Privacy Browser Android

Strange. The above fingerprinting test site just does not work here. It throws error, that my browser does not support WebGL.

Is this supposed to be a privacy enhancement feature?
I use bromite webview, and it seems like [bromite fingerprint test](https://www.bromite.org/detect) gives different fingerprint each time...

The resource has been renamed to https://coveryourtracks.eff.org, but the old URL should redirect.

WebGL requires JavaScript, so if it is disabled then the WebGL test will return no information.

Bromite has some fingerprint randomization defenses.

https://coveryourtracks.eff.org redirects multiple times to https://firstpartysimulator.org/kcarter-nojs & then net::ERR_CONNECTION_REFUSED
Strange.

I had an net::ERR_NAME_NOT_RESOLVED when redirected to https://trackersimulator.org/kcarter-reporting-nojs, because of my local proxy filtering the requests. So when I deactivated it, it was OK.

@ask low, maybe it's a similar issue in your case.

When you run the test, if you leave the "Test with a real tracking company?" option selected, then it will redirect to https://firstpartysimulator.org during the testing. To see what the results are with JavaScript enabled, you need to make sure it is enabled for both domains.

I think fingerprinting can also be done even without scripting support. Not sure why these tracking test models ask it...

The vast majority of accurate fingerprinting requires JavaScript. They can get a little bit of fingerprinting information without it, but often not enough to uniquely identify you, especially as you move between IP addresses.

That is one of the reasons why JavaScript is more dangerous to your privacy than all other internet technologies combined.

Is it theoretically possible to containerize js parsing locally ?
This'll sound cheezy. As you mentioned spoofing WebGL fp hash in this tracker, is the same possible with spoofing js, thereby getting the content without even enabling js...

I am not sure I understand the question. It would be fairly easy to containerize the parsing of JavaScript, but the parsing of it isn't generally the problem. The issue is the execution of JavaScript, which you couldn't effectively containerize without breaking the functionality, at which point it would effectively be the same as disabling it.

On this topic, you might be interested in Feature #270: Fine grained JavaScript controls.