Topic: Panopticlick-style tracking

Thank you for your efforts to preserve privacy.  One of my greatest concerns about tracking and threats to privacy has to do with the information supplied by one's browser to a server; this was first brought to my attention by the Electronic Frontier Foundation's Panopticlick web page: https://panopticlick.eff.org/ . I would consider it a huge advancement for privacy if a browser such as Epic had a feature whereby one could select from one of several common "personalities," and from that moment on the browser would supply a standardized response to queries about plug-ins, fonts, screen size, etc.  While this would be a compromise in usability, as it might result in the substitution of a font in a situation where a font was actually present, or it might result in the inability to display pages with certain obscure content types (AutoDesk Animator and NuppelVideo, I'm looking at you), it would still be a huge gain in privacy for most situations.

What do you think about the odds of that sort of feature appearing in a future release of Epic?

Re: Panopticlick-style tracking

Hi glorp,

Thank you for feedback. The thing what your talking about is called browser fingerprinting. This is in our next queue. We are blocking many fingerprinting scripts, so you do have quite a bit of protection. Browser Fingerprinting is a challenging job that can make browser unstable and crash, which we are likely to solve in our future releases.

Re: Panopticlick-style tracking

about plug-ins :

Don't know why I have the Chromoting Viewer activated (does it come with epic) ?

Don't know what is the native client plug in.

Besides that I was wondering whether it is feasible to activate the plug-ins only when necessary. For exemple when a page needs flash activate only the flash plug-in on the tab displaying the page.

Re: Panopticlick-style tracking

I dont know why my post didnt show up. But this is what i also would like to see.

Re: Panopticlick-style tracking

Yes, we should do a better job of disabling some plugins even very rarely used ones like Native Client, etc.

You can definitely set plugins to "click-to play" and this is recommended for maximum privacy and especially when you visit websites you don't know...flash is a common privacy/security threat for example.  In the settings, advanced options, content settings, you can set plugins to "click to play". 

We haven't set plugins to click to play to default as when we did this in trials, the vast majority of users got confused and felt that we had broken the internet and stopped using our browser :-( ... at this point for the desktop, the internet is "broken" without javascript and flash and most users get confused/irritated by click to play.  We'd like to have a better solution for this -- the best is probably that html5 is slowly obviating flash...but we'd like to do more in the future too.

Re: Panopticlick-style tracking

@alax15 -- sorry that your post didn't show up -- I found what I think it was and will put it here though it should be somewhere else in the forum too??!!! 

From Alax15:

Hi Epic
I really like what you have done with the browser. One thing i would like to get added if possible. Is if you can implement functions to make the browser less trackable?
The general test of it is here: https://panopticlick.eff.org/
Which comes up around 20 bits of information on it as of now.
Is it something that would be possible?


---regarding browser fingerprinting, we'd like to make Epic much less trackable but stopping browser fingerprinting is tough.  You do have protection in Epic right now as we block many many known fingerprinters!  That's one way to stop fingerprinting.  The other way is to make fingerprinting impossible so that all browsers show the same data on tests like panopticlick.  That's much tougher.  We have tried this and even have some partial solutions ready to go--but we haven't implemented them as there's one big impediment to stopping fingerprinting -- Flash!  We can control js responses and browser data and such so that we could make fingerprinting via that impossible BUT Flash is out of our control and releases all sorts of data about your system to fingerprint you. 

We've done/you can do thought experiments -- what if I were a fingerprinter -- and actually most of the data in panopticlick for example I'd probably ignore if I was -- probably the best way to fingerprint a system/user would be via flash and os-level data like installed fonts.  Unfortunately Flash at this point is out of our control. 

Note how to defeat fingerprinting.  I believe we've mentioned this thought before but it's something no one really mentions in this subject and that most understand...but it's one of the most important thoughts in terms of defeating fingerprinting & one too important to just keep to ourselves.  To fingerprint a system, there must be two things:  uniqueness and stability.  Even if you come up as a unique browser, but if your data keeps changing every week or over some time period, then you can't be tracked by fingerprinting.  Vice versa, if you look un-unique, then you also can't be tracked by fingerprinting.  We believe that the best fingerprinting solutions will probably be the former...increasing uniqueness perhaps, but making your data unstable/changing...from our work to date. 

We hope to have more fingerprinting protection -- keep sharing your thoughts! 

