So I guess for Firefox users it's time to enable the resist fingerprinting option ?
-
But one question I've been asking myself is : then, wouldn't I be fingerprinted as one of the few nerds who activated the resist fingerprinting option?
-
I use (and love) Firefox containers, and I keep all Google domains in one container. However, I never know what to do about other websites that use Google sign in.
If I'm signing into XYZ website and it uses my Google account to sign in, should I put that website in the Google container? That's what I've been doing, but I don't know the right answer.
-
Yes. But it's better than being identified as a unique user which is much more likely without it. You can test it yourself on https://amiunique.org/fingerprint
-
The crazy part about fingerprinting is that if you block the fingerprint data, they use that block to fingerprint you. That’s why the main strategy is to “blend in”.
So, essentially the best way to actually resist fingerprinting would be to spoof the results to look more common - for example when I checked amiunique.org one of the most unique elements was my font list. But for 99% of sites you could spoof a font list that has the most common fonts (which you have) and no others and that would make you "blend in" without harming functionality. Barring a handful of specific sites that rely on having a special font, that might need to be set as exceptions.
-
Dark mode can be recreated using extensions, although the colors most likely won't be as legible as "native support".
I don't see why a similar extrnsion couldn't change the timezones of clocks.
Additionally, I don't see why the server should bother with either (pragmatically) - Dark mode is just a CSS switch and timezones could be flagged to be "localized" by the browser. No need for extra bandwidth or computing power on the server end, and the overhead would be very low (a few more lines of CSS sent).
Of course, I know why they bother - Ad networks do a lot more than "just" show ads, and most websites also like to gobble any data they can.
-
Just use Tor browser if you want to blend in. Some sites will probably not work, and I don't suggest accessing banks with it, but it works well for regular browsing.
-
No, the best way is to randomly vary fingerprinting data, which is exactly what some browsers do.
Font list is just one of a hundred different identifying data points so just changing that alone won't do much.
-
I wasn't suggesting it as "font list and you're done". I was using it as an example because it's one where I'm apparently really unusual.
I would think you'd basically want to spoof all known fingerprinting metrics to be whatever is the most common and doesn't break compatibility with the actual setup too much. Randomizing them seems way more likely to break a ton of sites, but inconsistently, which seems like a bad solution.
I mean hypothetically you could also set up exceptions for specific sites that need different answers for specific fields, essentially telling the site whatever it wants to hear to work but that's going to be a lot of ongoing work.
-
It's a combination of both.
-
Yes, that’s right. Also seriously consider ditching Single
StalkSign On entirely. -
Iirc, Websites can’t query addons unless those addons manipulate the DOM in a way that exposes themselves.
They can query extensions.
Addons are things installed inside the browser. Like uBlock, HTTPS Everywhere, Firefox Containerr, etc.
Extensions are installed outside the browser. Such as Flashplayer, the Gnome extensions installer, etc.
-
Further: the Canvas API doesn’t have any requirements on rendering accuracy.
By deferring to the GPU, font library, etc, tracking code can generate an image that is in most cases unique to your machine.
So blocking the Canvas API would return a 0. Which is less unique than what it would be normally.
-
Please don't enable this blindly. A lot of modern websites depend on a bunch of features which will simply not work with that flag enabled. Only do it, if you're willing to compromise and debug things a bit
-
Thank you. I agree re ditching it and have been working on that.
