this post was submitted on 26 Jul 2025

48 points (96.2% liked)

Privacy

40212 readers

518 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago

MODERATORS

Tor Browser: Most Common Fingerprints (lemmy.ml)

submitted 1 day ago* (last edited 1 day ago) by lock@lemmy.ml to c/privacy@lemmy.ml

9 comments fedilink hide all child comments

I have been trying out the different security levels of the Tor Browser. It's set to Standard by default. Some people say that it is best to leave it as it is because most of the Tor users will have the default settings so you will blend in better. However, I decided to look at the other options.

I tested Tor browser with all three security level settings to see which one is the most commonly used through Cover Your Tracks for the most common Tor fingerprint.

On the default security level, Standard

Within our dataset of several hundred thousand visitors tested in the past 45 days, only one in 694.64 browsers have the same fingerprint as yours.

Currently, we estimate that your browser has a fingerprint that conveys 9.44 bits of identifying information.

Be aware that this does not block WebGL unique fingerprinting.

Now the security level in between, Safer

Within our dataset of several hundred thousand visitors tested in the past 45 days, only one in 1804.18 browsers have the same fingerprint as yours.

Currently, we estimate that your browser has a fingerprint that conveys 10.82 bits of identifying

The number is largely tripled from the standard mode. This security level is the least used and the most uncommon, which makes the browser less common with the others. I'm surprised that this is the most uncommon as it blocks WebGL fingerprinting.

The most effective safety level, Safest

Within our dataset of several hundred thousand visitors tested in the past 45 days, only one in 255.02 browsers have the same fingerprint as yours.

Currently, we estimate that your browser has a fingerprint that conveys 7.99 bits of identifying information.

This setting is surprisingly the most common and used one, even though it is not the default setting. It also disables Javascript to prevent the intense fingerprinting.

Disabling Javascript in Tor will not make you stand out, it will make you blend in the most and will block much more effective fingerprinting. Note that most websites will not function properly if JavaScript is disabled.

all 10 comments

sorted by: hot top controversial new old

[–] JumpyWombat@lemmy.ml 20 points 1 day ago (1 children)

Always keep in mind that Tor makes you uniquely identifiable if you are the only one using it on a particular website.

[–] Kyrgizion@lemmy.world 11 points 1 day ago (1 children)

Lots of sites also block access from known exit nodes. I think almost everything under cloudflare blocks it.

[–] IphtashuFitz@lemmy.world 5 points 1 day ago* (last edited 1 day ago)

CDN/security providers like Akamai & Cloudflare maintain lists of known Tor exit nodes and keep it regularly updated. That makes it trivial for customers to block that traffic.

Source: My employer is an Akamai customer and we use this list in some our WAF policies.

[–] RheumatoidArthritis@mander.xyz 8 points 1 day ago (1 children)

Could it be that the number of users testing tor in safest mode is disproportionate on the EFF site compared to the rest of the internet?

[–] Neptr@lemmy.blahaj.zone 5 points 1 day ago* (last edited 1 day ago)

Yes, that is how fingerprint test sites end up working because so many privacy users will test out the most secure options. Not indicative of real worlds values for commonness of browser fingerprint.

[–] irmadlad@lemmy.world 4 points 1 day ago

How common is it for law enforcement to use a browser fingerprint? Seems rather rare in my reading. I guess they could use it as complimentary evidence. However it would seem to me you'd have to be a high level adversary.

[–] mike_wooskey@lemmy.thewooskeys.com 10 points 1 day ago (1 children)

This is interesting. Thanks for sharing your test results.

Do I understand correctly that if your computer shares a fingerprint with fewer computers, it's more distinguishable/identifiable?

[–] JumpyWombat@lemmy.ml 12 points 1 day ago (1 children)

Shouldn't it be the opposite: the lower, the less identifiable?

1 in 1 means that everyone has the same, 1 in 2 means that you are the same as 50% of the population, 1 in 1.000.000 means being pretty much unique.

[–] TranquilTurbulence@lemmy.zip 4 points 1 day ago

That’s why fractions suck. The difference between 1/2 and 1/3 looks small, but it’s way bigger than the difference between 1/202 and 1/203. Same goes for coffee recipes expressed using rations like that.

When it comes to tiny fractions, just go with 1E-6 style instead. So much easier to compare numbers.