Device Enumeration Chaos

Wraps MediaDevices.prototype.enumerateDevices, getUserMedia, getDisplayMedia and Permissions.prototype.query with a counter + stack logger that sits above the C-S-S deviceEnumerationFix proxy, so you can see every entry. Use Copy DevTools snippet to paste the same instrumentation into another site's DevTools (e.g. linkedin.com/checkpoint/...) to observe what protechts / reCAPTCHA / first-party scripts actually call.

How to use this on a real site (e.g. linkedin.com) — full workflow

1. Install the snippet

Click Copy DevTools snippet above.
Open the site you want to observe (e.g. https://www.linkedin.com/) in the Windows DDG browser. For the OPS-7378 repro, temporarily disable the protechts.net request-blocklist rule so the checkpoint flow actually loads.
Open DevTools → Console. Paste the snippet and press Enter. You should see a red chaos instrumentation installed banner.

Important: the snippet does not survive a page refresh — refresh creates a fresh window / MediaDevices.prototype and the wrappers are gone. Re-paste the snippet after every refresh. To catch calls that fire during page load (which is when most fingerprinting probes run), use the pause-on-first-statement trick in the next section.

1b. Catching very early calls (pause before page JS runs)

Anti-bot scripts typically fire their probes within the first few hundred ms of page load — before you can paste the snippet manually. To guarantee the wrappers are in place before any page JavaScript runs:

Open DevTools before loading the target page.
Go to Sources → Event Listener Breakpoints (right-hand pane). Expand Script and tick Script First Statement.
Navigate to / refresh the target site. DevTools will pause at the very first JavaScript statement.
Switch to the Console tab and paste the chaos snippet. The wrappers are now installed.
Click Resume script execution (▶ in Sources, or F8). All subsequent JS — including the protechts / reCAPTCHA bootstrap — will run through your wrappers.
Uncheck Script First Statement when you are done, otherwise every page load will pause.

2. Trigger the behaviour you want to observe

Navigate to / interact with the page as a tester would. For the camera-prompt repro on LinkedIn, simply landing on the checkpoint flow is usually enough. The Console will stream [chaos] <API> <args> <count> debug lines as each wrapped API is called.

3. Read the counters

window.__chaosInstrumentation.summary()
// { counts: { 'MediaDevices.enumerateDevices': 7, ... }, logCount: 7 }

Watch the call rate, not just the count. A normal page calls enumerateDevices a handful of times at most; an anti-bot fingerprinter calling it hundreds of times in a few seconds is the queue-stampede pattern that DaveV's A11 / A12 simulates.

4. What to look for

MediaDevices.enumerateDevices count climbs into the hundreds within a few seconds. Likely the queue-stampede pattern. Under the C-S-S deviceEnumerationFix proxy this will start timing out (2000ms) and falling through to the real enumerateDevices() — which is what triggers the OS prompt on Windows MSIX.
Any call to MediaDevices.getUserMedia without a user gesture. Almost always an anti-bot probe. Check the stack — if it points into client.protechts.net/.../main.min.js or www.gstatic.com/recaptcha/... that is your prompt trigger. The Asana investigation pointed here as the primary cause on linkedin.com.
Permissions.query({name: 'camera'}) or 'microphone'. Informational; does not prompt on a normal browser. Still worth recording — if you see the count climb but no getUserMedia calls, the trigger may be elsewhere (or in a native-side path).
Stacks containing protechts.net, li.protechts.net, recaptcha/enterprise, static.licdn.com/aero-v1. These are the candidate origins identified by the HAR analysis. Stacks pointing into LinkedIn's own aero-v1 bundles are usually fine (gated behind user gestures); stacks pointing into protechts or recaptcha are the suspect entries.
Empty or anonymous stack frames (common in obfuscated PerimeterX VM code). Cross-check the call timing against the Network panel — if the call lands within a few hundred ms of a collector-pxdojv695v.protechts.net POST, it is almost certainly from the protechts VM.

5. Capture for the ticket

window.__chaosInstrumentation.download()  // saves full log + stacks as JSON
window.__chaosInstrumentation.uninstall() // restore originals

Attach the downloaded JSON to OPS-7378 along with the exact browser version and whether the OS prompt appeared.

What the snippet does not catch

Calls that resolve their function reference once and cache it before the snippet is pasted. Refresh after pasting to mitigate.
Calls from a separate JavaScript realm (cross-origin iframes such as li.protechts.net/index.html). The snippet wraps only the top-level MediaDevices and Permissions prototypes. Calls from inside li.protechts.net happen in the iframe's own realm and are not visible to the top window. To observe those, paste the snippet into the iframe's own DevTools context (DevTools → iframe selector dropdown → pick the iframe), or use the Iframe Media Prompt Repro page which controls both sides.
Native-side prompts that originate without a JavaScript entry point. If counts stay at zero but the OS prompt still fires, the trigger is upstream of the JS layer.