Prevent Canvas Fingerprinting either by disabling JavaScript, noscript or using our anonymizing proxy. The in more secure cases dynamical assigned
IP enables the complete access into the internet, while the
browser-UA only can provide the identity of a surfer through online registrations. Special
DNS allow uncensored use of the internet. Both,
IP and DNS, can be exchanged with an anonymizing proxy server (like the one of Gooken), while an UA-specifier can be configured in the address-line of a browser like firefox by typing in "about:config", followed by a value for "general.useragent..." .The
location resp. the city where you surf from might be visible, although its precision might has changed. The location is listed regardless from JavaScript on http://www.meine-aktuelle-ip.de, enpossibled by the browser or the built-in IP-databasis of programs like whois and GeoIp (up from free edition) in websites. "Notice that only the IE supports the Active-X-technology. anonymising.com interpreted the data as follows:
Mime-Types are supported by some
plugins only. The
screen resolution provides like many other listed data more identifying information and gives hints about the monitor like flatscreen for the estimation of time spending among with the computer (to avoid reductions, enlargements and reorders of websites, fonts, videos and images, Gooken recommends the common resolution of 1024x768 Pixeln (4:3), 1152x768 (3:2), 1280x720 (16:9), 1280x768 (15:9), 1280x1024 (5:4) and 1280x800 Pixeln (16:10 screens) and so on). But this fact has changed during the last years for the declining prices of monitors and the usage of notebooks.
Active-X, here only related to IE, is considered as one more weak point in security matters. It should be also always deactivated like
JavaScript. If you deactivate JavaScript, the built-up of websites and its functions can be annoying incomplete, especially for the usage of "Web 2.0". JavaScript still has got an important part. In combination with other data, the target group of the surfer can be found out by the
operating system. If you use Linux, you are probably more a tinker than by the choice of MS Windows, and many graphic designer use MAC/OS. Firefox market share has increased so much to see in the OS a higher meaning than in the browser. The test should demonstrate important facts for advertising purposed networks and data-octopusses. Most important part is served by the IP as there is only one the surfer pregiven, that can be combined by visits upon various platforms.".
Browser-Extensions: To the "one must have" most important OpenSource security browser extensions for Firefox and Opera, that are also part of Jondofox belong those ones we mentioned in our excurs.
Das Update der Firefox-Extensions wie
-
useragent-overrider (ff, enhanceable lists), SecretAgent (Firefox, Extension from Pale Moon ( http://www.palemoon.org ) , rotierende User-Agents, Hijanking-Protection, Javascript-OSCPU-Strings, etags&cacheing, proxy headers, Referer-Spoofing, Privacy-Tuning and more) or UserAgentSwitcher (ff, Pale Moon, enhancable lists) (analogous Konqueror through menu or configuration file /home/surfuser/.kde4/share/config/kio_httprc) .
-
noscript (Adblocker, rpm mit OpenSource src.rpm (el6, el7), recommended by NRW-TV 2013; includes Cross-Site-Scripting-Protection, ABE, Clear-Click-Protection, automatical exchange of http with https, secure Cookie-Managerment, ping-protection and so on) and
-
ublock-origin (recources bewaring, fast adblocker recommended by trojan-board.de, although it can leads to unknown traffic) and/or
-
adblockplus (ABP, rpm with belonging opensource src.rpm frorm alt-linux alt or mozilla-adblockplus-2.9.1-1 (fc28, fc27, el7, el6). Noscript: mozilla-noscript (fc28, fc27, el7, el6)) and
-
RequestPolicy(-Continued) against Cross-Site-Scripting and Cross-Site-Tracking by blocking website-intern server-traffic-exchange and
-
Privacy Protector Plus ( OpenSource ) against webbugs, tracking and more, not obtainable for Pale Moon, Block Content for Pale Moon only or privoxy (el6, el7, ...) (a website content like webbugs filtering local proxy) and
-
No Resource URI Leak: "Deny resource:// access to web content: We fill the hole to defend againt fingerprinting. Very important to Firefox privacy. A direct workaround for bugzil.la/863246.
