this post was submitted on 26 Mar 2024
214 points (97.8% liked)

Firefox

17952 readers
445 users here now

A place to discuss the news and latest developments on the open-source browser Firefox

founded 4 years ago
MODERATORS
 

My apologies to the Bugzilla team for wasting their time holding my hand on this one. Would have honestly never noticed the little "HTML5" info icon to the left of the URL bar though without their help.

you are viewing a single comment's thread
view the rest of the comments
[โ€“] muntedcrocodile@lemm.ee 8 points 8 months ago* (last edited 8 months ago) (1 children)

Hmm seems like their would be ways to mitigate this. Why not just introduce some random human undetectable changes to every pixel ie change breightness color alpha etc by 1 or something so every time u call the ToDataURL it returns different data? Might break some things but since canvases dont seem to be predictable systems anyway whats the harm?

[โ€“] junepf@lemmy.blahaj.zone 14 points 8 months ago* (last edited 8 months ago)

Yes, that is one method to resist canvas fingerprinting, but only resist it. Notice the portion about GPU performance testing, that would work even if the data was fuzzed. The best method seems to be to return fake data that changes frequently, but even that is contested.

Here's a good document with other methods (but not focusing on just canvas fingerprinting): https://2019.www.torproject.org/projects/torbrowser/design/#fingerprinting-linkability

For what it's worth, Firefox does protect against canvas fingerprinting by default it seems. I am not exactly sure how, however.