This is a technical problem, not a legal one. The solution is for browsers to provide users with the ability to limit the information being sent. There's no need for the vast majority of websites to know my OS, number of CPUs, screen or window size, or most of the other fingerprinting metrics.

▲

Sanzig 2 days ago | parent | next [-]

I think it's both. It wasn't a problem when browsers were simple content display engines, but now that they are full VMs for application software, they need some of that capability just to function. FWIW, I think this was a mistake, but the genie is out of the bottle.

I suppose one technical mitigation might be a permissions dialog when a script requests access to a high-risk API like canvas or WebGL. But that's unfortunately something that won't work for most users, who will just click through the dialog.

▲

istjohn 2 days ago | parent [-]

I'm loathe to suggest it, but perhaps LLM's could help here? Once local LLMs are a couple orders of magnitude better and resource efficient, a user agent LLM could decide what features are actually needed for each page.

	▲	codingminds 2 days ago \| parent [-]
		Until the LLM learned that Cloudflare and friends will bomb you with Captchas until you allow all features again.

▲

kennywinker 2 days ago | parent | prev | next [-]

Making it a technical problem means it’s an arms race forever. Making it a regulation problem, if done right, can simply end the arms race.

Not to mention the big players on the users’ team in the technical arms race (google, ms, apple) are also advertising companies.

By all means let’s solve it from the technical side - but also lets regulate privacy so everyone gets it not just people paranoid/technical enough to use the latest/best privacy respecting tools.

▲

Aurornis 2 days ago | parent [-]

> Making it a technical problem means it’s an arms race forever. Making it a regulation problem, if done right, can simply end the arms race.

“If done right” is doing a lot of work in that sentence.

The way hypothetical regulation is spoken of in abstract terms where it’s perfect, solves everything, and everyone complies perfectly is at odds with how regulation works in the real world.

	▲	kennywinker 2 days ago \| parent [-]
		I agree entirely, but I think that’s a problem because gov is captured by corporate interests / neoliberal ideas. They try to balance keeping corporate donors happy with keeping people happy, and create regulations that are toothless empty gestures that only serve as employment opportunities for lawyers and consultants. So yes, “if done right” is doing a lot of work. But i refuse to cede gov to the corps and retreat to anarcho-capitalist ideas like “this is a technical problem”. We attack on all fronts - regulation and technological solutions.

▲

raxxorraxor a day ago | parent | prev | next [-]

This information can be relevant for a site that needs to know your capabilities. No need to render some canvas if your client is a text browser.

It isn't trivial to craft legislation to separate these use cases, but it also is far from impossible if there would be political will to do it.

I think the latter is far more interested in surveillance of users where tracking is one building block.

And of course legislation is needed to criminalize tracking without user consent. It would just be an internet stalking law being applied.

▲

rsync 2 days ago | parent | prev [-]

… which is why it is so frustrating (and damning) that Firefox does not make it simple to block all of these measurements.

To whatever degree this is, indeed, a technical problem. There’s a simple choke point that is being intentionally unutilized.