It would probably be best to have the extension be per-site opt in and not global. So having it bypass the prompt wouldn’t be such an issue.
1 Like
That would probably be easier to do, but I’m not sure why it would be better than relying on the solution for this already included in the browser?
1 Like
If it isn’t made per site, you would have to remember to toggle it off globally if you want to use your actual location. Explicitly opting into the extension and then the browser prompt seems kind of redundant.
I guess I’m too European because I can’t think of a single way this would be more helpful than harmful.
Do you not see value in obfuscating browser data that couples well with you using a VPN for a more private browsing sesson?
You aren’t gaining general privacy by doing this. This would only be useful for select sites that you explicitly want to share your location with.
I mean, depends on how you see this be useful to yourself, right?
I like the fact that no website would know my real IP or the other metadata from which they can infer my general location.
How is this not gaining general privacy when coupled with a VPN? What if I want to cover every website and not just those select ones? How would I know which select websites to actually obfuscate from given their bad practices?
You should instead be using the builtin browser protections RFP/FPP (with more targets) by default which already cover these metrics.
1 Like
I really don’t see the point in installing an extension when multi-hop is good enough.
I don’t know what this means. Can you explain and elaborate on how I can ensure of this the way you’re suggesting?
You aren’t gaining general privacy by doing this. This would only be useful for select sites that you explicitly want to share your location with.
I want to be more clear about this. Timezone and Intl APIs are exposed to every site automatically with no permission prompt. Every page you visit can call new Date().getTimezoneOffset() or Intl.DateTimeFormat().resolvedOptions().timeZone and get your real IANA timezone. Even if you spoof this data, websites can determine you are using VPN because your public IP does not match your timezone data.
Furthermore, blocking geolocation data heavily reduces functionality for many digital services. Some websites will completely block you. GeoSpoof allows you to provide a consistent synchronized identity across your geolocation footprint so that you can appear as a plausible user instead of someone presenting impossible metadata (like timezone in NYC, geolocation in Tokyo, public IP in Berlin, etc)
The extension also allows you to customize which location you want to set in your browser api so that your finderprinting is consistently aligned across the geolocation apis.
1 Like
VPN’s don’t hide other metadata like your time zone and whatnot that this tool does.
That’s the point.
1 Like
I don’t think multi-hop changes anything related to browser api data. It only obfuscates public ip. You would easily be flagged as a VPN user without aligning your browser geolocation to your public ip.
To be fair you already are going to be since they/websites can already infer from browser data that you’re likely in the time zone your browser shows and not your IP especially when VPN IPs can easily be known to websites and other services.
RFP is great for general fingerprint resistance, but it sets your timezone to UTC for everyone, which is its own kind of fingerprint and breaks a lot of sites. GeoSpoof lets you pick a plausible timezone that matches your VPN exit instead of defaulting to one that nobody actually lives in (or is mismatched with your public ip)
They can be handled in the browser without an extension.
Okay.
How?
Should you choose to though. Or you can pick any and let the website wonder where you actually are - if that’s the kind of obfuscation you’re looking for (for any reason).
1 Like
Mullvad Browser.
Oh good lord… we’re discussing Firefox here, presumably given the talk in the context of this tool.