dark-knowledge VS privacytests.org

"A curated library of research papers and presentations for counter-detection and web privacy enthusiasts": https://github.com/prescience-data/dark-knowledge

What you said is contrary to the stance of Tor browser devs and not backed up by actual research. Here you can find a good collection of research papers: https://github.com/prescience-data/dark-knowledge

Browsers are complicated and you won't find a single analysis covering all aspects. For a security analysis Madaidan's blog is a good starting point. For a privacy analysis you need to learn the common tracking methods and which solutions or mitigations are available in which browser (and if they are properly implemented). You could start by learning about the different forms of tracking through state (cookies, cache, storage, ...), which is still one of the most used tracking methods. Of course you also need to check the easy things like telemetry. Then there is fingerprinting which is a huge topic on its own. This is where it's even more fun. You need to start reading research papers, not just one but many and you need to check mitigations used in browsers and their statistical implications (data about this is unfortunately very rare).

It's difficult to distinguish without having the knowledge yourself. Maybe Reddit is just not the right place, because most experts don't have the time to argue with non-experts on social media. You can look what experts write in research papers, or in the bug trackers of browsers with fingerprinting mitigations like the Tor browser.

Plus curated list of research papers here if you want to go deep on the subject matter: https://github.com/prescience-data/dark-knowledge

They become a significant part of your browser fingerprint. If you have a lot extensions installed, this alone could make you uniquely trackable. (See research papers here: https://github.com/prescience-data/dark-knowledge and https://fingerprintjs.com/blog/ad-blocker-fingerprinting/ )

https://github.com/prescience-data/dark-knowledge (search for "extension")

A dedicated list of research papers on browser fingerprinting: https://github.com/prescience-data/dark-knowledge

"I'm a noob and using python with selenium to do some basic scraping on StockX" and scraping protected website like stockx with perimeterx is not possible. It's all about reverse engineering, browser introspection, fingerprint (from hardware to software canvas), then you still need tons of ips to rotate and cooldown, finally protection evolve with time and you have to redo most of the things to pass again. A company like Scrapfly exists because it's more expensive to do and maintain such solution internally, look at their public repositories on GitHub low level stuff, network spoofing stacks, packet manipulation, custom angle libs. It takes a long time to learn vs something like `asp=true` from their docs https://scrapfly.io/docs/scrape-api/anti-scraping-protection If you have time and are more interested in this side, you could start to read https://github.com/prescience-data/dark-knowledge and look at https://github.com/berstend/puppeteer-extra/tree/master/packages/puppeteer-extra-plugin-stealth project to see how it works. Do not attempt stealth project helping you to bypass at scale, it's public, anti bot companies are aware and spot it easily - most of the time they don't block directly and use bad fp generated to recognize bots and map proxies ips to collect it and deducted the subnet or residential > My main question is, would it be better to try and make my script act "more human" It's a legend that anti bot use or detect "human" behavior, this signal is not very important, you can randomly move the mouse or things, like is fine, having 0 input events, is suspect but not that much in fact - tactile systems do not trigger any events until you touch so it can't be a strong signal due to false-positive - and doing "behavioral detection" is a big lie in the industry, you can experiment by doing dumb things, it's still passing and at scale ... and when they say "machine learning" it's just basic stats like a throttle do but based on browser fingerprints rather than IP. If you hit some path, like login, registration and payment - they can use some very heavy system with GPU canvas and stuff like but not used for scraping yet > are other methods like switching drivers and using proxies the way to go? Using proxies yes, but with wrong fingerprints (chrome headless, a browser running on server hardware, browser in docker and so on) In fact, there is no magic, mixing driver change nothing, they still manipulate a spotted browser - some are just more flexible than other to spoof correctly some part - like js worker interception to inject scripts and hook correctly but that's all.

No, https://privacytests.org/ is misleading, it shows only the results of the default browser settings - which absolutely nobody uses.

So as far as hardened chromium forks go brave is the best and all there really is. For Firefox based hardened browsers unless you feel like manually hardened stock FF yourself, librewolf and mullvad browser (mull on Android) which leads me to Tor but with the drawbacks that make it less practical for certaint things mullvad known for their VPN that is is very bignin privacy so much you have nothing that ties to it like 99% of anything now days as yoi have anonimity bcnyoinoau with cash-crypro-or use a voucher no name email address phone number bank etc to sign upso they partner with then tor project and made a clearnet version of tor hardened fingerprint resistant as well as cookies scripts ect multiple identity proxy and built-in security that tor has standard safer safest with no script uBo and and their VPN and dns to take the place of tors multiple relay and encryption that is the tor network with no telemetry you hide in plain site as all the other using it look like you. You can n use this browsers like you would brave or your "main' so history bookmarks passwords etc but that defeats the purpose IMO but librewolf is also very hardened fingerprint resistant focused but you can use it like were using brave and still have the privacy and security and convenience. I use all 4 with different search engines depending on what I'm looking for or doing and of in have to use chrome then ungoogled Chromium on desktop and cromite on Android (fork of bromite which lost support from the devs) mull brave and cromite on is what in use on mobile. This isn't a complete list as FOSS for mobile has quite a few to try these are my favorite, Firefox focus on Android is Worth mentioning too. Sorry for the incoherent book. https://privacytests.org/

you mean https://privacytests.org ?

librewolf https://privacytests.org/ for ios/android brave all the way https://privacytests.org/ios, https://privacytests.org/android

careful with brave https://www.ghacks.net/2023/10/18/brave-is-installing-vpn-services-without-user-consent/?amp https://github.com/brave/brave-browser/issues/33726 among other things like the most popular browser compare site being owned by brave employees https://privacytests.org/ i guess when they say privacy they mean it, keeping things private from you too

https://privacytests.org/ he eventually disclosed his employer in the back area of that website somewhere so thats better i guess.

another one is how certain settings on brave search always reverts back on. or just one the send analytics one. if you use search on a different browser not their own. and etc.

and firefox is funded in large part by google.. do you really think they dont share information?

honestly acting like your browser is superior because no tracking is so silly lol. just use whatever browser you want and tune settings to your liking. harden if you must and move on. is it that much of a hassel? would you rather pay subscription for no tracking?

This site is constantly updated, so there is no need to have the same question all the time. https://privacytests.org/

Something to get you started : privacytests.org