Cross-systems tracking and Firefox

Let’s assume one uses Firefox from Linux distro CD and also normal (HDD installed system).
How Firefox on LiveCD should be set, to have fully separate ID from HDD system?
To put it in another way - which data should be kept secret on linuxCD to avoid cross-device tracking (or in this case ‘cross-system tracing’)

What I see is:
-IP (optional),
-HTML5 Canvas (because they may be similiar on LiveCD distro and HDD distro, so if one check know them on both system, they may be connected - correct me if I wrong),
-screen resolution (should be spoofed).
Also, cell phone should be far away to avoid ultrasound tracking and connecting 2 identities.
Something else?

On the other hand, some trackers are not important - like normal cookies, since they will be only active to track within one identity, which in this case is acceptable.

Cant you just spin up Whonix or Tails for this?

Cellphones dont do that, because if it did, it would have interfered with the ultrasound machines i work with.

1 Like

Hmm, if you really want to use it (i mean just use tails or whonix)

  • IP: you either use tor browser or firefox with good vpn then
  • HTML5 Canvas: You can use CanvasBlocker addon
  • screen resolution: again you can use tor browser or just minimize your browser window
  • ultrasound tracking: i heard about it from thehatedone videos but i’m not sure about it, but i think it does this while it’s active right? so maybe you can shutdown the phone itself
  • Something else?: i don’t have much experience as i stated so i don’t have examples in my head right now :stuck_out_tongue:

All these suggestions are from my little experience and feel free to add to or remove from

I watched the ultrasound tracking primer from thehatedone youtube channel and now have some understanding on how it works. Thank you for informing me on this (apparently it was discovered around 2016).

@infosechandbook provided a great resource that explains in detail some of the methods used in cross-browser tracking. The key factor that makes this possible is for the most part the underlying hardware (the computer you’re using). From this information I would assume you should hide information about the hardware from your browser, by disabling things like WebGL, Battery API, Media API, etc…

There are likely many other things that you simply cannot control about it. It’s probably much more effective to use virtual machines that mimic hardware for this purpose, and I believe solutions like Tails and Whonix were created for this purpose.

And here you have to consider that web browsers continuously add more APIs and features that might be misused for fingerprinting. So, “hardening guides” can become quickly outdated and you might forget some new APIs that are then used to fingerprint your hardware.