We covered the classic fingerprinting vectors in our last guide — Canvas, WebGL, AudioContext, User-Agent. Most privacy-conscious users now know to look for those. Extensions handle some of them.
That's why trackers moved on.
The techniques below are the next wave. They're harder to detect, harder to spoof, and in some cases impossible to block with traditional extension approaches. The good news: they have mitigations. Here's what each does and how Aran Shield handles them.
1. Canvas Poisoning
Standard canvas fingerprinting draws text and shapes to a hidden canvas and reads back the pixel data. Anti-fingerprinting extensions work by intercepting toDataURL() or getImageData() and returning a sanitized, generic result.
Canvas poisoning defeats this by making the original fingerprint more valuable than the sanitized output. The tracker plants a known, distinctive pattern into the canvas — then later reads it back. Even if your extension intercepts the return, the planted pattern is still present in the canvas state itself, which can be read through side-channels.
More advanced variants: write a pattern, let the browser apply it through GPU anti-aliasing, then query it indirectly through timing differences or WebGL texture reads — bypassing the standard Canvas API entirely.
Canvas Poisoning
Tracker plants a known pattern into the canvas; reads it back indirectly even when standard Canvas APIs are intercepted. Bypasses JS spoofing at the API level.
toDataURL(), but the rendering buffer itself.2. AudioContext Fingerprinting
AudioContext fingerprinting exploits how the Web Audio API processes signals through your audio hardware stack. The OscillatorNode + DynamicsCompressorNode chain produces outputs that vary by audio driver, chip, and OS configuration — yielding a persistent, high-entropy identifier.
The technique is mature: AmIUnique's AudioContext test shows it can fingerprint with very few samples. What's new: audio fingerprinting is now combined with inaudible ultrasound beacons. Sites embed ultrasonic tones in page audio or ad video. The user's microphone captures them — even when no audio is visibly playing. This bridges the gap between browser fingerprint and real-world location data (e.g., "this person visited this store").
Note: this requires microphone access, but the fingerprint itself works on AudioContext alone — no permissions needed to get the initial hardware ID.
Audio Fingerprinting + Ultrasound Beacons
AudioContext generates a hardware-specific ID (no permissions). Combined with inaudible ultrasound cross-device tracking — even when no audio is playing visibly.
3. GPU Shader Timing Attacks
WebGL allows executing custom GLSL shaders. By measuring how long a shader takes to execute — with sub-millisecond precision via performance.now() — trackers can infer GPU model, driver version, and even thermal throttling state.
This is harder to spoof than API responses because it's a timing measurement: the actual hardware behavior, not a value your extension can lie about. Two GPUs with different render pipelines will execute the same shader sequence in measurably different times. You can't fake execution speed.
The technique is also stealthy — no external requests, no DOM manipulation, no permissions. Just a silent loop that completes in N microseconds and reveals your GPU generation.
GPU Shader Timing
Measures actual GPU execution time via performance.now(). Can't be spoofed at the API level — the hardware behavior itself reveals GPU model and driver version.
4. CSS-Based Fingerprinting
CSS fingerprinting exploits the rendering engine's behavior — not JavaScript APIs. Techniques include:
- Font metric probing: CSS measures text width/height with specific font stacks — if the rendered metric differs from expected, you know which fonts are installed.
- CSS query timing: Elements with
scrollHeightoroffsetWidthmeasured via CSS — the reflow/repaint timing reveals display driver and hardware rendering path. - Gradient and filter fingerprinting: CSS gradients, box-shadows, and filters render differently by GPU and driver. The rendered result can be read by overlaying a canvas and checking pixel output.
- Scroll behavior fingerprinting: Native smooth scrolling behavior differs by OS and input device — measurable through scroll event timing.
- @supports query exploitation: Browser's supported CSS features reveal OS and version. Increasingly used as a fallback signal when JS fingerprinting is blocked.
Why this is hard to stop: CSS runs in the browser's rendering engine, outside JavaScript context. Extensions can't intercept it without essentially replacing the CSS engine — which breaks every site.
CSS-Based Fingerprinting
Font metrics, gradient rendering, scroll behavior, and reflow timing exploit the browser's rendering engine — not JavaScript APIs. Outside the reach of JS-level blocking.
What Your Current Blocker Is Missing
Here's the problem with relying on standard extension fingerprinting defenses:
- API spoofing breaks sites. Most spoofing tools return generic values for everything — which breaks legitimate features that depend on real data. Trackers know this and build fallback signals.
- Hardware-layer vectors can't be spoofed. GPU shader timing is a physical property of your hardware. No JavaScript can change how fast your GPU executes a shader. The only defense is to prevent the measurement from happening.
- CSS vectors live outside JS. You can intercept JavaScript APIs. You can't intercept the browser's CSS rendering engine without breaking the page.
- Layered tracking is the norm now. Trackers don't rely on one signal. They stack canvas, audio, CSS, and timing — if one is blocked, the other three still work. Full coverage requires all layers.
What's Actually Effective
Hardware Access Control
Denying camera, microphone, and Bluetooth before JavaScript can initialize them closes the audio fingerprint and ultrasound beacon vectors entirely.
DOM Proxy Layer
Intercepts Canvas and CSS rendering at the DOM level, not just the API return value. This is the difference between intercepting getImageData() and controlling the rendering buffer itself.
Trusted Clock Layer
Normalizes performance.now() and Date to prevent high-resolution timing attacks. GPU shader timing requires sub-ms precision — removing that precision removes the signal.
Font Metric Randomization
Injects randomized spacing and rendering hints into font metric calculations, making font enumeration attacks produce inconsistent and therefore useless results.
These aren't features most extensions have. They're system-level interventions that require browser integration beyond what standard extension APIs expose. Aran Shield implements all four.
The tracker playbook evolves faster than filter lists. Canvas fingerprinting was new in 2012; AudioContext fingerprinting was theoretical in 2015; GPU shader timing became practical in 2022. Each technique seemed exotic when discovered and ubiquitous within two years. The four vectors above are already moving from research to production.
The question isn't whether they'll arrive — it's whether your defense will be ready when they do.
Block Fingerprinting at the Hardware Level
Aran Shield handles all four emerging vectors — including canvas poisoning, GPU timing, audio fingerprinting, and CSS-based techniques. Hardware-level protection that standard extensions can't reach.
Download Aran Shield →