Block access to resource:// URIs from the Web, block web-exposed subset of chrome:// URIs, restrict about:pages by default (for paranoids)" and
-
Decentraleyes: local emulation of decentralized networks: "protects against tracking by delivering a centralized content. Queries can not be receipt by networks like "Google Hosted Libraries", but they got imitated, so that the websites remain intact. It also adds regular content blocks:
• Completes already installed blocker like uBlock Origin or Adblock Plus etc.
- Supported networks: Google Hosted Libraries, Microsoft Ajax CDN, CDNJS (Cloudflare), jQuery CDN (MaxCDN), jsDelivr (MaxCDN), Yandex CDN, Baidu CDN, Sina Public Resources, und UpYun Libraries.
- Bundled resources: AngularJS, Backbone.js, Dojo, Ember.js, Ext Core, jQuery, jQuery UI, Modernizr, MooTools, Prototype, Scriptaculous, SWFObject, Underscore.js and Web Font Loader" and
-
Private Tab ( to use not only private windows but also private tabs )
-
RefControl (offers control about HTTP-refererer sent with the opportunity for their partial as much as general blocking and
-
Cookie Controller and
-
Link Cleaner cares for shortened URLs for copying through the removal of superflicious tracking-parameters and
-
Link Redirect Fixer and
-
Facebook-Container against tracking, at this time für Firefox >= 57 only: "Mozilla knows about the increasing care of facebook-user for their privacy and reacts with an Add-on "Facebook Container" deleting all cookies at first in conjunction with Facebook and logs them out. Next visit a container is created preventing from forwarding user behavior from outside the social network to Facebook. Links to other websites can be followed without getting stored. Altough this is not a protection against data abuse, it helps to gain more control about, what Facebook gets to know.".
-
Google-Container for Firefox >= 57 similar to the Facbook-Container
-
FireGloves (private mode only) and CanvasBlocker, in order to protect against Canvas-Fingerprinting and eventually.
-
Jondofox with
-
a running plugin like mplayerplugin
might contribute to secure surfing too
( everything except RequestPolicyBlockContinued can be downloaded as rpm-packages too ( recommended ) ).
Firefox Tuning for ensecuring and anonymization
Auf dieser Seite werden Einstellungen für den aktuellen Firefox ESR Webbrowser aufgeführt, die grafisch über die Firefox-Einstellungen, manuell in der erweiterten Konfiguration über about:config oder über Erweiterungen vorgenommen werden können. Die Einstellungen betreffen die Absicherung und/oder Anonymisierung der Browsernutzung sowie die mögliche Begrenzung der Firefox-Funktionen auf seine Kernaufgabe: Webinhalte anzuzeigen.
https://wiki.kairaven.de/open/app/firefox
These settings by wiki.kairaven.de are part of the profile-file
user.js in our excurs.
Software::Browser
Firefox takes over more functions from Tor-browser, PRO-LINUX, 05.12.2017
Im zu Ende gehenden Jahr hat Firefox einige Funktionen vom Tor-Browser geerbt, der seinerseits auf Firefox ESR basiert.
Mozilla Foundation
Bereits seit 2014 arbeiten Mozilla und das Tor-Projekt zusammen, um die Sicherheit von Firefox zu erhöhen. Seit den Nightly Builds von Firefox 50 fließen unregelmäßig Patches vom Tor-Browser zu Mozilla zurück. Einer der ersten Patches im Jahr 2016 betraf die Eindämmung von Browser-Fingerprinting. Weitere Patches folgten im Rahmen des "Tor Patch Uplifting"-Projekts. Alle diese Patches sind und bleiben laut Aussage von Mozilla deaktiviert und müssen vom Anwender per about:config aktiviert werden. Der Grund hierfür ist, dass manche der Patches restriktiv wirken und beispielsweise die Darstellung von Webseiten verändern oder blockieren.
