Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
op-fingerprinting-script
Advanced tools
Readme
OPFS is a browser fingerprinting library for creating persistent, unique and long-lasting digital fingerprints without depending on ever-changing variables such as the user agent string commonly used in other browser fingerprinting libraries. As such, the fingerprint does not change most of the time when a user upgrades their browser to the current version.
Get script from CDN
<script src="https://cdn.jsdelivr.net/gh/Joe12387/op-fingerprinting-script@main/opfs.min.js"></script>
Or install from NPM
npm i op-fingerprinting-script
import { fingerprint } from "op-fingerprinting-script";
Create the fingerprint
fingerprint().then((result) => {
console.log(result.fingerprints, result.profile);
});
OPFS uses some novel methods not well known before the publishing of this repo that allow the creation of a likely completely unique device fingerprint in Google Chrome, Microsoft Edge and other Chromium-based browsers.
The library is able to detect and mitigate the effects of browser-based anti-fingerprinting technologies introduced to certain browsers in the past few years with the release of Brave Browser and Safari 13+. The script will not use randomized fingerprints in such browsers and instead settle on a fingerprint that is to be persistent as long as possible at the expense of uniqueness.
This mainly only applies to Safari 13 and up on both macOS and iOS, with Safari for iOS being the most difficult to create a unique identifier for due to the anti-fingerprinting methods used and the homogeneity of the hardware & software. This applies to Safari for macOS as well, but to a lesser extent for much the same reasons.
This script cannot detect if certain browser extensions are present in the browser that may be blocking or jamming fingerprinting methods, such as CanvasAPI having added noise to its output, which will still result in a non-persistent fingerprint.
I have compiled a list of 30+ individual fingerprinting methods to create an optimally unique fingerprint. While it does not contain all fingerprinting methods in use today, it does contain some that are not used in any other open source libraries I am aware of.
OPFS contains these notable fingerprinting methods:
OPFS returns multiple fingerprints accessible via result.fingerprints
.
result.fingerprints.uniqueFp
uses all available fingerprints and is most useful when you value uniqueness over persistence. While this fingerprint is unlikely to change often, it will still change eventually as browsers are updated.result.fingerprints.persistentFp
is useful if you value persistence over uniqueness. It will not be as unique but should rarely, if ever, change.If you are aware of a way to violate any of the three expected behaviors above, please create an issue.
FAQs
An overpowered JavaScript browser fingerprinting library for creating persistent, unique and long-lasting digital fingerprints.
The npm package op-fingerprinting-script receives a total of 2 weekly downloads. As such, op-fingerprinting-script popularity was classified as not popular.
We found that op-fingerprinting-script demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.