Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

can audiocontext noise and font noise be detected as fake just like its easy to spot fake noise on webgl/canvas? #78

Open
shailangsa opened this issue May 31, 2023 · 8 comments

Comments

@shailangsa
Copy link

as the title, can audiocontext noise and font noise be detected as fake just like its easy to spot fake noise on webgl/canvas? because as we know https://coveryourtracks.eff.org/ detects fake webgl/canvas noise ( i.e noise created by undrawn rectangle areas)

@TheGP
Copy link

TheGP commented Jan 27, 2024

Noise should be easy to spot anywhere as it makes a very unique hash.

@shailangsa
Copy link
Author

your answer is vague, noise is detected because for the majority of the users faking the noise, they're using a chrome extension , and the website's detection script will check whether the hash generated upon page load is different to the hash generated one the chrome extension runs on the page.

@TheGP
Copy link

TheGP commented Jan 28, 2024

What do you mean they will check the difference? It's always random noise. As far as I understand they check on how unique the hash is, normally your hash shouldn't be unique as other users use similar hardware. But noise simulates completely unique hardware.

I'm new to this topic, so I would be curious to see the opinions of more knowledgeable people.

@shailangsa
Copy link
Author

sites like https://coveryourtracks.eff.org/ determine if your webgl canvas has noise/is faked by comparing the hash generated upon page load is different to the hash generated after the chrome extension runs on the page.

@TheGP
Copy link

TheGP commented Jan 29, 2024

An extension can be loaded before the website is loaded, they can't do such a comparison. Or if an extension is built incorrectly. Or maybe u can do it by using workers, not sure.

update: u cant use canvas or dom inside the worker

@shailangsa
Copy link
Author

i dont extensive testing on using defender extensions on browser fingerprint websites and even though some extensions are set to be loaded before the website is loaded, i found that they werent, you are free to show me otherwise

@TheGP
Copy link

TheGP commented Jan 30, 2024

I have built an extension myself recently and ensured my code was executed before any code on websites. The only reason other extensions do it more slowly is that they trying to get data from their settings (extension storage). In this case, it will be slow.

Anyway changing methods of JS object is detectable by itself as I know, so they will know you are tinkering with those methods. Similar to if( Object.getOwnPropertyNames(navigator)[0] ) alert('fake parameters detected');

Btw because u are doing some research feel free to pull links / data to my document - https://github.com/TheGP/untidetect-tools/

@shailangsa
Copy link
Author

shailangsa commented Jan 30, 2024

i don't really have the time to keep trying to argue with you, becase you admitted you are new to this topic, and i told you already i have done my research as to how fake webgl/canvas is detected but i will just reply once more to you:

there are 2 ways that detection websites check that a webgl/canvas is faked

one way a website (specifically creep.js's detections cript) can detect if a webgl/canvas is fake, is to check if the webgl/canvas prototype/object already exists or is changed , by checking if setPrototypeOf can be called on the object. So if the defender extension has changed the webgl/canvas object the detection script on the website would be able to call setPrototypeOf , but if there is no defender extension which means the webgl/canvas object is unchanged, then the detection script on the website wouldnt be able to call setPrototypeOf on the object as it would cause a chain cycle error (in terms of the jaron of creep.js ) , because the javascript infrastructure won't allow you to assign object as a prototype of itself

another way a detection website (Such as https://coveryourtracks.eff.org/ )detects that a webgl/canvas is faked is again by checking the webgl/canvas objects generated by the defender extension. by comparing the first instance (or first run as they call it) of the object against the second instance (or second run as they call it) (which is usually generated after the page has finished loading), and if they are different it will just set determine_randomized to "randomized"

thus they dont analyze the fake noise itself or check how unique the hash is (As you suggested, although that might be used to calculate a "trust score" but is not the main way to detect that the webgl/canvas is faked), as creep.js does

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants