Describe the bug
When using the main form, it is not possible to submit the form using the enter key, while the text input is focused. This is not really an issue, but it is better for accessibility (visual and motor ability) to use semantic elements and their standard behavior. Since this is actually submitting data, a form element is more suited.

To Reproduce
Steps to reproduce the behavior:

1. Go to main page
2. Click on the only text input
3. Press enter key
4. Nothing happens

Expected behavior
As above, except:
4. Form submits

Context:
All browsers

Currently, when a user shares nothing private to Facebook, this icon is shown as preview:

We need to modify the preview image and use http://www.nothingprivate.ml/private.jpg instead. 😄

How to fix

1. Comment on this issue and claim it if you are interested.
2. Just edit index.html and add the following code to the <head></head> tag.

 <meta property="og:image" content="http://www.nothingprivate.ml/private.jpg" />

3. Open a pull request

It does not work if I start the tracking in normal mode then switch to private mode: seems FF Quantum is working well!

it is saying i am sankalp which is i am not.

1. "Star on gihub" changed to "star on github".
2. Name not visible clearly on the footer.
3. White space issues for the page.

Opened #75 for the same.

I can successfully report Bromite v80 on Android 10 resisting your fingerprinting, tried several time and I never got remembered after closing reopening app.

Ungoogled chromium can prevent fingerprinting with these flags enabled too:
Enable get*ClientRects() fingerprint deception
Enable Canvas::measureText() fingerprint deception
Enable Canvas image data fingerprint deception

https://www.nothingprivate.ml/ is not working it says:

Nothing Private is using free hosting (00Webhost) to host the APIs.
It doesn't guarantee 100% uptime. Sorry for the inconvenience caused.

Browser Name and website

Brave

Version

1.16.75 Chromium: 86.0.4240.193 (Official Build) (64-bit)

Operating System used

Linux (Pop!_OS 20.10)

Operating Systems supported

Linux, Windows, OS X

Notes

I have tested this on mobile and on Desktop. It is able to track me on my phone (iPhone 6, iOS 12), though not on my laptop. There is an issue which shows that it is unable to track on Brave with Tor enabled, I want to note that this is with default private browsing, not Tor.

• Use fingerprint.js
• Optimise perfomance
• Improve code style
• Launch beta

This change is now live at https://5dd928dec0ff8700082b409d--preview-npvt.netlify.com/ for beta tests. Please comment on this PR if you encounter any issues.

Describe the bug

To Reproduce
Steps to reproduce the behavior:

1. use Brave
2. block script
3. block all Device recognition
4. https://www.nothingprivate.ml/

Expected behavior
A clear and concise description of what you expected to happen.

Screenshots
If applicable, add screenshots to help explain your problem.

Desktop (please complete the following information):

• OS: macOS
• Browser Brave
• Version 0.68.131

Additional context
Add any other context about the problem here.

Sonar cube integration with travis ci for nothing-private is failing for pull requests, we need to fix it.
See the recent builds:
https://travis-ci.org/gautamkrishnar/nothing-private/pull_requests

Hey,

So I opened the site on my WP10 for the first time and it shows up as You are Piyush. I haven't entered any text before. I don't even know who is Piyush

In db_server/README.md, it says Uses the PHP POD database access. I think you meant PHP PDO, as in PHP Data Objects?

I may even rewrite this as Uses the PHP PDO extension for database access.

Not sure if you are just targeting popular browsers, or if qupzilla has some special magic.

Sentry Issue: NOTHING-PRIVATE-FRONT-END-F

Error: Expected '('
  at None (/main.js:5:327)

Is your feature request related to a problem? Please describe.
I assume the fingerprint functionality is loaded from sentry CDN. If the load is prevented, you might still be fingerprintable by non-external scripts. I visited the page, and it didn't manage to fingerprint me. However, I'm using NoScript and sentry-cdn is marked as untrusted. I've got at least one more layer of protection like it. Those layers do not protect against fingerprinting in-and-of itself. Instead they prevent known finger-print scripts from being loaded in the first place.

Describe the solution you'd like
Consider hosting the fingerprint script on the page itself. If the script is self-hosted, several preventative layers of protection can probably be bypassed, which makes the page better test how fingerprintable the browser is.

Describe alternatives you've considered
Maybe that's not what you want to test.

Additional context
The trade-off is that updates to the fingerprint script are not automatically applied.

In fact is a god idea show that the user dont stay safe in private/incógnito mode. The website Works perfect but I have one sugestion.

For better explanation add a button that clear user data to possibility entering new data.

