CHANGELOG: week of 17th June 2024

This week I added several improvements on different topics:

  1. Bot detection test;
  1. Better UI to search temporary phone numbers;
  1. Fingerprinting improvements.

A new bot detection test page

I added a new page to test whether or not your bot is detected. The test is based only on fingerprinting signals. It DOES NOT use any signals related to the IP reputation or the user behavior. The goal of this page is only to challenge the nature of the fingerprint.

Better UI to search temporary phone numbers;

The list of temporary phone numbers is now searchable through a web UI. You can still access the data through the API if you prefer to access it programmatically.

Browser fingerprinting improvements

As a reminder, you can test your browser fingerprint on this page.

New signal: Keyboard layout map

I added 2 new signals related to the keyboard layout map, which represents the list of the strings associated with specific physical keys of the keyboard. It is collected using navigator.keyboard.getLayoutMap :

  1. The keyboard layout map;
  1. The size of the keyboard layout map.

Fingerprint stability improvement on Chrome

I noticed the fingerprint hash/identifier was different sometimes for the first execution of the fingerprinting script, or when I didn’t interact with the fingerprinting page for a few minutes.

I did a JSON diff between 2 fingerprints of the same browser but with a different hash. The only difference came from the audio fingerprint (cf screenshot below):

In particular, the ac-state attribute of the audio fingerprinting was sometimes equal to running and sometimes equal to suspended .

This comes from the fact that the audio context was not allowed to start by Chrome until the user would perform a gesture. This is related to the autoplay policy introduced by Chrome in ~ 2018 (so not that new).

device_info.js:548 The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page

I updated the fingerprinting script to stop collecting the state property of the AudioContext object.

After this change, the fingerprint hash/identifier remains stable across different executions on Chrome, including between the normal mode and the private mode.

If there are other features you’d like to get on https://deviceandbrowserinfo.com/, don’t hesitate to contact me on Twitter.

Other recommended articles

Investigating the Selenium Chrome mode of Open Bullet 2

Fourth article of a series about Open Bullet 2, a credential stuffing tool. We analyze the the Selenium Chrome mode to better understand how it works, its browser fingerprint, and how it can be detected.

Read more

Published on: 05-09-2024

Investigating the Puppeteer mode of Open Bullet 2 (credential stuffing tool)

Third article of a series about Open Bullet 2, a credential stuffing tool. We analyze the the Puppeteer mode to better understand how it works, its browser fingerprint, and how it can be detected.

Read more

Published on: 08-08-2024

Privacy leak: detecting anti-canvas fingerprinting browser extensions

In this article, we present 2 approaches that can be used to detect anti-canvas fingerprinting countermeasures and we discuss the potential consequences in terms of privacy for their users.

Read more

Published on: 29-06-2024