Chameleon – a pre-alpha anti-fingerprinting browser extension

Disclosure: compensated affiliate: click here for more information

Browser fingerprinting is a heinous new technology designed to get around the fact that internet users are becoming more aware of how websites (and in particular third party analytics and advertising domains) uniquely identify and track visitors across the internet in order to deliver highly tailored advertising.

It works by finding out all sorts of details about your browser – both passively through what your browser reveals to a website when you visit it (e.g. the browser name, operating system, and exact version number of the browser) – and actively, by requesting additional information (e.g. supported data types (so-called MIME types), screen resolution, system colors and more.)

Taken altogether, the various fingerprint attributes can be almost instantly (it takes just a few milliseconds to run algorithms that compare millions of fingerprints) combined to create a unique fingerprint that can be used to very accurately identify an individual user, no matter if cookies have been deleted, or IP address changed between website visits.

The most frustrating thing about all this is that there is basically very little you can do about it (although read our article to find out what you can do). However, a new open source Chrome browser extension hopes to change all this.

Chameleon is still very much in the early stages of development (it is described as being pre-alpha developer-only software), but it already shows promise as a way to defeat browser fingerprinting. It works by detecting and intercepting the kinds of browser information requests employed by browser fingerprinting, and aims make the browser look the Tor browser (as Tor users are supposed to all look alike).

Chameleon plugin

Despite its pre-alpha status, the Chameleon extension is already looking very smart

Intrigued, but under the complete understanding that this is ‘pre-alpha developer-only software,’ we tested the extension using both the EFF’s Panoptoclick, and the newer Am I unique? browser fingerprinting detection tool that we looked at earlier this week.

Using the Tor browser

Panotptoclick Tor


Using Chrome without the Chameleon extension

 Panoptoclick Chrome no extension

AIU Chrome no extension

Using Chrome with Chameleon extension

Panoptoclick Chrome with extension

AIU Chrome with extension

As we can see, results for the older Panoploclick test are quite impressive, and yielded results close to using the Tor browser. The uniqueness rating from ‘Am I Unique’, however, is almost unchanged, but do note that the test detected entirely different browser information when using Chameleon than is actually the case (for example it detected Firefox rather than Chrome).

At present, Chameleon provides protection against the following browser fingerprinting techniques:

  • Request header values
  • window.navigator values
  • Date/time queries

… and can detect:

  • window.navigator values
  • window.screen values
  • Date/time queries
  • Font enumeration
  • Canvas image data extraction
  • WebGL

These are of course very early days for could be an invaluable tool in the ongoing fight for internet privacy. Developers are encouraged to join in and help extend the plugins functionality.

Douglas Crawford I am a freelance writer, technology enthusiast, and lover of life who enjoys spinning words and sharing knowledge for a living. Find me on Google+

Related Coverage


One response to “Chameleon – a pre-alpha anti-fingerprinting browser extension

  1. Why even allowed such thing as fingerprinting ??? Yes we are all criminals !!! We all have something to hide – our privacy !!! If we are try to stay private online we are automatic marked as criminals !!! Politicians should have revolutions just waiting to strike on their necks ! And chrome based browser are crap all security settings are hidden removed from browser so user can very very … hardly do something against !!! No privacy online becomes huge problem and windows and chrome user have no privacy online despite extension telling so ! Even MS spy’s on user !!!

Leave a Reply

Your email address will not be published. Required fields are marked *