CyDec Security Anti-Fp

Stop trackers in their tracks.

What is it?

Anti-Fp is a Windows application that when combined with the browser extension provides the ability to change almost all aspects of your browser fingerprint.

Why should I care?

If you care about your privacy on the Internet, then you should be worried about how trackers and advertisers are able to follow you around the web. Your browser leaks a lot of information that can be used to create a unique fingerprint in order to record and monitor your browsing activity. This type of tracking does not require cookies and does not always require Javascript in some cases. The only way to truly defeat this form of tracking is with a tool like Anti-Fp.

Anti-Fp allows you to create custom fingerprint profiles that can be applied on a per-browser or per-domain basis. Anti-Fp currently supports 10 browsers so fingerprint management can be coordinated and synchronized across your browsing platforms.

Get Started

The first thing to do is download Anti-Fp. The current release is:

You'll also need to install the browser extensions. You can find these in either the Chrome and Firefox extension stores.

Extension

The browser extension is the key component of Anti-Fp. Without the extension, the application is not able to actually apply the fingerprints to the browser session. The browser extension works both with and without Anti-Fp running. However, there are limitations when Anti-Fp is not running or no valid license key has been provided. To learn more about the limitations, please read the Unlicensed section.

When Anti-Fp is running or a valid license is provided, then all the options become available. You can generate fingerprints, sync your fingerprints, configure wildcard domain assignments and unlock additional spoofing settings beyond the default values. In short, you'll have highly precise control over your fingerprint.

The following extension information is based on a licensed version. If running Unlicensed, then various features described here will not work.

First, let's examine the main form in the image above.

Starting at the top of the form, you'll notice a pulsing light in the upper-right hand corner. This is the connection indicator that tells you if the extension is currently communicating with the Anti-Fp application. When not connected, the status icon will be pulsing purple. When the extension is communicating with Anti-Fp the status icon will be blue.

Underneath the title bar is a list of tabs. The 'Status' tab is the main page. The 'Profiles' tab let's you control current fingerprint profile settings. The 'Domains' tab let you toggle settings of sub-domains of the current page. And the 'Sync' tab provides a way to validate your license key and sync your fingerprints.

On the left hand side you'll notice four power icons in a column. The first button toggles the global spoofing value. When it is light blue, then it is enabled. When it is gray, then all spoofing is disabled. The next power button is similar to the global setting except it only applies to the current tab while the one below that only applies to the current domain. The current domain can be seen to the right of the global power button. The final power button is to toggle alerts. When enabled, alert popups will be generated when Anti-Fp detects sites using possible fingerprinting functions. When disabled, alerts are still recorded for later viewing.

Underneath the global, tab and domain power buttons are links that will take you to a global, tab or domain toggle page, respectively. These toggle pages can be seen in the images below. The purpose of the toggle switches is to turn on or off a specific settings. Note that the profile must have enabled a specific setting for the toggle to work. If a profile did not use a specific setting then the toggle will have no effect.

From the 'Profiles' tab, we can see what profile is assigned on a per-domain, per-tab and global basis. These settings directly impact your fingerprint at a given time. Fingerprint precedence information can be found here. When you specifically set a profile in one or more overrides, then those values will be used regardless of other settings.

From the 'Profiles' tab, you can also generate two types of domain profiles. These are described in more detail below. Generated profiles are persistent. In order to remove a generated profile, you'll have to clear the override by setting it back to then 'No Override' option.

The extension popup window is useful for simple configurations but sometimes it is nice to have a full browser window for the options. To open the options, simply click the 'Settings' list item.

The first tab that you'll see when you open the options is the Alerts tab. When Anti-Fp detects a site that calls a monitored function, it will record details so it can be later reviewed. The listbox will be populated with the latest alerts so you can read more detail. These are ephemeral so they will be cleared when the browser is closed. Also, only licensed versions record details for later review.


The next tab is the 'Domains' tab. This is where you can add and configure domains. You can add domains before you first visit so your fingerprint is set or you can come back later and tweak values. To change spoofing values, simply click a domain in the listbox and the configured settings will appear. From there, you can assign override values (either a specific or generated profile) and toggle on and off specific settings.


The 'Matching' tab is similar to the 'Domains' tab except that here you can use RegEx patterns to match against domains. This is helpful where a domain has many sub-domains and you want a consistent profile against them. Only the licensed version supports pattern matching.


The last tab available is the 'Options' tab. This tab contains a number of settings that control aspects of Anti-Fp. From here, you can enter your license key to be validated or released and re-sync your IP address against the current location values. Other settings are available along with descriptions that describe what they do.


One of the settings under the Options tab is the Tab Profiles configuration. With this setting, you can control what profile is assigned when a new tab is created. This is helpful if you do not want to manually configure each new tab or set every single specific domain. This is similar to the Global override except that it provides a bit more control over the specific profile. There are three options that can be configured: random, round-robin and set specific. The values should be self-explanatory.

AntiFp.com

AntiFp.com is an online profile builder that is similar in function to the Anti-Fp application. Through the site, you can create new and modify existing profiles which are then synced to your account. Once synced, they can be loaded by the extension. The benefit of the site is that you do not need to install the application to create new fingerprints. While it doesn't give you per-browser or domain targeting, it is useful for users that do not run Windows.


