Extensões do Navegador Firefox
  • Extensões
  • Temas
    • Firefox
    • Dicionários e Pacotes de Idioma
    • Outros navegadores
    • Extensões para Android
Entrar
Pré-visualização de Chameleonn

Chameleonn por 0x127

Quietly blunts every fingerprinting surface the modern web exposes, without breaking sites.

0 (0 avaliações)0 (0 avaliações)
Baixe o Firefox e instale a extensão
Baixar arquivo

Metadados da extensão

Capturas de tela
Sobre esta extensão
What it is

Chameleon is an advanced Firefox extension that quietly blocks the fingerprinting surface modern websites use to track you. Canvas, WebGL, audio, fonts, MIDI, sensors, WebRTC, navigator quirks, the whole pile.

The core trick: Instead of randomising your fingerprint on every request (which actually makes you more unique, since no real browser does that), Chameleon picks a stable identity per origin. The same site sees the same fingerprint every time so nothing breaks. Two different sites see different fingerprints so they can't link your visits together.

You can also rotate your master identity whenever you want with one click.



How to use it

Once installed, it runs automatically. Defaults are safe for normal browsing.

The toolbar popup
  • Protection toggle
    Master on/off switch. Reloads the tab immediately. Settings persist.
  • Exempt this site
    Adds the current eTLD+1 to an allowlist and reloads without protection.
  • Rotate identity
    Generates a new global seed. All sites see a fresh fingerprint going forward.
  • Settings
    Opens full configuration page.



The options page

Accessible via right-click -> Manage Extension -> Options.
  • Master toggle
    Global enable/disable.
  • Browser identity
    Choose OS/UA profile (default: Linux-based Firefox).
  • Surfaces controls
  • Timer precision rounding
  • Timezone pinning (UTC)
  • Motion sensor blocking
  • HTTP header rewriting
  • Exempt origins
    One eTLD+1 per line. Lines starting with # are ignored.



Verifying it works

Test across multiple windows:
  • https://browserleaks.com
  • https://amiunique.org
  • https://coveryourtracks.eff.org
  • https://audiofingerprint.openwpm.com
  • https://abrahamjuliot.github.io/creepjs

Expected behavior:
  • Same origin + same window -> consistent fingerprint
  • Different origins -> different fingerprints



What it blocks

Visual fingerprinting (canvas, WebGL, WebGPU)
  • Canvas readback APIs (toDataURL, getImageData, etc.)
  • WebGL/WebGL2 parameter extraction
  • readPixels noise injection
  • WebGPU fully hidden

Audio fingerprinting
  • AudioBuffer analysis
  • AnalyserNode frequency leakage
  • OfflineAudioContext compression artifacts

Layout fingerprinting
  • getBoundingClientRect / getClientRects
  • offsetWidth/Height, scroll metrics
  • screen size + DPR
  • TextMetrics inconsistencies

Navigator identity
  • UA, platform, vendor
  • hardwareConcurrency, deviceMemory
  • languages, plugins, mimeTypes
  • maxTouchPoints
  • userAgentData spoofing

Firefox quirks hiding
  • InstallTrigger
  • mozInnerScreenX/Y
  • window.sidebar, window.netscape
  • CSS feature probes

Hardware-leaking APIs
  • Battery API
  • NetworkInformation
  • StorageManager
  • enumerateDevices
  • Bluetooth / USB / HID / Serial
  • Speech synthesis voices
  • Gamepads
  • IndexedDB databases

Sensors
  • Motion/orientation APIs disabled
  • Magnetometer, gyroscope, accelerometer blocked
  • Touch precision normalized
  • screen.orientation pinned

Web MIDI
  • MIDI access blocked completely

WebXR / WebVR
  • XR APIs removed
  • VR display enumeration disabled

PointerEvent entropy
  • Stylus pressure/tilt/twist zeroed (except real pen input)
  • pointerId normalized
  • multi-touch behavior flattened

