They did.

It’s the same fingerprint every time if you use the same computer, and that fingerprint is unique to the computer. I don’t know why this is so confusing.

Thank for for being the one person who actually did the test and replicated my results. Everyone else just bitched about it and didn’t do the test, and some people did the test and claimed they weren’t unique without any reliable information. It’s a problem, thank you for confirming at least one other person sees what the fuck I am writing about.

Thanks. Where exactly am I supposed to post this to alert people of the problem?

It feels like it to me. It seems more than just aggressive or vigilant modding.

Safest mode blocks any website with javascript and most of the Internet runs on javascript. They also don’t warn users that anything other than safest mode now is entirely identifiable based on fingerprinting.

I sadly think this is what’s happening and even wonder if some forum mods or people there are intelligence. Because why else would this shit keep happening? Privacyguides also has a sketchy origin story if you look far back enough. The really fucked up thing is they are the most well respected guide to privacy and constantly push 3 VPNs, including ProtonVPN after it was blatantly leaking, and it just really makes me wonder… why do they push those 3 VPNs so hard? In theory, they are good VPNs… but what if they are good and also being pushed for a reason? Almost every good independent VPN gets bought out. Half of the VPNs seem to be owned by Kape, AzireVPN got bought out by a US Company. It seems like fewer and fewer VPNs exist that don’t have either intelligence connections or links to privacyguides forum. I just don’t like it. I don’t trust privacyguides anymore.

Safest is fine for .onions. For most of the Internet, this won’t work. And Mullvad Browser, which is often not used with .onions, copies the main architecture of Tor Browser minus the routing.

If you want to do any browsing other than .onions, javascript is required. Tor Browser is supposed to be anti-censorship and anti-tracking and that it isn’t really possible for Tor Browser to access 99% of the Internet without javascript.

Also, the Tor organization is not telling people that they can be uniquely tracked when not in safer mode, and Mullvad Browser is copying most of Tor Browser but not including Tor routing in it and many people using Mullvad Browser use javascript.

It’s important that people know this and the fact that I’ve had such a hard time posting this in different places, and have been met with such suspicion and hostility, is sus and makes me wonder if certain people want these browsers trackable. It’s fucking nuts to me that privacyguide’s forum deleted multiple posts and my mother fucking username after I posted about this. What else other than it being a controlled operation explains that? And plenty of other people have complained about similar shit!

This isn’t true. It used to be true, but advanced fingerprinting done is measuring certain metrics that Tor Browser are not always blocking against.

On fingerprint.com, it will give you a hash and say how many times you’ve been there before. For me, it said I had been there once. I closed the browser, came back, and had the same hash and it said I had been there twice. I did this tests multiple times and in multiple ways.

Notice how this person didn’t post any screen captures of from fingerprint.com showing that they have supposedly visited 1000 times or whatever would be expected if Tor Browser had a fingerprint that was consistent across all users.

I posted very clearly the problem, and some people replicated it, and some people couldn’t, and the problem may or may not vary across distros. It’s also possible some people could be lying. But yes, I tried to post this on privacyguides forum and they made it incredibly hard to post it, then deleted my username, and it was strange, and other people have had strange experiences.

I understand: Javascript is not safe. I know that. But most of the internet, except for onions, use javascript and it’s nearly impossible to use most of the Internet in web browsers without it. The problem is that if Fingerprint.com can reliable detect differences between users when javascript is on for Mullvad Browser and Tor Browser in certain operating systems, users should be aware. Most people would think Mullvad Browser in “safer” mode would not create a persistent per-computer hash of the browser that can be tracked across sessions.

Other users on privacyguides forums have commented on the exact same problem where threads are just completely deleted, even with valid questions.

Then this may be happening only with certain distributions or operating systems. It is definitely happening for me, I checked it over and over. “You have visited once.” I close Tor Browser, restart, come back to fingerprint.com. “You have visited twice.” I also did try this with safer. I did multiple tests. This impacts at least some operating systems or distributions. It may not impact Qubes. I didn’t test that, but I am sure it impacts at least some users.

All users don’t have the same fingerprint. Fingerprint.com is testing other things that Tor isn’t covering. So if they are testing canvas and other stuff that Tor protects, and 2 things that aren’t protected that give unique identifiers, they still create a unique hash. I did not test this using Tails or Qubes and it may not affect all operating systems.

They have different unique hashes per computer, so Tor Browser user on “Computer 1” has a unique hash and Tor Browser user on Computer 2 has a unique hash. I have read Mullvad’s documentation on their browser. Please re-read the original post.

They have different fingerprints PER COMPUTER without any plugins other than default of No Script. I tested this, it is not the same hash for every computer. It varies per computer and was persistent across sessions.

Australia is always the testing ground for what they do later. Austalians will accept almost any horrible surveillance, so if they beta test there and Austalians won’t comply, they slow the roll out.

I don’t care if there is a package called gnome-age-verification distributed in my linux distro and would prefer it if it means fewer sites with facial biometric tests. If I have concerns about the age verification, then I should be able to type:

sudo dnf remove gnome-age-verification

California probably wants it in linux distros so that linux can’t be a justification for big tech still demanding Orwellian stuff in every website (ie “but what about the children who use linux? we need to protect them with Persona too!”)

But where would it stop? The hell version of this would be kernel-level-approved-AI-agent-checks, with an OS required to have an approved AI agent with a validated third party key that reports to the government with required telemetry and the kernel makes sure the OS won’t run without the approved AI and then makes illegal any scripts for unapproved kernel code modification. And post-Tornado cash, we know code is unfortunately not protected US speech.

So use plausible.io. There are alternatives and there’s no excuse for this level of tech ignorance unless the non-profit is actively willing to fuck over potential users who don’t end up using the product.

Aren’t there analytics like plausible.io (i do not work for them or have any financial connection) that won’t sell financial data of interested users to data brokers?