You must have a valid license to use antifp.com. To login, simply use the email address that you used when purchasing the license and provide the 36-character license key. Once you login, your profiles will sync automatically. All of the controls are in the upper-right hand corner of the menu bar. From there, you can:

Create a New Profile
There are two options when creating a new profile.


The first is to create a blank profile. All you have to provide is a name.


The second method is to generate a profile. Like creating a blank one, provide a name but also check the switches of the categories you want Anti-Fp to generate random values for. There are seven categories of settings that control what will be generated. Specific spoofing items are listed under each category. You still have the option to modify or change any settings after they are generated.


Copy an Existing Profile


Load an Existing Profile


Delete a Profile
To delete a profile, simply load it and then click the trash can icon next to its name.


IMPORTANT

Changes are not automatically saved. You must click the 'Save' button in the menu bar if you want to save the changes. Also note, you do not need to manually re-sync unless you want to clear your changes.

Fingerprints

The whole concept behind Anti-Fp is to create custom browser fingerprints that can be applied to a specific browser or domain. On the main window of Anti-Fp with the Fingerprints tab selected, you will see all currently configured fingerprints along with their status.


To create a new fingerprint, click the Create button. This will open the Create Profile window as seen below.


Anti-Fp provides a high degree of customization. From here, there are almost 100 different settings that can be configured in order to create the exact fingerprint you desire. Many of the settings are self-explanatory and should be easy to understand what they are designed to spoof.

If creating initial profiles seems daunting, there is a simple wizard available. It will ask some high-level questions about what you want the profile to spoof and then generate values based on the answers. The resulting profile can then be further customized if desired.


Once you create a fingerprint, you have the option of sharing it with other Anti-Fp users and conversely you can download fingerprints created by other users. Once a fingerprint is shared, it is sent to Heilig Defense where it will be vetted and once approved it will be put on the server for download. You can share and sync fingerprints from the Sync page on the main window.


Note

Not all fingerprints that are shared will be added to the publicly available list. Heilig Defense evaluates shared fingerprints for completeness and uniqueness before adding them to the public list.


Fingerprints can be enabled or disabled. When a fingerprint is enabled, it is pushed to the extensions to be used. When it is disabled, then the extension will not use it.



Toggling fingerprint status is easy. You can simply highlight a fingerprint in the listbox and then select the button to set the appropriate status. You can also use the context menu from the task tray icon to do bulk enable/disable operations.

While creating a profile is the first step, before it is used by the extension it must be assigned to either a browser or a domain. To assign a fingerprint to a specific browser or domain, highlight the fingerprint in the listbox and click the Assign button. This will open the following window.


Here you can select which browsers you want the selected fingerprint assigned to along with any specific domains. Visited domains are reported by the extension to Anti-Fp so that you can easily select and assign fingerprints.

Most fingerprint settings provide three options: Block, Random or Set.

Block is pretty self-explanatory. Anti-Fp will simply prevent tracking code to access the particular value being blocked. It's important to note that blocking values may cause some sites to break. This is because most sites expect that the values will always be available and do not take error handling into consideration. Always test when setting things to block.

The 'Random' setting is similar to 'Block' except that instead of preventing the value from being accessed, the value that is returned is totally random for every request made. While this is great for preventing an accurate fingerprint, it's important to understand that randomized values can be a fingerprint in and of itself. Also, randomized values that do not fall within an expected range may cause site issues. Again, many sites do not expect unexpected behaviors and values and when they encounter them, the site fails.

The final option is the 'Set' option. There is some confusion about how 'Set' works especially in relation to AudioBuffer, canvas and WebGL. The value provided for 'Set' is nothing more than an offset or random number generator seed that will provide spoofed, yet consistent, results for every request. For canvas and WebGL, the 'Set' value uses a Red, Green, Blue tuple to represent the pixel color offsets that should be applied. For AudioBuffer and WebAudio, the 'Set' value is a number generator seed. The 'Set' value will not be the value that is returned by the Javascript function.

Precedence

Anti-Fp offers a number of ways to assign fingerprints to domains. This can be done explicitly through the application or can be done indirectly via an override setting. It's important to understand how a profile is set so that you can manage your fingerprints effectively.

Here is the order that the Anti-Fp extension uses when determining which fingerprint profile to use.
  • Domain override: If a domain override profile is set then it will be used on a specific domain regardless of other values. No other settings will be evaluated. This is a persistent setting.
  • Tab override: This is ephemeral to the life of the tab. All sites visited in the same tab will use the same profile. Once the tab closes, the tab override is cleared.
  • Global override: A global override profile applies to all domains in all tabs. This is a persistent setting.
  • User assigned: If you use the Anti-Fp application you can assign a number of profiles to a single domain. The extension will then randomly pick a profile from this domain-specific list.
  • Matched pattern: You can create simple wildcard domains (e.g. *.google.com) so that any domain that matches the pattern will be assigned a specific or generated profile.
  • Randomly selected from available list: If no overrides or assignments are set and nothing matches the patterns, then Anti-Fp will simply pick a random profile from the list of available profiles.
  • Random generated values: As a last resort, if no profiles are available, then Anti-Fp will generate a profile with random values. You can turn this off, in which case then no spoofing is applied and your fingerprint will not be changed.

