidth and  window.screen.width show width.

window.screen.colorDepth

4. To prevent leak of DNS use DNS-over-HTTP

DNS 89.233.43.71 (Danmark)
91.239.100.100

HTTP REQUEST ANALYSE

22.1. First of all I have to analize HTTP request.
22.1.1. Accept field of HTTP request. // “q=” means how big is priority of the parameter. It could be between 0 and 1.
22.1.2. Accept encoding field of HTTP. // Supported compression format.
22.1.3. Accept-language field of HTTP. // browser's lang settings.
22.1.4. Connection field of HTTP. // ‘keep alive’ means TCP session keeped alive. So other HTTP requests can be executed without new TCP handshake. HTTP1.0 uses “close” value.
22.1.5. DNT is useless and not supported parameter.
22.1.6. Cache-control // max-age=0 same to no cache.
22.1.7. Device-memory:4 // Tell server how much RAM you have. My default Apache doesn’t recognize this parameter
22.1.8. Content-Length field of HTTP // Size of request header + payload of HTTP request.
22.1.9. Content-Type field of HTTP // If it’s JSON then content-type will be application/json. It’s same as Accept and could be set in form parameter enctype = “”;
22.1.10. Date field of HTTP // But this parameter sends somehow actual time and date. I have to figure out how it generated in browser.
22.1.11. Cookie field of HTTP request // It sends only cookie associated with the server (not always true). They were obtained previously from this server. It allows server to identify that HTTP request came from the same browser. To check which cookies is saved on your browser use Development tools->Storage->Cookies
22.1.12. Downlink field of HTTP // It is Internet connection speed in Mbps. Intresting how browser gets the value.
22.1.13. DRP field of HTTP // It is pixels ratio. Screen atribute.
22.1.14. ECT field of HTTP // Effective connection type. It is declare type of your internet connection 4g or 3g.
22.1.15. RTT field of HTTP // Round-trip time in miliseconds.
22.1.16. SEC-CH-UA field of HTTP // Browser type and version.
22.1.17. SEC-CH-UA-MOBILE field of HTTP // It reveal type of your device Mobile or Desktop.
22.1.18. SEC-CH-UA-PLATFORM field of HTTP // Reveal OS type.
22.1.19. SEC-FETCH-DEST field of HTTP // Security feature "to protect somehow from Cross Scripting Attack".
22.1.20. SEC-FETCH-MODE field of HTTP // Security feature (metadata) "to protect from Cross Scripting Attack".
22.1.21. HOST field of HTTP // Participated in routing procedure. It contains domain name and port number. If several domains hosted on the same IP address.
22.1.22. ORIGIN field of HTTP // It is not mandatory fild. I have no idea what is difference with referer.
22.1.23. REFERER field of HTTP // URI of previous page.
22.1.24. Upgrade-Insecure-Requests field of HTTP // I think it tells to server “I want to use https”. But it looks like another useless fingerprinting parameter.
22.1.25. SEC-FETCH-SITE field of HTTP // Another useless metadata.
22.1.26. X-REQUESTED-WITH field of HTTP // This fields used by Ajax.
22.1.27. USER-AGENT field of HTTP // Reveals browser, version, operation system, desktop or mobile.
22.1.28. To spoof user-agent you can use browser addon. But it is silly to spoof UA because there are a lot of different ways to check your browser and OS.
23. Intresting fact. Browsers support protocol QUIC which is google alternative to TCP. We all know what google is. So QUIC needed to be switched off. I have to figure out in future.
24. If you are wonder how to do a HTTP request. Use JS:

    var re = new XMLHttpRequest();
    re.open('GET', 'someURI.php');

    re.setRequestHeader('Someparam', 'Somevalue1');
    re.setRequestHeader('Someparam', 'Somevalue2');
    re.send();

25. It is possible somehow to restore cookies after removal.

JAVASCRIPT FINGERPRINTING

26. To get previous visited page from JS use document.referrer
27. To get user’s screen parameters (resolution, width, height, depth) from JavaScript use window.screen
28. To get date use new Date;
29. To check user-agent use navigator.userAgent
30. To get browser language use navigator.language
31. To get internet bandwidth use navigator.connection.downlink
32. To get internet connection type use navigator.connection.effectiveType //4G or 3g for example
33. To get round trip time in ms use navigator.connection.rtt
34. To get device RAM memory use navigator.deviceMemory
35. To get DoNotTrack flag use navigator.doNotTrack
36. To get location of device use navigator.geolocation. To get geolocation use:

if (navigator.geolocation) {
        navigator.geolocation.getCurrentPosition( function (position) {
                    _userInput['jsGeo']=position.coords.latitude + " " + position.coords.longitude; }
                   );}

But it takes too much time. I have to figure out why.

37. To get how much processor’s cores user has use navigator.hardwareConcurrency
38. To get information if pdf viewer is enabled use navigator.pdfViewerEnabled
39. To get OS type use navigator.platform
40. To get vendor use navigator.vendor
41. To get battery use navigator.getBattery().then(battery => batterylevel= (battery.level)); use batterylevel variable
42. To get battery use navigator.getBattery().then(battery => charge = (battery.charging)); use charge variable
43. To get list of plugins use navigator.plugins to get summary use for:

let is of navigator.plugins { plu += is.name+" "; };

WebRTC Leak

44. WebRTC use Camera, speakers and microphone for streeming purpose. It connect your device directly over IP and could see your real IP also it could check uniq ID of your mic and camera (only for Chromium browsers like Opera, Brave, Chrome).

Canvas.

45. It is possible to detect browser and OS type and even GPU by way of canvas draw some text.
46. Palemoon has about:config → canvas.poisondata feature that generates different canvas each time.

WEBGL

Browser’s tool for 3d graphic used to fingerprinting like canvas.
47. But the hash from WEBGL doesn’t depend of browser. So it is uniq for device.
48. To disable in firefox // about:config→webgl.disabled →true then  about:config→webgl.enable-webgl2 →false

FONT

It detects which fonts are installed. And measure size of rendering text for different fonts. It is browser specific.

TLS

It somehow analize TLS(ssl) hello request and generates hash.

GEOLOCATION

49. To spoof your geolocation use Developer Console → more tools → Sensors

49.1. Browser could access wifi and check nets around. By means of this exact geolocation could be obtained.

API

50. window.history.length tells you how many entities user has in history.

51. Mouse wheel could be used to fingerprinting by scroll speed measure
52. Chromium web browser can access Bluetooth adapter and explore other bluetooth devicer around you. So it compromize privacy of your location.
53. Browser also logs devices connected by USB. If you use same usb mouse or usb memory card on different machines you are compromized.
54. In Chromium to hide local IP address from WEBRTC use chrome://flags/