Hello, Brave team
On Brave Mobile, this website tracking you really well even if you go privacy tab or hardened some settings :
First screen, normal browsing
Second screen, incognito mode
Here’s some test runned on mobile browser btw :
I tested on Chromite browser, it’s protected against that, the others don’t but I don’t know what parameters it use to be protected. Could brave correct that ?
Cordially, a user.
@GlitchGuy it seems like you may need to learn more on how things work. For example, incognito/private doesn’t block websites from recognizing you. The only thing it does is open a session with no cookies and will erase your local browsing history and cookies from that session when you close it. Basically, it’s like trying to prevent your parents or spouse from knowing you were looking at porn.
Websites still see your IP address, can know which web browser you’re using, and other such information.
The website you’re sharing uses a combination of your IP address and cookies. In fact, they don’t even hide what they are doing if you take the time to look. For example:
So they just see IP address, location, browser type, and OS. Then they use that to assume it’s you. They say it works across things like private because they are using IP from your provider.
If you look, I’ve visited the site a lot, but look here…I just went and they claim it’s my first time…
But as said, I’ve visited many times in the past. You can even see examples at Brave stops worries, not tracking - my experience testing brave privacy promises - #5 by Saoiray
Using things like VPN or proxy will help combat this. In fact, on Desktop you’ll see using Private with Tor will show you as a different device.
Please, please, please take time to go research how things work and don’t let yourself fall for silly tricks like this.
As for testing, you might want to check out things like the ones below:
My Fingerprint - web-am-i-unique
Browserleaks - Check your browser for privacy leaks
They have a lot of little things you can test. Keep in mind there are some things they randomize on us, such as screen size and all. But then there’s also a lot of things they will always display, such as which browser we’re using.
Hello @Saoiray
First, thanks for responding to my post
For your first paragraph, yeah I already know all of that, let’s go more technically.
On the second, you didn’t see it but fingerprint.com don’t use the IP to know you but more cookies and browser specifications, VPN are useless against that type of tracking.
The point where you are right is about Tor which is true, mobile or PC it’s working, it reset the ID.
My point was about on Cromite when you open an incognito tab, it reset the ID but on Brave not, that was it, I was asking what parameter they change.
For you links, I already know all of them, DNS leak, screen size grabbing, VPN transparency, etc…
Oh and by the way sorry for some mistake on English, I’m french.
Yes, it does. The things I showed to you is from their site. On the top of their thing it has a toggle that says I am a developer. If you click that, it shows you what they look at. This is where the code showed how it looks IP, country, etc.
And then you keep scrolling down. You’ll see where they list it all.
To further example, I just opened a Private with Tor and it shows:
Yes, it’s show the IP but they don’t use it, that’s my point, because if you go with a VPN on Brave then disconnect and go with normal IP, you will got the same ID, that’s because IPs aren’t the best thing to track people, it’s changing too many time. They know today people use VPNs or mobile network…
Changing IP don’t matter for the site. They don’t track with that, it’s just a supplement information given to them.
@GlitchGuy here’s where we’re arguing. I’m telling you they use all the data together. You are correct that if you leave the old cookies on your device and only change IP, they will still know it’s the same device. But also important is if you open on Private which clears cookies and you visit, but it’s the same IP, they use that to say it’s still you as well.
It gathers the various information together and assumes. This is why when you dig in the code, they have part that speaks of confidence level.
The issue is when you say it doesn’t use IP, which isn’t true. Maybe you just mean they aren’t using it for the primary data?
And yeah, they really are using it. Why do you think I can keep visiting and get different IDs and have them saying I’m the first time visiting? Seriously, look through their code and you’ll see everything they gather. They put it out there for us all to see, so it’s not like it comes as a surprise.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.
