| ▲ | mysterypie 2 days ago |
| > go to about:config and setting privacy.resistFingerprinting = true in your Firefox browser Two questions jump to mind: Why isn't this the default in Firefox? What is the downside? I.e., what can break by enabling this parameter? |
|
| ▲ | JohnFen 2 days ago | parent | next [-] |
| It's isn't the default because the countermeasures cause a lot of side-effects. If it were on by default, new users would probably think the browser is broken or buggy. Here's what the settings do and what sort of side-effects you might experience: https://support.mozilla.org/en-US/kb/resist-fingerprinting |
| |
| ▲ | Yeul 2 days ago | parent [-] | | Yeah I have it on but I use a second browser for banking and government business. |
|
|
| ▲ | jeroenhd 2 days ago | parent | prev | next [-] |
| > What is the downside Just of the top of my head: - Timezone is set to UTC which means any web calendar input becomes confusing at best - Canvases turn into random stripes, which leaves artefacts all over many websites - Some websites outright block you as bots (twitch does this) - Some web APIs break, which can be a pain if you're web apps that rely on them You can add websites to a whitelist to avoid the downsides on some sites (privacy.resistFingerprinting.exemptedDomains) but it's a pain to do that for every website. |
| |
| ▲ | Szpadel 2 days ago | parent | next [-] | | other downsides, cloudflare, PayPal and all kinds of finance related sites will assign high threat level for you and you will make your life miserable for causes ranging from captcha through rejecting your purchases to even blocking you access. and the worst part is that this didn't changed the fingerprint generated by mentioned here site just increases suspect level to 9 | | |
| ▲ | jeroenhd a day ago | parent | next [-] | | I haven't encountered too many problems with Cloudflare yet. Having a dedicated (rather than CGNAT), non-rotating IPv4 address and IPv6 subnet to access the internet probably helps. resistFingerprinting does seem to work against fingerprint.com in my experiments after clearing its website data and a browser restart. | |
| ▲ | Workaccount2 2 days ago | parent | prev | next [-] | | The solution I use is to have two browsers, one bolted down and the other mostly untethered. After a while you develop and intuition for which browser to use depending on what you will be doing. | |
| ▲ | gruez 2 days ago | parent | prev [-] | | >and the worst part is that this didn't changed the fingerprint generated by mentioned here site ??? It definitely does. Are you talking about how it doesn't change between subsequent visits? | | |
| ▲ | Szpadel 2 days ago | parent [-] | | In my case it stayed the same, but I tested it on android Firefox, maybe it works better on desktop, but I do not have access to it right now to verify | | |
| ▲ | gruez 2 days ago | parent [-] | | You probably need to quit/force close and reopen. At the very least it randomizes your canvas results and timezone, which should mess with most fingerprinting sites. |
|
|
| |
| ▲ | keyringlight 2 days ago | parent | prev [-] | | The biggest one I've noticed which I think is linked to that preference is sites using Cloudflare sending you into an endless loop of a bot check. |
|
|
| ▲ | rinz 2 days ago | parent | prev | next [-] |
| Some websites prefilled username to allow quicker re-login - this kind of features. Worst case scenario, you will get a first-time visit experience all over again |
|
| ▲ | Cyykratahk 2 days ago | parent | prev | next [-] |
| The most obvious downside for me was remote terminal windows (e.g. using ttyd) being unusable because canvas rendering was "broken". |
| |
| ▲ | capitainenemo 2 days ago | parent [-] | | That one at least is easy to fix, since firefox shows a little icon in url bar if it is blocking canvas data, and the remote site asked for it. You just click on it to whitelist that site. I've had more issues personally with resist fingerprinting making major sites completely unusable (drupal.com, walmart.com..) |
|
|
| ▲ | micromacrofoot 2 days ago | parent | prev [-] |
| It's actually part of the privacy preferences in the normal settings, and they supply this warning > This setting may cause some websites to not display content or work correctly. If a site seems broken, you may want to turn off tracking protection for that site to load all content. Some sites use light fingerprinting to provide features |
| |
| ▲ | jeroenhd 2 days ago | parent [-] | | resistFingerprinting is stricter (and has worse side effects) than the standard "strict" privacy protection. |
|
