Bros... I don't feel so good. Even harmless 16x16 icons are used to track us.https://github.com/jonasstrehle/supercookie/
>>107236619Arkenfox bros? I seem to remember there are configs to disable favicons in the userjs? Maybe they work against this.
>>107236619who says it has to be 16x16?
>>107236619>2 years ago
>>107236619If I read this right, it works by redirecting to new cookie paths, and logs which ones are in your cache and which ones are. Does not sound very useful because to create a unique ID for every visitor you need up to 4 billion redirects and that's kind of unfeasible?
>>107237144Favicon format
>>107237908You are reading it wrong. Each favicon is a bit, so the number of unique IDs double with each favicon shown. That is what the table in OP's screenshot is telling you.
>>107239879aaah, ok. but that's still up to 32 http calls per user for a 16-bit ID.let me check if I understand it correctly. we randomly generate an ID of up to N bits. the server returns urls corresponding to each bit, where if the bit is 1, we return a favicon (or just an empty return with a 200 code), if the bit is 0 with return a 404.then we call ALL the endpoints, and if they respond with a 200 we know they are in the favicon cache and with that we can "read" the stored ID.but how do we know we already have an ID stored, preventing the generation of a new key?
https://abrahamjuliot.github.io/creepjs/
>>107236619This was patched, it no longer works.
>>107236619We need to dtart a new internet bros, fuck all this shit. I will write a browser in C and it will support barebones html and you write simple sites where we can have fun together. My browser reports everything to all websites. This shit has to stop.
>>107240852Many inaccurate cells for me, and quite a few blocked and unsupported.I was surprised it can get my battery level though.
>>107240944it used to be very accurate but I think it's unmaintained and browsers have caught up to it.
>>107240806I imagine it works something like this.>check ID>if ID != 0, log ID>else {>generate new ID>rerun redirects, but this time, return the favicons required to fill the FCache>}If the user had all zeros in their FCache, we know they're new. And if we rerun the redirects, next time they visit we'll find their ID in there.
>>107236619Can some explain how this works in English? What do ic ons have to do with the kardashians and netherlands? I don't get it.
>>107241141>If the user had all zeros in their FCache, we know they're new.doh. didn't think of that.either way it's a 2021 vulnerability and it has been since patched.
>>107236619>1000 people>small village>1 million people>small cityWhat???
>>107241968clients =/= people, dumbass.one person can use more than one web client.
>>107237129ublock origin plus celenity blocklists, find the block SVG list somewhere in link.https://codeberg.org/celenityhow to block ICO im not sure.is PNG worth worrying about?
>>107239755there is nothing forcing favicons to be 16x16. they can be 1x1 or 256x256 and the browser will scale them to the correct display resolution.
>>107242826Is this better than Arkenfox?
