CanvasBlocker triggers a generic anti tampering on ylilauta.org

[JobcenterTycoon]

Description

When i visit https://ylilauta.org/ a big red box informs the user about the "tampering" even with the "hard to detect" mode enabled. The site self breaks after this.

Here a test code of the anti tampering

Code:

function checktamper() {
{
        try {
            if ('get' in Object.getOwnPropertyDescriptors(console).error) {
                console.log("Tampering detected 1")
            }
        } catch {
            console.log("Tampering detected 2")
        }

        let i = document.createElement('iframe');
        i.style.display = 'none';
        document.body.append(i);
        EventTarget.prototype.addEventListener = i.contentWindow.EventTarget.prototype.addEventListener;
        Element.prototype.getBoundingClientRect = i.contentWindow.Element.prototype.getBoundingClientRect;
        i.remove();

        for (const p of [
            {o: window, f: 'setTimeout'},
            {o: window, f: 'setInterval'},
            {o: window, f: 'alert'},
            {o: window, f: 'confirm'},
            {o: window, f: 'getComputedStyle'},
            {o: window, f: 'parseInt'},
            {o: window, f: 'parseFloat'},
            {o: window, f: 'postMessage'},
            {o: window, f: 'addEventListener'},
            {o: document, f: 'createElement'},
            {o: Element.prototype, f: 'getBoundingClientRect'},
        ]) {
            try {
                p.o[p.f].caller;
                p.o[p.f].arguments;
            } catch (e) {
                if (
                    e.message.match(' incompatible ')
                    || e.stack.match('(<anonymous>)')
                ) {
                    console.log("Tampering detected 3")
                }
            }

            const regex = new RegExp('^function ' + p.f + '\\(\\)\\s*{\\s*\\[native code]\\s*}$');
            let da;
            let db;
            let v = p.o[p.f];
            try {
                da = delete p.o[p.f]['toString'];
                db = delete p.o[p.f];
            } catch {
                da = false;
                db = false;
            }

            if (
                !da || !db ||
                typeof Object.getPrototypeOf(v) !== 'function' ||
                typeof v !== 'function' ||
                v.name !== p.f ||
                v.toString().replaceAll('\n', '').match(regex) === null
            ) {
                console.error(p.f + ' does not match expected behavior.');
                console.log("Tampering detected 4")
            }

            Object.defineProperty(p.o, p.f, {value: v, configurable: false, writable: false});
        }

        return false;
    }
}
checktamper();

When i execute this in the browser console it always throw Tampering detected 3 with this addon enabled even when no specific API getting protected. It works fine when the addon is disabled.

Expected Behaviour

No tampering getting detected (i know it can’t be avoided completely but it even appears when no API getting protected)

Current Behaviour

It triggers a generic anti tampering (not specifed to anti fingerprinting)

Possible Solution

Your Environment

• CanvasBlocker Version used: Version 1.9
• Firefox version incl. 32- or 64-bit: Firefox 64 bit
• Operating System and version (desktop or mobile): Windows 10
• Installed addons: CanvasBlocker

Your Settings

{
	"logLevel": 1,
	"urlSettings": [],
	"hiddenSettings": {},
	"expandStatus": {},
	"displayHiddenSettings": false,
	"whiteList": "",
	"sessionWhiteList": "",
	"blackList": "",
	"blockMode": "fake",
	"protectedCanvasPart": "input",
	"minFakeSize": 10,
	"maxFakeSize": 0,
	"rng": "persistent",
	"protectedAPIFeatures": {},
	"useCanvasCache": true,
	"ignoreFrequentColors": 3,
	"minColors": 3,
	"fakeAlphaChannel": false,
	"webGLVendor": "",
	"webGLRenderer": "",
	"webGLUnmaskedVendor": "",
	"webGLUnmaskedRenderer": "",
	"persistentRndStorage": "{}",
	"persistentIncognitoRndStorage": "",
	"storePersistentRnd": true,
	"persistentRndClearIntervalValue": 0,
	"persistentRndClearIntervalUnit": "days",
	"lastPersistentRndClearing": 1707692714496,
	"sharePersistentRndBetweenDomains": false,
	"askOnlyOnce": "individual",
	"askDenyMode": "block",
	"showCanvasWhileAsking": true,
	"showNotifications": true,
	"highlightPageAction": "none",
	"highlightBrowserAction": "color",
	"displayBadge": true,
	"storeNotificationData": false,
	"storeImageForInspection": false,
	"ignoreList": "",
	"ignoredAPIs": {},
	"showCallingFile": false,
	"showCompleteCallingStack": false,
	"enableStackList": false,
	"stackList": "",
	"protectAudio": true,
	"audioFakeRate": "100",
	"audioNoiseLevel": "minimal",
	"useAudioCache": true,
	"audioUseFixedIndices": true,
	"audioFixedIndices": "12",
	"historyLengthThreshold": 2,
	"protectWindow": false,
	"allowWindowNameInFrames": false,
	"protectDOMRect": true,
	"domRectIntegerFactor": 4,
	"protectSVG": true,
	"protectTextMetrics": true,
	"blockDataURLs": true,
	"protectNavigator": false,
	"navigatorDetails": {},
	"protectScreen": true,
	"screenSize": "",
	"fakeMinimalScreenSize": false,
	"displayAdvancedSettings": true,
	"displayDescriptions": false,
	"theme": "auto",
	"dontShowOptionsOnUpdate": false,
	"disruptSessionOnUpdate": false,
	"updatePending": false,
	"isStillDefault": false,
	"storageVersion": 1
}

[kkapsner]

I do not get the red box with the current beta version. Is the site usable with that?

[JobcenterTycoon]

They removed the check.