Mullvad browser fingerprint

Last week when I was using mullvad browser and I went to this site “fingerprint.com” all I had to do was start a new session and it would give me a new score so it couldn’t know that I was the same person, but now I have to change ip otherwise it knows directly that I’m the same visitor as hiers whereas on my Firefox for example it’s unable to know who I am.
Is this a bug in my mullvad browser, or did I accidentally touch the settings, or maybe a poorly controlled update?

They’re always improving their product, it could just be that they found some new fingerprinting method or they could just be going off your ip. To me, the fact that it changes when you change IPs is a good sign.

1 Like

The problem is that on my Firefox I don’t need to change my ip for the ID to be changed, I just need to close my browser and open it for a new code to be provided and on my mullvad I can’t do anything about it.
That’s a problem, isn’t it?

I know that Firefox has some fingerprint randomization built in, I’m not sure if tor browser uses that. They might have that disabled, or there might be something in their script that detects the randomization in tor browser (which mullvad is based on) and ignores those values. I don’t think it’s something to be concerned about since you’re getting a different fingerprint for different IPs.

This could be from many factors not relevant to the browser.

See: Brave is NOT fingerprint resistant enough - #26 by ruihildt

1 Like

So it’s not just a problem for me?
Have you tried using mullvad browser and the fingerprint.com website and tested with a new ID?

I’ll take a look

Why aren’t you informing the OP that these fingerprinting websites are flawed? This has been spoken about countless times, becoming exhausting to clarify.

1 Like

No, Tor Browser does use RFP.

If you mean Firefox’s defaults, then yes FPP is used, although it can use RFP when enabled in the about:config.

Fingerprint.com is a widely used service so the arguments against cover your tracks don’t apply, being that it has a smaller user base.

I’m aware I just didn’t remember if RFP randomized anything.

1 Like

Did you read everything, especially this? :slight_smile:

These websites determine the uniqueness of your fingerprint based off of their own userbase, which will miss out on the majority of real users, thereby providing inaccurate statistics and is not a viable way of determining how well you fair off against fingerprinting in the real world.

Yes, it seems like you haven’t read it. Fingerprint.com is a service used in the wild with a massive database of real users. I’m sure there’s other arguments against testing your browser fingerprint this way but that specific one doesn’t work here.

1 Like

Oh, I see, and thanks for clarifying. I should’ve looked at the website first, then respond, but I did otherwise and jumped in with multiple links :sweat_smile:.

1 Like

Why aren’t you informing the OP that these fingerprinting websites are flawed? This has been spoken about countless times, becoming exhausting to clarify.

You are right, of course.

But it feels like it is so hard to find up-to-date trustworthy information on fingerprinting and the various defences that I can understand people (including myself) being tempted to rely on these (at best) imperfect fingerprinting test websites.

There is a lot of information scattered around (in this forum as well as the broader web) but in general it is hard to know whether someone is correct in what they say. (I found your links helpful because they were effectively vouching for those posts and thus I felt I could trust them.)

Probably because it comes up so often, people I respect as having expertise in this area often seem to respond in cryptic or curt ways because they are sick of explaining this, but that doesn’t help when I read their posts in isolation.

A lot of the general web content on fingerprinting also omits a lot of technical detail to try to make the concept intelligible to a casual reader - which is laudable, but speaking personally I want to understand things at a reasonably technical level so I can form a good mental model and reason about the problem myself when considering possible defences and what I can/must accept as inevitable.

I have seen mention of Privacy Guides creating a FAQ or some sort of resource on fingerprinting. It would be brilliant if PG could produce something authoritative which explains all the relevant concepts and issues in depth. I appreciate everyone’s time is limited, but honestly this is the thing I would most like to see in terms of PG site development.

I appreciate and use both Mullvad Browser and Tor Browser, but for various reasons they aren’t always practical options, so I am very interested in evaluating the risks to my privacy of using other browsers.

2 Likes

I believe you mean this Fingerprinting Overview. AFAIK, work on it abruptly stopped for no apparent reason.

That looks familiar and is probably it, thanks.

1 Like

I understand fingerprint much better but I don’t think it fixes my problem. You say here that mullvad browser is excellent and I agree with that but recently I had some problems that I don’t have with brave like the fact that if I close my brave and start it again it gives me a different token which is not the case with mullvad browser I’m talking about “fingerprint.com” here.

Ok, I think I understand better now, but if my browser doesn’t even pass this kind of site, it’s really bad, isn’t it?