Tanstack Start | Show HN: Explore what the browser exposes about you

Show HN: Explore what the browser exposes about you(neberej.github.io)

69 points by coffeecoders 5 days ago | 28 comments

I built a tool that reveals the data your browser exposes automatically every time you visit a website.

GitHub: https://github.com/neberej/exposedbydefault

Demo: https://neberej.github.io/exposedbydefault/

Note: No data is sent anywhere. Everything runs in your browser.

coffeecoders 5 days ago
Hi HN,
I’ve been experimenting with ways to reduce my browser fingerprint and exploring techniques to anonymize fingerprint data.
So I built this.
This is kind of like a lighter, more thorough version of CreepJS but entirely client side. I don’t maintain massive lists of time zones or do server-side comparisons to calculate uniqueness. Instead, it automatically surfaces everything a browser exposes, explaining each item in detail.
- locknitpicker 31 minutes ago |parent
  Hi, thank you for going through the trouble of putting this together. This sort of service is invaluable as it allows us clueless people to beindful about something that negatively impacts our life.
  Here's a suggestion: it's important to show us that our browser footprint allows us to be positively identified, but it only alerts us to a problem. It would be very useful if the site also provided some tips to improve anonymity, particularly if it's low-effort changes such as tweaking a couple of config changes.
njitram 3 hours ago
I tried various browsers, even the Tor browser, but it keeps showing 'Unique to 1 in 17.179.869.184+ devices'?
- Sayrus 26 minutes ago |parent
  It's unique but changes on each reload. While the details are interesting, the fingerprint itself is not useful.
- qwertytyyuu 2 hours ago |parent
  I have the exact same, Unique to 1 in 17,179,869,184+ devices. actually slightly different. hmmm... ,'s vs .'s
  - aaronharding an hour ago |parent
    the person above you is from The Netherlands ;)
adhambadr an hour ago
Yet on the flip side, if I’m trying to auto identify my own phone for a login-less private app i tried to build I couldn’t get to reliably generate a consistent fingerprint on safari private mode, it regenerates 50% of the time, I’ve tried several libraries like fingerprintjs and co..
- ffsm8 38 minutes ago |parent
  Isn't that what webauthn was made for?
  Or did I misunderstand you?
- zipping1549 an hour ago |parent
  How about mTLS?
conartist6 an hour ago
I could not be more thrilled to see tools like this being built. Without tools to see the problems, we will never fix them
Santosh83 3 hours ago
What we need is VPB. Virtual Private Browser like VPNs. Essentially standardised cloud browsers that can execute your requests and send you back the result as bitmap buffers.
- ycuser2 an hour ago |parent
  Great idea! How to make sure that the users data stays private without the cloud knowing where the user is surfing. And I wonder how to monetise it? Subscription?
peterspath 15 minutes ago
It’s just a blank page for me on iOS 26.1 Safari with Lockdown Enabled.
bstsb 16 minutes ago
this seems incredibly variable as to be almost useless as any type of "fingerprint" - running the latest version of Chrome on Android, the ID at the top of the page changes each reload.
alentred 3 hours ago
EFF has a similar tool: https://coveryourtracks.eff.org/
No idea how representative either tool is.
oersted 3 hours ago
Interesting!
For me it says 1 in 17,179,869,184+, but scrolling through all the variables, the vast majority should be the same for any MacBook Chrome user.
It would be great to see the stats of each individual characteristic.
- jspash 2 hours ago |parent
  I would love to be able to toggle an attribute off/on to see what affect each has on the uniqueness of my fingerprint. My guess is that there are a handful of _very_ unique things, that if obscured, would make one less recognisable.
evgpbfhnr 3 hours ago
I get a new fingerprint id everytime I refresh the page (firefox, linux) -- so that might be sampling a tiny bit too much. audio and canvas fingerprint are constant though so it's probably plenty enough...
- reconnecting 3 hours ago |parent
  The same applies to macOS. Safari produces a unique fingerprint ID every time, and Firefox also has a different fingerprint ID with every visit.
  If the fingerprint ID is unique every time, there is zero possibility of using it for identification.
  - conartist6 an hour ago |parent
    Very interesting. So this is the battlefield perhaps. Randomly corrupt the data instead of eliminating it?
- mpeg an hour ago |parent
  I think it might be because the performance fingerprints need to be bucketed. If they're too specific you'll never get the same fingerprint twice.
reconnecting 3 hours ago
May I ask if this code is the result of 'vibe coding'?
- manbitesdog an hour ago |parent
  It looks AI-assisted, based on these two commits: * https://github.com/neberej/exposedbydefault/commit/503bd6519... * https://github.com/neberej/exposedbydefault/commit/16693ba17...
  But to what extent should we care for such a small website? The AI witch hunt won't get us too far, and this new way of producing is only getting started. The loss of control to a non-deterministic black box is worrysome, but at some point non-vibe coded (hard coded? brain coded?) software might become less error-prone that vibe-coded
  - mcny 28 minutes ago |parent
    > but at some point non-vibe coded (hard coded? brain coded?) software might become less error-prone that vibe-coded
    Did you mean more instead of less?
dvh 3 hours ago
ERROR> https://neberej.github.io/exposedbydefault/assets/index-3936...: Uncaught ReferenceError: speechSynthesis is not defined
fareesh 2 hours ago
seems like brave works well and isn't getting correctly fingerprinted
udev4096 2 hours ago
> Doesn't even load with JS
> Impossible to "expose"
The perks of disabling JS on every site!
SeriousM 2 hours ago
Here's another one: https://amiunique.org/fingerprint
It's important to point out fingerprinting, yet no ordinary user cares.