Discourse Fingerprint - Browser Fingerprinting Plugin

There are a lot of trolls out there who are tech competent compared to regular forum members. Some of them are like resilient cockroaches.

It seems like Google Chrome is about to follow in the footsteps of Mozilla Firefox. I remember seeing an article regarding Google Chrome and blocking fingerprinting, but I cannot find it at the moment. Regardless, this is a sign for things to come. Would that essentially be the death of this plugin?

4 Likes

Now, its not showing anything in latest matches,

Getting this in error log:

plugins/discourse-fingerprint/app/serializers/flagged_fingerprint_serializer.rb:30:in `data'

plugins/discourse-fingerprint/app/serializers/flagged_fingerprint_serializer.rb:51:in `include_is_common?'

active_model_serializers (0.8.4) lib/active_model/serializer.rb:375:in `include?'

(eval):9:in `_fast_attributes'

active_model_serializers (0.8.4) lib/active_model/serializer.rb:468:in `rescue in attributes'

active_model_serializers (0.8.4) lib/active_model/serializer.rb:455:in `attributes'

active_model_serializers (0.8.4) lib/active_model/serializer.rb:480:in `_serializable_hash'

active_model_serializers (0.8.4) lib/active_model/serializer.rb:359:in `serializable_hash'

active_model_serializers (0.8.4) lib/active_model/array_serializer.rb:89:in `block in _serializable_array'

active_model_serializers (0.8.4) lib/active_model/array_serializer.rb:79:in `map'

active_model_serializers (0.8.4) lib/active_model/array_serializer.rb:79:in `_serializable_array'

active_model_serializers (0.8.4) lib/active_model/array_serializer.rb:73:in `serializable_array'

active_model_serializers (0.8.4) lib/active_model/array_serializer.rb:53:in `as_json'

app/controllers/application_controller.rb:493:in `serialize_data'

plugins/discourse-fingerprint/app/controllers/admin/fingerprint_controller.rb:25:in `index'

actionpack (6.1.3.2) lib/action_controller/metal/basic_implicit_render.rb:6:in `send_action'

actionpack (6.1.3.2) lib/abstract_controller/base.rb:228:in `process_action'

actionpack (6.1.3.2) lib/action_controller/metal/rendering.rb:30:in `process_action'

actionpack (6.1.3.2) lib/abstract_controller/callbacks.rb:42:in `block in process_action'

activesupport (6.1.3.2) lib/active_support/callbacks.rb:117:in `block in run_callbacks'

app/controllers/application_controller.rb:395:in `block in with_resolved_locale'

i18n (1.8.10) lib/i18n.rb:314:in `with_locale'

app/controllers/application_controller.rb:395:in `with_resolved_locale'

activesupport (6.1.3.2) lib/active_support/callbacks.rb:126:in `block in run_callbacks'

activesupport (6.1.3.2) lib/active_support/callbacks.rb:137:in `run_callbacks'

actionpack (6.1.3.2) lib/abstract_controller/callbacks.rb:41:in `process_action'

actionpack (6.1.3.2) lib/action_controller/metal/rescue.rb:22:in `process_action'

actionpack (6.1.3.2) lib/action_controller/metal/instrumentation.rb:34:in `block in process_action'

activesupport (6.1.3.2) lib/active_support/notifications.rb:203:in `block in instrument'

activesupport (6.1.3.2) lib/active_support/notifications/instrumenter.rb:24:in `instrument'

activesupport (6.1.3.2) lib/active_support/notifications.rb:203:in `instrument'

actionpack (6.1.3.2) lib/action_controller/metal/instrumentation.rb:33:in `process_action'

actionpack (6.1.3.2) lib/action_controller/metal/params_wrapper.rb:249:in `process_action'

activerecord (6.1.3.2) lib/active_record/railties/controller_runtime.rb:27:in `process_action'

actionpack (6.1.3.2) lib/abstract_controller/base.rb:165:in `process'

actionview (6.1.3.2) lib/action_view/rendering.rb:39:in `process'

rack-mini-profiler (2.3.2) lib/mini_profiler/profiling_methods.rb:85:in `block in profile_method'

actionpack (6.1.3.2) lib/action_controller/metal.rb:190:in `dispatch'

