So I got CanvasBlocker to secure myself from WebGL fingerprinting, but it seems every single revealing menu on sites like B&H just stop working. I have no clue which feature to tweak to restore the original functionality. This is getting incredibly annoying.
1 Like
Noscript has the ability to block/accept WebGL and WASM per domain.
It depends on the site, but personally, I haven’t encountered any functionality issues with WebGL blocked. Of course, that’s just my experience.
So the problem is probably more than just WebGL.
It’s more that I wish to use WebGL and prevent it from fingerprinting me, but at the same time not be inconvenienced elsewhere on the web. Like I’m for it only applying to WebGL and not the rest of the web, but there’s no “only apply to WebGL” toggle in CanvasBlocker.
Failing that, what’s the toggle to make sure hover over menus work as intended? Because hovering over menus and hovering over links reveal a link, but once clicked they only click what’s behind the menu every time. This is the most annoying aspect of CanvasBlocker.
Browser fingerprinting only really matters if your operational security is poor. Focus on improving your OpSec so it won’t matter if your ghost is fingerprinted.
The irony is also that by avoiding fingerprinting by disabling canvas for example you put yourself in a very small minority which in turn makes you very easy to fingerprint.
Yeah, so I don’t want to go overboard with protections, just enough for WebGL specifically. The built in protections with image scrambling in firefox are just a little too strict.
It’s only browser developers that need to worry about hardening browsers against fingerprinting. The best users can do is find a large cohort to blend in with. Even using browsers hardened against fingerprinting by default like tor, mullvad, brave or librewolf puts you in an extremely small cohort making their use for the purpose of avoiding being fingerprinted questionable at best and counterproductive at worst.
When it comes to avoiding being fingerprinted the last thing you want is to single yourself out by tweaking any remotely detectable setting. All that accomplishes is making you that one user with uniquely tweaked settings negating any need to use canvas to fingerprint you because you’ve already provided a unique fingerprint.
If canvas was the only source of fingerprinting data then disabling it would be effective protection but it’s not so it isn’t. Practicing OpSec is really all you can do.