One more thing.
If you want to change GFX card because this chosen by automatic is too old to be realistically used with Windows 10/11 at this day, then not only you need to change WebGL Properties but also WebGL/WebGL2 Parameters.
Too bad it’s not recalculated or available to chose from drop down menu.
Same with userAgent/Platform/OS CPU combo…
Camofox automatically generates both Intel/AMD graphics. It look more realistic. The user‑agent can be manually changed to be as realistic as possible. It’s very easy. The main point is that the OS fingerprint is highly realistic.
FWIW,
I’ve been using Brave (with anti-fingerprinting) as my main browser for about a year. Around 80% of my browsing is sessionless/incognito. Since moving to Qubes, I use one appVM for sessionless browsing and another for logged-in sessions on “usual suspect” websites. I rotate VPN IPs within my country every 2–3 hours. On mobile, I haven’t used YouTube or logged-in sessions for years. I’ve exclusively used DuckDuckGo or Brave Search for 5+ years, and uBlock Origin for just as long (previously on Firefox/Chrome).
Here’s what I’ve noticed:
Most of my incognito browsing (~80%) is on YouTube as a TV replacement. I haven’t yet set up FreeTube/Invidious on Qubes, so I just use incognito YouTube with bookmarks folders for my “channels”, “watch later” and “history".
Each time I restart the YouTube appVM (not a dispVM) and open YouTube in incognito, it shows the usual “Try searching to get started” screen. But from my very first search (“news” or “emacs”), it instantly begins recommending videos I’m likely to click.
If I leave the appVM running for ~24 hours, after 10+ related clicks, daily visits to my 5 bookmarked channels, and several keyword searches, YouTube essentially rebuilds my logged-in feed—about 80% accuracy. It knows to show me Vim as well as Emacs, Linux as well as security news—even sites I haven’t visited in that session or in a long time - including old content!
For this reason I don’t even log in to YouTube anymore since it already knows who I am.
The extent of this cross-device/cross-IP/cross-browser/cross-OS digital stalking really blows my mind.
It takes longer if I completely wipe the browser profile (even though I’m only using incognito), but it still identifies me surprisingly quickly. It’s as if every interaction with Google infrastructure hones in on my patterns—usage, sites visited, even VPN endpoints—and assigns a probability that it’s me. This goes well beyond non-cookie identifiers.
If I leave the appVM running for 3+ days, it even resurfaces content from old “Music” or “Watch Later” playlists I haven’t accessed in years.
TL;DR: For this use case, I probably need to use a dispVM: that is my next goal.
I think this could make a reproducible fingerprinting test: start with a common keyword (“news”) on a fresh browser/incognito install, delete cookies on exit, etc and see how fast old ‘tripwire’ channels/content resurface. With browser automation (Playwright, Selenium) and thousands of tests, the community could actually accurately measure and score cross-device/OS/IP/browser/sessionless fingerprinting.
Does anything like this already exist? Is this a bad idea? Such a test could empirically evaluate and score fingerprinting/antidetect on donut-browser, dispVMs, Brave, Arkenfox, LibreWolf, etc - and I would love such an awesome feature to be born on Qubes as it is designed to test many browsers, configurations and operating systems - the ‘Killer App’ and compelling reason that will bring many more users in to the safety of Qubes 
(as well as self-evaluation).
1 Like
Does this protect against mouse fingerpinting? Audio fingerprinting, etc?
have you considered newpipe app on an android vm? There is also insidious/piped