actionpack (6.1.3.2) lib/action_controller/metal.rb:254:in `dispatch'

actionpack (6.1.3.2) lib/action_dispatch/routing/route_set.rb:50:in `dispatch'

actionpack (6.1.3.2) lib/action_dispatch/routing/route_set.rb:33:in `serve'

actionpack (6.1.3.2) lib/action_dispatch/journey/router.rb:50:in `block in serve'

actionpack (6.1.3.2) lib/action_dispatch/journey/router.rb:32:in `each'

actionpack (6.1.3.2) lib/action_dispatch/journey/router.rb:32:in `serve'

actionpack (6.1.3.2) lib/action_dispatch/routing/route_set.rb:842:in `call'

railties (6.1.3.2) lib/rails/engine.rb:539:in `call'

railties (6.1.3.2) lib/rails/railtie.rb:207:in `public_send'

railties (6.1.3.2) lib/rails/railtie.rb:207:in `method_missing'

actionpack (6.1.3.2) lib/action_dispatch/routing/mapper.rb:20:in `block in <class:Constraints>'

actionpack (6.1.3.2) lib/action_dispatch/routing/mapper.rb:49:in `serve'

actionpack (6.1.3.2) lib/action_dispatch/journey/router.rb:50:in `block in serve'

actionpack (6.1.3.2) lib/action_dispatch/journey/router.rb:32:in `each'

actionpack (6.1.3.2) lib/action_dispatch/journey/router.rb:32:in `serve'

actionpack (6.1.3.2) lib/action_dispatch/routing/route_set.rb:842:in `call'

lib/middleware/omniauth_bypass_middleware.rb:71:in `call'

rack (2.2.3) lib/rack/tempfile_reaper.rb:15:in `call'

rack (2.2.3) lib/rack/conditional_get.rb:27:in `call'

rack (2.2.3) lib/rack/head.rb:12:in `call'

actionpack (6.1.3.2) lib/action_dispatch/http/permissions_policy.rb:22:in `call'

lib/content_security_policy/middleware.rb:12:in `call'

lib/middleware/anonymous_cache.rb:355:in `call'

rack (2.2.3) lib/rack/session/abstract/id.rb:266:in `context'

rack (2.2.3) lib/rack/session/abstract/id.rb:260:in `call'

actionpack (6.1.3.2) lib/action_dispatch/middleware/cookies.rb:689:in `call'

actionpack (6.1.3.2) lib/action_dispatch/middleware/callbacks.rb:27:in `block in call'

activesupport (6.1.3.2) lib/active_support/callbacks.rb:98:in `run_callbacks'

actionpack (6.1.3.2) lib/action_dispatch/middleware/callbacks.rb:26:in `call'

actionpack (6.1.3.2) lib/action_dispatch/middleware/actionable_exceptions.rb:18:in `call'

actionpack (6.1.3.2) lib/action_dispatch/middleware/debug_exceptions.rb:29:in `call'

actionpack (6.1.3.2) lib/action_dispatch/middleware/show_exceptions.rb:33:in `call'

logster (2.9.6) lib/logster/middleware/reporter.rb:43:in `call'

railties (6.1.3.2) lib/rails/rack/logger.rb:37:in `call_app'

railties (6.1.3.2) lib/rails/rack/logger.rb:28:in `call'

config/initializers/100-quiet_logger.rb:23:in `call'

config/initializers/100-silence_logger.rb:31:in `call'

actionpack (6.1.3.2) lib/action_dispatch/middleware/remote_ip.rb:81:in `call'

actionpack (6.1.3.2) lib/action_dispatch/middleware/request_id.rb:26:in `call'

lib/middleware/enforce_hostname.rb:23:in `call'

rack (2.2.3) lib/rack/method_override.rb:24:in `call'

actionpack (6.1.3.2) lib/action_dispatch/middleware/executor.rb:14:in `call'

rack (2.2.3) lib/rack/sendfile.rb:110:in `call'

actionpack (6.1.3.2) lib/action_dispatch/middleware/host_authorization.rb:92:in `call'

rack-mini-profiler (2.3.2) lib/mini_profiler/profiler.rb:249:in `call'

