Accept Header
The Accept request HTTP header advertises which content types, expressed as MIME types, the client is able to understand.
You can read more about the Accept Header at:
Mozilla Devloper Network
Audio/Visual
Cascading Style Sheets (CSS) is a style sheet language used for describing the presentation of a document written in a
markup language like HTML. CSS is a cornerstone technology of the World Wide Web, alongside HTML and JavaScript. (Wikipedia)
While CSS makes the web look good, it can also be used to leak data. This is particularly true with screen related details.
CyDec is able to examine CSS in order to identify potentially offending rules. When found, CyDec can disable the entire
sheet or can filter out the rules it found. Be aware that this may break the display on sites as not all CSS rules that
can leak data are actually used to leak data.
Math
Slight differences in the JavaScript engines that power the major browsers lead to variations in the results of
various math problems. While not enough to track you, these variations can give away the actual browser you are using.
CyDec is able to spoof the math equations by adding a slight jitter to the results which means that trackers will not
be able to determine your browser type.
Audio/Visual
Some of the most accurate fingerprint methods are associated with audio/visual elements.
Trackers run calculations against these elements in order to pick out the slight variations
that exist in the underlying hardware. For example, two identical models of a video card can produce
slightly different results that can uniquely identify you.
CyDec Anti-Fp can either block the capabilities completely or spoof the calculation results
to provide a randomized value every time. The four audio/visual related areas that CyDec
currently covers are:
- Audio: Audio fingerprints can be derived from frequency, channel and time domain data.
Trackers are able to perform audio operations through JavaScript that do not produce a sound in order
to gain information on the device bias.
- Canvas: Canvas elements are used to draw custom graphics but due to slight variations in
the output causes a highly reliable fingerprint to be created.
- clientRects: clientRects are another way that trackers can take advantage of slight variations with
how pixels are drawn. This is a similar fingerprinting mechanism to the canvas and just as
reliable. Many Google sites use this method for tracking.
- SpeechSynthesis: Synthesis voices available on the device can be queried and used to identify unique
languages that may be installed which in turn can be used to infer other geographic details of the user.
- WebGL: Like with the canvas elements, WebGL graphics also allows trackers to create a
highly reliable fingerprint based on graphics outputs.
Read more and test your fingerprints here:
Wikipedia
https://browserleaks.com/canvas
https://browserleaks.com/webgl
https://audiofingerprint.openwpm.com/
Date
There are two date related objects that can be used to collect location information. When combined with
IP address geolocation and language data, a tracker gains a lot of insight into your physical location.
CyDec cannot do anything about the IP address, but it does allow you to spoof your date information in order
to cause some confusion.
Read more about the JavaScript date object here:
Mozilla Devloper Network
Encoding Header
The Accept-Encoding request HTTP header advertises which content encoding, usually a compression algorithm,
the client is able to understand.
You can read more about the Encoding Header at:
Mozilla Devloper Network
ETag
Designed to make caching more efficient, ETags can be used by attackers to set what effectively are
super-cookies. Because the ETag is passed in the network headers, disabling JavaScript provides no protection.
CyDec Anti-Fp can remove the ETag from network requests to prevent this type of super tracking.
You can test ETag tracking at:
https://lucb1e.com/rp/cookielesscookies/
Or learn more about ETags at:
Mozilla Devloper Network
Fonts
Fonts are another category of data that can provide a very reliable fingerprint. As you use a computer over time
new fonts get installed. Trackers are able to determine which fonts are installed on your computer and create a
fingerprint based on that.
Font fingerprint protection is difficult to do fully effectively in all situations given the ways that trackers
can query installed fonts. However, CyDec Anti-Fp does provide two protection options that cover most use cases.
The first is to make the tracker think that no fonts are installed on the system. The other option is to make them
think that all fonts are installed.
Learn more about font tracking here:
https://www.johndcook.com/blog/2019/02/04/font-fingerprinting/
Hardware
Browsers leak a lot of details about your computer. Some of it may be useful for sites to respond
based on power or network conditions, however it can also be seen as unnecessary.
- Battery: Battery information can be queried by a site to determine if the computer is plugged-in
or running on battery and if so, what the level of charge is. This is no longer supported by all
browsers.
- Gamepads: The Gamepad API is a way for developers to access and respond to signals from gamepads
and other game controllers. Not only does it provide information about the gamepads themselves
it can also be used to monitor gamepad activity.
- Media Devices: Browsers populate this array of values with information about attached
media devices such as microphones and cameras. This can provide unique information about
your computer and depending on the type of media equipment, could provide a very reliable
fingerprint.
- Memory: This is the amount of RAM your system has. Currently it is not supported by all browsers
however, CyDec Anti-Fp can block, randomize, or set a user specific value regardless of native
browser support.
- Network: Similar to the battery information, a site can query network details and determine the type
of network connection along with network speeds. And CyDec Anti-Fp can again block this information
completely or provide random data.
- Threads: The number of concurrent threads that your CPU can handle is another hardware detail leaked
by the browser.
- Touchpoints: The number of touchpoints your system supports is how many simultaneous fingers can use the
touchscreen at once. Non-touchscreen systems will be zero while smartphones and tablets will be one
or more. CyDec Anti-Fp can block, spoof or set specific values.
