Is there a site like ‘cover your tracks’ for showing that websites can see what extensions I have (as opposed to other fingerprinting)? Thank you 🙃

    • Retiring@lemmy.ml
      6·
      1 year ago

      This says it only detects chrome extensions, so I am not surprised it doesn’t detect your Firefox extensions. Why do you say that Firefox won’t leak extensions at all? Do you have a source for that?

      • Atemu@lemmy.ml
        3·
        1 year ago

        Detecting extensions using web accessible resources is not possible on Firefox as Firefox extension ID’s are unique for every browser instance. Therefore the URL of the extension resources cannot be known by third parties.

        and also for Chrome:

        in manifest v3 extensions will be able to enable ‘use_dynamic_url’ option, which will change the resource URL for each session (browser restart). This will render this detection method unusable.

        Though it should be noted that this method isn’t the only way to detect extensions.

        • mintycactus@lemmy.world
          1·
          1 year ago

          Do you mean this issue is going to be solved only with mv3 implementation? That leaves other chromium browsers staying with both mv2 and mv3 with this issue unresolved…

      • mintycactus@lemmy.world
        14·
        1 year ago

        Not really. But the site says it works only with chrome desktop, not firefox desktop. I have Kiwi installed and Firefox as well to test both, Firefox extensions were not detected.

        • Atemu@lemmy.ml
          1·
          1 year ago

          The way it’s written doesn’t say whether it simply isn’t made to work for Firefox or whether it couldn’t be made to work for Firefox. Fortunately, the latter appears to be the case.

    • TCB13@lemmy.worldEnglish
      52·
      1 year ago

      But there is no easy way to detect all extensions, instead most popular ones

      It doesn’t really matter if its easy or hard, I’m sure Google already has automated processes in-place to detect all extensions published to the store and fingerprint browsers. They might even have the same for Firefox extensions, who knows.

    • LWD@lemm.ee
      1·
      1 year ago

      This is actually a good point. It’s not just a proof of concept for one extension, either: it’s a proof of concept for a wide array of handpicked ones, and the script for it could easily be shrunken.

      Ironic that Firefox protects your extensions better, considering Chrome Manifest V3 (the adblock killer) is locking down so much functionality.

      I guess Google is too busy locking down the functionality that people want, than to lock down the functionality that would make people more secure.