I believe noscriptfingerprint.com defeats Brave anti-fingerprinting even in consideration of the advise supplied in the above links. Though my testing methodology may have a flawed.
Question: what is it that stops an adversary using more than one fingerprinting technique? They could easily use many - why not?
They could maintain two (or more) sets of data - why not?
Where the primary technique does not produces a signature, a secondary may be more accurate.
Where a browser appears unique or shows indicator of randomization, why canāt an adversary revert to a secondary fingerprinting technique?
Brave browser (by my testing) does not beat the test noscriptfingerprint.com
Question: what browser finger print protection does Brave provide where an adversary uses multiple fingerprinting techniques? How rigorous does Brave believe itās self to be in this condition?
Where browser based randomization is implemented, how is the hardware detection not problematic without a hypervisor?
I am a technical learner, I read many of the links supplied though some were technical for me.
Would a simplified answer be that some fingerprinting (FP) test sights use a very limited and relatively persistent set of criteria that it would be usual for a user to produce a repeatable FP; and that also it would produce āfalse positivesā where many unique users were also identified with the same FP?
Is the above (expressed here in this comment) the thrust, of the links that were forwarded to address my enquiry, about Brave being fingerprinted by noscripfingerprint.com?
I tested my devise on https://www.deviceinfo.me./. Brave produced a lot of blocked / randomised results. Could someone recommend a link on how this is done?
I think you should revisit the links provided for GitHub issue and go through all comments on it step by step and try to understand them slowly. All answers to your questions are listed there.
It may or may not create āfalse positivesā on a āvery smallā website filled with trackers. On small/medium/big websites, it will definitely create false positives. Users will not get fingerprinted easily on big websites considering Braveās current anti-fingerprinting protections both in standard and aggressive mode. Also, work on new data to be randomized has already begun.
Could not understand what you meant by this para.
Again, go through the Brave github privacy section or brave main website privacy blogs. You will get a lot of info from there.
Data is randomized/farbled so that each session/website will have different data. Entropy is also lowered so that they will get less info on a user. āOn how it is doneā:- Itās in the code of brave. It is quite techie thing and will be out of scope from user perspective.