CyDec Platform Anti-Fp

Stop trackers in their tracks.

What is it?

Anti-Fp is a Windows application that when combined with the browser extension provides the ability to change almost all aspects of your browser fingerprint.

Why should I care?

If you care about your privacy on the Internet, then you should be worried about how trackers and advertisers are able to follow you around the web. Your browser leaks a lot of information that can be used to create a unique fingerprint of your browser, and in some cases system itself, in order to record and monitor your browsing activity. This type of tracking does not require cookies and in some cases does not even require Javascript. The only way to truly defeat this form of tracking is with a tool like Anti-Fp.

Anti-Fp allows you to create custom fingerprint profiles that can be applied on a per-browser or per-domain basis. Anti-Fp currently supports 9 browsers so fingerprint management can be coordinated and synchronized across your browsing platforms.

Get Started

The first thing to do is download Anti-Fp. The current release is:

You'll also need to install the browser extensions. You can find these in either the Chrome and Firefox extension stores.

Extension

The browser extensions are a key component of Anti-Fp. Without the extensions, the application is not able to actually apply the fingerprints to the browser session.

The browser extensions work both with and without Anti-Fp running. When Anti-Fp is not running, the extensions are limited in what they can do. This is because Anti-Fp contains the logic needed to apply the specific anti-fingerprint profiles. In this limited mode, certain capabilities are not available (such as ETag, Fonts and WebRTC). Also, the extensions fall back to using random values instead of specific values that can be set when using Anti-Fp.
The way you can tell if the extension is currently communicating with Anti-Fp is by looking at the status indicator icon. When not connected, the status icon will be pulsing red. Additionally, specific spoof settings are disabled and cannot be toggled on.





When the extension is communicating with Anti-Fp the status icon will be blue. The main popup window will also have different options. You will also have the ability to toggle on or off all available settings.



The options that can be set are slightly different based on whether you are using the Firefox extension or the Chrome extension. Because 8 of the 9 browsers that Anti-Fp supports are Chromium-based, there needs to be a way to distinguish between the versions. In order to do that, there is a setting in the Chrome-based extension that allows you to set the specific variant.



Addition options that are found in both extensions are a randomization option and a domain reporting option.

  • Use Random Values: If no browser or domain specific fingerprint is assigned to this browser then random values can be used instead. If you only want assigned fingerprints to be used, then turn this option off.
  • Domain Reporting: If enabled and if Anti-Fp is running, domains will be reported to the local service so that fingerprint profiles can be assigned. This is disabled by default.

IMPORTANT

Domain reporting must be enabled in both the extension and Anti-Fp before any domains get reported. It's also important to note that your domain history is NOT sent to any remote server and only stays in your local database. The database can be password protected to further increase your privacy.

Fingerprints

The whole concept behind Anti-Fp is to create custom browser fingerprints that can be applied to a specific browser or domain. On the main window of Anti-Fp with the Fingerprints tab selected, you will see all currently configured fingerprints along with their status.


To create a new fingerprint, click the Create button. This will open the Create Profile window as seen below.

Anti-Fp provides a high degree of customization. From here, there are almost 100 different settings that can be configured in order to create the exact fingerprint you desire. Many of the settings are self-explanatory and should be easy to understand what they are designed to spoof.

Once you create a fingerprint, you have the option of sharing it with other Anti-Fp users and conversely you can download fingerprints created by other users. Once a fingerprint is shared, it is sent to Heilig Defense where it will be vetted and once approved it will be put on the server for download. You can share and sync fingerprints from the Sync page on the main window.

Note

Not all fingerprints that are shared will be added to the publicly available list. Heilig Defense evaluates shared fingerprints for completeness and uniqueness before adding them to the public list.


Fingerprints can be enabled or disabled. When a fingerprint is enabled, it is pushed to the extensions to be used. When it is disabled, then the extension will not use it.


Toggling fingerprint status is easy. You can simply highlight a fingerprint in the listbox and then select the button to set the appropriate status. You can also use the context menu from the task tray icon to do bulk enable/disable operations.

While creating a profile is the first step, before it is used by the extension it must be assigned to either a browser or a domain. To assign a fingerprint to a specific browser or domain, highlight the fingerprint in the listbox and click the Assign button. This will open the following window.

Here you can select which browsers you want the selected fingerprint assigned to along with any specific domains. Visited domains are reported by the extension to Anti-Fp so that you can easily select and assign fingerprints.

Browsers

Anti-Fp currently supports 9 browsers. Eight of them are Chromium variants while the last one is Firefox. As mentioned, fingerprints can be assigned to 1 or more browsers so that you can project the exact fingerprint you desire.


In order for Anti-Fp to distinguish between the different Chromium variants, the appropriate browser flag must be selected in the extension options under the Chrome Type header. If the appropriate browser is not set, then Anti-Fp will just think it is communicating with Chrome. This obviously will lead to unexpected results.

Domains

Per-domain targeting provides an extra level of precision for your anti-fingerprinting efforts. Assigning fingerprints to a domain is easy. Just like with the browsers, you simply select the domains you want a fingerprint assigned to.


