> Background location, biometrics, device identity, boot triggers — none of that is available through a browser

Most browsers do in fact offer that level of granularity, especially for PWA usecases [0].

And from an indicators perspective, having certain capabilities turned off can make it easier to identify and de-anonymize individuals.

Fingerprint? Yeah. Deanonymize? No.

There's a considerable difference. And doing whatever one can to mitigate the former shouldn't be discouraged by falsely equivocating the latter.

	▲	alephnerd 3 hours ago \| parent [-]
		Nope. Actual deanonymization. You will of course need a couple additional threat intel feeds because what is provided via the browser itself isn't enough, but third party data vendors along with threat intel vendors are fairly cost effective. I've seen a couple actual live demos of deanonymization a couple years ago - it's a capability that has existed in the Offensive Security space for a couple years now. And the company I'm alluding to is already live in Japan and Israel.