skandroid-fcc
ja3
skandroid-fcc | ja3 | |
---|---|---|
1 | 13 | |
20 | 2,539 | |
- | 1.0% | |
0.0 | 3.9 | |
over 5 years ago | 7 months ago | |
HTML | Python | |
GNU General Public License v3.0 only | BSD 3-clause "New" or "Revised" License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
skandroid-fcc
ja3
-
How the Great Firewall of China Detects and Blocks Fully Encrypted Traffic [pdf]
This paper is nice, but it goes over some finer technical things.
So, not about the great wall, but there's projects out there, like this one https://github.com/salesforce/ja3 , which talk about how you can fingerprint fully encrypted traffic. Would be surprising if the great wall doesn't do this, when some open source firewall will.
- CircleCI says hackers stole encryption keys and customers’ source code
- JA3 – A method for fingerprinting SSL/TLS Clients
- JA3 – A method for profiling SSL/TLS Clients
- JA3 – A method for profiling SSL/TLS Clients (fingerprinting)
- Any interest in a free Black Hat Python course?
-
Privacy online just got easier with today’s Firefox release
It's sufficient to identify you since there is still all other tracking data any browser supplies as part of the HTTPs connection handshake [1].
It's also not necessary to have Mozilla be the bad actor. Anyone who has access to the information in the future is a possible bad actor as they might be able to cross-reference the allegedly "innocuous" information with some future, more-pervasive data.
---
[1] - https://github.com/salesforce/ja3
-
Can an ISP see what browser you’re using and do they see your browsing history or traffic any differently whether you’re using Chrome or Firefox?
You can, sort of, with JA3 hashes https://github.com/salesforce/ja3
-
Fighting TLS Fingerprinting with Node.js
ExtensionZ: ...
That becomes a string like "1-C,B,A-X,Y,Z", which gets hashed to a fingerprint like "ae76e4566b036882147de2f7feddad4a". That gives us a totally different unique id, with the same ciphers but in a different order.
(This is pseudocode of course - the actual fingerprints have a few more params and use the number ids for each cipher and extension instead of strings, but it's equivalent)
Here, with 3 ciphers in two different orders, we've seen two different fingerprints already. With those three ciphers alone, there's actually 6 (3 factorial) possible permutations - i.e. a client could order those ciphers any one of 6 different ways, and each ordering has a different fingerprint.
If you have 4 ciphers, there's 24 possible orderings, 6 gives 720, 10 gives 3.6 million, and this goes up very rapidly, so that for a more realistic set of 20 ciphers there's 2 * 10^18 possible orderings, each one of which gives a unique fingerprint, even before we start talking about extension order.
Does that make more sense? The full algorithm is here: https://github.com/salesforce/ja3#how-it-works
-
Show HN: I spent 1.5 years making a Chrome extension that automates any website
Not only that - enterprise bot management protections will run behavioral identification (e.g. how your mouse moves —> AI -> bot yes/no), TCP stack fingerprinting (and other devices if available e.g. gyroscope), TLS ClientHello fingerprinting (e.g. see https://github.com/salesforce/ja3), etc. Lots of very unique info in the Scraping Enthusiasts discord where lots of pro scrapers hang out.
What are some alternatives?
playbook - The Digital Services Playbook
automa - A browser extension for automating your browser by connecting blocks
template-ts-tampermonkey - 让油猴也能用上typescript
hassh - HASSH is a network fingerprinting standard which can be used to identify specific Client and Server SSH implementations. The fingerprints can be easily stored, searched and shared in the form of a small MD5 fingerprint.
mobile-mba-androidapp - 2013 Measuring Broadband America Program Mobile Measurement Android Application
trojan - An unidentifiable mechanism that helps you bypass GFW.
vscodium - binary releases of VS Code without MS branding/telemetry/licensing
coscripter-extension - CoScripter Firefox browser extension
Vault - A tool for secrets management, encryption as a service, and privileged access management