Admin @ federated.club

  • 2 Posts
  • 6 Comments
Joined 1 year ago
cake
Cake day: August 3rd, 2023

help-circle






  • Canvas rendering differs slightly depending on a lot of factors like operating system, browser, installed fonts, and many others. This information can be used to uniquely identify and track your machine across the web, even if you have stuff like cookies blocked and switch IPs. Just outright blocking canvas access attempts to prevent this. Keep in mind that while it can help prevent against canvas tracking, it can also be used as yet another variable to uniquely identify your browser, ‘has canvas blocking enabled’, just like blocking cookies, do not track requests, etc…


  • Luckily, other browser manufacturers (Mozilla, Vivaldi, Brave, and even the WWWC) have already spoken out against this proposal. Google loves marketing it as ‘optional’, which it obviously won’t be once implemented. A system like this would be very dangerous for smaller browsers, as it’s incredibly vague who decides what authorities would be allowed to verify browsers.

    Additionally, this is presented as a way to remove captchas from the web by proving a request is coming from genuine hardware. However, this proves absolutely nothing about a request being genuine or non-spam. The only thing this proves is that it was created by a ‘genuine device’, so all a malicious user would have to do is to (automatically) send the request via a verified device and they’d pass the check.