Description of the issue:
When using different profiles in Brave, most if not all unique browser properties (for example: the canvas fingerprint, font list, audio properties) are identical across profiles. This makes the profiles cross-fingerprintable, which is probably undesirable as the user may use the same website through in profiles and their activity will point to the same, unique device beyond any doubt.
Steps to Reproduce (add as many as necessary): 1. 2. 3.
- Start brave in any profile.
- Create and simultaneously open any new profile.
- Go to https://browserleaks.com/canvas , https://browserleaks.com/fonts and/or https://browserleaks.com/webgl in both profiles and compare the fingerprint signatures in each page. Optionally use any other fingerprinting websites and compare fingerprints - most unique properties will be identical.
- (Optional) Note down the fingerprint, close Brave and repeat steps 1-3. The fingerprint will change after restart, but be identical in both profiles.
Actual Result (gifs and screenshots are welcome!):
Very unique, fingerprintable properties remain identical across profiles.
Expected result:
Very unique, fingerprintable properties should be different across profiles to prevent cross-profile fingerprinting and giving away the information that the user is accessing the website on the same device.
Reproduces how often: 100% of the time
Brave Version(about:brave): Version 1.65.126 Chromium: 124.0.6367.118 (Official Build) (64-bit)
Reproducible on current live release (yes/no): yes
Additional Information:
I have only tested this on the desktop version of Brave.