-
-
Notifications
You must be signed in to change notification settings - Fork 60
Features that gngr will not support
hrj edited this page Jul 26, 2018
·
14 revisions
- WPAD (4)
- Battery Status API (1) & (2)
- Hyper-link auditing
- Geo Location
- Any Camera or Mic APIs
- Resource timing APIs. (5)
- Etag header
- Last-modified header (unless the LSBs are fudged)
- Most of the
navigatorAPI.
These features are good to have sometimes, but have fingerprinting potential. They should surely be opt-in though.
- WebGL
- WebRTC
- Canvas
- AudioContext (See AudioContext fingerprinting demo)
- KeyboardEvent.code (can be misused for fingerprinting keyboard).
- window.opener
- http://blog.add0n.com/2016/03/23/html5-apis-fingerprint-users-how-to-prevent.html
- https://blog.lukaszolejnik.com/battery-status-readout-as-a-privacy-risk/
- https://www.browserleaks.com/
- https://news.ycombinator.com/item?id=12167209
- https://github.com/w3c/resource-timing/issues/64
- https://www.chromium.org/Home/chromium-security/client-identification-mechanisms
- http://www.ieee-security.org/TC/SP2013/papers/4977a541.pdf