1
0
mirror of https://github.com/kkapsner/CanvasBlocker synced 2024-12-22 04:40:20 +01:00

Updated description

This commit is contained in:
kkapsner 2019-11-21 11:10:38 +01:00
parent a555f3cd64
commit d930de1883
3 changed files with 55 additions and 42 deletions

View File

@ -3,6 +3,18 @@ Dieses Add-on ermöglicht es Nutzern, Webseiten davon abzuhalten, sie über Java
<b>WICHTIG</b>: Sie sollten nur ein Addon/eine Einstellung aktiv haben, die eine API beschützt. Ansonsten können Sie massive Performanceprobleme bekommen. (Z.B. EclipsedMoon für Palemoon hat 'canvas.poison', was bekanntermaßen Probleme verursacht: https://github.com/kkapsner/CanvasBlocker/issues/253#issuecomment-459499290)
privacy.resistFingerprinting kann aber problemlos aktiviert werden und der Fingerprinting-Schutz muss nicht deaktiviert werden.
Beschützte "Fingerprinting"-APIs:
<ul>
<li>canvas 2d</li>
<li>webGL</li>
<li>audio</li>
<li>history</li>
<li>window (standardmäßig deaktiviert)</li>
<li>DOMRect</li>
<li>navigator (standardmäßig deaktiviert)</li>
<li>screen</li>
</ul>
Nähere Informationen zum Fingerprinting können Sie finden auf:
<ul>
<li>&lt;canvas&gt;: http://www.browserleaks.com/canvas</li>
@ -29,16 +41,4 @@ Die verschiedenen Blockiermodi sind:
<li>alles erlauben: Ignoriere alle Listen und erlaube die beschützten APIs auf allen Webseiten.</li>
</ul>
Beschützte "Fingerprinting"-APIs:
<ul>
<li>canvas 2d</li>
<li>webGL</li>
<li>audio</li>
<li>history</li>
<li>window (standardmäßig deaktiviert)</li>
<li>DOMRect</li>
<li>navigator (standardmäßig deaktiviert)</li>
<li>screen</li>
</ul>
Falls Sie Fehler finden oder Verbesserungsvorschläge haben, teilen Sie mir das bitte auf https://github.com/kkapsner/CanvasBlocker/issues mit.

View File

@ -3,6 +3,18 @@ This add-on allows users to prevent websites from using some Javascript APIs to
<b>IMPORTANT</b>: you should only have ONE addon/setting set that protects an API. Otherwise you could face massive performance issues. (E.g. EclipsedMoon for Palemoon has 'canvas.poison' which is known to cause issues: https://github.com/kkapsner/CanvasBlocker/issues/253#issuecomment-459499290)
But setting privacy.resistFingerprinting to true and/or using the new fingerprinting protection introduced with Firefox 67 is fine.
Protected "fingerprinting" APIs:
<ul>
<li>canvas 2d</li>
<li>webGL</li>
<li>audio</li>
<li>history</li>
<li>window (disabled by default)</li>
<li>DOMRect</li>
<li>navigator (disabled by default)</li>
<li>screen</li>
</ul>
More information on fingerprinting can be found at:
<ul>
<li> &lt;canvas&gt;: http://www.browserleaks.com/canvas</li>
@ -30,16 +42,4 @@ The different block modes are:
<li> allow everything: Ignore all lists and allow the protected APIs on all websites.</li>
</ul>
Protected "fingerprinting" APIs:
<ul>
<li>canvas 2d</li>
<li>webGL</li>
<li>audio</li>
<li>history</li>
<li>window (disabled by default)</li>
<li>DOMRect</li>
<li>navigator (disabled by default)</li>
<li>screen</li>
</ul>
Please report issues and feature requests at https://github.com/kkapsner/CanvasBlocker/issues

View File

@ -1,25 +1,12 @@
CanvasBlocker [![codebeat badge](https://codebeat.co/badges/1e540430-87d0-451a-8190-09bfea1b4b6c)](https://codebeat.co/projects/github-com-kkapsner-canvasblocker-master)
=====
This add-on allows users to prevent websites from using some Javascript APIs to fingerprint them. Users can choose to block the APIs entirely on some or all websites (which may break some websites) or just block or fake its fingerprinting-friendly readout API.
**IMPORTANT**: you should only have ONE addon/setting set that protects an API. Otherwise you could face massive performance issues. (E.g. EclipsedMoon for Palemoon has 'canvas.poison' which is known to cause issues: https://github.com/kkapsner/CanvasBlocker/issues/253#issuecomment-459499290)
But setting privacy.resistFingerprinting to true is fine.
More information on fingerprinting can be found at:
* &lt;canvas&gt;: http://www.browserleaks.com/canvas
* audio:
* https://audiofingerprint.openwpm.com/ (very poorly written = slow)
* https://webtransparency.cs.princeton.edu/webcensus/#audio-fp
* DOMRect:
* http://jcarlosnorte.com/security/2016/03/06/advanced-tor-browser-fingerprinting.html
* https://browserleaks.com/rects
* https://github.com/ghacksuserjs/ghacks-user.js/wiki/Appendix-A---Test-Sites
The different block modes are:
* fake: Canvas Blocker's default setting, and my favorite! All websites not on the white list or black list can use the protected APIs. But values obtained by the APIs are altered so that a consistent fingerprinting is not possible
* ask for permission: If a website is not listed on the white list or black list, the user will be asked if the website should be allowed to use the protected APIs each time they are called.
* block everything: Ignore all lists and block the protected APIs on all websites.
* allow only white list: Only websites in the white list are allowed to use the protected APIs.
* block only black list: Block the protected APIs only for websites on the black list.
* allow everything: Ignore all lists and allow the protected APIs on all websites.
-----
Protected "fingerprinting" APIs:
* canvas 2d
@ -31,6 +18,32 @@ Protected "fingerprinting" APIs:
* navigator (disabled by default)
* screen
More information on fingerprinting can be found at:
* &lt;canvas&gt;: http://www.browserleaks.com/canvas
* audio:
* https://audiofingerprint.openwpm.com/ (very poorly written = slow)
* https://webtransparency.cs.princeton.edu/webcensus/#audio-fp
* DOMRect:
* http://jcarlosnorte.com/security/2016/03/06/advanced-tor-browser-fingerprinting.html
* https://browserleaks.com/rects
* https://github.com/ghacksuserjs/ghacks-user.js/wiki/Appendix-A---Test-Sites
-----
Beta versions can be found at https://canvasblocker.kkapsner.de/versions/.
-----
The different block modes are:
* fake: Canvas Blocker's default setting, and my favorite! All websites not on the white list or black list can use the protected APIs. But values obtained by the APIs are altered so that a consistent fingerprinting is not possible
* ask for permission: If a website is not listed on the white list or black list, the user will be asked if the website should be allowed to use the protected APIs each time they are called.
* block everything: Ignore all lists and block the protected APIs on all websites.
* allow only white list: Only websites in the white list are allowed to use the protected APIs.
* block only black list: Block the protected APIs only for websites on the black list.
* allow everything: Ignore all lists and allow the protected APIs on all websites.
-----
Special thanks to:
* spodermenpls for finding all the typos
* Thorin-Oakenpants for the icon idea
@ -40,7 +53,7 @@ Special thanks to:
* micrococo for the Spanish translation
* STim99 for the Russian translation
Beta versions can be found at https://canvasblocker.kkapsner.de/versions/.
-----
If you want to support this addon you can donate to the following addresses:
* bitcoin: 159Y9BLcfHyrp6wj6f3syEuk92xkRVTiie