Browser fingerprinting aggregates dozens of browser attributes — screen resolution, installed fonts, canvas rendering output, WebGL vendor string, audio processing characteristics, navigator properties — into a unique identifier. Even without cookies, a fingerprint can track a browser across sessions. Anti-fingerprinting countermeasures aim to make these attributes appear consistent with a common real-browser profile.
Stealth patches override JavaScript APIs that expose fingerprinting-vulnerable data: `HTMLCanvasElement.prototype.toDataURL` returns a slightly noised image rather than the exact GPU rendering; `navigator.plugins` returns a realistic plugin list; `screen.width` and `screen.height` are set to common display resolutions. The goal is not to return completely fake values (which are themselves detectable as anomalies) but to match the fingerprint distribution of a large browser population.
Modern anti-fingerprinting goes further: spoofing the TLS ClientHello to match Chrome's exact cipher suite order, patching `window.chrome` to include all properties present in the real Chrome browser, and ensuring that timing measurements (performance.now resolution, requestAnimationFrame timing) match GPU-based rendering patterns.