Browser Extension and Login-Leak Experiment

How can I protect myself against these attacks?

How to prevent detection of extensions?

TLDR; we propose using Firefox.

Even though you cannot prevent detection of extensions completely (for now), it is still worth minimizing the risks. Why is it not possible? First, even if your extensions are not detected, websites could still detect a small fraction of them by testing your browsers behavior. Second, we know that many browsers are vulnerable to extensions detection. Here are some details:

  • Firefox: only small fraction of Firefox extensions can be detected. And it is strong on privacy.
  • Chrome: since it has the highest number of extensions and is vulnerable to extensions detection, to the best of our knowledge, this browser allows to detect the biggest number of extenions.
  • Opera: uses the same engine as Chrome, but has less extensions available.
  • Brave: based on Chrome (same issue), plus a bult-in extension leaks what browser you use.
  • Edge: it seems it is also vulnerable to extension detection.
  • Safari: it hasn't been checked.

Blocking the detection of logins?

It is easier to prevent web login detection: the best is to disable third-party cookies in your browser. But there are alternatives, you can also:

  • use extensions that provide more fine grained cookie management,
  • use extensions to disable unwanted trackers,
  • or just simply disable all JavaScript.

  Back to the main page

Browser Extension and Login-Leak Experiment – © 2018 all rights reserved – Website designed by Gábor Gulyás