Privacy guidance please - browser fingerprinting defences

I have used FF for many years. I have recently been advised that I should switch to Brave, so I have. It’s superb (The ethos of the company is as much a reason to use it as anything else). But I am a bit confused about a privacy issue which I can’t find information about, even after 2 hours of reading Brave pages and FAQs etc.

I used to run about 10-20 plugins in FF, WebRTC blocker, FacebookContainer, AdGuard, Privacy Badger, UblockOrigin, Canvas blocker, decentraleyes and more.

I feel naked without them, but my friend said they add to my browser fingerprint so I should just accept the risks of not having them. I am torn on this idea, and would be grateful for some feedback from someone in the know at Brave. I am tempted to install some plugins/extensions, just a few that I really need, but I am concerned that will destroy the fingerprinting protections of Brave.

I can probably sum it up with one main question:

“When using Brave browser, if I install a few extensions, do websites know I have those installeed?”

The reason I ask is because I am happy to go without the old FF privacy plugins, but there are still a couple of extensions I really NEED. One example is BitWarden, I have thousands of logins and need quick access to them. I also like to install Clear Browser Data extension for one click to clear all my data. If I were to install those two extensions in Brave, would this nullify Brave’s fingerprinting defences? Or does Brave somehow prevent websites seeing what extensions I have installed? If so, that would be amazing! If not, I may need to try to manage without them (running as extensions). That won’t be pretty, but I will do it if necessary as I want my privacy and willing to work to get it, but I need to know either way. Nothing I have read in Brave announcements and fingerprinting protection pages have explained this, so I am really hoping someone here can.

Many thanks

Basically if you have extensions installed it nullifies your fingerprint somewhat.
That is why official Tor browser reocmmends not to install any extensions on it.

But, tor itself comes with two extensions pre-installed, No script and https everywhere (reduntant)

Meaning, you should install those extensions which do not harm your privacy. Like if you are running Honey browser extension, it will scan all your website data, create a profile of you, and sell it to third parties.

So proper way is to install extensions like Bitwarden etc and not like Honey.

Also, your old 10-12 previous extensions from firefox where pretty much useless.
There was no need for facebook container, privacy badger, canvas blocker, adgaurd etc
You could just installed UBO which would have solved extensions like privacy badger, adguard etc.
Enabled Resist Fingerprint (RFP) from about:config which would have solved the need for canvas blocker.
Webrtc extensions could have been disabled if you have changed your browser settings to not allow webtrc.

There is no need to install the old privacy extensions from firefox on brave. There were useless or added to your fingerprint in the first place. The more extensions you have the more it will increase load on your CPU, GPU, and eat your memory (RAM) as each brave (chromium) extension runs in its own sandbox and gets a separate processor for privacy and security.

But, do install extensions like Bitwarden.

Also, fingerprinting is mainly done by javascript. If you block javascript and only allow javascipt for trusted sites like this forum, it increases your privacy.

Hi, thanks for that reply. A few comments:

Yes I was aware that many of my FF plugins overlapped and were therefore mostly redundant! I just added to them back in the days of not caring (knowing) about fingerprinting, in case one of them blocked something the others missed! Ignorant I know

I can’t block JS really, I work on the web 10-14 hours a day, 7 days a week, it would make life a nightmare and block much of my work. I can have a separate browser for that perhaps, but I really want Brave to be my main (and only, ideally) browser.

I am not wishing to go into CPU load etc etc. this is purely about fingerprinting aspect.

I beleve Firefox resist fingerprinting is another fingerprint vector (?)

Main comment is this… you say I am right in thinking all extensions increase fingerprint. Good to know, thanks. However, installing BitWarden must MASSIVELY increase my browser fingerprint, since 99% of people on earth do not have that installed?

Hence why I asked, if Brave can’t obfuscate/hide my extensions then each one is a unique identifier about my browser, a few of those (however trustworthy the actual extension itself is) will quickly make me identifiable across the web.