When domain reporting is enabled, you will see the different domains you have visited when assigning fingerprints or when managing the domains. To make searching easier, the domains will filter as you type in the textbox. The Manage Domain window, as shown below, just allows you to add or delete existing domains.

If you have not visited a domain yet but know you would like to target it specifically, you can manually enter the domain in the provided input box to add it to the list.

Options

The Options tab on the main window provides access to a few settings that control Anti-Fp.

The user-agent listbox is simply a listing of all user-agents that have been reported by the extension to Anti-Fp. This is just provided so you can see what user-agent is currently in use and allows you to copy it if selected.

You can set the path where the database resides. You can clear the database, export configured fingerprints and re-import them at a later time. The database can also be password protected. This will encrypt the database with your own password. If set, the password must be entered successfully before Anti-Fp will load. The password can also be used to provide a little bit extra security by locking Anti-Fp. When it gets minimized to the task tray, the password will be required before it will display again. This is a simple security measure that can prevent other local users from modifying your Anti-Fp settings.

As mentioned above, domain reporting must be enabled in both the extension and Anti-Fp. If you do not want domains saved locally, then check the 'Do not save domains' checkbox.

You can also set Anti-Fp to automatically start with Windows.

Icons

There are a number of icons that are used to display status information about the current Anti-Fp state. The first is the task tray icon.


The task tray icon provides access to a context menu through a right click. Double clicking the icon will bring Anti-Fp back from a minimized state. From the context menu, you can exit Anti-Fp, access the license form to enter a valid license key and open the feedback window to send bugs, comments or suggestions to Heilig Defense. Also from the context menu is the ability to quickly enable or disable profiles. This can be done at a global level, at the browser level or at a domain level. Note that if password protection is enabled, the context menu is only available when the main window is visible.

When Anti-Fp is initializing, the task tray icon will be animated. Once Anti-Fp has everything setup will the icon go to the normal static state.

In addition to the animated task tray icon, you can also tell the status of Anti-Fp by looking at the indicator icon in the top left corner of the main window.

In order for Anti-Fp to communicate with the browser extensions, it must setup a local listener. It currently uses port 61006 which was just a randomly chosen port number with no significance. This port, like all port numbers, may conflict with other software. In most cases this would be a browser. If Anti-Fp cannot open that local port for its own use then it will not be able to communicate with the extensions and the status of the communication is shown with the status icon above. When it is all white, then Anti-Fp is currently trying to setup the local listener. If it is colored like the image above, then the listener was successfully setup and is ready to communicate with the extensions. If Anti-Fp is not able to connect after a short amount of time, you may have to close your open browsers to release the port so Anti-Fp can use it.

The final set of status icons indicate which browsers Anti-Fp is currently communicating with. These can be seen in the bottom left corner of the main window. Initially, all the icons start out as white silhouettes. But as the browser extensions start to connect to Anti-Fp their icon will change.

License

You can try the Anti-Fp application free for 7 days. Once your trial period is up you will have to purchase a license to continue using the Anti-Fp application. The browser extensions are free to use however their functionality is limited when not used in conjunction with Anti-Fp.

When you install Anti-Fp, you will have the option of entering a license key or requesting a trial license. When Anti-Fp starts, it will validate the license key or the trial period. If the trial period has ended, then you must enter a valid license key to continue using Anti-Fp.


Once a license is used for the first time, it becomes associated with that particular system. While the license is a floating license, it first must be released from the current system before it can be re-used on a new system. In order to release the license, you need to open the license window, either from the main window or context menu, and click the Release button. If the license was successfully released, then Anti-Fp will close. The key is then free to be used on a new system.


If for some reason you are not able to release the key on the old system, please contact Heilig Defense (info@heidef.com) for assistance.

Feedback

Anti-Fp has a built-in ability to provide feedback directly from the application. Simply open the task tray context menu and click Feedback. You can send us comments, suggestions, or detail any bugs you found. Whatever it may be, we would love to hear from you.

Changelog

v1.2020.168.1905 (16 JUN 2020)

  • FIXED: ETag setting not sticking when building profile..
v1.2020.165.1345 (13 JUN 2020)
  • FIXED: Bug that was preventing open and save file dialogs from opening in both the installer and Anti-Fp.
v1.2020.164.1340 (12 JUN 2020)
  • FIXED: Installer bug.
  • ADDED: Screen size offsets of current resolution.
  • ADDED: VRDisplay spoofing and blocking.
  • ADDED: Gamepad spoofing and blocking.
  • ADDED: sendBeacon blocking.
  • ADDED: Geolocation spoofing, blocking and setting.
  • ADDED: Media device spoofing.
  • UPDATED: All extension options now available.
  • UPDATED: UI updates.
v1.2020.132.1445 (11 MAY 2020)
  • ADDED: Per-tab profile override support. Must have extension version >= 1.2020.132.240.
  • FIXED: Minor user interface issues and improvements.
v1.2020.99.1645 (21 APR 2020)
  • ADDED: getClientRects spoofing.
  • UPDATED: Audio, Canvas, and WebGL can now be spoofed with a specific jitter value. This allows for a unique fingerprint that can stay consistent across requests.
  • FIXED: Update version comparison fails for specific values.
  • FIXED: Minor user interface issues.
v1.2020.86.130 (26 MAR 2020)
  • Initial release.