Basically title. Recently I saw a new option in Chromium website permission settings called “allow access to local network” or something like that and I know some antiviruses on Windows that can list all devices connected to the same WiFi network. I’m usually using Firefox based browsers that obviously don’t have the option to disable or enable that access. So can some really invasive websites mine data about my local network, connected devices etc? And if so, what can I do to prevent it except for just disconnecting everything else when visiting such websites?

  • refalo@programming.dev
    link
    fedilink
    arrow-up
    3
    ·
    5 months ago

    WebWorker is disabled by default in JShelter which is required for creepjs to work. If you set just that function to Strict instead of just the default Remove, then creepjs still works fine.

    But creepjs could be modified to work without webworker if you were thinking JShelter really does something useful to hide your fingerprint from someone who wants it bad enough. And you can still be fingerprinted many other ways even without JavaScript at all.

    • kbal@fedia.io
      link
      fedilink
      arrow-up
      3
      arrow-down
      1
      ·
      edit-2
      5 months ago

      Yeah my main browser is easily fingerprinted due to the many ways it is non-standard. I’ll use torbrowser or something if it actually matters. But JShelter does not really make that problem worse for most people, and it probably frustrates some fraction of attempts — including those that rely on web workers apparently.

      The page load time of creepjs would not be acceptable for use in real life. Anything with that much creepy js is going to get itself blocked by other means.

      • refalo@programming.dev
        link
        fedilink
        arrow-up
        3
        ·
        5 months ago

        The page load time of creepjs would not be acceptable for use in real life

        Well any site that uses fingerprinting tech, regardless of what it is, is just going to have it load silently in the background so I don’t think it would be noticeable anyways.

        • kbal@fedia.io
          link
          fedilink
          arrow-up
          2
          arrow-down
          1
          ·
          edit-2
          5 months ago

          That depends on what’s making it take so long, among other things. But with sufficient effort I suppose the more sneaky fingerprinters (those which aren’t aren’t already blocked by other extensions) could probably be made difficult to notice for unprepared users. JShelter popping up a big warning about a “very high” level of fingerprinting activity is a pretty good hint though, and I take it as a suggestion to add some rules for ublock if I expect to visit that site again.

          As it continues to get more common, maybe it’s time to go back to using noscript as well.