message_bus (3.3.5) lib/message_bus/rack/middleware.rb:61:in `call'

lib/middleware/request_tracker.rb:177:in `call'

railties (6.1.3.2) lib/rails/engine.rb:539:in `call'

railties (6.1.3.2) lib/rails/railtie.rb:207:in `public_send'

railties (6.1.3.2) lib/rails/railtie.rb:207:in `method_missing'

rack (2.2.3) lib/rack/urlmap.rb:74:in `block in call'

rack (2.2.3) lib/rack/urlmap.rb:58:in `each'

rack (2.2.3) lib/rack/urlmap.rb:58:in `call'

unicorn (6.0.0) lib/unicorn/http_server.rb:634:in `process_client'

unicorn (6.0.0) lib/unicorn/http_server.rb:732:in `worker_loop'

unicorn (6.0.0) lib/unicorn/http_server.rb:547:in `spawn_missing_workers'

unicorn (6.0.0) lib/unicorn/http_server.rb:143:in `start'

unicorn (6.0.0) bin/unicorn:128:in `<top (required)>'

vendor/bundle/ruby/2.7.0/bin/unicorn:23:in `load'

vendor/bundle/ruby/2.7.0/bin/unicorn:23:in `<main>'

Updated to 2.8.0.beta1

Still getting this error in the error log and nothing is showing on the plugin page.

plugins/discourse-fingerprint/app/serializers/flagged_fingerprint_serializer.rb:30:in `data'

plugins/discourse-fingerprint/app/serializers/flagged_fingerprint_serializer.rb:51:in `include_is_common?'

active_model_serializers (0.8.4) lib/active_model/serializer.rb:375:in `include?'

(eval):9:in `_fast_attributes'

active_model_serializers (0.8.4) lib/active_model/serializer.rb:468:in `rescue in attributes'

active_model_serializers (0.8.4) lib/active_model/serializer.rb:455:in `attributes'

active_model_serializers (0.8.4) lib/active_model/serializer.rb:480:in `_serializable_hash'

active_model_serializers (0.8.4) lib/active_model/serializer.rb:359:in `serializable_hash'

active_model_serializers (0.8.4) lib/active_model/array_serializer.rb:89:in `block in _serializable_array'

active_model_serializers (0.8.4) lib/active_model/array_serializer.rb:79:in `map'

active_model_serializers (0.8.4) lib/active_model/array_serializer.rb:79:in `_serializable_array'

active_model_serializers (0.8.4) lib/active_model/array_serializer.rb:73:in `serializable_array'

active_model_serializers (0.8.4) lib/active_model/array_serializer.rb:53:in `as_json'

app/controllers/application_controller.rb:493:in `serialize_data'

plugins/discourse-fingerprint/app/controllers/admin/fingerprint_controller.rb:25:in `index'

actionpack (6.1.3.2) lib/action_controller/metal/basic_implicit_render.rb:6:in `send_action'

actionpack (6.1.3.2) lib/abstract_controller/base.rb:228:in `process_action'

actionpack (6.1.3.2) lib/action_controller/metal/rendering.rb:30:in `process_action'

actionpack (6.1.3.2) lib/abstract_controller/callbacks.rb:42:in `block in process_action'

activesupport (6.1.3.2) lib/active_support/callbacks.rb:117:in `block in run_callbacks'

app/controllers/application_controller.rb:395:in `block in with_resolved_locale'

i18n (1.8.10) lib/i18n.rb:314:in `with_locale'

app/controllers/application_controller.rb:395:in `with_resolved_locale'

activesupport (6.1.3.2) lib/active_support/callbacks.rb:126:in `block in run_callbacks'

activesupport (6.1.3.2) lib/active_support/callbacks.rb:137:in `run_callbacks'

actionpack (6.1.3.2) lib/abstract_controller/callbacks.rb:41:in `process_action'

actionpack (6.1.3.2) lib/action_controller/metal/rescue.rb:22:in `process_action'

actionpack (6.1.3.2) lib/action_controller/metal/instrumentation.rb:34:in `block in process_action'

activesupport (6.1.3.2) lib/active_support/notifications.rb:203:in `block in instrument'