In that case I may have to go without the convenience of the browser extension for BitWarden. I want to have the smallest possible browser fingerprint in my move to Brave.

I would love to hear from Brave privacy experts about this before I conclude and make what is, for me, quite a big decision to shift masses of web usage over to Brave exclusively. I do like the idea though

Thanks again for the reply

One more question, does Brave isolate cookies as well as FF, to prevent cross-site tracking?

https://privacytests.org/ (also note that Brave 1.42.x adds even more isolations which aren’t yet represented there as of today)

You can do some testing yourself here if you like, using your own combinations of extensions, browsers, etc.: https://coveryourtracks.eff.org/

Regarding BitWarden, to be honest I don’t know which extensions are, or are not, ‘discoverable’ by sites you browse. Someone who knows the Chromium extension permissioning model might be able to chime in. But I doubt that ALL extensions are discoverable by ALL web sites, and if correct, then those that are not discoverable would not contribute to your unique fingerprint.

Here are some additional sites on the topic. I haven’t read thru all these yet but I suspect we might find answers in here someplace.

Very interesting thank you. I really would LOVE to get some confirmation about whether extensions are discoverable (generally, or specifically) in Brave.

That first link you sent is one I have seen before. I don’t understand all the listed items, so it’s not that useful, but I did once before look at it and conclude (wrongly) that Brave had crap fingerprint protection! That was of course before I learned Brave does things different via randomization (which I like).

It would be AWESOME if i could run a few extensions and NOT increase my fingerprint. Bitwarden and clear browsing data for convenience, Maybe Ublock to add to the Brave protections (if that would add anything.)

It’s so hard not being a programmer who can read code, Brave sure looks like my future browser. I just wish I could know whether my fingerprint is bigger with it than with hardened Firefox, and whether I can install Bitwarden and ublock.

Do you know about first party isolation, does Brave prevent cross site tracking?

Thanks again, still hoping for someone from Brave to confirm re discoverable extensions.

No, it is very good thing when enabled. https://support.mozilla.org/en-US/kb/firefox-protection-against-fingerprinting
Hardened firefox, arkenfox, librewolf, tor browser all have it

If you try to reduce your fingerprint, it itself creates a unique fingerpint. As you said 99% users do not use bitwarden, the same way 99% users do not use brave.
To reduce your fingerprint has many layers. Not using any extension itself creates a unique fingerprint. As 99% users will atleast install one extension be it UBO, honey, adobe pdf reader etc. Meaning as you do not have any extension you are among the tiny minority of 1%.

It itself is a major fingerprint as said above.

It is perfectly safe from anti-fingeprinting point of view to use Bitwarden as an extension via below point 1.). Official brave privacy team will also recommend the same.

A template for you to follow to increase your privacy:-
1.) Go to brave://extensions/ and in it go to ‘Bitwarden’. There on site access, select specific sites and add URL. Then open Bitwarden extension and deselect ‘Autofill’ and ‘Ask to login’. It will not insert iframes/javascript from bitwarden to the websites which the websites can use to idetify if you are using bitwarden or not.

2.) Go to brave://settings/shields and enable all settings and increase their level to aggessive.

3.) Go to brave://settings/cookies and block all cookies and only allow them on few selected domains.

4.) brave://settings/clearBrowserData On exit, just your preferred settings.

5.) brave://settings/content Just block all stuff

6.) brave://settings/socialBlocking, cancel all

7.) brave://settings/privacy webrtc, select third or fouth option, ‘Default public interface only’

8.) brave://settings/languages, select En-US as language

9.) Just follow the steps upto the point which it will not affect your work.

Just go through them, you will get most of your answers.

Some more advanced questions like how many or what type of extensions can a website know about; cannot be answered by average users. Eg., Does UBO, honey, btiwarden, which of these are identifiable by websites and to what extent can be only answered by brave team.

No, you’re misunderstanding me. That statement does NOT mean I want to be as unique as possible, it means I want to be as NON-unique as possible. Small fingerprint = Large group of users, Big fingerprint = small group of users.

