random-agent-spoofer icon indicating copy to clipboard operation
random-agent-spoofer copied to clipboard

Published 20 hours ago verified publisher icon dillbyrne

Fails fingerprintjs2 has_lied_browser

Open tanoanian opened this issue 8 years ago • 5 comments

Hi,

fingerprintjs2 is an open-source browser fingerprinting library that can detect Random Agent Spoofer easily.

Looking at the code it does this with the user agent.

Can this be fixed?

tanoanian avatar Jan 24 '17 16:01 tanoanian

For me everything works well with fingerprintjs2 (here is the official test page: https://valve.github.io/fingerprintjs2/), i.e. RAS protects well the identity.

anatoli26 avatar Feb 16 '17 07:02 anatoli26

Are you using script injection? I use that test page and I get has_lied_browser=true

On Thu, Feb 16, 2017 at 12:47 AM, Anatoli [email protected] wrote:

For me everything works well with fingerprintjs2 (here is the official test page: https://valve.github.io/fingerprintjs2/), i.e. RAS protects well the identity.

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/dillbyrne/random-agent-spoofer/issues/520#issuecomment-280257134, or mute the thread https://github.com/notifications/unsubscribe-auth/AYJ10Oo874JDP6ltjkeSO3IisQ99r4F6ks5rc_8ngaJpZM4Lsd_c .

tanoanian avatar Feb 16 '17 15:02 tanoanian

Sorry, I misinterpreted what you said. Yes, it detects that the OS and browser (when UA changed accordingly) are not the real ones.

has_lied_os = true
has_lied_browser = true

You are right, it should be investigated, the code of the library is open.

anatoli26 avatar Feb 16 '17 22:02 anatoli26

Though, I would NOT be worried too much about this, as the idea is to prevent exact tagging/IDing you, not to perfectly spoof all the parameters, i.e. if the lib can't identify you, but can say that you're cheating, that's OK for me, though some sites may wish to ban you/flag suspisious for this.

More worrying is the hardware/computer fingerprinting at http://www.uniquemachine.org. The only way I found to protect from this is by disabling WebGL AND canvas. I don't mind disabling WebGL, but disabling canvas breaks some sites.

anatoli26 avatar Feb 16 '17 22:02 anatoli26

I've found canvas breaks sites as well.

On Feb 16, 2017, at 3:22 PM, Anatoli [email protected] wrote:

Though, I would NOT be worried too much about this, as the idea is to prevent exact tagging/IDing you, not to perfectly spoof all the parameters, i.e. if the lib can't identify you, but can say that you're cheating, that's OK for me, though some sites may wish to ban you/flag suspisious for this.

More worrying is the hardware/computer fingerprinting at http://www.uniquemachine.org. The only way I found to protect from this is by disabling WebGL AND canvas. I don't mind disabling WebGL, but disabling canvas breaks some sites.

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or mute the thread.

tanoanian avatar Feb 16 '17 22:02 tanoanian