Do you live in an area with poor people and lots of shoplifting? Do you work in grocery store security surveillance? Do you work as a 711 clerk? Is this an area of expertise or are you just guessing?

It increases the noise to signal ratio in their attempts to look for food thieves.

I sadly don’t know what this means! Oh, you mean Debian blacklisted Russian contributors but didn’t rebuild the code and kept using it?

When shopping, I like to make it seem extremely likely I am stealing to help poor people who actually need to steal to survive.

For example, when picking up a soda, I furtively look to my left and right to make sure no one is looking and crouch my head down. I pick up things and make it seem like I may be putting it in a pocket at times before putting it back. When security guards say hi, I don’t make eye contact or reply back and put my head down as if hiding.

I never actually steal and haven’t ever shoplifted anything.

I have been kicked out stores many times for abnormal behavior, but never while stealing.

The problem isn’t the specific nature of the rule: having an api call in the background that can broadcast a user’s age range (if it isn’t a clearly identifiable marker) makes sense.

The problem is that if the government is able to tell open source developers “YOU MUST INSERT THIS CODE OR ELSE!!!” then what’s next?

Will in 5 years they require Persona in order to install an Operating System to combat terrorism?

Will in 7 years they require a closed source module created by the government to be running at all times and the kernel must check to make sure if the closed source module is running?

Part of open source software is creativity, freedom, and freedom of speech. Some software is created because developers like creating things.

I hope Debian fights back against this on first amendment grounds. Great code is not that different from a great work of art, there is unique creativity in something elegantly coded that functions well, and telling developers they can’t code how they want is the path toward totalitarianism.

It’s one thing to force this into Microslop and Android and iOS because those are large profitable companies who don’t actually care as long as they make money. It’s another thing to force FOSS developers who develop for free because of the love of software and great code that they must change their code in a certain way.

They did.

It’s the same fingerprint every time if you use the same computer, and that fingerprint is unique to the computer. I don’t know why this is so confusing.

Thank for for being the one person who actually did the test and replicated my results. Everyone else just bitched about it and didn’t do the test, and some people did the test and claimed they weren’t unique without any reliable information. It’s a problem, thank you for confirming at least one other person sees what the fuck I am writing about.

Thanks. Where exactly am I supposed to post this to alert people of the problem?

It feels like it to me. It seems more than just aggressive or vigilant modding.

Safest mode blocks any website with javascript and most of the Internet runs on javascript. They also don’t warn users that anything other than safest mode now is entirely identifiable based on fingerprinting.

I sadly think this is what’s happening and even wonder if some forum mods or people there are intelligence. Because why else would this shit keep happening? Privacyguides also has a sketchy origin story if you look far back enough. The really fucked up thing is they are the most well respected guide to privacy and constantly push 3 VPNs, including ProtonVPN after it was blatantly leaking, and it just really makes me wonder… why do they push those 3 VPNs so hard? In theory, they are good VPNs… but what if they are good and also being pushed for a reason? Almost every good independent VPN gets bought out. Half of the VPNs seem to be owned by Kape, AzireVPN got bought out by a US Company. It seems like fewer and fewer VPNs exist that don’t have either intelligence connections or links to privacyguides forum. I just don’t like it. I don’t trust privacyguides anymore.

Safest is fine for .onions. For most of the Internet, this won’t work. And Mullvad Browser, which is often not used with .onions, copies the main architecture of Tor Browser minus the routing.

If you want to do any browsing other than .onions, javascript is required. Tor Browser is supposed to be anti-censorship and anti-tracking and that it isn’t really possible for Tor Browser to access 99% of the Internet without javascript.

Also, the Tor organization is not telling people that they can be uniquely tracked when not in safer mode, and Mullvad Browser is copying most of Tor Browser but not including Tor routing in it and many people using Mullvad Browser use javascript.

It’s important that people know this and the fact that I’ve had such a hard time posting this in different places, and have been met with such suspicion and hostility, is sus and makes me wonder if certain people want these browsers trackable. It’s fucking nuts to me that privacyguide’s forum deleted multiple posts and my mother fucking username after I posted about this. What else other than it being a controlled operation explains that? And plenty of other people have complained about similar shit!

This isn’t true. It used to be true, but advanced fingerprinting done is measuring certain metrics that Tor Browser are not always blocking against.

On fingerprint.com, it will give you a hash and say how many times you’ve been there before. For me, it said I had been there once. I closed the browser, came back, and had the same hash and it said I had been there twice. I did this tests multiple times and in multiple ways.

Notice how this person didn’t post any screen captures of from fingerprint.com showing that they have supposedly visited 1000 times or whatever would be expected if Tor Browser had a fingerprint that was consistent across all users.

I posted very clearly the problem, and some people replicated it, and some people couldn’t, and the problem may or may not vary across distros. It’s also possible some people could be lying. But yes, I tried to post this on privacyguides forum and they made it incredibly hard to post it, then deleted my username, and it was strange, and other people have had strange experiences.

I understand: Javascript is not safe. I know that. But most of the internet, except for onions, use javascript and it’s nearly impossible to use most of the Internet in web browsers without it. The problem is that if Fingerprint.com can reliable detect differences between users when javascript is on for Mullvad Browser and Tor Browser in certain operating systems, users should be aware. Most people would think Mullvad Browser in “safer” mode would not create a persistent per-computer hash of the browser that can be tracked across sessions.

Other users on privacyguides forums have commented on the exact same problem where threads are just completely deleted, even with valid questions.

Then this may be happening only with certain distributions or operating systems. It is definitely happening for me, I checked it over and over. “You have visited once.” I close Tor Browser, restart, come back to fingerprint.com. “You have visited twice.” I also did try this with safer. I did multiple tests. This impacts at least some operating systems or distributions. It may not impact Qubes. I didn’t test that, but I am sure it impacts at least some users.

All users don’t have the same fingerprint. Fingerprint.com is testing other things that Tor isn’t covering. So if they are testing canvas and other stuff that Tor protects, and 2 things that aren’t protected that give unique identifiers, they still create a unique hash. I did not test this using Tails or Qubes and it may not affect all operating systems.

They have different unique hashes per computer, so Tor Browser user on “Computer 1” has a unique hash and Tor Browser user on Computer 2 has a unique hash. I have read Mullvad’s documentation on their browser. Please re-read the original post.