" 1.) Go to brave://extensions/ and in it go to ‘Bitwarden’. There on site access, select specific sites and add URL. Then open Bitwarden extension and deselect ‘Autofill’ and ‘Ask to login’. It will not insert iframes/javascript from bitwarden to the websites which the websites can use to idetify if you are using bitwarden or not."

This looked quite interesting at first, but not sure I follow you. I can’t “select specific sites and add URL”. I need Bitwarden open to all sites otherwise no point using it, it would take me hundreds of hours to insert all the URLs I may need BitWarden for, and then a load more (the rest of the web) which I MAY want it for if I sign up for an account.

I am not sure this is a solution to hiding bitwarden from my fingerprint, so I may just have to go without it. Shame.

I can’t speak for @chh_68 but I think what he meant was, simply by being a Brave user, that provides a good deal of uniqueness (a bad thing) because of its lower deployed base.

That being said, as I recall Brave does not modify its own User-Agent string so in most cases it will simply appear as a Chrome user. Also, with Google and Chromium moving towards a more reduced UA string I suspect the effectiveness of this will increase over time.

Regarding Bitwarden, it does appear that it can be detected on Chromium-based browsers including Brave. This is unfortunate. However you likely find enough security value in using it, and its own deployed base is ‘wide enough’ (subjective), that I doubt it presents much of a uniqueness risk as it is quite a popular extension.

You can go very far with this, but keep in mind we haven’t even discussed IP addresses in this thread and nothing discussed thus far hides that from remote sites and tracking. So in short, I would suggest only worrying about the “really big” things and let the browser technology do the bulk of the work for you.

On the other hand if you have “extreme” anonymity requirements we likely would not be having this discussion, on this forum, from either browser. It’s good to be thinking about these things but at some point you have to find a pragmatic place to land, and Brave is a pretty good place.

Thanks Jim…

I understood that (although that wasn’t the point I was responding to). However I read that brave just shows up as “Chrome” in UA string, not sure if that’s true or not now, but if it is, it would surely negate your very valid point?

Security benefits of BitWarden are no part of this. The alternative to the plugin/extension, is using the vault I have installed, just a lot more work to conduct logins and save new ones, but not impossible if it reduces my fingerprint uniqueness. And it would appear that it does!

I just ran my browser through here: https://z0ccc.github.io/extension-fingerprints/

With just one extension (BitWarden) installed, it says “0.385% of users share the same extensions”. Without BW (private window in Brave which don’t get extensions) it jumped to 55%!!! That’s pretty damn huge. However it still raises the obvious question: is 0.385% really ‘all that bad’?!

I have various computers, on one I would like as much anonymity as possible (despite having nothing to hide except my personal data from monolithic and utterly evil mega corporations like G and FB), on the other it’s mostly business use so convenience/efficiency rules, and I will probably keep BW extension installed there for its massive convenience. I still wonder though, by my numbers, based on 8 million daily Brave users, I think the calculation said I was in a group of around 26,000 users. That’s pretty damn good! Subjective of course, I just want to make it hard to PICK ME OUT individually, i.e. uniquely. Ok, one in two does that, but not really comfortably! One in 26,000 however seems pretty decent.

Yes that’s why I said I really wanted to keep this focussed on fingerprinting. I know the many other issues and I have those covered, I don’t want to let the conversation grow legs like that as they so often do ‘you should worry more about x’. It’s a fair point for most people asking such questions, hence why I understand and appreciate your raising of this point, but really, it’s a non-issue here. I am exclusively interested in fingerprinting issues only. My move from Firefox to Brave seems easy, the only issue is that now, with the sudden removal of all those extensions (many redundant and expose me in other ways I know), mainly UbO i should say, I just fear if I am more exposed to being tracked/surveilled/screwed by FB, G, Twatter and the many other dragnet surveillers!

