Canvas Defender 的评价
Canvas Defender 作者: Multilogin
VanguardLH 的评价
评分 3 / 5
来自 VanguardLH, 8 年前Visit https://panopticlick.eff.org or https://browserleaks.com/canvas. It lists the current canvas fingerprint for its image test. Exit Firefox (and check Task Manager there are no remnant processes for Firefox), reload Firefox, and visit the site again. The same Canvas hash is identified as before.
While a Canvas hash should remain stable within a session (to avoid getting fingerprinted as a Canvas blocking user), it does NOT have to remain stable between web browser sessions. A site that checks that a different hash is returned for multiple tries upon a visit can detect if a blocker is used. Those sites won't test upon a revisit of the page in a new browser session which could be from a different computer, different config, or different user.
Another Canvas blocker, CanvasBlocker, defaults on install to creating a new unique hash on every Canvas read. That isn't the best way to avoid Canvas fingerprinting. Repeated testing by a site when you visit them can detect you are blocking (changing) the Canvas hash so they know you are in a small populace of Canvas blocking users. However, CanvasBlocker has the option to change its random hashing on a per-session option. The hash remains stable within a web browser session but a different random rehashing is used in the next web browser session. Alas, CanvasBlocker is not a Web Extension add-on, there doesn't seem to be any movement to make it one, so it will die as of Firefox version 57. Already in Firefox 55 that add-on is getting flagged as "Legacy" meaning it is not a WebExt add-on and will cease to function shortly when Firefox 57 gets released.
So I was looking at an alternative. Canvas Defender has some nice features but the timer is deficient. The timer should function only *within* a web browser session, not at some wall-clock interval between web sessions. When the web browser is loaded, the timer should start anew (reset) with a new rehash or noise injection. The user might want to manually change the hash during a web browser session or let a timer do that during a web browser session but a NEW web browser session should start with a new random noise rehash of the Canvas reads. Every reset of the timer, which includes when loading the add-on in a new web browser session, should generate a new random noise injection.
Canvas Defender should reset and generate a new random rehash noise injection when the timer resets. When set to an interval, the timer resets when the interval is reached (and the timer starts measuring a new interval). When the add-on is freshly loaded (because it loads with a new instance of the web browser in a new browsing session), that is also a timer reset and the add-on should begin with a new random rehash noise injection.
While a Canvas hash should remain stable within a session (to avoid getting fingerprinted as a Canvas blocking user), it does NOT have to remain stable between web browser sessions. A site that checks that a different hash is returned for multiple tries upon a visit can detect if a blocker is used. Those sites won't test upon a revisit of the page in a new browser session which could be from a different computer, different config, or different user.
Another Canvas blocker, CanvasBlocker, defaults on install to creating a new unique hash on every Canvas read. That isn't the best way to avoid Canvas fingerprinting. Repeated testing by a site when you visit them can detect you are blocking (changing) the Canvas hash so they know you are in a small populace of Canvas blocking users. However, CanvasBlocker has the option to change its random hashing on a per-session option. The hash remains stable within a web browser session but a different random rehashing is used in the next web browser session. Alas, CanvasBlocker is not a Web Extension add-on, there doesn't seem to be any movement to make it one, so it will die as of Firefox version 57. Already in Firefox 55 that add-on is getting flagged as "Legacy" meaning it is not a WebExt add-on and will cease to function shortly when Firefox 57 gets released.
So I was looking at an alternative. Canvas Defender has some nice features but the timer is deficient. The timer should function only *within* a web browser session, not at some wall-clock interval between web sessions. When the web browser is loaded, the timer should start anew (reset) with a new rehash or noise injection. The user might want to manually change the hash during a web browser session or let a timer do that during a web browser session but a NEW web browser session should start with a new random noise rehash of the Canvas reads. Every reset of the timer, which includes when loading the add-on in a new web browser session, should generate a new random noise injection.
Canvas Defender should reset and generate a new random rehash noise injection when the timer resets. When set to an interval, the timer resets when the interval is reached (and the timer starts measuring a new interval). When the add-on is freshly loaded (because it loads with a new instance of the web browser in a new browsing session), that is also a timer reset and the add-on should begin with a new random rehash noise injection.
92 条评价
- 评分 1 / 5来自 Firefox 用户 14195269, 18 天前I can't take the ridiculous notifications any more. Half the sites I visit make it pop up ding ding ding ding.
- 评分 5 / 5来自 Minuteman1969, 1 年前
- 评分 1 / 5来自 Hex (🐦: @hex), 1 年前This used to be an essential part of my toolkit for privacy on the web, but now generating new canvas noise doesn't change the signature on the test at BrowserLeaks, so I guess it no longer works.
https://browserleaks.com/canvas
By contrast, Firefox's own anti-fingerprinting protection (available since Firefox 120) does work when enabled, although it takes a browser restart to get a new signature on the test. - 评分 1 / 5来自 Firefox 用户 14301971, 2 年前
- appreciate the notice about how most canvas fingerprint blockers make me easily trackable, made me change my mind from installing CanvasBlocker to downloading your extension, Canvas Defender!
note: change the link about the "IMPORTANT:" website to an archive of the webpage from web.archive.org because clicking the link in present doesn't yield the blog post. - 评分 2 / 5来自 siriusacma, 2 年前Unfortunately, there is a bug when uploading a photo to the site, the extension changes the color of the photo to green.
- 评分 2 / 5来自 Firefox 用户 15570817, 3 年前I found that it adding some JS in section. I'm definitely don't like this. Delete.
- 评分 5 / 5来自 Firefox 用户 16721279, 4 年前
- 评分 5 / 5来自 Alexa Bull, 4 年前
- 评分 1 / 5来自 yenaskithegar, 4 年前When i found out that fsf.com tries to fingerprint me, i know there is something going on in this add on. Take too much memory, target overreach, bunch of ui for psychological effect
- 评分 5 / 5来自 Firefox 用户 16577062, 4 年前
- 评分 5 / 5来自 Олег Вячеславович, 4 年前
- 评分 5 / 5来自 Firefox 用户 16063803, 5 年前