Der Code von Tor-Browser entspricht zu 95 Prozent dem von Firefox ESR. Die restlichen 5 Prozent sind größtenteils Patches für Sicherheit und Schutz der Privatsphäre. Diese Patches für Firefox verfügbar zu machen verbessert nicht nur Firefox, sondern erspart dem Tor-Browser-Team die Arbeit, bei jeder neuen Version die Patches erneut zu aktualisieren, wie das Tor-Browser-Team berichtet.
Der erste Patch, der im Rahmen von "Tor Patch Uplifting" in Firefox 50 im August integriert wurde, war "
First-Party Isolation". Diese Funktion beschränkt den Zugriff auf Cookies, Cache und andere Daten auf die Domain-Ebene, so dass nur die Domain, die das Cookie oder die Datei auf dem Benutzersystem abgelegt hat, darauf zugreifen kann. Damit soll das Tracking von Anwendern erschwert werden. Bei Tor heißt die Funktion "Cross-Origin Identifier Unlinkable". Ein weiter Patch aus dem Tor-Projekt, der erst in Firefox 58 integriert sein wird, wenn dieser im Januar 2018 veröffentlicht wird, soll den
Schutz vor HTML-Canvas-Fingerprinting erhöhen.
http://www.pro-linux.de/news/1/25406/firefox-erbt-weitere-funktionen-von-tor-browser.html
about:config?filter=privacy.firstparty.isolate true
https://browserengine.net/how-to-enable-first-party-isolation-in-firefox/
It is known for years, that a hand full of geo data is enough for the identification of persons, netzpolitik.org, 23.07.2021
https://netzpolitik.org/2021/datenhandel-grindr-beendet-karriere/
Treasonable cookies
In spite of an anonymous IP cookies keep you identifyable.. Therefore torbutton deactivates all the collected cookies before you go surfing.
Firefox fängt jedoch wieder an, alle ab diesem Moment in der von der IP-Adresse her anonymen Surfsession angefallenen Cookies zu sammeln.
Bitte beachten Sie deshalb trotz Nutzung des Torbuttons, dass Sie vor jedem Ansteuern einer Seite, auf der Sie sich einloggen sowie sofort nach jedem Ausloggen aus solchen Seiten im Firefox "Extras / Private Daten löschen" ausführen, bevor Sie weitersurfen!
Andernfalls könnte die vorherige und weitere über Tor durchgeführte Surfsession inkl. evtl. weiterer Logins, wenn auch nicht Ihrer IP-Adresse so doch dem oft personenbezogenen Login zugeordnet werden!
Ansonsten birgt auch der Flash-Player entsprechende Gefahren (Flash-Cookies), falls mensch nicht beim Surfen über Tor auf diesen verzichten will und deswegen beim Torbutton die temporäre Abschaltung von Erweiterungen und Plugins deaktiviert hat.
https://www.selbstdatenschutz.info/anonym/
- Anonymize your browser and your IP-Adresse through anonymizing software.
- Use the newest version of Firefox allowing addons against Fingerprinting like FireGloves for Firefox (notice, actual version almost remains without any effects, rem., Gooken, 23.03.2018)
- Prevent the restoration of old tabs. The best you can do is to close the browser and to delete all data of the cache, before you change into another net.
- Prevent tracking through browser-default-settings and useful addons.
- Use proxies! With deactivated plugins as much as proxies no information were provided anymore- except monitor screen resolution, browser-history and the system time. Normal user still have got this fingerprint, but nevertheless he gets relativ invisible and unspecifically.
- Turn off JavaScript and Flash. JavaScript enables to read out installed plugins and fonts - but convince yourself, that some web-services can not be achieved anymore as a consequence.
- Block cookies during the surfing. This won´t be enough against fingerprinting, but stands for a standard of the "magic-hat-surfing".
Notice, that surfing with smartphones and tablets does only cause an individual digital fingerprint in some seldom cases for "natured" rare opportunities for their settings.<'BR>
https://www.trojaner-info.de/fingerprinting-verhindern/articles/browser-fingerprinting-verhindern.html
| BACK |
Page-load in 0.003 seconds