That’s pretty much how I feel and why I came over here. Thanks again

Oh, and P.S. - I checked on https://amiunique.org/ and it shows my UserAgent attribute is <0.01% similar. That seems a massive fingerprint. It shows my UA string as
“Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.81 Safari/537.36”
I don’t understand why Brave is considered the best for reducing fingerprint, when the UA puts me in <0.01% of the population, or am I reading this wrong?!

https://httpbin.org/user-agent

They most certainly could be – if the friction involved in doing things the hard way makes you stop using it altogether, then there’s a trade-off there. YMMV, it’s user dependent.

My understanding – could be wrong of course – is that Brave will randomize more-or-less meaningless values returned to the site. So in practice, if you download your JSON fingerprint from that amiunique site; delete cookies from the site (because they apparently cache your fingerprint for 4 months, keeping the cookies and checking the same site again doesn’t really count here); and then restart the browser and download a new fingerprint results JSON – there should be small differences between the two.

So in effect, you appear to be a ‘unique’ endpoint each time, but it will be a different unique endpoint across sessions; and, each site also gets different values so even within the same session, two different sites will get different fingerprint values.

Hopefully that makes sense (and is correct!).

Brave is the best for anti-finerprinting but it not the best best. It does a great of anti-fingerpriting to the point that it does not cause compatibility issues or breakage for end users which they do not like.
The official tor browser is the best best. Brave blocks/fools ‘naive’ scripts easily. Finerprinting as far as I know is done by third party scripts, meaning if you are visiting any website it will load third party scripts for analytics. Brave blocks alll these tracking and finerpritning scripts by default. Meaning whatever we are doing here is pretty much meaningless to some extent in actual web browsing.

Amiunqiue.org is the not the correct indicator. If you see on their website, linux is rated 50%, firefox is rated 50% which is not possible.
Linux should be 2% and fiefox 5%.
The database is based on amiunique user data. Users of amiunique will obviously be privacy freaks instead of your average user you see watching youtube next to you.

As you say and want, if we are talking about only fignrrpitning and not includiing privacy and security with it then
10.) Do not install any extensions
11.) Follow above point 2.) and 8.)
12.) As you are on Mac, changing UA will not be good. If you were on linux, UA should be changed to the one of windows like hardened fireofx, librwolf, tor browser.
13.) Change your OS timezone to UTC. Brave picks its timezone from the OS unlike fireofx which has its internal directory.

The guts of useful fingerprinting defenses are not to make everyone look the same, or to make everyone looking different; both of those are fundamentally not possible without massive breakage. What makes Brave’s defenses uniquely strong is that for naive fingerprinters, we feed them enough randomization that they can’t reidentify people (everyone looks different). And for sophisticated fingerprinters, the randomization forces those fingerprinters to ignore the random-but-high-entropy inputs, and only consume a much smaller number of inputs, reducing identifiability and putting users into large anonymity sets for sites with non-trival numbers of visitors. All that is to say, fingerprint.js is doing a crummy job on their unpopular site (again, see the false positive); if they tried to do the same from popular, real-world sites like the ones they advertise at the bottom, their success rate would be even worse.

2.) Fingerprintjs is not exactly the way real word websites work to track, fingerprint users**. But sites like fingerprintjs, coveryourtracks, amiunique, creepjs can be good starting point to see browsers fingerprinting, and I tested brave with such sites too.

Fingerprintjs particularly uses:-
i.) User Agent
ii.) Probability
iii.) Device Timezone (Most Imp)
iv.) Browser/Device Language

3.) Normal default firefox got fingerprinted (ID’ed) easily. But, if firefox hardened to its extent, it could pass the test from fingerprintjs. For hardening it easily, I used arkenfox.js and created a new hardened firefox profile. Arkenfox.js and Tor browser got fingerprinted in similar way, as the base firefox/gecko is hardened similarly. Both of them beat fingerprintjs, but tor needed to be safer mode rather than standard mode to beat it. Opera and Edge have their own UA, and it seemed it made them both more unique.

a.) arkenfox and tor user agent is changed from Linux firefox to windows firefox.
b.) The anti-boting probability was affected as everyone looked the same.
c.) Device timezone is override and changed to 0+ GMT without affecting device timezone itself.
d.) Browser language by default was changed to English (US).
Other data is made same for all users (resisting) or afaik Canvas and Webgl are randomized like Brave does.