Note that the randomly selected profile as well as the randomly generated value profile are not persistent. That means that each request will be assigned a different profile.

Browsers

Anti-Fp currently supports 10 browsers. Nine of them are Chromium variants while the last one is Firefox. As mentioned, fingerprints can be assigned to 1 or more browsers so that you can project the exact fingerprint you desire.


In order for Anti-Fp to distinguish between the different Chromium variants, the appropriate browser flag must be selected in the extension options under the Chrome Type header. If the appropriate browser is not set, then Anti-Fp will just think it is communicating with Chrome. This obviously will lead to unexpected results.

Domains

Per-domain targeting provides an extra level of precision for your anti-fingerprinting efforts. Assigning fingerprints to a domain is easy. Just like with the browsers, you simply select the domains you want a fingerprint assigned to.


When domain reporting is enabled, you will see the different domains you have visited when assigning fingerprints or when managing the domains. To make searching easier, the domains will filter as you type in the textbox. The Manage Domain window, as shown below, just allows you to add or delete existing domains.

If you have not visited a domain yet but know you would like to target it specifically, you can manually enter the domain in the provided input box to add it to the list.


You can also use regular expressions for domain matching. This gives you much more control and flexibility than with simple comparison. From the 'Domain Matching' window, as shown below, simply enter a valid regex and the options that should be executed when a domain matches. You can even test your regex patterns by clicking the 'Test' button and entering a domain address. Anti-Fp will let you know if any of your patterns match. Note that matching is sequential and the first match will stop the process. So, make sure to arrange your patterns as appropriate.

Generate Profiles

Anti-Fp can generate profiles in two different ways. The first is the 'Resist Fingerprint Profile' method. Firefox has an option called 'privacy.resistFingerprinting' that when enabled will return static values for common browser leaks. The specific details about this setting can be read about here but a partial list of protections include:

  • Your timezone is reported to be UTC
  • Not all fonts installed on your computer are available to webpages
  • The browser window prefers to be set to a specific size
  • Your browser reports a specific, common version number and operating system
  • Your keyboard layout and language is disguised
  • Your webcam and microphone capabilities are disguised
  • The Media Statistics Web API reports misleading information
  • Any Site-Specific Zoom settings are not applied
  • The WebSpeech, Gamepad, Sensors, and Performance Web APIs are disabled


While Firefox's implementation is useful, it is lacking because the values are always the same and the protections cannot be targeted per-tab or per-domain. Additionally, there is no similar option like this for Chrome. So, Anti-Fp can generate an enhanced 'resistFingerprinting' like profile on a per-domain basis for both Firefox and Chrome.

Here is a list of settings that are set when Anti-Fp generates a resist fingerprinting profile:

  • Canvas is blocked
  • CPU is set to either 2, 4 or 8 cores
  • Fonts are set to Windows 10
  • Gamepads are blocked
  • Geolocation is blocked
  • Language is set to US English
  • Network information is blocked
  • Plugin and mimeTypes are blocked
  • Random media devices are created
  • Referrer is set to trim
  • SendBeacon is blocked
  • SpeechSynthesis is blocked
  • Time zone is set to UTC
  • User-agent is set to latest Firefox or Chrome version based on the following templates
    • Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:{LATEST_FIREFOX_VERSION}) Gecko/20100101 Firefox/{LATEST_FIREFOX_VERSION}
    • Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:{LATEST_FIREFOX_VERSION}) Gecko/20100101 Firefox/{LATEST_FIREFOX_VERSION}
    • Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/{LATEST_CHROME_VERSION} Safari/537.36
    • Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/{LATEST_CHROME_VERSION} Safari/537.36
  • VR devices are blocked
  • WebAudio is blocked
  • WebGL is blocked
  • WebRTC is blocked
  • Workers are blocked

INFORMATION

Anti-Fp automatically queries both Firefox and Chrome servers for their latest versions. This allows Anti-Fp to create user-agent strings with the most up-to-date information.

The second type of profile that Anti-Fp can generate is based on user input. This type of configuration is only available for the licensed version of Anti-Fp. The following describes the available settings and what each option does.

  • Mobile
    • When enabled, a mobile user-agent, either Android or iPhone, is set. If not enabled, then a desktop top user-agent, either Windows or Linux, is set. The following show the possible user-agents that will be created based on the extension type and mobile option.