activesupport (6.1.3.2) lib/active_support/notifications/instrumenter.rb:24:in `instrument'

activesupport (6.1.3.2) lib/active_support/notifications.rb:203:in `instrument'

actionpack (6.1.3.2) lib/action_controller/metal/instrumentation.rb:33:in `process_action'

actionpack (6.1.3.2) lib/action_controller/metal/params_wrapper.rb:249:in `process_action'

activerecord (6.1.3.2) lib/active_record/railties/controller_runtime.rb:27:in `process_action'

actionpack (6.1.3.2) lib/abstract_controller/base.rb:165:in `process'

actionview (6.1.3.2) lib/action_view/rendering.rb:39:in `process'

rack-mini-profiler (2.3.2) lib/mini_profiler/profiling_methods.rb:85:in `block in profile_method'

actionpack (6.1.3.2) lib/action_controller/metal.rb:190:in `dispatch'

actionpack (6.1.3.2) lib/action_controller/metal.rb:254:in `dispatch'

actionpack (6.1.3.2) lib/action_dispatch/routing/route_set.rb:50:in `dispatch'

actionpack (6.1.3.2) lib/action_dispatch/routing/route_set.rb:33:in `serve'

actionpack (6.1.3.2) lib/action_dispatch/journey/router.rb:50:in `block in serve'

actionpack (6.1.3.2) lib/action_dispatch/journey/router.rb:32:in `each'

actionpack (6.1.3.2) lib/action_dispatch/journey/router.rb:32:in `serve'

actionpack (6.1.3.2) lib/action_dispatch/routing/route_set.rb:842:in `call'

railties (6.1.3.2) lib/rails/engine.rb:539:in `call'

railties (6.1.3.2) lib/rails/railtie.rb:207:in `public_send'

railties (6.1.3.2) lib/rails/railtie.rb:207:in `method_missing'

actionpack (6.1.3.2) lib/action_dispatch/routing/mapper.rb:20:in `block in <class:Constraints>'

actionpack (6.1.3.2) lib/action_dispatch/routing/mapper.rb:49:in `serve'

actionpack (6.1.3.2) lib/action_dispatch/journey/router.rb:50:in `block in serve'

actionpack (6.1.3.2) lib/action_dispatch/journey/router.rb:32:in `each'

actionpack (6.1.3.2) lib/action_dispatch/journey/router.rb:32:in `serve'

actionpack (6.1.3.2) lib/action_dispatch/routing/route_set.rb:842:in `call'

lib/middleware/omniauth_bypass_middleware.rb:71:in `call'

rack (2.2.3) lib/rack/tempfile_reaper.rb:15:in `call'

rack (2.2.3) lib/rack/conditional_get.rb:27:in `call'

rack (2.2.3) lib/rack/head.rb:12:in `call'

actionpack (6.1.3.2) lib/action_dispatch/http/permissions_policy.rb:22:in `call'

lib/content_security_policy/middleware.rb:12:in `call'

lib/middleware/anonymous_cache.rb:355:in `call'

rack (2.2.3) lib/rack/session/abstract/id.rb:266:in `context'

rack (2.2.3) lib/rack/session/abstract/id.rb:260:in `call'

actionpack (6.1.3.2) lib/action_dispatch/middleware/cookies.rb:689:in `call'

actionpack (6.1.3.2) lib/action_dispatch/middleware/callbacks.rb:27:in `block in call'

activesupport (6.1.3.2) lib/active_support/callbacks.rb:98:in `run_callbacks'

actionpack (6.1.3.2) lib/action_dispatch/middleware/callbacks.rb:26:in `call'

actionpack (6.1.3.2) lib/action_dispatch/middleware/actionable_exceptions.rb:18:in `call'

actionpack (6.1.3.2) lib/action_dispatch/middleware/debug_exceptions.rb:29:in `call'

actionpack (6.1.3.2) lib/action_dispatch/middleware/show_exceptions.rb:33:in `call'

logster (2.9.6) lib/logster/middleware/reporter.rb:43:in `call'

railties (6.1.3.2) lib/rails/rack/logger.rb:37:in `call_app'

railties (6.1.3.2) lib/rails/rack/logger.rb:28:in `call'

