Disclaimer: This program is for educational purposes. Internet privacy is important and this tool should not be used for fingerprinting unknowing/unwanting subjects.
Fast, small, reliable, embeddable browser canvas fingerprinting implemented in WebAssembly.
We use your browsers canvas rendering engine to create a unique fingerprint for every computer+browser pair.
https://drbh.github.io/wasm-fingerprint/
Try opening the same window in private browser mode, is the fingerprint the same?
const wf = new WasmFingerprint();
wf.make_fingerprint()
// {ms: 3.3350000012433156, print: "CB2BFCAB"}Every computer and browser engine renders a slightly diffrent canvas output when drawing the image on screen due to the slight discrepencies in both the soft and hardware.
At the image format level – web browsers use different image processing engines, image export options, compression level, the final images may get different checksum even if they are pixel-identical. At the system level – operating systems have different fonts, they use different algorithms and settings for anti-aliasing and sub-pixel rendering. browserleaks
Essentially this allows us to track a user without cookies or any other persisted method. We use the unique user's computer to generate a fingerprint on page load.
cd web-example
## start a server
# npm install http-server -g
http-server
## navigate to localhost:8080
# open developer toolsNow in the console type:
const wf = new WasmFingerprint();
wf.make_fingerprint()
// {ms: 3.3899999980349094, print: "CB2BFCAB"}
// // ✨ YOUR BROWSER FINGERPRINT SHOUD BE LOGGED TO THE CONSOLE 🎉 The ms refers to the milliseconds wasm-fingerprint took to add, draw and hash the canvas objects needed to create a unique print. The print is the 99+% unique id.
This id's entropy is from the hard and software so it should be static as long as the user does not change those things.
What this allows us to do is track a user without any cookies. For instance their fingerprint will be identical in normal and private browsing mode.
This library is still in development and we are looking for the best way to make this library accessible to developers. Here are some notes on how to get it working now, what files you'll need and what files might need to be tweeked
This file imports the JS shim that makes the WASM binary work, this file alos lives in the pkg folder
<script src="./wasm_fingerprint_mod.js"></script>This files fetches and manages the wasm binary when loaded in the browser. If you use this in your own app or host the JS and WASM file, you'll likely need to change the path. This is in the init function
// you'll have to change the first line of this function
function init(module) {
module = "/wasm_fingerprint_bg.wasm"
...- load WASM and JS shim
- generate canvas div and append to body (invisibly)
- draw different colored text on canvas
- dump canvas data to uri
- hash data uri to low collision (but fast and short) fingerprint
runtime <20 ms
avg runtime ~5 ms
wasm-pack build --target bundler
cd runme/
npm install
npm start