      Firefox Extension
      • Mozilla/5.0 (Android 10; Mobile; rv:{LATEST_FIREFOX_ANDROID_VERSION}) Gecko/{LATEST_FIREFOX_ANDROID_VERSION} Firefox/{LATEST_FIREFOX_ANDROID_VERSION}
      • Mozilla/5.0 (iPhone; CPU iPhone OS 14_2_1 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) FxiOS/{LATEST_FIREFOX_IOS_VERSION} Mobile/12F69 Safari/600.1.4
      • Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:{LATEST_FIREFOX_WINDOWS_VERSION}) Gecko/20100101 Firefox/{LATEST_FIREFOX_WINDOWS_VERSION}
      • Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:{LATEST_FIREFOX_LINUX_VERSION}) Gecko/20100101 Firefox/{LATEST_FIREFOX_LINUX_VERSION}
      Chrome Extension
      • Mozilla/5.0 (Linux; Android 10; SM-G981V) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/{LATEST_CHROME_ANDROID_VERSION} Mobile Safari/537.36
      • Mozilla/5.0 (iPhone; CPU iPhone OS 14_2_1 like Mac OS X) AppleWebKit/602.1.50 (KHTML, like Gecko) CriOS/{LATEST_CHROME_IOS_VERSION} Mobile/14E5239e Safari/602.1
      • Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/{LATEST_CHROME_WINDOWS_VERSION} Safari/537.36
      • Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/{LATEST_CHROME_LINUX_VERSION} Safari/537.36
  • Data Leak
    • When enabled, the following values are set:
      • Client headers are spoofed
      • Eval error results are spoofed
      • Favicons are blocked
      • HSTS protection is enabled
      • Math results are spoofed
      • Performance results are spoofed
      • SendBeacon is blocked
      • WebRTC is blocked
      • Workers are blocked
  • Display
    • When enabled, both the screen size is set to a random value and CSS filtering is turned on. The screen size will be either a mobile or desktop screen size based on if the mobile option is enabled or not.
  • Hardware
    • When enabled, the following hardware values are configured:
      • CPU is set to either 2, 4 or 8 cores
      • Gamepads are randomly created
      • Media devices are randomly created
      • Memory is set to 8GB
      • Network information is randomly created
      • Touchpoints are set to a random value
      • VR devices are randomly created
      • WebAudio values are spoofed
  • Hashables
    • When enabled, the following settings are randomized to create unique hash outputs:
      • AudioBuffer
      • Canvas
      • ClientRects
      • Plugins
      • WebGL
  • Headers
    • When enabled, the following HTTP header settings are configured:
      • Accepts are randomized
      • Encodings are randomized
      • ETag is blocked
      • Referrer is trimmed
  • Location
    • When enabled, the following location related settings are set in a consistent way to keep the values realistic. It is recommended that any location spoofing is tied to IP address syncing.
      • Date and time zone details
      • Geolocation values
      • Language values
      • SpeechSynthesis values are randomized

Sync

Anti-Fp provides two profile sync capabilities. One is syncing with our public profile repository and the other is syncing your personal repository. The public repository is controlled by Heilig Defense with a curated set of profiles. These profiles can be downloaded when you run Anti-Fp to get you quickly started. When you make your own custom profiles, you have the option of sharing them with us in order to grow our library. If the profile is complete and unique, we will add it to our repo.


We also offer a personal repo where you can store all your profiles. This repo is then accessible through the extension with a proper license. So, you can create profiles using the Anti-Fp application or through the antifp.com website and save them to your repository. These can then be synced to your extension.

Profiles will automatically sync on extension load. However, if you make changes to your fingerprint repo (either through the application or antifp.com) then you can manually re-sync your profiles. This can be done from the 'Sync' tab as shown in the image below.



Once you sync your profiles through your extension, you can then pick and choose the profile you want to use. You also have the ability to make some minor tweaks to the profiles. There are a number of areas that can be modified.

  • Date/Time
  • Geolocation
  • Language
  • Screen size
  • User-agent
  • WebGL Vendor and Renderer



Shredder

The Anti-Fp application has built-in file system cleaning to help protect your privacy beyond just spoofing fingerprints. The first capability to be released is deleting Chrome FLoC data.



Federated Learning of Cohorts, or FLoC, is Google's newest way to track your online browsing. While there has been a lot of pushback against FLoC, Google is still moving forward and with Chrome as the market leader it is likely inevitable that FLoC will eventually be widely deployed. However, FLoC data lives locally on your hard drive so Anti-Fp can delete saved FLoC data. While FLoC is still in testing, this should be equivalent to clearing cookies.

Anti-Fp can be set to automatically delete this data when Anti-Fp closes or the data can be manually deleted. You can have Anti-Fp delete the default profile's FLoC data or you can set the profile directories that should be cleared. The default Chrome user directory is generally found here:

%USERS%\AppData\Local\Google\Chrome\User Data\FLoC

If you use a custom profile location then you will need to specify where it is located for Anti-Fp to be able to delete the FLoC data.

Options

The Options tab on the main window provides access to a few settings that control Anti-Fp.


The user-agent listbox is simply a listing of all user-agents that have been reported by the extension to Anti-Fp. This is just provided so you can see what user-agent is currently in use and allows you to copy it if selected.

You can set the path where the database resides. You can clear the database, export configured fingerprints and re-import them at a later time. The database can also be password protected. This will encrypt the database with your own password. If set, the password must be entered successfully before Anti-Fp will load. The password can also be used to provide a little bit extra security by locking Anti-Fp. When it gets minimized to the task tray, the password will be required before it will display again. This is a simple security measure that can prevent other local users from modifying your Anti-Fp settings.