Speech Recognition
  • SpeechRecognition APIs removed

Reporting Observer
  • Fully stubbed to prevent side-channel reporting leaks

Cookie Store API
  • async cookie enumeration disabled

Performance memory probes
  • memory estimation disabled
  • eventCounts spoofed

Audio latency
  • outputLatency/baseLatency normalized

Notifications
  • Permission pinned to default state

navigator.scheduling
  • API hidden

window.name
  • Cleared on cross-origin navigation

Ad-block detection bypass
  • Fake ad-bait elements neutralized
  • detection globals pre-filled

Font enumeration
  • Local font APIs blocked
  • Canvas font measurement normalized
  • System fonts only exposed

Permissions / media queries
  • All media queries normalized
  • Permissions API stabilized

WebRTC
  • Local and STUN IP leakage blocked
  • Relay-only connections allowed

Timing
  • performance.now() quantized to 1ms
  • timestamps rounded globally

Locale
  • Forced en-US locale
  • UTC timezone
  • standardized numeric formats

HTTP layer
  • UA rewritten
  • Accept-Language normalized
  • Client hints removed
  • tracking headers stripped
  • DNT/GPC enforced

Workers
  • Worker scripts wrapped and re-hooked
  • Cross-origin workers partially unsupported

Camouflage
  • toString() spoofed as native
  • error stacks cleaned
  • sensitive APIs hidden



Will it slow my browser down?

Not noticeably.
  • Canvas/audio hooks: tiny overhead
  • DOM measurement hooks: minimal
  • HTTP rewriting: negligible
  • Worker interception: most expensive (tens of ms in heavy apps)



Configuration recipes
  • Maximum privacy (breaks some sites)
    Linux profile, everything enabled, no exemptions
  • Daily driver
    Defaults + exempt banking/video tools
  • Casual privacy
    Defaults, disable timezone pinning



Known limits
  • Detection possible inside JS realm (hook introspection)
  • Cross-origin worker injection limitations
  • Timezone vs real clock inconsistencies
  • First-canvas race condition on page load
  • TLS fingerprinting (JA3/JA4) still visible
  • TCP/IP fingerprinting still leaks OS (kernel-level issue)

The source code for this extension can be found at https://github.com/00x127/chameleon
Avaliado em 0 por 1 revisor
Identifique-se para avaliar esta extensão
Ainda não existem avaliações

Avaliação salva

5
0
4
0
3
0
2
0
1
0
Ainda sem análises
Permissões e dados

Permissões necessárias:

  • Acessar as abas do navegador
  • Acessar atividades do navegador durante a navegação

Permissões opcionais:

  • Acessar seus dados em todos os sites visitados

Coleta de dados:

  • O desenvolvedor afirma que esta extensão não requer coleta de dados.
Saiba mais
Mais informações
Links da extensão
  • Site de suporte
  • Copiar ID da extensão
Versão
0.1.5
Tamanho
158,87 KB
Ultima atualização
há 19 dias (25 de jun de 2026)
Categorias relacionadas
  • Desenvolvimento Web
  • Privacidade e Segurança
  • Abas
Licença
Licença MIT
Histórico de versões
  • Ver todas as versões
Etiquetas
  • anti tracker
  • container
  • content blocker
  • privacy
  • security
Adicionar a uma coleção
Denunciar esta extensão
Ir para a página inicial da Mozilla

Extensões

  • Sobre
  • Blog de extensões do Firefox
  • Workshop de extensões
  • Central do desenvolvedor
  • Diretivas do desenvolvedor
  • Blog da comunidade
  • Fórum
  • Relatar um erro
  • Guia de análise

Baixar

  • Download Firefox
  • Windows
  • macOS
  • iOS
  • Android
  • Linux
  • All

Versões mais recentes

  • Nightly
  • Beta

Firefox para Empresas

  • Enterprise

Comunidade

  • Connect
  • Contribute
  • Developer

Seguir

  • Instagram
  • YouTube
  • TikTok
  • Bluesky
  • Podcast
  • Privacidade
  • Cookies
  • Jurídico

Exceto onde de outra forma notado, o conteúdo deste site está licenciado sob a Creative Commons Licença de Atribuição Compartilha-Igual v3.0 ou qualquer versão posterior.