Something like that:
cleardata.php

<?php

header("Access-Control-Allow-Origin: *");
$location = "sqlite:".__DIR__."/safebrowsing.sqllite3";

if (isset($_GET['finger']))
{
    $dbh = new PDO($location) or die("cannot open the database"); 

    $stmt = $dbh->prepare("DELETE FROM browsertab WHERE fingerprint=?");
    $stmt->execute([$_GET['finger']]);
    $result = $stmt->fetch(); 

    $stmt->close();
}else{
//error while clear data
}
?>

Hello guys, I just submitted a logo proposal for Nothing Private: arasatasaygin/openlogos#9 (comment)

Please give it thumbs up and support. (Click on the link above, go to the comment and upvote it)

Proposal

Intro

Do you think you are safe using private browsing or incognito mode?. 😄 👿 This will prove that you're wrong. https://www.nothingprivate.ml

About Nothing Private

This project is a proof of concept that any website can identify and track you, even if you are using private browsing or incognito mode in your web browser. Many people think that they can hide their identity if they are using private browsing or incognito mode. This project will prove that they are wrong.

Highlights

• 100K Users worldwide
• 500+ Github stars
• 27+ Contributors

Why this logo?

Since this logo aligns with project's philosophy it would be cool to have it.

• Eye means nothing is private.
• The circles look like fingerprints, Nothing private uses browser fingerprinting.
  😄

Why?

According to the documentation: https://github.com/arasatasaygin/openlogos, A project that receives the maximum number of upvotes will receive the right to the logo. Please help nothing private to win it. Please share this with your friends too.

CC: @milesmcc @electron-volt @Timothee @mubaidr @edipox @tagawa @Anuradha-Iyer @PoojaB26 @jophab @ParadoxZero @naltun @jamesoreillyms @rogersachan @fisayoafolayan @Waterloo @nimitbhargava @brunomassa @Logan1x @Crismen @floppypanda @logenkain @tilepaper @leovarmak @tniessen @inboxdarpan @Permik @sleepyeinstein As you are a previous contributor of Nothing Private, you might be interested in upvoting the project.

As stated in the title above, the website can't track me if I access it in incognito mode.

It isn't a bad thing that this does not work, but in the near future this way on tracking will become obselete.
(Chrome Canary)

Since the voting for logo is closed, we need to remove the notification mentioning about voting from the site.

Visit https://www.nothingprivate.ml you can see a notification at the bottom. Don't forget to remove the library entirely.

If you are interested please comment on this issue.

Create a php script that can be executed via cron job that does the following:

• It truncates the existing entries in the nothing private database. You can use the existing connection.php for the DB connection.
• It should log the current count of the rows in the database to a file named visitors.txt If the file already exists with a count, the script must read the count from the file and update the file by adding the current count with the previous count. This is used to track the number of visitors.

Path to place the script: db_server/cron.php
Path to save the visitors.txt: db_server/visitors.txt

Skills Required

• PHP
• MySQL

Describe the bug
what the title says

To Reproduce
Steps to reproduce the behavior:

1. do what the title says

Expected behavior
I cant really say anything more

Desktop (please complete the following information):

• OS: Windows 11
• Browser Chrome
• Version 94

Forget Me button is not working for "nothing private" web app.

How to fix

• Please comment on this issue if you are working on it and let others know about it.
• You can find the server files here: https://github.com/gautamkrishnar/nothing-private/tree/master/db_server
• Make necessary changes
• Submit a PR

Sentry Issue: NOTHING-PRIVATE-FRONT-END-E

SyntaxError: Unexpected token {
  at None (/main.js:5:327)

Sentry Issue: NOTHING-PRIVATE-FRONT-END-N

TypeError: navigator.plugins[c] is undefined
  at getPlugins (/client.min.js:8:197)
  at getFingerprint (/client.min.js:1:277)
  at calculateFingerprint (/main.js:1:143)
  at pageLoader/< (/main.js:2:104)

When on the main page if you click 'See the magic button' multiple times fast enough, the page reloads twice and shows the message "You are test_name".

To Reproduce
Steps to reproduce the behavior:

1. Go to https://www.nothingprivate.ml/
2. Enter name and click on 'See the magic!' multiple times really fast.

Expected behavior
Only the "Now open a private browsing window or incognito window on your browser and visit www.nothingprivate.ml to see the magic...." page should load.

Desktop (please complete the following information):

• OS: Ubuntu 18.04
• Browser :
  • Chrome 73.0.3683.86
  • Firefox 70.0.1

I am submitting an issue for the first time. If there are any mistakes, please let me know.

safedb.php contains two SQL injection vulnerabilities:

$query =  "SELECT * FROM browsertab WHERE fingerprint='".$_GET['finger']."'";
...
$query =  "INSERT INTO browsertab VALUES('".$_GET['finger']."','".$_GET['name']."')";

SQL injections allow attackers to manipulate queries and gain access to the system (even though the possibilities are very limited when it comes to SQLite). You should never use a DBMS with applications which might contain SQL injection vulnerabilities, so you might want to learn more about SQL first. This thread might get you started.

I'm not going to leave what name I typed, but it took a couple of tries (without the forget me button!) with Google Chrome (no incognito required) to identify me. I used the same device (a Windows laptop) and accessed the site three times within five minutes. It finally work at the end.