4.)
a.) Brave UA is the same as chrome (which is a good thing). On Linux, Brave UA by default is configured for Linux itself, making it more unique. Linux is smaller compared to windows, and on top of that, majority of users on Linux seem to prefer gecko browsers over chromium browsers.
If we consider UA data from amiunique (it may not be perfect real world data), brave/chrome similarity ratio on Linux were around 1%, while default firefox on linux similarity ratio to 8%. Arkenfox/tor on linux uses Windows UA making it around 15%. If UA of brave/chrome on linux is changed to brave/chrome Windows via web store extension, it is around 7%.
When I changed the UA from linux to brave, it hard a hard time ID’ing me. Only half of the time it could correctly ID me. Even chrome with Ubo could evade it to some extent.

b.) With the extension, I was changing the UA per session. UA was changed to more recent versions of chromium rather than old ones. Due to it the anti-boting probability was also affected but to smaller extent.

c.) Device timezone was notorious of all of them (in relation to fingerprintjs, other fingerprinting data collectors like coveryourtracks, creepjs or real world may be different). If device timezone was changed repeatedly per session or changed to GMT (0+) even without changing UA, it had a hard time getting ID’ed.

d.) I checked my browser language, and it was English (Regional), English (UK) and English (US). I removed the other two and made English (US) as my main language on browser and on OS itself as it most used browser/device language. Naturally, you cannot randomize language as a normal English speaker user is not gonna understand Japanese and vice versa. It seemed to have affected fingerprinting and reduced my uniqueness during individual trials.

5.) After combining all of these things, fingerprintjs could not ID me in any way.

Yes that makes sense thanks.

The trouble is I don’t fully understand the user agent. Mine comes up as this:

“user-agent”: “Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.81 Safari/537.36”

I am on a mac, running 10.14.6. I am using Brave. Where did “Safari” slip in there?!

It would be nice if Brave could randomize the user agent, I assumed it would as that seems a pretty simple thing to do to prevent browser identification, and very simple to implement.

Not sure, what does ‘actual’ Chrome do on a Mac? Unfortunately I don’t have one to test with.

Not sure here either, but I think someone mentioned earlier, may just be to avoid site compatibility issues/warnings.

In either case, as Google drag the user base thru the UA Reduction process, I think these things will become less relevant.

It has one of the funnies tech backstory https://webaim.org/blog/user-agent-string-history/
Do read it.

I see, so maybe Chrome/Brave use some element of Safari due to being run on Mac, hence why Safari gets a mention.

Another thing just occurred to me, in case you guys know anything on it…

In FF for many years I have used Temporary Account Containers. Basically this just opens EVERY tab in a new cookie container. I have had it so long I would feel quite naked without it. If I log into ebay on one tab, click to open a new tab and go to ebay there, it opens in a new container and is logged out like a new visitor (even though my fingerprint is probably recognised, the cookie isn’t). This always ‘felt’ like a very strong defence. Obviously I won’t have that on Brave, how concerned should I be about that, if at all? Appreciate your opinions

Brave does not have temporary account container feature.

But it has something called profiles. Go to the right hand corner hamburger menu and create a new profile.
It is a manual process and not exactly similar to firefox containers.

Yes, you could do it ‘by hand’ with Profiles as mentioned above. Or you could do some measure of it by doing a lot of browsing in a Private window.

Not sure how much I would enjoy every tab being a completely new container, when visiting the same site that sounds like it would get old very fast. For different sites that is a different story. Although I suspect 1st-party ephemeral storage handles some of this for you I’m not totally up to speed on how it works – definitely curious though.