I’ve been worried about this since Google switched to it in Feb this year.
Apparently the short answer is “you can’t”. Which is terrifying. Surely some clever peeps out there can find a way round it (for normies)?
It’s not that you can’t at all, it’s just that you’d either need to give up a lot of the functionality of a lot of sites or at least reduce the usability of many sites and your browser or configure whitelist and such for every site manually and deal with breaking changes when websites update.
using the tor browser is the easiest and most practical solution. while they CAN fingerprint the tor browser, its the exact same fingerprint for everyone making tracking it effectively meaningless, and you get a random IP to boot.
the problem is some sites block it and you have to insist a bit.
You can. Librewolf with canvas blocker, turned on in settings, Chameleon, and uBlock and/or(?) JS blocker like NoScript. Edit.
Canvas blocker and a JS blocker limits a lot of what Google can see and fingerprint per page. And you’ll be shocked at first how many pages have google trackers that a JS blocker kills. It’s easier to turn things on one at a time than claw back data once it’s out of your hands.
Chameleon spoofs a lot of other details, like browser, system time, languages, headers, etc. So for what can be seen, it’s always changing and harder to corroborate. This plus moving VPN locations is what is needed.
Also, TOR does the job, but not the most fun internet experience.
i think neither method is fun. tor is more practical (and more private) than hooking and configuring a bunch of extensions that may or may not work well into firefox imo.
i use tor to be annonymous, and a regular browser for trusted sites or ones not working without JS/blocked on tor. i tend not to use sites that are too annoying about blocking tor unless i really need it.
Canvas blocker is redundant with Librewolf’s protections (privacy.resistFingerprinting), same with JS blocker redundant with uBlock Origin. You make yourself more fingerprintable. It is better that you first understand what protections you have and why before adding new addons that increase attack surface. The features you are looking for are included already.
You’re correct. I was thinking of how I have Floorp set up.
CreepJS doesn’t see NoScript as an extension and only catches me if I don’t switch IPs. Time zone is also worth adjusting of one is serious.
Instead of canvas blocker, check out JShelter.
There only problem being that 90% of webpages fail to load properly without JS, not to mention the ones that depend on features that aren’t available LW enhanced protection enabled. Each page I visit, I have to create exceptions or they sit there blank.
Of course, and I’m saying that while turning JS on for Bob’s website is maybe acceptable, leaving it turned off for gstatic, googleadmamager, etc. also on Bob’s website is easier than the other way around. Layers of defense. Don’t count on canvas blocker.
Though this is just for what you want to obscure. It doesn’t make any sense to openly interact with Google or Meta products with all this going on. Use for your socials, anything tied to your name or face, regular vanilla FF with containers for safety. Let G associate that IP/geography and fingerprint with what you HAVE to do publicly visible. Then you close FF, change VPN locations, and open private mode Librewolf. It’s full plausible deniability. Or use TOR, same same.
Convenience and security are a trade off. Find the balance that works for you based on your threat model. It’s different for everyone.
And to test whether this works you can visit
How do I read/use this site? What’s important?
Load it and it fingerprints your browser. You can add a signature to that fingerprint.
Make whatever changes you want to make to resist fingerprinting and reload the page. If it displays your signature then it has identified you, if not then your changes worked.
Ideally, every page refresh would generate a new unique fingerprint so the page can’t link you to the last time you loaded the page (which is what tracking is, essentially)
The site also displays all of the data that it can see, for advanced users
And I pass this test, plus the EFF cover your tracks test, and AmIUnique, all the time.
The Mullvad browser is supposed to help to avoid fingerprinting. Mullvad Browser link
You can’t, but this helps
Librewolf with anti fingerprinting turned on
Or https://addons.mozilla.org/en-US/firefox/addon/canvasblocker/
It’s possible to block it to a large extent, but quite inconvenient. People don’t like inconvenience.
It’s not just inconvenient, it literally makes large parts of the internet inaccessible, even important and useful parts that are not just memes and SoMe.
some?
Burn your fingerprints
is it possible to burn them out permanently?
You can, turn off your devices and go outside.
