While this field is always interesting to read about, I absolutely refuse to give any technical input on how to improve fingerprinting, even if it's to fight bots. If you work on tracking, my opinion of you as a person is well summarized by apenwarr [0]:<p>> Can I work for a bad company and still be a good person?<p>> No.<p>[0] <a href="https://apenwarr.ca/log/20201121" rel="nofollow">https://apenwarr.ca/log/20201121</a>
Fingerprinting is terrifying. That a device (and therefore a specific person) can be reliably identified across all sites and across time is a major failure of browser design.
I feel conflicted about this. On one hand canvas being client side will always lead to cat and mouse game where fraudsters can always generate required "answer". On the other hand innocent users will always be fingerprinted by ad networks and similar.
What if I do:<p>delete CanvasRenderingContext2D.prototype.toDataURL;<p>Shouldn’t delete set the function back to native code?<p>Same with:<p>const offscreen = new OffscreenCanvas(1, 1);
const nativeToDataURL = Object.getPrototypeOf(offscreen.getContext("2d")).toDataURL;<p>Object.defineProperty(CanvasRenderingContext2D.prototype, "toDataURL", {
value: nativeToDataURL,
writable: true,
configurable: true
});<p>Or:<p>const iframe = document.createElement("iframe");
document.body.appendChild(iframe);
const nativeToDataURL = iframe.contentWindow.CanvasRenderingContext2D.prototype.toDataURL;
document.body.removeChild(iframe);<p>CanvasRenderingContext2D.prototype.toDataURL = nativeToDataURL;<p>I beg your pardon if my question is full of innocence.
I've never heard of Castle before. Do any current Castle clients care to share opinions of their service as compared to Cloudflare Turnstile or Google ReCaptcha?
Wow I didn't realize that Canvas Fingerprinting was exclusively used to detect fraudsters! Especially the wily ones who figured out how to delete their cookies! That's really cool - like how they scan everybody's files now to detect pedophiles (exclusively!).