Detect Brave fingerprint farbling

[abrahamjuliot]

Tracking:
v2 https://github.com/brave/brave-browser/issues/8787
v3 https://github.com/brave/brave-browser/issues/11770

• WebGL 1&2 Drawing: ignored
• WebGL 1&2 Vendor and Render: ignored, with inconsistencies detected
• WebGL 1&2 Parameters: side stepped through reduction
• User Agent: bypassed
• Canvas: detected with trap
• Web Audio: detected with trap
• Plugins: inconsistencies detected
• Hardware Concurrency: ignored
• Enumerate Devices: bypassed
• Device Memory: ignored, with occasional inconsistencies detected
• Fonts: bypassed
• Languages: lower entropy permitted
• Storage Quota: lower entropy permitted
• Network Info: blocked entropy permitted
• Keyboard: blocked entropy permitted
• Timezone: pending implementation
• Voices: bypassed
• Screen: pending release

Testing at https://dev-pages.bravesoftware.com

[abrahamjuliot]

• worker canvas and hardwareConcurrency are distrusted in brave
• 4359327 canvas tampering detect via nested iframe test
• only the system is counted in worker userAgent (full userAgent with noise is counted in the loose fingerprint)

[abrahamjuliot]

EDIT: Fixed in desktop versions.

From #53, this catches hardwareConcurrency in 86 Stable. Issue is resolved in 87 Nightly

(function() {
    'use strict';
    const getNestedIframes = (n, context = window) => {
        n = +n
        let parent, total = n
        return (function getIframeWindow(win, {
            previous = context
        } = {}) {
            if (!win) {
                console.log('stopped at ', total - n) // Firefox has a limit
                return previous
            }
            const numberIframes = win.length
            const div = win.document.createElement('div')
            win.document.body.appendChild(div)
            div.innerHTML = '<iframe></iframe>'
            const iframeWindow = win[numberIframes]
            if (total == n) {
                parent = div
                parent.setAttribute('style', 'display:none')
            }
            n--
            if (!n) {
                parent.parentNode.removeChild(parent) //
                return iframeWindow
            }
            return getIframeWindow(iframeWindow, {
                previous: win
            })
        })(context)
    }

    const nestedWindow = getNestedIframes(20)
    console.log('top: ', window.navigator.hardwareConcurrency)
    console.log('nested: ', nestedWindow.navigator.hardwareConcurrency)
})()

[abrahamjuliot]

function getBraveMode() {
    try {
        // strict mode returns null supported extensions
        const canvas = document.createElement('canvas')
        const gl = canvas.getContext('webgl')
        if (!gl.getSupportedExtensions()) {
            return 'strict'
        }
        // standard and strict mode do not have chrome plugins
        const chromePlugins = /(Chrom(e|ium)|Microsoft Edge) PDF (Plugin|Viewer)/
        const pluginsList = [...navigator.plugins]
        const hasChromePlugins = pluginsList
            .filter(plugin => chromePlugins.test(plugin.name)).length == 2
        if (!hasChromePlugins) {
            return 'standard'
        }
        return 'allow'
    } catch (e) {
        return 'unknown'
    }
}
// if 'brave' in navigator...
getBraveMode()

[abrahamjuliot]

const detectBrave = async () => {
    const windowKeys = Object.keys(Object.getOwnPropertyDescriptors(window))
    const fileSystemKeys = /FileSystem((|Directory|File)Handle|WritableFileStream)|show((Directory|((Open|Save)File))Picker)/

    // each can be spoofed or blocked
    return {
        // moving to flags
        fileSystemAccessDisabled: !windowKeys.filter(key => fileSystemKeys.test(key)).length,
        webSerialDisabled: !('Serial' in window || 'SerialPort' in window),
        reportingDisabled: !('ReportingObserver' in window),
        // not strictly brave
        gpcInNavigator: 'globalPrivacyControl' in navigator,
        // primary method
        braveInNavigator: (
            'brave' in navigator &&
            Object.getPrototypeOf(navigator.brave).constructor.name == 'Brave' &&
            navigator.brave.isBrave.toString() == 'function isBrave() { [native code] }'
        ),
        // rule out other brands
        brandIsNotGoogleMicrosoftOrOpera: (
            !navigator.userAgentData ? 'unknown' :
            !navigator.userAgentData.brands
            .filter(item => /Google Chrome|Microsoft Edge|Opera/.test(item.brand)).length
        ),
        // blink w/2147483648 is brave (spoofable and blockable)
        storageQuotaIs2Gb: 2147483648 == (await navigator.storage.estimate()).quota,
    }
}

;(async () => {
    const x = await detectBrave()
    console.log(x)
})()