了解浏览器指纹识别
浏览器指纹识别是系统地收集有关网络浏览器的信息,以便对其身份或特征进行有根据的猜测。
浏览器的每个设置和功能都会创建“浏览器指纹”。
大多数浏览器无意中为每个用户创建一个独特的指纹,可以通过互联网进行追踪。
有关浏览器指纹识别的更多详细信息,请参阅 Tor 博客上的这些文章:浏览器指纹识别:简介和未来挑战 和 Tor 浏览器:推进私密浏览创新的遗产。
为什么浏览器指纹识别会威胁到在线隐私?
首先,收集此信息无需向用户请求权限。
浏览器中运行的任何脚本都能在用户不知情的情况下悄悄建立设备指纹。
其次,如果浏览器指纹的某个属性是独特的,或者几个属性的组合是独特的,那么就可以在线识别和追踪设备。
这意味着即使没有 Cookie,也可以使用指纹来追踪设备。
Tor 浏览器如何缓解指纹识别
Tor 浏览器经过专门设计,可以最大限度地减少每个用户指纹在各种指标上的独特性。
虽然实际上不可能让所有 Tor 浏览器用户都相同,但目标是减少每个指标可区分的“存储组”的数量。
这种方法使得有效追踪个人用户变得更加困难。
某些属性,如操作系统和语言,是功能所必需的,不能完全隐藏或欺骗。
相反,Tor 浏览器限制这些属性的多样性以降低独特性。
例如,它限制字体枚举并应用字符回退,使用黑边标准化屏幕和窗口大小,并将请求的语言种类限制为较小的预定义集。
Tor 浏览器的防指纹识别保护的关键目标是使收集足够的信息来唯一识别用户变得更具挑战性,从而在不影响必要功能的情况下增强隐私。
Tor 浏览器中的防指纹识别功能
黑边
为了防止根据屏幕尺寸进行指纹识别,Tor 浏览器首先将内容窗口缩小为 200px × 100px 的倍数。
这里的策略是将所有用户分为几个组,以便更难单独识别用户。
在用户开始调整窗口大小(例如最大化窗口或进入全屏模式)之前,此功能一直有效。
Tor 浏览器还针对这些情况提供了称为黑边的指纹识别防御功能,这一技术由 Mozilla 开发并于 2019 年推出。
它的工作原理是在浏览器窗口中添加边距,使窗口尽可能接近所需的大小,而用户仍处于几个屏幕尺寸组中,防止在屏幕尺寸的帮助下将用户单独识别。
简而言之,这种技术将特定屏幕尺寸的用户分组,这使得根据屏幕尺寸单独识别用户变得更加困难,因为许多用户的屏幕尺寸相同。
User-Agent and Operating System spoofing
The User-Agent string is a value websites can use to identify details about your browser, operating system (OS), CPU architecture, vendor, and version.
Since this information can reveal which OS or device a user is using, it has been a vector for browser fingerprinting, allowing websites or trackers to potentially single out users.
Tor Browser addresses this by spoofing the User-Agent. Users cannot choose a specific operating system or attempt to imitate every possible platform.
Instead, Tor Browser standardizes User-Agent values to reduce uniqueness and avoid creating a false sense of privacy:
- All Windows appear as Windows 10.
- All macOS appear as OS X 10.15.
- All Android as Android 10.
- All other systems like all Linux distributions (including Tails and Qubes), *BSD and other operating systems are grouped together and reported as "Linux running X11".
- All the other details (such as the architecture) are also normalized per-platform.
In this case, the fingerprint resistance strategy in Tor Browser is to protect real values of the User-Agent by spoofing, but also have a large enough user set.
User-Agent is sent to websites as an HTTP header, and it is available to JavaScript as navigator.userAgent.
Inconsistencies in these values can trigger anti-bot and anti-fraud systems into categorizing Tor users as a bot, and deny their requests, which in turn affects usability for Tor Browser users.
Some privacy tools or users suggest that making all users appear as Windows would offer the best cover.
However, perfectly spoofing across all browser contexts is not possible and active fingerprinting methods (using fonts, features, behavior, with or without JavaScript, etc.) can often be used to infer aspects of the hardware or operating system.
Tor Browser does not let users select which OS they appear to be.
This is intentional: any option to choose would only make users more unique and thus easier to fingerprint.
The small set of standardized options is key to keeping users blended together, maximizing privacy for everyone.
其他防指纹识别功能
除了黑边外,Tor 浏览器还采用了许多其他功能来减轻浏览器指纹识别并保护用户隐私。
These features include Canvas image extraction blocking, NoScript integration, and first-party isolation.
有关功能的完整列表,请阅读 Tor 浏览器的设计与实施文档。