As mentioned above, domain reporting must be enabled in both the extension and Anti-Fp. If you do not want domains saved locally, then check the 'Do not save domains' checkbox.

A new feature added after version 1.2021.268.408 is the ability for Anti-Fp to automatically kill Chrome's software_reporter_tool.exe process. This process, as the name suggests, scans your system and reports data back to Google. Not only is there no easy way to configure Chrome to not allow this tool to run, when it does run it uses a huge amount of system resources.

Anti-Fp can monitor process activity and if it sees 'software_reporter_tool.exe' run it will automatically kill the process. In order for this feature to work, Anti-Fp must be run as administrator. If Anti-Fp is not running with admin privileges, you'll notice that the checkbox option is disabled and an information icon is shown that tells you the same message. You can also set Anti-Fp to automatically start with Windows.

Proxy/VPN

If you use a proxy or VPN, it is important that your fingerprint matches the IP address details. For example, if you use a proxy based in Germany, you need to ensure that your time zone is set to Europe/Berlin and that your language settings contain de-DE.

Anti-Fp contains the ability to sync your current IP address with the relevant details and automatically apply them as an override to the current profile so that you don't have to manually change these settings when your IP address changes.

Note that this functionality is only available when you are running the Anti-Fp application or if the extension has a valid license.

Alerts

When enabled, the CyDec extension will notify you when it detects that certain fingerprinting functions have been called. While it is not definitive, detection of the functions can provide a warning that a tracker is attempting to fingerprint you. CyDec is configured to alert on the most common functions used for fingerprinting but it is not an all-encompassing list.

In addition to writing a message to the console, CyDec will also display a notification. The notifications use the built-in browser notification functionality which is a toast-style message that will appear in the bottom corner of your screen. If notifications do not appear, it is likely to be a browser settings issue.


When alerts are enabled while Anti-Fp is running, you can see the history of all recorded alerts by right clicking the task tray icon and selecting the 'Alerts' menu. That will open up the alerts window which simply shows the category of the possible fingerprinting, the actual function that was called and the domain where it was detected. If domain reporting is disabled in the extension then this field will be blank.

Icons

There are a number of icons that are used to display status information about the current Anti-Fp state, both in the application as well as in the extension.

For the application, the first is the task tray icon.



The task tray icon provides access to a context menu through a right click. Double clicking the icon will bring Anti-Fp back from a minimized state. From the context menu, you can exit Anti-Fp, access the license form to enter a valid license key and open the feedback window to send bugs, comments or suggestions to Heilig Defense. Also from the context menu is the ability to quickly enable or disable profiles. This can be done at a global level, at the browser level or at a domain level. Note that if password protection is enabled, the context menu is only available when the main window is visible.

When Anti-Fp is initializing, the task tray icon will be animated. Once Anti-Fp has everything setup will the icon go to the normal static state.

In addition to the animated task tray icon, you can also tell the status of Anti-Fp by looking at the indicator icon in the top left corner of the main window.


In order for Anti-Fp to communicate with the browser extensions, it must setup a local listener. It currently uses port 61006 which was just a randomly chosen port number with no significance. This port, like all port numbers, may conflict with other software. In most cases this would be a browser. If Anti-Fp cannot open that local port for its own use then it will not be able to communicate with the extensions and the status of the communication is shown with the status icon above. When it is all white, then Anti-Fp is currently trying to setup the local listener. If it is colored like the image above, then the listener was successfully setup and is ready to communicate with the extensions. If Anti-Fp is not able to connect after a short amount of time, you may have to close your open browsers to release the port so Anti-Fp can use it.

The final set of status icons indicate which browsers Anti-Fp is currently communicating with. These can be seen in the bottom left corner of the main window. Initially, all the icons start out as white silhouettes. But as the browser extensions start to connect to Anti-Fp their icon will change.


The status icon for the extension is displayed in the browser bar in the top right of the window. There are three icons that may be displayed and can provide a quick status check.

The first is the primary CyDec colored icon. When it is colored, it means that the extension is enabled for the current context.


The second icon is when CyDec is disabled. When it is grayed out, it means that the extension is not enabled for the current context. This means that it is either turned off for the particular domain, tab or globally.


The final icon is the primary CyDec colored icon but with a colored dot in the center. When you create profiles, you can assign them a color value from a pre-set list of colors. When the extension is using that particular profile, the icon will update with the colored dot in the center. This just provides a subtle way of identifying the profile in use a bit easier instead of having to open the extension itself.

Unlicensed

The Anti-Fp extension is free to use however, the free version has some limitations and it is important to understand what those limitations are so that you fully understand how it is impacting your fingerprint.

When using the free version of Anti-Fp, you only have four possible profiles available: Resist, Minimum, Standard and Total. 'Total Spoofing' turns on all categories of spoofing while Minimum will have less. The default profile used is 'Resist' which is a specially designed profile that turns on select settings for a good balance between privacy and usability.

