Comment by gruez

Comment by gruez 9 days ago

4 replies

View on Hacker News

That's basically what security vendors like cloudflare does, except with even more fingerprinting, like a javascript challenge that checks the js interpreter/DOM.

walrus01 9 days ago

JS to check user agent things like screen window dimensions as well, which legit browsers will have and bots will also present but with a more uniform and predictable set of x and y dimensions per set of source IPs. Lots of possibilities for js endpoint fingerprinting.

Reply View 3 replies
  • Fripplebubby 8 days ago

    I also present a uniform and predictable set of x and y dimensions per source IPs as a human user who maximizes my browser window

    Reply View 2 replies
    • gruez 8 days ago

      Maximizing reduces the variations, but there's still quite a bit of variation because of different display resolution + scaling settings + OS configuration (eg. short or tall taskbars).

      Reply View 1 reply
      • walrus01 8 days ago

        Or settings like auto-hide MacOS dock vs not auto hide, affecting the vertical size of the browser window.

        Reply View 0 replies