Beyond Stealth Plugins: Achieving True Browser Anonymity with Clark-Browser
For developers building browser automation agents, the 'cat-and-mouse' game of bot detection has become increasingly sophisticated. While tools like Puppeteer and Playwright are industry standards, their default headless modes are trivial for modern security services to detect. Most developers rely on JavaScript-level 'stealth' plugins to mask these signals, but as detection engines evolve, these shims are becoming as detectable as the bots they intend to hide.
Enter Clark-Browser, an open-source fork of ungoogled-chromium designed to move the battleground from the JavaScript layer to the C++ source level. By patching the browser binary itself, Clark-Browser aims to make automated instances indistinguishable from genuine user installations.
The Failure of JS-Level Stealth
To understand why Clark-Browser is necessary, one must understand how bot detection works. Standard chromium --headless leaves a trail of obvious signals:
navigator.webdriveris set totrue.- The plugin list is empty.
- The User-Agent explicitly contains
HeadlessChrome. - WebGL strings reveal software renderers rather than physical GPUs.
Many developers use libraries like puppeteer-extra-plugin-stealth or playwright-stealth. These tools work by injecting JavaScript to override these properties. However, advanced detection suites—such as FingerprintJS, BrowserScan, and Cloudflare Turnstile—can often detect the presence of the stealth plugin itself. When a website detects that a property has been modified via a JS proxy or a getter override, it triggers a high-risk flag.
The C++ Approach: Patching the Source
Clark-Browser takes a fundamentally different approach. Instead of trying to hide the evidence after the browser has started, it modifies the source code in blink, v8, and net before the binary is compiled.
By implementing anti-fingerprinting at the C++ level, the values returned to the JavaScript environment are not "spoofed" in the traditional sense—they are the actual values the browser engine believes it has. This eliminates the inconsistencies that JS-level shims create, making the browser appear as a native Chrome installation across the entire JS-visible fingerprint surface.
The Stealth Surface
Clark-Browser introduces a series of --fingerprint-* command-line switches that allow developers to define a deterministic identity for the browser instance. This allows for precise control over:
- Hardware Profiles: Spoofing GPU vendors, renderers, device memory, and hardware concurrency.
- Environmental Data: Setting the IANA timezone, BCP 47 locale, and geolocation coordinates.
- Network Identity: Spoofing WebRTC IP addresses to prevent leaks.
- Visual Noise: Implementing canvas and audio noise to prevent deterministic fingerprinting (inheriting infrastructure from Brave).
Performance and Verification
According to the project's documentation, the released binary has already passed several critical tests. It successfully bypasses the SannySoft WebDriver test and the Antoine Vastel headless test (provided the correct Accept-Language header is used). It also passes BrowserLeaks Client Hints and WebGL tests, avoiding the SwiftShader or llvmpipe markers typical of headless environments.
However, the community remains cautious. As noted by users in the Hacker News discussion, modern detection—particularly from Cloudflare—has moved beyond simple property checks.
"They're not just looking at navigator properties anymore, they're timing canvas operations and checking for inconsistencies in the rendering pipeline."
While Clark-Browser addresses the static fingerprint, the dynamic behavior (timing attacks and rendering pipeline analysis) remains the frontier of the bot-detection war.
Getting Started
Clark-Browser is MIT-licensed and provides a Python wrapper for ease of use with Playwright:
from clarkbrowser import launch
browser = launch()
page = browser.new_page()
page.goto("https://bot.sannysoft.com")
print(page.title())
browser.close()
For those requiring maximum transparency or custom configurations, the project provides full build scripts for Linux and macOS, though the build process is resource-intensive, requiring roughly 80 GB of disk space and 32+ GB of RAM.
Conclusion
Clark-Browser represents a shift toward more professional-grade browser automation. By moving anti-detection logic into the binary, it provides a more robust foundation for agents that need to operate in highly restrictive environments. While no tool can guarantee 100% invisibility against the most advanced AI-driven detection systems, patching the source is objectively more effective than patching the DOM.