Fingerprinting v3: Dark Mode detection #15265

pes10k · 2021-04-13T19:18:29Z

New CSS features allow sites to determine if your OS or environment is configured for Dark Mode (or similar names). See CSS Media Queries Level 5

We should disable this detection for users wanting the highest level of fingerprinting protection ("strict").

default protections: no changes
max protections: always report that the user prefers "light"

stephendonner · 2021-06-14T22:43:40Z

@ShivanKaul @pes10k when you get a chance, can you add a testcase/testplan to brave/brave-core#8832? Thanks!

pes10k · 2021-06-15T00:07:57Z

No problem, here ya go: https://dev-pages.brave.software/fingerprinting/strict-mode.html

The values for the strict mode row should accurately report whether the system has dark mode enabled with default fingerprinting protections, and should always report "dark mode not detected" (regardless of system settings) in strict mode

stephendonner · 2021-06-15T17:43:46Z

Verified PASSED using

Brave	1.27.65 Chromium: 91.0.4472.101 (Official Build) nightly (x86_64)
Revision	af52a90bf87030dd1523486a1cd3ae25c5d76c9b-refs/branch-heads/4472@{#1462}
OS	macOS Version 11.4 (Build 20F71)

Steps:

enabled Dark mode via System Preferences -> General -> Appearance
loaded https://dev-pages.brave.software/fingerprinting/strict-mode.html
clicked on Generate Values
clicked on This Frame, Local Frame and Remote Frame hash values
confirmed detected dark mode displayed for Shields off/Allow all fingerprinting, and standard fingerprinting settings
confirmed dark mode not detected displayed for strict fingerprinting setting
repeated the above for https://dev-pages.bravesoftware.com/fingerprinting/strict-mode.html

https://dev-pages.brave.software/fingerprinting/strict-mode.html

standard fingerprinting	strict fingerprinting

https://dev-pages.bravesoftware.com/fingerprinting/strict-mode.html

standard fingerprinting	strict fingerprinting

Verification passed on

Brave | 1.27.78 Chromium: 91.0.4472.114 (Official Build) beta (64-bit)
-- | --
Revision | 4bb19460e8d88c3446b360b0df8fd991fee49c0b-refs/branch-heads/4472@{#1496}
OS | Windows 10 OS Version 2004 (Build 19041.1052)

https://dev-pages.brave.software/fingerprinting/strict-mode.html

standard fingerprinting	strict fingerprinting

https://dev-pages.bravesoftware.com/fingerprinting/strict-mode.html

standard fingerprinting	strict fingerprinting

Verified passed with

Brave	1.27.89 Chromium: 91.0.4472.124 (Official Build) beta (64-bit)
Revision	7345a6d1bfcaff81162a957e9b7d52649fe2ac38-refs/branch-heads/4472_114@{#6}
OS	Linux

https://dev-pages.brave.software/fingerprinting/strict-mode.html

`This Frame` - Std FP	`Local Frame` - Std FP	`Remote Frame` - Std FP	`This Frame` - Strict FP	`Local Frame` - Strict FP	`Remote Frame` - Strict FP

https://dev-pages.bravesoftware.com/fingerprinting/strict-mode.html

`This Frame` - Std FP	`Local Frame` - Std FP	`Remote Frame` - Std FP	`This Frame` - Strict FP	`Local Frame` - Strict FP	`Remote Frame` - Strict FP

iam-cult · 2021-06-23T10:59:24Z

I don't know how others feel, but personally I would not appreciate this feature. Detecting dark mode seems like an overall good thing, as a site can adjust to your preferences, and serve the right favicon for best visibility. It's one of the reasons I don't use Firefox's RFP (That and the timezone spoofing), and it doesn't seem like it's that big of a deal. Sure, it can factor in to your fingerprint. But it's a binary measurement, on or off, and from what I've seen, it's fairly 50/50. If you're faking everything else, this seems like something you can let slide, as, by itself, it provides very little fingerprintable surface.

srirambv · 2021-06-23T15:21:57Z

Verification passed on OnePlus 6T with Android 10 running 1.27.75 x64 Beta build

Verified dark mode is detected when fingerprint is set to standard
Verified dark mode is not detected when fingerprint is set to strict
Verified setting theme to dark manually works fine
Verified setting device theme to dark and browser theme to use system default, sets browser to dark theme and dark theme recognition works fine as expected

https://dev-pages.bravesoftware.com/fingerprinting/strict-mode.html

Fingerprint (Strict)	Fingerprint (Standard)

https://dev-pages.brave.software/fingerprinting/strict-mode.html

Fingerprint (Strict)	Fingerprint (Standard)

