Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
    Valentin Vasilyev
    @Valve
    @daankuijsten yes, initially I was using phantomjs for tests but it cannot run flash, so I dropped the idea, didn't want extra complexity.
    @melloc01 the module loading is broken in the library. Nobody has submitted a PR to fix it yet, so it seems that it's an unnecessary feature. If you need it, please submit a PR
    Aditya Agarwal
    @o0aditya0o
    @Valve In the hasLiedLanguage what is the significance of matching the substring of length 2 and not the entire strings ?
    Aditya Agarwal
    @o0aditya0o
    @Valve Also I think there might be a possible bug in hasLiedBrowser since chrome UA on iphone is something like this - Mozilla/5.0 (iPhone; CPU iPhone OS 10_3 like Mac OS X) AppleWebKit/602.1.50 (KHTML, like Gecko) CriOS/56.0.2924.75 Mobile/14E5239e Safari/602.1
    @Valve as you can see there is no mention of chrome hence this would be detected as safari
    Himanshu Ranavat
    @atkt_forever_twitter
    question: the fingerprintJS2 library - how expensive it is to run to calculate the fingerprint. could it be a issue on mobile browsers?
    Aditya Agarwal
    @o0aditya0o
    @ptrinh what exactly is this theatMatrix doing ?
    Steven Borrelli
    @stevendborrelli
    The function itself is defined to return 1 if it cannot determine the number of processors, but fingerprint.js returns "unknown". This caused one of our APIs endpoints to have an error, as it was expecting an int in that field.
    I see returning "unknown" is a common patter, but it seems like it would cause issues on systems that have stricter type enforcement.
    Nitzan Aviram
    @nitzanav
    Hi, I am looking for a consultant with a vast experience in fingerprinting. Mostly to guide us and help us choose the right set of attributes. Can some one consult us and invoice us?
    Neumann Valle
    @utan
    mm
    t0shki
    @t0shki__twitter
    @Valve Hello. I have a question about this library. How unique is the generated fingerprint hash / What are the odds that we get a collision?
    Mingle
    @minglethepringle
    @Valve I posted the same question on github as an issue. Basically, my question is, is there a way to make fingerprint generation synchronous? I assume that when I call new FingerprintJS2() it starts up an asynchronous thread
    Kevin Chappell
    @kevinchappell
    @minglethepringle can you use async/await?
    @t0shki__twitter Are you encountering collisions? We are finding collision with requests using this specific user_agent Mozilla/5.0 (iPhone; CPU iPhone OS 10_3_3 like Mac OS X) AppleWebKit/603.3.8 (KHTML, like Gecko) Version/10.0 Mobile/14G60 Safari/602.1
    Kevin Chappell
    @kevinchappell
    nevermind, just read the FAQ, thanks.
    Dmitry Nechay
    @dnechay
    Hi everybody!
    Can somebody hint me which hash algorithm uses fp2? Or maybe some ways how to validate some string on fp2 hash value?
    skiperz
    @skiperz
    Привет , кто может помочь с установкой и настройкой fp2 ?<_>
    Hi, who can help install the fingerprint?
    @Valve помогите с установкой и настройкой .
    Valentin Vasilyev
    @Valve
    @skiperz you can hire me as a consultant, please email me the details: valentin.vasilyev at outlook.com
    Dmitry Nechay
    @dnechay
    @Valve thank you
    skiperz
    @skiperz
    @Valve отправил на майл
    Victor Castro
    @victor95pc
    @Valve hey do you know the chances to duplicate a fp2 hash? I'm not asking about confliting SHA256 I know it's almost impossible to happen, I asking the chances the value(that's about to get hashed) duplicate.
    Do you use it for how many users?
    I'm thinking to use this lib, but I have a traffic with 18M a day
    Valentin Vasilyev
    @Valve

    @victor95pc please see the detials here: https://github.com/Valve/fingerprintjs2/blob/master/FAQ.md#how-good-is-your-library-can-you-guarantee-that-different-devices-will-have-different-identifiers

    How good is your library? Can you guarantee that different devices will have different identifiers?
    This library is not good. It has an error margin of 10-20%

    I don't use it currently, I still use fpjs first version.

    xiuxiuxiaodi
    @xiuxiuxiaodi
    hi, anynoe has the augur.js that can generate the fingerprint from the augur.io website?
    SleepProgger
    @SleepProgger
    hi, i am currently preparing the "timezone from the internationalization API" (#356) PR and was thinking if an additionally hash over all timezoneOffset changes (like https://pastebin.com/2f7imVnr ) could be usefull. The values seem to be kinda stable over different devices and browser (android ff+chrome, linux ff + chrome, working but different values in konqueror)
    Besides acting as a fallback for browser not supporting the internationalization API this also helps for browser (like ff on android) which in my case fe. returns CET from the internationalization API while using the Europe/Berlin timezone (the timezone changes are the same -> same hash as on other devices)
    Any thoughts on that ?
    Jonas Haag
    @jonashaag
    I think it's a great idea. Go ahead.
    SleepProgger
    @SleepProgger
    awesome, will get to work in a bit. For client not supporting the Internationalization API simple returning an empty string seem to be the common way in that project ?
    Jonas Haag
    @jonashaag
    Yep, or null
    SleepProgger
    @SleepProgger
    about the null, incoming PR because index.html can't handle null results, because null.toString() won't work ;)
    SleepProgger
    @SleepProgger
    After reading a bit more about the internationalization API i think a lot of default value in there would be a good addition to FS2.
    https://www.ecma-international.org/ecma-402/1.0/#sec-A , but i am not really sure where some of the values are sourced from TBH.
    SleepProgger
    @SleepProgger
    @jonashaag what do you think about something like this: https://pastebin.com/cMZyeaVf for the specs ?
    It generalizes (or tries to) checking the exclude options.
    Not a big fan of all the workarounds, but not sure what to do else TBH.
    The hope is that it makes pushing new fingerprinting sources easier.
    SleepProgger
    @SleepProgger
    Messed the previous one up. Fixed: https://pastebin.com/wMHPpr8p
    Jonas Haag
    @jonashaag
    @SleepProgger better than what we have currently but if you're interested you may also refactor the exclude options schema to something like {exclude: ['webgl', 'canvas']} etc, and refactor all of the webglKey, canvasKey, etc function names to something that follows a sane scheme.
    I think refactoring this is long overdue and as long as we provide a deprecation path we might as well refactor all the things :)
    SleepProgger
    @SleepProgger
    @jonashaag the exclude:{key1, key2,...} way sounds way nicer, i like it. Am offline tomorrow, so i'll prob. send a PR for that in about two days
    shall i keep the other options like they are now ? ie: options = {someFlashOption: 1, someotherOption:2, exclude: [key1, key2,...]} or do we want an config object per check (flashFontOptions: {foo: 'bar'}) ?
    Jonas Haag
    @jonashaag
    let's keep the other options for now, maybe we can change these in a second step if it's useful
    SleepProgger
    @SleepProgger
    ok.
    Something else: currently some functions check if the relevant API is supported and if it isn't the corresponding entry isn't added to keys.
    I am not sure if it wouldn't be a better idea to always return the entry (with value set to null if the API isn't supported) if the fingerprint isn't excluded ?
    that would make the specs easier and also IMHO not supported APIs are a bit of FP information which would be easier to collect this way
    Jonas Haag
    @jonashaag
    hm
    not sure. excluding it doesn't change fp in case you enable a previously disabled option that the browser doesn't support