I need good browser fingerprinting on IOS so my browsers don’t get detected and I have to 2fa or get banned. With a combination of safari settings and some extensions, I got my fingerprint to be relatively non unique and also not send a lot of identifying information. However, with doing this, it’s detected that I’m using fingerprinting protection.
I’m not fully sure how it works but if I was a website I would see that they’re using fingerprinting protection and think that’s just as bad as a fingerprint that’s already recognized. Does it work like that, or is it good to keep the protection on? Here’s some screenshots
The most common fingerprint on iOS is likely just standard Safari with no extra extensions or special settings - because that’s how most people use it.
Also please don’t fall into the trap of those fingerprinting test sites - these give you a false sense of privacy. You should assume that all the big websites like FB, Discord, Google etc. have a very high interest in identifying/fingerprinting you and they have departments working on exactly that. Modern browsers have thousands of ways that can be combined to identify you and the big companies have the money and the manpower to do it and to stay ahead of most defences.
I tried standard safari with no protection or extensions and I was sending a lot of identifiable data.
I get that those fingerprinting sites aren’t completely accurate, but if they’re saying its safer then it should be better yes? Sure my fingerprints a lot more unique than what it’s showing but it’s probably better than none of the preventions i’ve used.
The more you change the more unique you will become. The only way to be truly private would be to not stand out at all from the other users.
That’s how Tor browser (and Mullvad) do it on the desktop.
The big players have other (much better) ways to fingerprint you - it’s a lost battle. Only the browser engine developers could change that in the future.
So safari actually does a pretty good job of protecting against fingerprinting. They just put out a blog post about it.
It’s an interesting read. Certain features like the Advanced Tracking and Fingerprinting Protection setting will randomize a lot of values that are used for fingerprinting and cause those to look different on subsequent visits. You can see that their script was able to detect this, but this isn’t actually a privacy concern. It just means they realize that they can’t use it for fingerprinting so they throw it out. It’s basically eliminating that value as a possible fingerprinting vector. Hopefully you didn’t install an extension to do this instead of using the built in feature of the browser because that will make you stand out like a sore thumb.
Safari also is going to have the most users out of every other browser on iOS just from being the default, so there’s a bigger crowd to blend in with. You can’t really hide what device or operating system you’re on, but on iOS there are a limited number of possible hardware configurations compared to a desktop operating system so it’s easier to blend in with other iOS users of the same device.
Probably the main way you’re going to get fingerprinted in the short term is through your IP address. The best way to prevent this on iOS Safari is with Private Relay. It’s only $0.99 a month and you probably already gave Apple your payment info anyway to use the App Store so you’re not really giving any extra data out. It only protects Safari and Mail but it’s a multi hop relay that gives you a different route for every website. Also everyone else using it is also a Safari user so you’ll blend in very well.
Of course if the goal is not to trigger logins to ask for your phone number that’s a separate issue than fingerprinting. You’ll notice that even in tor browser you’ll trigger those, and captchas. That’s because it’s determining how trustworthy it thinks you are, and using the most effective tools against fingerprinting like Tor browser or randomizing your fingerprint will make it trust you less.
This is more or less what my post was about. How do I find the sweet spot? If i have no fingerprinting protection whatsoever, they’ll detect me as the same guy who was making a request two minutes ago, but if I have loads of protection they’ll 2fa me anyways.
Right now I’m using safari with all the built in fingerprinting protections and the ghostery extension. Adding the ghostery extension made my browser less unique according to the fingerprint tracking site
Could be that ghostery is blocking some script or other, hard to say. Safari by default already blocks known trackers, so if you’re ok with ads then you could try uninstalling ghostery.
Safari has a feature called automatic verification that will let you bypass CAPTCHAS, might help you with login screens.
