Does we really need canvas fingerprinting in saidit? I find it in Reddit, too.

submitted by RavAshi from i.imgur.com

sorted by:
top
newinsightfulfun
you are viewing a single comment's thread.

view the rest of the comments →

[–][deleted] 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (3 children)

Can you provide some background info on this? We're into less invasive tracking it if doesn't wreck features like rate limiting. Reddit does have some extreme analytics going on.

[–]RavAshi[S] 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (2 children)

DDG has it too.

I think it is a norm to every site which needs a login to participate.

Pale Moon with CanvasBlocker Legacy extension or Firefox with CanvasBlocker extension.

[–][deleted] 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (0 children)

I found a Reddit post where they say this fingerprinting is part of the shadowban system, to carry a shadowban on to the next account. I'll dig up the code and see if it can be disabled.

[–][deleted] 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

Okay I reproduced this in Firefox and did some testing. It's alerting on getBoundingClientRect() as used in bootstrap.tooltip.js and/or jquery-2.1.1.js https://github.com/libertysoft3/reddit-ae/search?q=getBoundingClientRect&unscoped_q=getBoundingClientRect

Also alerting here: https://getbootstrap.com/docs/3.3/components/

So at this point these two js libraries are so integral to the site that they cannot be removed. If you want to check and see if newer jquery and bootstrap are cleaner and don't set this extension off, maybe a case for upgrading can be made. But on the bright side I came across none of this shadowban code that does actual browser fingerprinting.