- Settings
- Apps & Notifications
- See all # apps
- <App info> (You can get here by long pressing the app in your launcher or the titlebar of the app switcher)
- Mobile data & Wi-Fi
- <Disable “Background data”>
- Mobile data & Wi-Fi
- <App info> (You can get here by long pressing the app in your launcher or the titlebar of the app switcher)
- See all # apps
- Apps & Notifications
The IP is merely one bit of the fingerprint and it’s used mostly to group users, like “they live together” or “this probably is the phone of this computer”. Consider a household with 2 persons, each with a phone and a laptop, all those devices share the same IP, but you can clearly know which is which because there’s a lot other stuff to fingerprint.
For a software installed on the OS, like a phone app, using (1) to (5) is enough to be pretty sure it’s the same user no matter the IP, but most apps won’t use those because they can simply generate a UUID, which is a unique id for that installation. Everytime the app phones home they send this Universally Unique ID along to tell which user it’s coming from, constantly reinstalling the app won’t help either because (1) to (5) plus your IP and other possible information they can harvest can be used to know that new UUID is from the previous UUID, they can also create ways to make sure the UUID generated ends up the same when reinstalling.
Now for websites, look at the link you just sent from deviceinfo, there’s a lot of information there, each of those is one thing to build a unique fingerprint.
Do all your devices have the same OS?
The same browser at the same version?
The same graphics card at the exact same driver version?
Do they all have only stock fonts installed?
Do they have the exact same screen resolution and DPI?
Do they all have a browser with stock UI settings? (I can detect if you have the favourites bar)
Do they all have the browser always maximised? (if not I can know the exact size and this size is hardly equal across users)
Do you always keep CapsLock enabled?
Do they all have a CPU with the same core amount and the same architecture?
And what about the device itself, are they all equal? Even if they are, small differences on the chips of the CPU, motherboard, graphics and audio cards as well as their combination and drivers installed can give different results for Canvas and AudioContext fingerprint. Canvas fingerprinting consists of crafting a special image that with different CPU, GPU and drivers it can create different images and when you create a hash (a fingerprint of the image) it’s unique for that combination. AudioContext is the same but with a crafted audio sample. These are not 100% unique, but mixed with all of the above it creates one.
All of these web fingerprints can also be available for the apps on your phone.
The best approach for confusing the algorithms is to use multiple different browsers and devices and each browser/device is tied to a different service. On all of them block everything that is not from the website itself, like block Facebook like buttons, Twitter feeds, etc. So, let’s say you need Facebook, keep it tied to a single device and browser. Never access it on another device or browser. If some connection to Facebook occurs on the other devices and browsers the maximum they can get is that it could be from a different computer on the same network.
Using a VPN only on one device will help not create an association with the other devices on the same network. But you must never ever login to Google, Facebook, Microsoft, or other BigTech on this VPN’ed device, otherwise you just linked everything together. This is exactly the same for Tor, and a reason I always tell people to NOT USE TOR ON BRAVE OR ANYTHING OTHER THAN THE TOR BROWSER. The anonymity on Tor comes from both Tor AND the Tor Browser, other browsers will share all the fingerprinting they have and you become unique, Tor Browser prevents all that fingerprinting. That “super private window with Tor” from Brave is complete bullshit and useless, never use that for God’s sake, specially if you need to be anonymous.
Yes, sandboxing won’t show the apps installed outside the sandbox, but (2), (3) and (4) are still available with the exact same info from outside of it. (5) might be different because the sandbox uses another internal network, but I haven’t tested, it could be the exact same information.