The specific actions in each category can be seen below starting with 'Total Spoofing':
  • Anti-anti-fingerprinting
    • Enabled
  • Data Leak
    • Client Headers: Spoofed
    • Math: Random
    • sendBeacon: Block
    • WebRTC: Block
    • Worker: Block
  • Display
    • CSS: Block
    • Screen: Random
  • Hardware
    • Battery: Random
    • Gamepads: Random
    • Media Devices: Block
    • Memory: Random
    • Network: Random
    • Threads: Random
    • Touchpoints: Random
    • VR: Random
    • Web Audio: Block
  • Hashables
    • AudioBuffer: Random
    • Canvas: Block
    • getClientRects: Random
    • Fonts: All
    • WebGL: Block
  • Headers
    • Accepts: Random
    • Encoding: Random
    • ETag: Block
    • Referrer: Random
  • Location
    • Date: Random
    • Geocoords: Block
    • Language: Random
    • Time Zone: Random
    • Speech Voices: Block
  • Navigator
    • OS: Random
    • Plugins: Random
    • User-Agent: Random
    • Other fields: Block

Note that some data leak testing sites will interpret a blocked value (e.g. undefined or an empty string) as a string which it will then hash to create a fingerprint. So, if you are using the unlicensed version and don't see randomness for Canvas, WebGL and other values it is not because Anti-Fp is not working but because of how the site uses the returned values. Please understand this before writing a review saying that Anti-Fp doesn't work.

Through the use of the available toggle switches, you can turn off or on specific settings however, it will not change the actual action applied to each setting. The only way to change an action (e.g. from 'Block to Random' or 'Random to Set') is to create a fingerprint using the Anti-Fp application or website.

'Standard Spoofing' takes the full spoofing profile and simply turns off certain categories. More specifically, when 'Standard Spoofing' is set the following is turned off.

  • Anti-anti-fingerprinting
  • Canvas blocking
  • CSS
  • Languages
  • Screen randomization
  • WebGL blocking

'Minimum Spoofing' is the least intrusive available other than turning CyDec off. When a site is set to 'Minimum Spoofing' the following are also turned off in addition to the settings turned off from 'Standard Spoofing.'

  • All audio/visual spoofs
  • All data leak spoofs
  • All font spoofs

Finally, the 'Resist Spoofing' profile is based around Firefox's resist fingerprinting mode. Here you can see the specific settings used.

  • CPU set to 2, 4 or 8.
  • User-agent is spoofed with a recent Chrome or Firefox version (if your original browser is Windows then the user-agent will be Windows 10, otherwise it will be generic Linux).
  • Client headers will be spoofed based on the spoofed user-agent value.
  • OS and Platform values are set to Windows or Linux.
  • Referer is set to trim.
  • Time zone is set to UTC.
  • Language is set to US English (en-US).
  • Canvas and WebGL are blocked.
  • Gamepad, Geolocation, Plugins, sendBeacon, WebRTC, WebSpeech, Workers and VR are blocked.
  • Fonts are set to Windows 10 or Linux.
  • Random media device are generated.

License

You can try the Anti-Fp application free for 7 days. Once your trial period is up you will have to purchase a license to continue using the Anti-Fp application. The browser extensions are free to use however the functionality is limited, as described above, when not used in conjunction with Anti-Fp or a valid license.

When you install Anti-Fp, you will have the option of entering a license key or requesting a trial license. When Anti-Fp starts, it will validate the license key or the trial period. If the trial period has ended, then you must enter a valid license key to continue using Anti-Fp.


Once a license is used for the first time, it becomes associated with that particular system. While the license is a floating license, it first must be released from the current system before it can be re-used on a new system. In order to release the license, you need to open the license window, either from the main window or context menu, and click the Release button. If the license was successfully released, then Anti-Fp will close. The key is then free to be used on a new system.


If for some reason you are not able to release the key on the old system and your new system is not accepting it, please contact Heilig Defense (info@heidef.com) for assistance.

IMPORTANT

You must purchase a license for each system you plan to use the Anti-Fp application or a licensed version of the extension. For example, lets say you have three systems. One system is Windows and runs the Anti-Fp application as well as the extension. The other 2 systems are Linux and just run the extension but you would like to sync your application fingerprints and use all the features of the licensed extension. In this situation, you need three licenses (1 per system). The same license key can be used across all three systems but you still must purchase three separate licenses.

In another scenario, let's say you only have 1 system but are using the licensed extension with many different locally installed browsers. In this case, only 1 license is required because, again, the licenses are system-based and not instance-based.

Heilig Defense will audit and disable licenses found in violation of our license policy.

Feedback

Anti-Fp has a built-in ability to provide feedback directly from the application. Simply open the task tray context menu and click Feedback. You can send us comments, suggestions, or detail any bugs you found. Whatever it may be, we would love to hear from you.

