Every time you visit a website, your browser leaves behind a unique trail — not through cookies, but through browser fingerprinting. Unlike cookies, you can't clear or block fingerprints with a simple settings toggle. Let's break down what's being collected and how you can test it yourself.
What Is Browser Fingerprinting?
Browser fingerprinting is a technique that identifies users by collecting attributes from their browser and device. Combined, these attributes create a nearly unique "fingerprint" — even without cookies or login data.
Research from the EFF's Panopticlick project showed that 83.6% of browsers had a unique fingerprint.
Key Fingerprinting Vectors
1. Canvas Fingerprinting
Your browser renders a hidden image using the <canvas> element. Differences in GPU, drivers, and OS cause subtle variations in how pixels are drawn.
// Test your canvas fingerprint
const canvas = document.createElement('canvas');
const ctx = canvas.getContext('2d');
ctx.textBaseline = 'top';
ctx.font = '14px Arial';
ctx.fillStyle = '#f60';
ctx.fillRect(125, 1, 62, 20);
ctx.fillStyle = '#069';
ctx.fillText('fingerprint', 2, 15);
const dataURL = canvas.toDataURL();
console.log('Canvas hash:', dataURL.length);
// Different machines will produce different results
2. WebGL Fingerprinting
WebGL exposes your GPU vendor, renderer, and supported extensions — all highly identifying.
const gl = document.createElement('canvas').getContext('webgl');
const debugInfo = gl.getExtension('WEBGL_debug_renderer_info');
console.log('Vendor:', gl.getParameter(debugInfo.UNMASKED_VENDOR_WEBGL));
console.log('Renderer:', gl.getParameter(debugInfo.UNMASKED_RENDERER_WEBGL));
3. AudioContext Fingerprinting
Browsers process audio slightly differently depending on hardware and software stack.
const audioCtx = new (window.AudioContext || window.webkitAudioContext)();
const oscillator = audioCtx.createOscillator();
const analyser = audioCtx.createAnalyser();
const gain = audioCtx.createGain();
oscillator.connect(analyser);
analyser.connect(gain);
gain.connect(audioCtx.destination);
// The resulting audio processing creates a unique signature
4. Navigator Properties
The navigator object leaks a surprising amount of info:
const props = {
userAgent: navigator.userAgent,
language: navigator.language,
languages: navigator.languages,
platform: navigator.platform,
hardwareConcurrency: navigator.hardwareConcurrency,
deviceMemory: navigator.deviceMemory,
maxTouchPoints: navigator.maxTouchPoints
};
console.table(props);
5. Font Detection
Websites can detect which fonts are installed by measuring text rendering differences.
6. Screen Properties
console.log({
width: screen.width,
height: screen.height,
colorDepth: screen.colorDepth,
pixelRatio: window.devicePixelRatio
});
How to Check Your Fingerprint
Try these tools to see how unique you are:
- AmIUnique — academic fingerprint checker
- Cover Your Tracks — EFF's privacy tester
- BrowserLeaks — comprehensive leak test
Mitigating Fingerprinting
There's no silver bullet, but some approaches help:
- Tor Browser — standardizes many fingerprint vectors
-
Firefox
privacy.resistFingerprinting— built-in protection - Anti-detect browsers — tools like Multilogin, GoLogin, or FireKey that let you customize fingerprint parameters per profile
- Browser extensions — Canvas Blocker, etc. (though extensions themselves can be fingerprinted)
The key insight: randomizing a single parameter often makes you more unique, not less. Effective anti-fingerprinting requires coordinating multiple vectors simultaneously.
Conclusion
Browser fingerprinting is a cat-and-mouse game between trackers and privacy tools. Understanding what's being collected is the first step to protecting yourself — whether you're a privacy-conscious user, a security researcher, or someone managing multiple online accounts.
What fingerprinting vectors have you encountered in your work? Drop a comment below.
Top comments (0)