config/initializers/100-quiet_logger.rb:23:in `call'

config/initializers/100-silence_logger.rb:31:in `call'

actionpack (6.1.3.2) lib/action_dispatch/middleware/remote_ip.rb:81:in `call'

actionpack (6.1.3.2) lib/action_dispatch/middleware/request_id.rb:26:in `call'

lib/middleware/enforce_hostname.rb:23:in `call'

rack (2.2.3) lib/rack/method_override.rb:24:in `call'

actionpack (6.1.3.2) lib/action_dispatch/middleware/executor.rb:14:in `call'

rack (2.2.3) lib/rack/sendfile.rb:110:in `call'

actionpack (6.1.3.2) lib/action_dispatch/middleware/host_authorization.rb:92:in `call'

rack-mini-profiler (2.3.2) lib/mini_profiler/profiler.rb:249:in `call'

message_bus (3.3.5) lib/message_bus/rack/middleware.rb:61:in `call'

lib/middleware/request_tracker.rb:177:in `call'

railties (6.1.3.2) lib/rails/engine.rb:539:in `call'

railties (6.1.3.2) lib/rails/railtie.rb:207:in `public_send'

railties (6.1.3.2) lib/rails/railtie.rb:207:in `method_missing'

rack (2.2.3) lib/rack/urlmap.rb:74:in `block in call'

rack (2.2.3) lib/rack/urlmap.rb:58:in `each'

rack (2.2.3) lib/rack/urlmap.rb:58:in `call'

unicorn (6.0.0) lib/unicorn/http_server.rb:634:in `process_client'

unicorn (6.0.0) lib/unicorn/http_server.rb:732:in `worker_loop'

unicorn (6.0.0) lib/unicorn/http_server.rb:547:in `spawn_missing_workers'

unicorn (6.0.0) lib/unicorn/http_server.rb:143:in `start'

unicorn (6.0.0) bin/unicorn:128:in `<top (required)>'

vendor/bundle/ruby/2.7.0/bin/unicorn:23:in `load'

vendor/bundle/ruby/2.7.0/bin/unicorn:23:in `<main>'

This probably needs some love @sam to bring it up to date. Should we mark it as broken for now?

I think it is semi-deprecated from my point of view since what it is trying to do is so difficult. What do you think @dan?

5 Likes

Either mine is now working or I’m missing something, do fingerprints not show even if there’s no conflict?

(also the text reads odd “No similar signature were found.”)

no results

and setting made about a week back

Am I in error in how this works or do I need to address something?

Anyone?

1 Like

Not working on 2.7.4. Been checking every day for over 2 weeks now, it shows the same list of users every time.

1 Like

This is the nail in the coffin.

3 Likes

Same issue.

Not working in 2.8.0.beta2 also. It shows last seen when I seen of the user 26 may when I see in this plugin.

I thought it was only me.

1 Like

Fingerprintjs2 script did not load after I updated it to the latest version. I pushed a fix and it should work fine now. Sorry for the issues!

Over the time, there have been many nails in the coffin and there are still ways to fingerprint browsers. From quickly skimming through the article you linked it looks like it is just a way to hide user’s IP and unfortunately that means fingerprinting is still a possibility (as it relies more on browser’s characteristics rather than the IP).

4 Likes

Did I miss enabling a permission or?

image

Mine’s not worked to date

Thank you for your help

There is a way to repurpose plugin to something that will work with only server side information.

I was recommended this plugin in Discourse check the user IP for block list only on login. Discourse don’t really care about users IP, don’t ban user by IP by default (you need to do it manually), and about new user with same IP as banned one you can find only accidentally. Fingerprinting plugin not really helped me, because don’t check IP too.

Some overview page with users that have matching IP with banned accounts would be useful.

And also there is services like https://ip-api.com/ that allow to check if IP is proxy/vpn, can be another useful tool.

Besides IP discourse also have user email. I often see trolls with email from temporary email services, this can be indicator of a bad user too.

Regardless, fingerprinting is becoming harder and harder these days. I cannot imagine it’ll be possible for much longer due to companies and people that are cautious about their privacy.

Thanks for the fix. Working now. :partying_face: