Tillegg for Firefox-nettleser
  • Utvidelser
  • Tema
    • for Firefox
    • Ordbøker og språkpakker
    • Andre nettlesersteder
    • Utvidelser for Android
Logg inn
Forhåndsvisning av Chameleonn

Chameleonn av 0x127

Quietly blunts every fingerprinting surface the modern web exposes, without breaking sites.

0 (0 omtaler)0 (0 omtaler)
Last ned Firefox og få utvidelsen
Last ned fil

Metadata for utvidelser

Skjermbilder
Om denne utvidelsen
What it is

Chameleon is an advanced Firefox extension that quietly blocks the fingerprinting surface modern websites use to track you. Canvas, WebGL, audio, fonts, MIDI, sensors, WebRTC, navigator quirks, the whole pile.

The core trick: Instead of randomising your fingerprint on every request (which actually makes you more unique, since no real browser does that), Chameleon picks a stable identity per origin. The same site sees the same fingerprint every time so nothing breaks. Two different sites see different fingerprints so they can't link your visits together.

You can also rotate your master identity whenever you want with one click.



How to use it

Once installed, it runs automatically. Defaults are safe for normal browsing.

The toolbar popup
  • Protection toggle
    Master on/off switch. Reloads the tab immediately. Settings persist.
  • Exempt this site
    Adds the current eTLD+1 to an allowlist and reloads without protection.
  • Rotate identity
    Generates a new global seed. All sites see a fresh fingerprint going forward.
  • Settings
    Opens full configuration page.



The options page

Accessible via right-click -> Manage Extension -> Options.
  • Master toggle
    Global enable/disable.
  • Browser identity
    Choose OS/UA profile (default: Linux-based Firefox).
  • Surfaces controls
  • Timer precision rounding
  • Timezone pinning (UTC)
  • Motion sensor blocking
  • HTTP header rewriting
  • Exempt origins
    One eTLD+1 per line. Lines starting with # are ignored.



Verifying it works

Test across multiple windows:
  • https://browserleaks.com
  • https://amiunique.org
  • https://coveryourtracks.eff.org
  • https://audiofingerprint.openwpm.com
  • https://abrahamjuliot.github.io/creepjs

Expected behavior:
  • Same origin + same window -> consistent fingerprint
  • Different origins -> different fingerprints



What it blocks

Visual fingerprinting (canvas, WebGL, WebGPU)
  • Canvas readback APIs (toDataURL, getImageData, etc.)
  • WebGL/WebGL2 parameter extraction
  • readPixels noise injection
  • WebGPU fully hidden

Audio fingerprinting
  • AudioBuffer analysis
  • AnalyserNode frequency leakage
  • OfflineAudioContext compression artifacts

Layout fingerprinting
  • getBoundingClientRect / getClientRects
  • offsetWidth/Height, scroll metrics
  • screen size + DPR
  • TextMetrics inconsistencies

Navigator identity
  • UA, platform, vendor
  • hardwareConcurrency, deviceMemory
  • languages, plugins, mimeTypes
  • maxTouchPoints
  • userAgentData spoofing

Firefox quirks hiding
  • InstallTrigger
  • mozInnerScreenX/Y
  • window.sidebar, window.netscape
  • CSS feature probes

Hardware-leaking APIs
  • Battery API
  • NetworkInformation
  • StorageManager
  • enumerateDevices
  • Bluetooth / USB / HID / Serial
  • Speech synthesis voices
  • Gamepads
  • IndexedDB databases

Sensors
  • Motion/orientation APIs disabled
  • Magnetometer, gyroscope, accelerometer blocked
  • Touch precision normalized
  • screen.orientation pinned

Web MIDI
  • MIDI access blocked completely

WebXR / WebVR
  • XR APIs removed
  • VR display enumeration disabled

PointerEvent entropy
  • Stylus pressure/tilt/twist zeroed (except real pen input)
  • pointerId normalized
  • multi-touch behavior flattened

