anonymous
browser extension
these two do not mix well. almost any extension can be detected by a site and used to fingerprint you.
You actually can use I2P with JS disabled as many eepsites work without it.
Yes you’re right, but disabling JS also makes you stand out way more wrt fingerprinting, and you can still be fingerprinted with HTML/CSS, TLS and other methods.
That is not true. On chrome, they could be fingerprinted using the way that extensions load remote assets (which I dont think is still possible). On Firefox, that has not been possible (maybe ever but at least for a while). The way that extensions are fingerprinted requires detecting the way they interact with the web pages DOM, which is not something many extensions do.
The point to my original comment is fingerprint of extensions isn’t straightforward or free, ie requires intentionally designing a fingerprinting technique tailored to identify its behaviour.
CreepJS can really only detect Chrome extensions and very few Firefox ones. On Firefox, it can detect NoScript but not uBlock for example. This isn’t to say that uBlock can’t be fingerprinted, just that it hasn’t yet in CreepJS. Some extension don’t touch the DOM at all or produce any fingerprintable behaviour to the web page, so there for can’t be detected. Some don’t produce weird behaviour until a user interacts with some element in the extension or webpage.
I don’t see any extension info and I don’t see how there could be any. There isn’t any api for gaining this info in ff at the very least.
There are other issues, but most extensions can in fact not be detected by websites, unless they specifically add something that makes them detectable.
perhaps you should look up how creepjs implements detection for known extensions
I found this is the only thing I found on a quick search.
It would indicate that chrome does disclose addons (so maybe don’t use it for yet another reason).
For Firefox you can only look for changes typically performed by an addon, something like adblock should be detectible but networking layer stuff like an I2P tunnel should definitely not be.
Most firefox addons dont even have the permissions needed to change anything a website could observe.