Advanced Privacy: Anti-Detection

Ghost Browser includes advanced privacy and anti-fingerprinting and anti-tracking technology that provides an extra layer of privacy and security for you and your accounts. Below are some of the ways we help protect the privacy of our users and their browser tabs.


IMPORTANT: TURN ON PRIVACY FEATURES

For normal browsing, it 's best to leave most of these features disabled so web sites work properly as you are browsing the Internet. However....


THE ADVANCED PRIVACY FEATURES IN GHOST BROWSER ARE TURNED OFF BY DEFAULT


If you want enhanced privacy, you must turn these options on. To do so, please go to:

Menu—>Settings—>Privacy

and enable these options as needed:

Some Notes About Testing Our Privacy Features

If you are planning to test Ghost Browser's privacy features, we encourage you to use a reputable website like browserleaks.com in your testing of our current privacy features. It's also important to note that certain websites like whoer.net may not report accurately about Ghost Browser's privacy features. 

For example even  when WebRTC is Disabled in Ghost Browser whoer.net reports it as being Enabled because they think you're using Chrome and Chrome doesn't have the ability to Disable WebRTC. So take your testing with a grain of salt and know that we've got you covered.


General Tab Separation

All browsers store data on your computer to help enhance your browsing experience. For example, a cookie jar will store files letting Facebook know you are logged in as you. But when you want to log into a different account, you can't. Identities help because they each have their own separate cookie jar so you can be logged in to two accounts.

This type of data separation in the browser is what makes Ghost Browser work and most users will understand this concept.

There are also more complex ways web sites store information in your browser and thus, Ghost Browser needs more complex separation methods.

To support tab separation, each Identity in Ghost Browser will have a separate Cookie Jar, local storage, indexedDB, WebSQL, Service Workers and Notifications.


Even with all of this separation, there are other features that make browsers work on the modern web that can also be used by sites to track you. We've implemented ways to prevent this tracking as shown in the settings panel above. Below is a description of each of these features.


Canvas Fingerprinting

Canvas fingerprinting is a common method used to identify you when browsing the web. This method works by using HTML5 and JavaScript to draw a picture. You can’t see this picture. But once your browser renders it, the binary code used to generate the pixels creates a digital signature that is completely or largely different from signatures created on other computers when drawing the same image.

And that’s why it’s called a signature – because it can be pretty closely matched the next time an advertiser – or someone else – sees that same signature on another web page, they can pretty closely guess it is you.

The truth about Canvas fingerprinting is that the fingerprints aren’t always unique. Therefore Canvas fingerprinting is just one technique that is usually used in combination with others to really zero-in and identify you.

Fingerprints in Ghost Browser Identities introduce noise that will protect your privacy.

To protect yourself against Canvas fingerprinting in Ghost Browser go to Menu –> Settings –> Advanced –> Privacy, then toggle the option to ‘Enable Canvas Noising’.


Font Fingerprinting

You can be identified through various methods that use the fonts in your browser to create a unique identity or fingerprint. This allows you to be tracked over time in the same browser.

One method is similar to Canvas fingerprinting where a web site will render a font in your browser then use the rendering to create a unique identity of your browser. This method can be sent for a loop with a technique we’ve implemented called scale spoofing.

Like canvas fingerprinting we’re basically messing with the rendering of the fonts to make each font fingerprint look unique per each session. The end result is that if someone tries to track you based on this method, every session and identity you use will appear to be a different person or browser.

To enable scale spoofing and combat font fingerprinting just go to Menu –> Settings –> Advanced –> Privacy and toggle the ‘Enable Scale Spoof’ option to ‘on’.


WebRTC

WebRTC is a technology that is used to deliver communication capabilities such as video chat, screen sharing and some other really cool stuff.

But in order to do that well, it also digs into your system internals to pull and reveal your actual IP address, even if you are using a proxy or a VPN. That means that simply having WebRTC enabled in your browser – even if you are not using one of those fancy communication apps – leaves you vulnerable to WebRTC leaks of your real IP address.

It essentially renders your proxies useless.

To fix this you can disable WebRTC in your browser. But solutions for doing this in Chrome, for example are not always effective, so we’ve dug into the browser internals to give you more reliable options for doing this.

Disabling WebRTC in Ghost Browser means you not only prevent the leak of your real IP address when using proxies, but it also hides your ‘media device ID’ so that list of IDs can’t be used to make a fingerprint of your device.

To block WebRTC go to Menu –> Settings –> Advanced –> Privacy and toggle the switch to ‘Disable WebRTC’. This means that you won’t be able to some apps that use WebRTC for browser based collaboration – but it will protect your privacy and prevent tracking.


WebGL and 3D APIs

WebGL is a JavaScript API that is used to provide 3D graphics in a browser even if the user doesn’t have plugins to provide this functionality. Very cool right?

Well, not if you are going for privacy. Because that same technology can be used to make a fingerprint of your device to identify you as a user across time and space. That is – unless you are in Ghost Browser.

To disable the WebGL 3D APIs that are used to track you based on this fingerprinting technology, go to Menu –> Settings –> Advanced –> Privacy and toggle the setting to “Disable 3D APIs” on.


User Agent String

Some users like to use custom user agent strings to obscure their browser fingerprint and protect their privacy. This can be done in Ghost Browser by adding a custom user agent to your Identities through the Identity Manager.