- VR Displays: The available VR API provides a way for sites to access information about connected
VR devices such as device IDs and descriptions. Given that VR displays are not that common, a
connected device can provide a lot of useful information for a tracker.
Some of your hardware details are:
Battery:
Memory:
Network:
Threads:
Touchpoints:
Learn more about these data objects here:
Battery
Memory
Network
Threads
Touchpoints
Language
Language details are provided in both browser headers and through JavaScript. The language field can be useful
for sites that cater to international users so that the appropriate text can be presented (i.e. English for Americans
or French for a Quebecer).
Language settings can also help in geolocation. While not accurate by itself, language information can be combined
with other information to confirm a rough location especially if your OS is set to a more esoteric language.
Your current language settings are:
Navigator
The navigator element is a JavaScript object that is populated with lots of data. Many of the other categories
cover data that is contained in the navigator object however, we have a dedicated category as well for some of the
other data points not covered.
Here is some of the information in the navigator object:
appName:
appVersion:
appCodeName:
buildID:
product:
productSub:
vendor:
vendorSub:
Learn more about the naviagtor object here:
Mozilla Devloper Network
Operating System
The operating system is leaked by a browser is two main places. One is in the user-agent while the second
is in the navigator object. This type of information can be useful for malicious attack that serve OS specific
malware from compromised websites.
CyDec Anti-Fp can completely change the reported OS information so that automated attacks are likely to fail.
Your OS information is:
Plugins
Plugins used to be much more useful for trackers but the ability to gather details about plugins has been
limited to some degree, but not totally eliminated, by the browser makers themselves.
CyDec Anti-Fp can block all access to plugin information as well as inject fake plugins.
Learn more about plugins here:
Mozilla Devloper Network
Referrer
The referrer is both a browser header and JavaScript accessible value that leaks the previous site to the
current site. While there is a valid use case for this, in most instances it just provides unnecessary data leakage.
If you came to this page from a link then your referrer should be the last page you visited. Otherwise it will be
blank.
Learn more about referrer here:
Mozilla Devloper Network
Screen
The screen element is another JavaScript object that contains information about the current screen size,
color depth and resolution.
CyDec Anti-Fp can spoof, block or set specific values for these fields in order to project a specific
type of device.
Your current screen information is:
Width:
Height:
Color Depth:
Pixel Depth:
Timezone
While timezones cover large areas of the Earth, they can be combined with other data in order to provide
a more clear location picture to trackers that want to geolocate you.
Your current timezone information is:
User-Agent
The user-agent is probably the most visible data leak that browsers do. The user-agent is a string that
is contained in both the header as well as in the navigator object that contains information about the
application, operating system, vendor, and application version.
Your current user-agent is:
Learn more about user-agents here:
Mozilla Devloper Network
What's My User-Agent?
Data Leaks
Browsers leak a lot of senstive information but some can be more senstive than others depending on the
circumstances. Four in particular are because of favicons, sendBeacon, WebRTC, and Workers.
The favicon or (favorite icon) is used by sites to set a custom icon image that is displayed in bookmarks and tabs.
However, recent research has shown it is also a very powerful tracking mechanism that is not blocked by typical
protection methods.
The sendBeacon method is a way for a webpage to send a small amount of data over HTTP to a web server.
It is primarly used for data analytics and diagnostic purposes by collecting and reporting browser usage details.
WebRTC is an open framework that enables Real-Time Communications (RTC) capabilities in the browser.
It can also be used to leak very senstive network details. If you do not have a need for WebRTC or are
using a VPN or Tor, then it is best to simply disable WebRTC in the browser.
Workers are background tasks that can be executed by the main page. A worker task runs in its own thread
which is separate from the main page and is designed to spread load computationally expensive operations
so that the main page stays responsive. However, because worker tasks operate outside of the main page
context, its actions and access to data cannot be limited by privacy extensions. Therefore, blocking
is the only way to prevent this method of data leakage.
When enabled, CyDec Anti-Fp can prevent both sendBeacon and WebRTC from creating a connection
and can stop Workers from running to leak your senstive data.
You can read about these topics at:
favicon supercookies
https://developer.mozilla.org/en-US/docs/Web/API/Navigator/sendBeacon
https://en.wikipedia.org/wiki/WebRTC
https://browserleaks.com/webrtc
https://diafygi.github.io/webrtc-ips/
Geolocation
It is well known that IP addresses can be geolocated but, not all websites implement their own IP lookups.
Instead, websites can request geolocation information right from your browser by using the Geolocation API.
The Geolocation API allows the user to provide their location to web applications if they so desire. The one
good thing about the Geolocation API is that for privacy reasons, you must give your permission to share your
location information before it is provided.
With CyDec Anti-Fp, you can set your location to any arbitrary position that you desire. The application comes
pre-installed the world's 200 top cities for easy reference to make spoofing your location simple.
You can ready more or test geolocation at:
https://developer.mozilla.org/en-US/docs/Web/API/Geolocation_API
CyDec Security
Blisk
Brave
Chrome
Chromium
Edge
Firefox
Iridium
Iron
Opera
Vivaldi
Accept Header
Audio/Visual
CSS
Data Leak
Date
Encoding Header
ETag
Fonts
Geolocation
Hardware
Language
Math
Navigator
OS
Plugins
Referrer
Screen
Timezone
User-Agent
