228 reviews
  • Thanks, works great and easy to setup. A well made add-on.
  • Thanks, very much options to hidden such parameters
  • Hi. I've been using this add-on for a while now. Is it still relevant with the new Firefox update which includes anti-fingerprinting? thanks
    Yes, it still has purpose. See https://github.com/kkapsner/CanvasBlocker/issues/349 for further information.
  • After installing this add-on, Panopticlick's test shows I have zilch protection from fingerprinting. The author claims that the unique fingerprint is different each time you test it, but that's just not true...almost everything remains unchanged. Most alarming: also true for both hash numbers.

    Edit: Responding to your comment: I have tested via Panopticlick many times, reloading the page, or opening a new page and testing again. I get no difference from one test to another, including the two hash numbers, which always remain the same. Shuffling people off to Github's CanvasBlocker issues is not the answer! I've tried another fingerprint hider that is also highly rated (Antifingerprint), and likewise it doesn't work. According to EFF, there is no solution yet...and is why they don't recommend any anti-fingerprint add-on, nor have made their own. And they're pretty much the last word re. online security. See:

    https://www.eff.org/press/mentions/2010/11/30-0

    People are just fooling themselves if they think any anti-fingerprint add-on really works.

    Edit 2: I'm not interested in reporting to Github, I doubt anything will be done about it, as I am not the only person who gets failed protection with CanvasBlocker. Opening a ticket with Github would be like plunking a message down a bottomless, black pit. Panopticlick may be 10 years old, but it still maintains accurate results...what is there to update? I have privacy.resistFingerprinting set to "false," BTW...though I did have it on "true" for awhile. Doesn't seem to make any difference with Panopticlick. As for "persistent random number generator enabled," there is no such option in about:config. My point is this: if your add-on actually worked, Mozilla would've made you rich by purchasing the rights to embed it in their browser.
    The hashes change for me if I hit "Re-test your browser". Depending on the CB settings the hashes may stay the same (Random number generator). Please open an issue at https://github.com/kkapsner/CanvasBlocker/issues with your settings. Then we investigate the problem further.

    Edit in response to your edit: if the hash does not change for you with CanvasBlocker it might be a bug and I want to investigate it further. But this review page is a very bad communication channel for such things (e.g. I did not get any notification that you edited your review and you have no way to actually respond). That's why you should create an issue at Github. It's not about "shuffling people off". It's about better communication and actually solving the problem and/or getting better insight.

    The EFF investigation is 10 years old (CB is "only" 5 years old) and I think some improvements were made in the meantime. I can only repeat myself: on https://panopticlick.eff.org/ I get different hashes when I click "Re-test your browser".

    I have two ideas why you get the same hash:
    1. you have privacy.resistFingerprinting enabled which also protects canvas (see https://github.com/kkapsner/CanvasBlocker/issues/158 and https://github.com/ghacksuserjs/ghacks-user.js/issues/767 for further information)
    2. you have the persistent random number generator enabled (stealth preset)

    In response to your edit2: it's OK if you do not want to report a Github. At the moment I have no issue open at Github were the protection is not working - I try to solve them as quick as possible. Sometimes it's a CB bug and sometimes it's a misconfiguration or misunderstanding. If you know of other persons with failed protection maybe they want to help me to solve this issue. Without the complete details of the system and some sort of reproduction scenario I have no way of knowing what is going wrong.
    I do not know which bad experiences you had with Github but it's simply a development platform and the kind of responses/interaction can vary very much between repositories. It all depends on people.

    I had several issue with exactly the same symptom (hash not changing - like https://github.com/kkapsner/CanvasBlocker/issues/199 with Panopticlick or the most recent one being https://github.com/kkapsner/CanvasBlocker/issues/425). All of them were resolved or I had do close them because I did not get an answer for my following up questions that I have to prompt to solve the issue.

    I do not say that Panopticlick does not maintain accurate results. I simply say that some people try to solve the problem in the last 10 years and made progress (the most know is the TOR Browser and the Firefox uplift privacy.resistFingerprinting). I know that CanvasBlocker is not perfect and there will be other fingerprinting techniques and attack vectors in the future that CB does not cover at the moment. But at the moment (and especially with the Canvas hashes on Panopticlick) it's working fine.

