Advertisement |
What is the "Canvas Blocker (fingerprint protect)" extension?
The canvas element is like a painting canvas for the browser. It is used to draw paint objects dynamically using the JavaScript engine which empowers your browser visually a lot. Unfortunately, this element can also be used by advertising and malicious scripts to identify the user and hence to track the user's browsing interests. Basically, this element can be used to generate a fingerprint key that is unique to each browser. Now if this unique key is generated by different pages and is sent to a server, it can lead to track user's browsing habits easily. One method to generate a unique identification key is to insert two strings on top of each other with just a slight offset in a canvas element and then convert the canvas element into a data string. The generated string could have slight difference based on user's OS and graphical card capabilities hence the generated string is unique. This long string is then converted to a small unique key using a hashing method like an SHA algorithm. This extension adds an arbitrary one-time noise to the canvas element only when one of the string conversion methods are called. To improve the speed of applying this nouse further, instead of applying it to all points of the canvas element, the noise is added to points with 3 element spacing. This significantly reduces the computational cost of adding the noise.
How can I disable this extension?
Normally there is no need for the extension to be disabled (if you find a case please report in the review section). So there is no toolbar button for toggling the enabling state of the add-on! If for any reason you would like to temporarily disable the extension, go to the add-on manager for your browser and press disable button. Then refresh the tab to refresh the server code. Make sure to re-enable the extension later on to prevent leaking.
What's new in this version?
Please check the Logs section.
What are the differences between this extension and other similar ones?
There are two techniques to prevent Canvas fingerprinting. An extension can completely remove the Canvas access to the JavaScript engine or it can manipulate functions that may be used for fingerprinting. The former method is safe but degrades your browser's capabilities. The latter method is the recommended one but it is much harder to implement.
The method to manipulate internal functions need to be written with extra care to make sure the code is not affecting the page performance. This extension is written carefully by considering two important facts: 1. Do not slow down the borwser by applying most of the code when only needed. 2. Prevent fingerprint for all frames so that there would be no other ways to generate a unique key even by using new frame technice.
Can I disable the extension on a website?
As of version 0.1.2, you can disable this extension on specified hostnames. Either open the website in a browser tab and right-click on the page action's button and select "Disable Fingerprinting" entry or directly insert the hostnames on the options page of the extension.
I like to get notified when fingerprinting is detected, however, I want to disable this option on a few websites. Is it possible?
Yes, on a website that you don't want to get notifications, right-click on the browser action button and select "Disable Notification" entry. You can directly add the hostname to the options page too. If you need to remove a hostname from this list, simply remove it from the options page and press the "Save" button.
Please keep reviews clean, avoid improper language, and do not post any personal information. Also, please consider sharing your valuable input on the official store.
Permission | Description |
---|---|
*://*/* | to be able to access all domains (to be able to inject fingerprint blocker script to all domains) |
notifications | to notify the user when a fingerprint attempt is reported |
storage | to save internal preferences |