Alok, Epic Privacy Browser Team

Re: Panopticlick-style tracking

I dont think font list can be known by just flash. javascript, css, and java can also list all your fonts.

Some method to check your font list:
ip-check[dot]info/?lang=en                        (flash)
stayinvisible[dot]com/                        (javascript)
lalit[dot]org/lab/javascript-css-font-detect/    (css)
browserspy[dot]dk/java.php                    (java)

if you want to block fingerprinting javascript file, here's the known list:
cosic.esat[dot]kuleuven[dot]be/fpdetective/images/res-JS.png

if you want to set flash not to leak your font list, here's how to do it:
anonymous-proxy-servers[dot]net/en/help/flash-applets.html

Re: Panopticlick-style tracking

@mt2014, We see your point. Right now, if user does not want to be tracked, he can disable plugins via the settings page.  Epic also blocks known fingerprinting scripts from executing in Epic which provides some privacy protection.  Plugins are the major issue in terms of browser fingerprinting. 

We are also working on other techniques to block fingerprinting and ensure privacy in addons but it will take some time. 

Thank You
Sai

Re: Panopticlick-style tracking

Thanks for the great resources, we'll check into them.  Plugins are the main issue...javascript leaks are relatively smaller and we can solve those..plugins are a harder problem which is why TOR disables them. 

We tried those recommendations from JoDoNym for the Flash settings, but they unfortunately didn't work. 

We're working on this!

Re: Panopticlick-style tracking

alok wrote:

Thanks for the great resources, we'll check into them.  Plugins are the main issue...javascript leaks are relatively smaller and we can solve those..plugins are a harder problem which is why TOR disables them. 

We tried those recommendations from JoDoNym for the Flash settings, but they unfortunately didn't work. 

We're working on this!


It it because by default epic browser using pepper flash instead of adobe flash (Google also wants to control the flash, to make sure that fonts and other data information can't be turn off), trust me google is really evil, everything single thing they made free, they make sure they can spy your data. I worked for private security company and dealing with this type of stuff everyday.

my recommendation, after setting your mms.cfg from that above resources, disable google pepper flash, just use adobe flash:
https://www.enounce.com/chrome-disable-pepperflash

more secure option: set flash content to "click to play"

Re: Panopticlick-style tracking

if you want to learn more about other mms.cfg options:
adobe . ly/1nxEDBa

Re: Panopticlick-style tracking

Thanks!!  Great posts!!!  Yes, I think disabling pepper flash (and enabling regular flash) so it doesn't go through the chrome-bundled flash is a good idea!! 

Google is certainly not moving in a privacy-friendly direction unfortunately...we'll have to more to share on that too.

Re: Panopticlick-style tracking

Actually Panopticlick-style tracking is really really really100x oldschool. Theres many new known and unknown fingerprint style being used, especially by big company like google. I have many clients who experienced opening adwords account then for whatever reason their account is banned for life by google, then they open new account by using all new identity (brand new unrelated browser, new credit card identity with different name, new address, new internet connection, the only difference is using same computer), you know what happend? couple days later this brand new account banned because they know it is old user that they banned before. Sometimes I dont know how can they find out, but as far as I know this guys is really really good when fingerprinting everysingle user they have. the only failproof solution is also using completely new computer or using new virtual computer using VPN provider.

known new fingerprinting method for example like canvas html5:

1. check your fingerprint ID here & copy it to notepad:
browserleaks . com / canvas

2. Do whatever you can to delete your trace (dom storage, html5 storage, cookie, flash cookie, reinstall browser)

3. check your fingerprint once more from above sites. 99% it will still be same!

even most privacy browser cant pass this oldschool test:
fingerprint.pet-portal.eu

maybe epic browser should randomizing some browser data per browser session?

Re: Panopticlick-style tracking

Thanks so much -- great post!!  Very interesting -- browser and system fingerprinting definitely becoming more and more popular, we'll check out the latest issues on those websites.   

A number of financial companies, e-commerce companies and others use firms that do very sophisticated browser & system fingerprinting using things like system clock timing, typing fingerprinting and other things to prevent fraud. 

We'd like to randomize data and do more...the basic issue is that unless we block flash (which we don't by default at present because it effectively breaks the desktop internet), fingerprinting is very simple & a lot of the other data not so relevant.  Over time, we'd like to have more secure anti-fingerprinting measures, though, certainly.  Right now, we block known fingerprinters/fingerprinting scripts.