767
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 02 Apr 2025
767 points (97.4% liked)
Technology
73795 readers
1101 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related news or articles.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 2 years ago
MODERATORS
Good start. Now make a version that clicks each ad a random number of times from randomly generated IP addresses.
That's not how IP addresses work.
What if we use a Visual Basic UI to hack the IP address by netmask?
Yes, but this only works if you connect your VPN via 3 block chain proxies.
Feed it SQL injections?
Have it form connections to all the other browsers using the extension and they all send a click.
now you've broken the law by creating a botnet.
Naw, it’s an MMORPG.
Is the botnet itself breaking the law or is breaking the law with a botnet breaking the law?
I'm pretty sure it's not a botnet until it's used as one or the intent of it is to be used in the same way a botnet is used.
Okay okay, how about a counter that is updated with each user clicking on an ad, and the client can decide what they want to do with that information, totally not a botnet right?
It just changes the user agent instead...
You can fake your IP. There isnt really any authentication at the IP level. Just make a packet and overwite the IP field.
Edit: I was corrected. The TCP handshake requires you to have a valid IP you can respond from. So even though you can fake your IP, you can't use that to talk to most websites.
You need a TCP handshake prior to sending any http payload.
Oh yeah. Forgot about that.
Nothing is random
In bot cases like this you would have a proxy list that it “randomly” picks from
Ad Networks use browser fingerprinting to detect duplicate clicks, which is tied to your hardware, system locale, installed fonts etc.
Sounds like a solvable problem
Chameleon add-on for Firefox, randomly rotates your browser, OS, screen size, timezone, device type, language, and other customizable parameters every x minutes.
I've set it to do so every 5 minutes, and to omit desktop & tablet as device types (else some websites display the respective page) and timezones (messed up 2FA).
I also disabled blackberry and windows phone from the manufacturer ID, that would have the opposite effect from obscuring me.
For the rest of it, it's working great.
Tell me how, then, because I don't know how to get around the font thing. Everybody's computer has a different set of fonts, and blocking browsers from seeing what fonts you have installed would help identify you even more.
A browser extension that limits webpages to default Windows fonts only would eliminate that factor from contributing to identification without flagging it as suspicious. A slightly more robust version could frequently cycle between multiple subsets of default Windows fonts. Say Windows comes with 100 fonts. So you could have thousands of configurations with different subsets of those.
"Just" remove a random 2.5% of the fonts, a different random set per request (context).
That one browser which everyone hates despite it being the best adblocker and anti-surveillance browser out there randomizes your fingerprint.
which one