Speech Recognition
  • SpeechRecognition APIs removed

Reporting Observer
  • Fully stubbed to prevent side-channel reporting leaks

Cookie Store API
  • async cookie enumeration disabled

Performance memory probes
  • memory estimation disabled
  • eventCounts spoofed

Audio latency
  • outputLatency/baseLatency normalized

Notifications
  • Permission pinned to default state

navigator.scheduling
  • API hidden

window.name
  • Cleared on cross-origin navigation

Ad-block detection bypass
  • Fake ad-bait elements neutralized
  • detection globals pre-filled

Font enumeration
  • Local font APIs blocked
  • Canvas font measurement normalized
  • System fonts only exposed

Permissions / media queries
  • All media queries normalized
  • Permissions API stabilized

WebRTC
  • Local and STUN IP leakage blocked
  • Relay-only connections allowed

Timing
  • performance.now() quantized to 1ms
  • timestamps rounded globally

Locale
  • Forced en-US locale
  • UTC timezone
  • standardized numeric formats

HTTP layer
  • UA rewritten
  • Accept-Language normalized
  • Client hints removed
  • tracking headers stripped
  • DNT/GPC enforced

Workers
  • Worker scripts wrapped and re-hooked
  • Cross-origin workers partially unsupported

Camouflage
  • toString() spoofed as native
  • error stacks cleaned
  • sensitive APIs hidden



Will it slow my browser down?

Not noticeably.
  • Canvas/audio hooks: tiny overhead
  • DOM measurement hooks: minimal
  • HTTP rewriting: negligible
  • Worker interception: most expensive (tens of ms in heavy apps)



Configuration recipes
  • Maximum privacy (breaks some sites)
    Linux profile, everything enabled, no exemptions
  • Daily driver
    Defaults + exempt banking/video tools
  • Casual privacy
    Defaults, disable timezone pinning



Known limits
  • Detection possible inside JS realm (hook introspection)
  • Cross-origin worker injection limitations
  • Timezone vs real clock inconsistencies
  • First-canvas race condition on page load
  • TLS fingerprinting (JA3/JA4) still visible
  • TCP/IP fingerprinting still leaks OS (kernel-level issue)

The source code for this extension can be found at https://github.com/00x127/chameleon
Vurdert til 0 av 0 anmeldere
Logg inn for å vurdere denne utvidelsen
Det er ingen vurderinger ennå

Stjernevurdering lagret

5
0
4
0
3
0
2
0
1
0
Ingen omtaler ennå
Tillatelser og data

Nødvendige tillatelser:

  • Tilgang til faner
  • Tilgang til nettleseraktivitet under navigering

Valgfrie tillatelser:

  • Få tilgang til dine data fra alle nettsteder

Datainnsamling:

  • Utvikleren sier at denne utvidelsen ikke krever datainnsamling.
Les mer
Mer informasjon
Lenker for utvidelser
  • Brukerstøttenettsted
  • Kopier tilleggs-ID
Versjon
0.1.5
Størrelse
158,87 kB
Sist oppdatert
19 dager siden (25. juni 2026)
Relaterte kategorier
  • Nettutvikling
  • Personvern og sikkerhet
  • Faner
Lisens
MIT License
Versjonshistorikk
  • Se alle versjoner
Etiketter
  • anti tracker
  • container
  • content blocker
  • privacy
  • security
Legg til i samling
Rapporter dette tillegget
Gå til Mozillas hjemmeside

Utvidelser

  • Om
  • Firefox tilleggsblogg
  • Utvidelsesverksted
  • Utvikler-knutepunkt
  • Utviklerpraksis
  • Fellesskaps-blogg
  • Forum
  • Rapporter en feil
  • Retningsliner for omtaler

Last ned

  • Download Firefox
  • Windows
  • macOS
  • iOS
  • Android
  • Linux
  • All

De siste versjonene

  • Nightly
  • Beta

Firefox for bedrifter

  • Enterprise

Fellesskap

  • Connect
  • Contribute
  • Developer

Følge

  • Instagram
  • YouTube
  • TikTok
  • Bluesky
  • Podcast
  • Personvern
  • Infokapsler
  • Juridisk

Med mindre annet er spesifisert, er innholdet på dette nettstedet lisensiert under Creative Commons Navngivelse-del-på-samme-vilkår-lisens v3.0 eller en senere versjon.