Congrats. I am impressed with it, though.

(first try, no incognito)
(second try, incognito, and still not recognized...)
(third time. recognized. Same incognito session.)

Brave Browser : https://brave.com

All Versions Are Private

Windows/Linux/MacOs/Android

As a user, access to your web activity and data is sold to the highest bidder. Internet giants grow rich, while publishers go out of business. And the entire system is rife with ad fraud.

Brave Shields for Privacy

Block data-grabbing ads and trackers

The vast bulk of websites and ads include software that tries to identify you. They want to track your every move across the web. Brave blocks all this, allowing you to browse freely.

So, I wrote a tutorial on how to enable "Resist fingerprinting" option in Firefox Quantum which is not enabled by default. I think that putting Firefox Quantum in Secure-Browsers file without context when this browser safe is not really helping, so I hope that adding a context will help.

I'm opening this issue, only because of "Related issue" requirement in Pull Request.

Recently Nothing Private got sponsorship for Openshift Pro plan via the Red Hat Grants program. We need to migrate the application to the Openshift backend. As of now, I am planning to do the deployment using yaml.

https://docs.openshift.com/container-platform/4.4/applications/deployments/what-deployments-are.html

nothingprivate.ml is down due to domain expiration. I re-registered the domain and now waiting for its DNS propogation. It will be back soon. All thanks to freenom.

I am reporting Firefox 73, Waterfox-current and Librewolf 72 as all insecure.

tested on linux with following:
default
with adons
fresh reset enabling only "resist fingerprinting"
different profiles don't matter either
in all cases I got remembered.

Thank you to all nothingprivate.ml devs for a great tool and amazing job.

I tried it, though it couldn't reproduce name that I provided in normal browser.

What I would like to see

A hacky themed UI, with a dark mode instead of a lightmode, and an appropriate font instead of default Arial.

Possible Alternative

Changing the colours of the site and making them fit with a dark theme.

Describing What It Would Look Like

This project has a hacker vibe / aesthetic going on, and it would only be right to match the website's UI with that. Things such as a default font, outlines on the form button, etc. are small but pesky things which could for sure be improved easily, and made look better to give an even better user experience.

Describe the bug
Background image is not alligned correctly in mobile.

To Reproduce
Steps to reproduce the behavior:

1. Visit Nothing private in mobile

Expected behavior
Image should be bottom right alligned.

Screenshots

Warning ⚠️ : "GitHub Buttons deprecated data-style: use data-size="large" instead. Please refer to https://github.com/ntkme/github-buttons#readme for more info."

How to fix:

• Comment on this issue if you are interested
• Change Line 28 of index.html.
• Replace data-style="mega" with data-size="large"
• Submit a pull request

Browser Name and website
Vivaldi
Version
5.0.2497.48
Operating System used
MacOS 12.2
Operating Systems supported
MacOS, Windows, Linux (Android and ChromeOS, but with less features)
Notes
none

Facebook sharing button is not working in http://www.nothingprivate.ml/
CC: @Logan1x

Just stumbled upon your project.

I wanted to try using the same browser session to see if my fingerprint can be detected. And I found that if you change your browser's window dimensions to something else and refresh the page, you will not be detected :)

Browser Name and website
I am not entirely sure if this issue has been raised now.

So I tried following the steps on my brave browser, but then when I was asked to open on a private browser window, I used a private window with Tor. I never got past this first page, It kept trying to verify if I am human.

Version

• Brave Version 1.13.82 Chromium: 85.0.4183.83 (Official Build) (64-bit)
  Operating System used
• macOS
  Operating Systems supported

Notes

@all-contributors please add @jatinsharma28 for documentation

https://twitter.com/sleepyeinstein found an XSS Venerability in www.nothingprivate.ml:

If you are interested in working on this bug, please comment on this issue.
More info: https://excess-xss.com/

• Populate the list of secure web browsers that doesn't allows browser fingerprinting after visiting the www.nothingprivate.ml in them. If you are not able to fingerprint using that browser, add it to the list: https://github.com/gautamkrishnar/nothing-private/blob/master/Secure-Browsers.md
• Verify whether the browsers listed there are actually secure against fingerprinting.

Sentry Issue: NOTHING-PRIVATE-FRONT-END-7

ReferenceError: Can't find variable: pageLoader
  at onload (https://www.nothingprivate.ml/:28:11)
  at dispatchEvent ([native code])
  at l (/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js:1:1118)
  at None (/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js:1:8707)
  at callback (/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js:1:3115)
...
(5 additional frame(s) were not displayed)

Add an icon at the end of the webpage to share the webpage link to facebook, twitter and linkedin...
Please comment on this issue if you are interested.

Sentry Issue: NOTHING-PRIVATE-FRONT-END-3

SyntaxError: Unexpected token E in JSON at position 0
  at JSON.parse (<anonymous>)
  at XMLHttpRequest.xhr.onreadystatechange (/main.js:63:30)