    The "random number generator" is a setting withing the CanvasBlocker settings - I could show you a screenshot of where to find it if we were on Github...
    It is set to "persistent" if you selected the "stealth" preset upon installation.

    I do not see a point why Mozilla would want to buy my add-on. If they would want to incorporate it into their browser they simply could to it as it's open source and the licence allows the usage for non commercial usage (and they do charge money for Firefox). There are loads of good add-ons that work and that are not integrated into Firefox. That's the idea and beauty of Firefox: you can customize it.
  • Unfortunately Canvas Fingerprint spoofing does not work, your test website, browserleaks and panopticon reports unique identifier even though the addod reports successful block. Tested with and without other addons, the result stays the same.

    Audio and DomRECT API seems to work just fine.

    EDIT #1: That would explain it, I do have privacy.resistFingerprinting enabled. Thank you for the links they were a good read on the subject and I apologize for jumping into conclusions without searching about the issue beforehand. Perhaps a notice in the addon options would help people like me stop taking the stars away. I give back what I took :)
    Do you have privacy.resistFingerprinting enabled? If yes the result is expected (and OK). See further information in https://github.com/kkapsner/CanvasBlocker/issues/158 and https://github.com/ghacksuserjs/ghacks-user.js/issues/767

    If you do not have it enabled please open an issue at https://github.com/kkapsner/CanvasBlocker/issues with detailed informations.

    In response to your edit: no problem - you are not the first one and will not be the last one. I'm not sure were to put the notice exactly. I opened https://github.com/kkapsner/CanvasBlocker/issues/427 for that.
  • Absolute amazing job !
    Please make a defender for font fingerprinting also. You have the skills as the only :-)
  • Love this extension. Whitelist feature was not so obvious until I came to write this comment and saw the screenshot with address bar icon :D
    Still, I believe UX might be further simplified. I'm thinking along the lines of Chameleon, FoxyProxy, NoScript, etc with multipage popups.
  • Seems to work quite well, was having an issue with cb and privacy badger would result in pages not loading at startup but latest alpha seems to have fixed that
    Do you have Privacy Badger installed? I can replicate your issue when both are installed (CB has to be activated first to reproduce it). But please open an issue at https://github.com/kkapsner/CanvasBlocker/issues to discuss your problem in details.
  • I have only heard good things about CanvasBlocker! So i decided to try, and im sure its great, i just wish there would be a dummy guide for non tech savy people like me.

    I dont know why it works on some sites, and not on others? On YouTube its working directly and i can see many fake readouts, but on many sites it doesnt look like its active? The icon is green and i cant see any notifications about fake readouts.
    Having some sort of Q&A/wiki page is on my list. If you have specific questions you can always post them at https://github.com/kkapsner/CanvasBlocker/issues

    Some sites do not use fingerprinting. That's why the icon is green and no notifications show up. But keep in mind that not all notifications mean that a fingerprint is generated. Also legit use of the APIs can trigger the notification. It's just an indicator that CB did something.
  • Settings are overly complicated.
    I always try to simplify the settings, but the subject is complicated. If you have specific settings that you think should be simpler you are welcome to open an issue at https://github.com/kkapsner/CanvasBlocker/issues with your suggestions.
  • Fantastic add-on, and something that has been sorely needed for some time.
    But I'd like the ability to whitelist certain sites for troublshooting. I didn't see that option in the settings.

    Thanks, dev!

    Update: Thanks for the info! I see the whitelist now.
    If something was faked on a page a fingerprint icon appears in the address bar. By clicking on you see more information and you can also whitelist the page there.
  • Edit: Now it's working again. I suspect the problem I had was caused by something else. Worked great up until July 10 2019. Then Gmail stopped loading, thumbs on Amazon, etc... After turning add ons on and off, this was the one causing problems.
    EDIT: great that it works again.

    Nothing was done to CanvasBlocke on that date. Last update was on the 6th. But on my end gmail and amazon work fine. Please open an issue on https://github.com/kkapsner/CanvasBlocker/issues with your details (used Browser version, CB version, CB settings, etc.). There we can communicate much better.