Verification passed on Samsung Tab A with Android 10 running 1.27.75 x64 Beta build

Verified dark mode is detected when fingerprint is set to standard
Verified dark mode is not detected when fingerprint is set to strict
Verified setting theme to dark manually works fine
Verified setting device theme to dark and browser theme to use system default, sets browser to dark theme and dark theme recognition works fine as expected

https://dev-pages.bravesoftware.com/fingerprinting/strict-mode.html

Fingerprint (Strict)	Fingerprint (Standard)

https://dev-pages.brave.software/fingerprinting/strict-mode.html

Fingerprint (Strict)	Fingerprint (Standard)

pes10k added privacy feature/shields/fingerprint The fingerprinting (aka: "device recognition") protection provided in Shields OS/Android Fixes related to Android browser functionality privacy-pod Feature work for the Privacy & Web Compatibility pod OS/Desktop labels Apr 13, 2021

pes10k mentioned this issue Apr 13, 2021

Fingerprinting Protections v3 #11770

Open

10 tasks

ShivanKaul self-assigned this May 17, 2021

ShivanKaul mentioned this issue May 17, 2021

Always return light mode in fingerprinting strict mode brave/brave-core#8832

Merged

24 tasks

ShivanKaul closed this as completed in brave/brave-core#8832 Jun 1, 2021

ShivanKaul added this to the 1.27.x - Nightly milestone Jun 11, 2021

ShivanKaul added QA/Yes release-notes/include labels Jun 14, 2021

stephendonner added QA/Blocked QA/Test-Plan-Required labels Jun 14, 2021

LaurenWags added QA/Test-All-Platforms and removed QA/Blocked QA/Test-Plan-Required labels Jun 15, 2021

stephendonner added the QA Pass-macOS label Jun 15, 2021

This was referenced Jun 21, 2021

Built-in dark theme is broken after auto-updating Brave browser beta from 1.26.x to 1.27.69 when strict fingerprinting is enabled #16496

Closed

Bugfix: dark mode broken for settings when strict fingerprinting brave/brave-core#9215

Merged

srirambv added QA Pass - Android ARM QA Pass - Android Tab labels Jun 23, 2021

GeetaSarvadnya added the QA Pass-Win64 label Jun 24, 2021

LaurenWags added the QA Pass-Linux label Jul 2, 2021

LaurenWags mentioned this issue Jul 22, 2021

[Desktop] Release Notes for 1.27.x Release #1 #17118

Closed

supernes mentioned this issue Jul 24, 2021

Update 1.27.108 causes breakage in dark mode #17139

Closed

This was referenced Jul 28, 2021

Release notes for 1.27.x - Release #2 #17211

Closed

Pending verifications/Release Notes from 1.27.x Release #17212

Closed

Tonev mentioned this issue Aug 19, 2021

Strict fingerprint blocking prevents sites from detecting color scheme preference #17550

Closed

ShivanKaul mentioned this issue Oct 7, 2022

[hackerone] Dark Mode detection not always blocked by Fingerprinting Protection on Android #25851

Closed

arthuredelstein mentioned this issue Jun 22, 2023

Aggressive fingerprinting mode removal #31229

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Fingerprinting v3: Dark Mode detection #15265

Fingerprinting v3: Dark Mode detection #15265

pes10k commented Apr 13, 2021

stephendonner commented Jun 14, 2021

pes10k commented Jun 15, 2021

stephendonner commented Jun 15, 2021 •

edited by LaurenWags

Loading

iam-cult commented Jun 23, 2021

srirambv commented Jun 23, 2021

Fingerprinting v3: Dark Mode detection #15265

Fingerprinting v3: Dark Mode detection #15265

Comments

pes10k commented Apr 13, 2021

stephendonner commented Jun 14, 2021

pes10k commented Jun 15, 2021

stephendonner commented Jun 15, 2021 • edited by LaurenWags Loading

iam-cult commented Jun 23, 2021

srirambv commented Jun 23, 2021

stephendonner commented Jun 15, 2021 •

edited by LaurenWags

Loading