Discourse Fingerprint - Browser Fingerprinting Plugin

Discourse Fingerprint :paw_prints:

Discourse Fingerprint comes as a tool to community managers in their combat with internet trolls. :troll: It works by computing a unique identifier (a fingerprint) of each registered user, by taking into consideration over 20 browser characteristics such as user agent, screen resolution, timezone, device memory, etc.

When each of these browser characteristics are considered separately, they are not enough to assess whether two users are the same. There is a relatively small number of user agents, screen resolutions, etc. However when you take into all of these 20 factors, there is a very small chance that two users will have same key.

:bar_chart: Math time: Supposing there are only 20 browser characteristics and only 4 possible values for each of them (note: there are more than 20 browsers characteristics with way more than 4 value), it means that there are 420 combinations (fingerprints). That is 1,099,511,627,776 combinations… and there are only 7,640,175,882 people on earth. Oh well, some browser characteristics may be useless (e.g. timezone will be the same for all users of a local community forum)… but most likely forums do not have 7.6 billion users either. :frowning:

How does it work?

When a user navigates on a forum, he or she is fingerprinted and the result is stored along with the latest few fingerprints (by default, the 10 latest fingerprints). Then administrators can use a simple interface to check for the latest fingerprint matches (conflicts) and to check whether a user is in conflict with someone else.

The plugin has absolutely no impact on users and it fingerprints the user 3 seconds after a page has first loaded.

How does it look?

Let’s consider a small test scenario:

  • Users Dan, Oliver and Jack have been using some device (incognito and regular sessions).
  • Users Harry, Jacob and William have been using a different device (also incognito and regular sessions).
  • At some point user William logged in using exactly the same machine and browser as Oliver.

The dashboard will show that there are two conflicts. One is between Dan, Oliver, Jack and William and the other one involves Harry, Jacob and William. Please note that the conflict relationship is not transitive (i.e. Dan is in conflict with William, Harry is also in conflict with William, but Dan is not in conflict with Harry).

A detailed view of Dan will tell us what his fingerprints are, when they were first and last seen and who he is in conflict with per that signature.

A detailed view of William will give us similar information, but this time showing us two fingerprints.

An administrator may choose to act on this or may click the “ignore” button to hide this conflict. Please note that even if you ignore a conflict, it will still show up in the “Latest conflicts” until new conflicts come up.

How do I install it?

Follow Install a Plugin, using git clone https://github.com/discourse/discourse-fingerprint.git as the plugin command.

Basically, edit your app.yml file to include the command specified before.

26 Likes

Thanks for the plugin!

Don’t you mean:

i.e. Dan is in conflict with William, Harry is also in conflict with William, but Dan is not in conflict with Harry

2 Likes

That is correct. Thank you, I have fixed the post.

3 Likes

Is there a case study for this showing how well it has worked in the real world?

Thanks for the plugin!
This is a wonderful thing. It would be great to see him on: transifex

We are very interested in this, but should we be worried about the GDPR? Based on the plugin description it doesn’t seem to collect anything that GAnalytics already does.

How is the data stored? Is it automatically purged at some point of time or can it be purged manually?

Related/Unrelated note: Some browsers are actively working on avoiding fingerprinting. For example Firefox will soon ship with the ability to block this and will be blocked by default soon too.

4 Likes

Unfortunately I am not aware of any big communities that run this plugin. However, in the real world it seems to work pretty well. See https://panopticlick.eff.org/

It depends on how you see it. Every piece of information that is stored cannot be tied to a single individual, which is GDPR compliant. Combining them, you might be able to track individuals.

The plugin uses PluginStore to store at most max_fingerprints fingerprints (default value: 10), purging the oldest to make room for new ones.

I am not sure how their new protection works. In the past, browser extensions were relying on filenames or hashes to do it. Those methods are fragile and minor changes in the fingerprinting script can make them go undetectable.

5 Likes

Big is relative, but I am going to try this in production (tappara.co) when we have our next service break. Could be as soon as next week or one after that.

So it stores 10 most recent prints. Is there a way to purge the prints manually? Are they purged if the user is deleted?

1 Like

I had high hopes from this plugin but unfortunately ios browsers mess up the whole plugin.

3 Likes

The latest Firefox version already have this protection, opt-in for now. You can test it from Preferences - Privacy - Content blocking.

3 Likes

There is no way from the UI, but technically, you could do it from the Rails console. Deleting the user does not purge old Fingerprints, but that is a bug I will have to fix. :slight_smile:

user = User.find_by_username("dan")
DiscourseFingerprint::Fingerprint.get_fingerprints(user.id).each do |fp|
  DiscourseFingerprint::Fingerprint.remove(user.id, fp)
end

Yes, I believe so. I remember a community had the same problem with mobile devices, especially iPhones due to their build similarity.

I will try and have a look. The news I read said they were using Disconnect’s list which could have been tricked with some little effort.

2 Likes

Our trial in production is now live.

Should we expect a performance penalty due to this? Our traffic has extreme spikes, based on real time events. Summer time is off-season, so things will be quiet, but during the hockey season we are likely to meet the limits of our server.

One additional idea for fingerprinting the user – what about tagging the users with a unique cookie? That would provide additional information that Harry’s browser has Dan’s cookie? This would obviously happen on shared devices, but might potentially expose trolls that lack technical expertise.

Many thanks for the development efforts and we are most interested in seeing the results.