Changelog

v1.2021.316.1404 (EXT) (12 NOV 2021)

  • UPDATED (EXT): Built-in profiles now remain after license registration.
  • UPDATED (EXT): Changed behavior for random spoof values.
  • UPDATED (EXT): Enhanced iframe blocking protection.
  • FIXED (EXT): Minor issues and code cleanup.
v1.2021.287.1659 (ALL) (17 OCT 2021)
  • ADDED (ALL): SEC-CH-UA header spoofing.
  • FIXED (EXT): Unlicensed extension version only using Resist fingerprints regardless of setting.
  • FIXED (EXT): Incorrect browser OS used when generating certain profiles.
v1.2021.268.408 (APP) (25 SEP 2021)
  • ADDED: Automatically kill Chrome's software_reporter_tool.exe process.
  • UPDATED: Removed IP sync option from application. Syncing can be done through the extension.
  • UPDATED: Enhanced auto-update capabilities.
  • UPDATED: Added notification at start-up if not-running as admin but configured for all users.
v1.2021.249.1525 (EXTENSION ONLY UPDATE) (07 SEP 2021)
  • UPDATED (EXT): Minor updates.
  • NOTICE: Browser Bubble is now available.
v1.2021.217.1610 (ALL) (05 AUG 2021)
  • ADDED (APP): Ability to wipe Chrome FLoC data on close.
  • ADDED (APP): Setting deprecatation warnings.
  • UPDATED (ALL): Separated Navigator Platform and OSCPU for distinct targeting.
  • UPDATED (EXT): Set Firefox resist-like profile as the default profile.
  • NOTICE: This version is the first released under the new CyDec Security branding. As such, new installation paths and settings are used so a manual update is required for any previous version prior to this.
v1.2021.184.1449 (ALL) (03 JUL 2021)
  • ADDED (ALL): Exposed and expanded WebAudio spoofing.
  • FIXED (EXT): Incorrect icon path on options page.
  • UPDATED (EXT): Enhanced nested iframe spoofing support.
  • UPDATED (ALL): Other minor issues.
v1.2021.164.1332 (ALL) (13 JUN 2021)
  • ADDED (ALL): Ability to assign colors to profiles for easier identification.
  • ADDED (EXT): sec-ch-ua request header now spoofed for Chromium.
  • ADDED (ALL): WebGL shadingLanguage and Version fields.
  • UPDATED (EXT): Modified WebGL and canvas spoofing method.
  • UPDATED (EXT): Uncommon user-agent strings removed from random list.
  • UPDATED (EXT): Added workaround for recently introduced Chrome tab bug (#1213925).
  • FIXED (WEB): Font off setting not sticking.
v1.2021.148.1610 (ALL) (28 MAY 2021)
  • ADDED (ALL): Created Github issue tracker (https://github.com/heilig-defense/anti-fp/issues).
  • FIXED (EXT): Domains and pattern initial options not properly set.
  • FIXED (EXT): Automatic tab setting selection not being selected in list.
  • FIXED (EXT): Pattern matched profile name not set in popup UI.
  • FIXED (EXT): DateTimeFormat locale using incorrect value.
  • UPDATED (APP/EXT): Optimized language header output. Will now only normalize if language weight not detected.
v1.2021.137.1450 (APP/EXT/WEB) (17 MAY 2021)
  • FIXED (ALL): Pre-set language value not parsing properly.
v1.2021.134.1824 (APP/EXT/WEB) (14 MAY 2021)
  • ADDED (EXT): Automatically set profile on new tabs.
  • ADDED (EXT): userAgentData blocking.
  • ADDED (ALL): Option to specify if time zone is currently in daylight savings time.
  • ADDED (EXT/WEB): Started effort to add international language support.
  • UPDATED (EXT): WebRTC public IP sync.
  • UPDATED (ALL): Separated language settings to individually set Javascript and header values.
  • UPDATED (ALL): Plugins randomization with sticky values. Removed setting specific values. Added warning about plugin deprecation.
  • FIXED (APP): Network settings not displaying.
  • FIXED (APP): Updated description for canvas and WebGl spoofing to reflect actual behavior.
  • FIXED (APP): Incorrectly set time zone value to locale.
  • FIXED (EXT): Other minor issues.
v1.2021.108.121 (APP/EXT/WEB) (18 APR 2021)
  • ADDED (ALL): FLoC blocking.
  • ADDED (ALL): WebRTC set or spoof IP addresses.
  • ADDED (EXT): Exposed WebRTC IP overrides.
  • ADDED (ALL): macOS Catalina to font spoofing list.
  • UPDATED (EXT): License validation behavior.
  • FIXED (APP): Language not sticking for certain values.
  • FIXED (ALL): Other minor issues.
v1.2021.92.1720 (APP/EXT/WEB) (02 APR 2021)
  • ADDED (EXT): Enhanced resist fingerprinting mode.
  • ADDED (EXT): HSTS protection.
  • ADDED (EXT): MimeType blocking for Chrome extension.
  • ADDED (EXT): Performance protection.
  • ADDED (EXT): Exposed user-agent string override.
  • ADDED (EXT): Added referrer trim option.
  • UPDATED (ALL): Timezone information.
  • FIXED (EXT): Media device spoofing bug.
v1.2021.48.1841 (APP/EXT) (17 FEB 2021)
  • ADDED (APP/EXT): Exposed setting to block or spoof eval.
  • FIXED (EXT): Incorrect global override update for new favicon setting.
  • FIXED (EXT): Font spoofing not set when generating profile.
  • UPDATED (EXT): Other minor bug fixes and enhancements.
v1.2021.44.2146 (APP) / v1.2021.44.1715 (EXT) (13 FEB 2021)
  • ADDED (EXT): favicon tracking protection. (Make sure to update your saved profiles to enable this new protection.)
  • ADDED (APP): Automatic lookup of latest browser versions.
  • FIXED (EXT): Status icon not updating based on regex matching.
  • UPDATED (ALL): Other minor bug fixes and enhancements.
v1.2021.23.2055 (APP) / 1.2021.23.1601 (EXT) (23 JAN 2021)
  • ADDED (APP): Installation option to install for current or all users.
  • FIXED (APP): Timezone and language not being set in profile dropdowns.
  • UPDATED (EXT): General bug fixes and enhancements.
v1.2021.3.1630 (APP) (03 JAN 2021)
  • FIXED: Timezone parsing bug that would cause Anti-Fp to crash.
v1.2020.359.2125 (EXT) (24 DEC 2020)
  • UPDATED: Enhanced anti-font fingerprinting (can set Linux and Windows specific profiles).
  • FIXED: iframe spoofing issue.
  • FIXED: 'Use main domain' settings bug.
  • FIXED: Issue generating profile with mobile selected on antifp.com.
  • FIXED: Extension popup not displaying correct override values.
v1.2020.352.1515 (EXT) (18 DEC 2020)
  • ADDED: WebGL vendor/render extension overrides.
  • UPDATED: Minor UI tweaks.
  • FIXED: Some settings not fully turned off from global or domain switches.
v1.2020.349.1710 (APP/EXT/WEB) (15 DEC 2020)
  • ADDED: Ability to generate profiles.
  • ADDED: Domain pattern matching.
  • ADDED: Ability to sync fingerprints from antifp.com to app.
  • ADDED: Profile building wizard.
  • ADDED: Built-in calendar and numbering system values.
  • ADDED: Ability to set speech, media, gamepads, network, battery and VR devices.
  • ADDED: Ability to spoof some web audio values.
  • UPDATED: Extension UI updates.
  • UPDATED: Expanded override options.
  • UPDATED: Date and timezone calculations.
  • UPDATED: Documentation.
  • FIXED: Numerous bugs.
Release notes: While the list of changes is not that large, this version represents a major rewrite in both functionality and look. The extension has been redesigned and new capabilities added to provide better profile management. As always, please report all bugs to info@heidef.com.


