Since this isn’t really a support question, I won’t add all the usual details.
On my version of Brave on Android, I ran the browser through the EFF’s “Cover Your Tracks” site to check to see how the mobile browser stacks up to the desktop version in terms of what tracking it blocks. However, I noticed that it completely fails the fingerprinting test. I have it set to strictly protect against fingerprinting but it still has a unique fingerprint. This works for the desktop version, it only causes this problem for the mobile version. I also tried testing the Android version of the Tor browser to see and it passed with flying colors.
I’m just posting here to see if other people are also having this problem or if it’s just on my end.
So in strict mode, most of the inputs consumed by the fingerprint are not randomized — instead, we essentially modify specific features that are strong fingerprinting signals (canvas readback, for example) such that they do not return identifying values, or we turn them off all together.
This is different than in the default mode, which we recommend for all users. In this setting, we add some randomization around the true values. Basically, the trade off is:
Disabling each input (so you get a constant null value) or
Lying a little bit about the true values.
The former will be better in a small number of cases, the latter is better in almost all real world cases.
Part of the reason why is just as you noticed, if you take a (relatively) uncommon test, in a (relatively) uncommon browser, you’re going to look unique no matter what your browser does, just since the number of other values is small. This’ll level off quickly and you’ll get in an anonymity set if a site has descent number of users.
I just tried switching to the default fingerprint protection on both the mobile and desktop versions and it didn’t change the way the mobile test read. On the desktop one, it went from “partial protection” to “no protection”, though.
I also tested other fingerprint testing sites and this issue occurs on every one of them.
Ah that makes sense. It’s a bit strange, logically, but I appreciate the explanation. Thanks!
Is this also the case for the desktop version? I have my desktop version set to aggressively block trackers/ads and fingerprinting but the EFF’s tool says it offers partial protection from fingerprinting when I run it with the actual tracking company option. I just want to know if I should put the desktop version on default as well.
Sorry to revive this thread but it’s still giving me this problem. I tried various different settings and it just outright fails all fingerprinting tests except for Rob Braxman’s test. I’m not sure what else to try.
There are many factors affecting fingerprinting test.
1.) OS version (android version)
2.) OS/Browser Timezone
3.) Browser User agent (if the browser is regularly updated or not)
4.) OS language
5.) Browser settings (if any flags enabled or not, browser privacy and security settings, browser site settings etc).
Do few things, change OS timezone to +0 UTC, change android/browser language to English US (do not keep a secondary langauge), remove all extra filterlists from brave://adblock, block cross-site cookies.