Fenix: [Bug] Private mode is fingerprintable by nothingprivate.ml

Created on 30 Sep 2020  路  4Comments  路  Source: mozilla-mobile/fenix

Steps to Reproduce

Follow steps on https://www.nothingprivate.ml/

Expected behavior

You should be undetectable in private mode

Actual behavior

You are not. The site is able to tell who you are even in private mode

Device information

  • Android device: Asus Zenfone
  • Fenix version: Nightly
PrivateBrowsing etp triage 馃悶 bug
Source
picture s-ankur

Most helpful comment

Private mode has always been about protecting from a local attacker being able to recover data. It is not about the site or your ISP being able to track you. If resistfingerprinting resolves this then it is something tracked at https://bugzilla.mozilla.org/show_bug.cgi?id=1260929

picture kbrosnan on 1 Oct 2020
👍2

All 4 comments

Preventable with privacy.resistFingerprinting set to true in about:config on nightly and beta. Stable cannot do this

jawz101 picture jawz101 on 1 Oct 2020

On the Nightly build one possible way to work around is to add CanvasBlocker extension following instructions on this blog post.

KrasnayaPloshchad picture KrasnayaPloshchad on 1 Oct 2020

Private mode has always been about protecting from a local attacker being able to recover data. It is not about the site or your ISP being able to track you. If resistfingerprinting resolves this then it is something tracked at https://bugzilla.mozilla.org/show_bug.cgi?id=1260929

kbrosnan picture kbrosnan on 1 Oct 2020
👍2

Resistfingerprinting does solve this, thanks

s-ankur picture s-ankur on 1 Oct 2020
Was this page helpful?
0 / 5 - 0 ratings

Related issues

vesta0 picture vesta0  路  3Comments
AndiAJ picture AndiAJ  路  3Comments
thelazyoxymoron picture thelazyoxymoron  路  3Comments
robsmith11 picture robsmith11  路  3Comments
phileastv picture phileastv  路  3Comments