v1.2020.293.1530 (APP/EXT) (19 OCT 2020)
  • RELEASED: https://www.antifp.com
  • ADDED: SpeechSynthesis spoofing.
  • ADDED: Ability to toggle status of anti-anti-fingerprinting.
  • ADDED: getClientRects blocking.
  • ADDED: Ability to set multiple values for memory, threads and touchpoints.
  • ADDED: Three built-in profiles to limit site breakage for new users.
  • ADDED: More built-in user-agents.
  • ADDED: Force sync button to refresh profiles.
  • UPDATED: Public fingerprints with latest options.
  • UPDATED: Changed random plugin generator output.
  • UPDATED: Options page for better domain management.
  • FIXED: Other minor bugs.
v1.2020.251.151 (APP) / v1.2020.252.100 (EXT) (08 SEP 2020)
  • UPDATED: Enhanced anti-anti-fingerprinting.
  • UPDATED: Changed way that user-agent details are randomized.
  • ADDED: CSS filtering of screen resolution leaks.
  • ADDED: Math randomization.
  • ADDED: Additional canvas and SVG spoofing.
  • ADDED: Ability to sync time zone and language to IP address (currently uses ipapi.co for look-up).
  • FIXED: Sub-domains using main domain settings.
v1.2020.220.1919 (08 AUG 2020)
  • ADDED: Fingerprint detection and notifications.
  • ADDED: Anti-anti-fingerprinting capabilities.
  • ADDED: Support for Iridium browser.
  • ADDED: WebGL unmasked renderer and vendor.
  • UPDATED: Extension profile override is now persistent and applies to all tabs.
  • UPDATED: Separated time zone location and name for more granular control.
  • UPDATED: Redesigned extension.
  • FIXED: Numerous bugs.
v1.2020.168.1905 (16 JUN 2020)
  • ADDED: Screen size offsets of current resolution.
  • ADDED: VRDisplay spoofing and blocking.
  • ADDED: Gamepad spoofing and blocking.
  • ADDED: sendBeacon blocking.
  • ADDED: Geolocation spoofing, blocking and setting.
  • ADDED: Media device spoofing.
  • UPDATED: All extension options now available.
  • UPDATED: UI updates.
  • FIXED: Installer bug.
v1.2020.132.1445 (11 MAY 2020)
  • ADDED: Per-tab profile override support. Must have extension version >= 1.2020.132.240.
  • FIXED: Minor user interface issues and improvements.
v1.2020.99.1645 (21 APR 2020)
  • ADDED: getClientRects spoofing.
  • UPDATED: Audio, Canvas, and WebGL can now be spoofed with a specific jitter value. This allows for a unique fingerprint that can stay consistent across requests.
  • FIXED: Update version comparison fails for specific values.
  • FIXED: Minor user interface issues.
v1.2020.86.130 (26 MAR 2020)
  • Initial release.