I did the tests on fingerprint.com/demo/ and https://coveryourtracks.eff.org/ and they both said I have a unique fingerprint, even when I enabled privacy.resistFingerprinting to True.
I finally made a Lemmy account just to comment on this 😅
When this option is active, of course your fingerprint is unique because of how it works.
Every time a website fingerprints you with this option turned on, firefox makes sure that the ID is as unique as possible, so no correlation can happen. 😊 Verify this by visiting that site two times and check the hash to make sure it change between the two requests.
EDIT: fingerprint.com probably use Cookies and/or localstorage so the ID is the same when refreshing, but Firefox have protection in place for cross-site tracking and cookie sandboxing, etc (I won’t pretend like I know how everything work), but those protections helps against that type of services from what I recall.
So does Firefox make this more unique or something? I didn’t know this was a thing but I’m interested in privacy and it sound like something I should be looking into.
In essence: It makes it random. (Hence fingerprinting checkers find the ID uniqiue")
Although sometimes you need some features that interfere with it. I use the add-on “Toggle Resist fingerprinting” to easily toggle it off when I want a website to draw canvas (canva.com is a funny example lol) and then toggle it back when I’m done.
Some nice things, but it can interfere with some daily use cases: Timezone is changed to UTC. Canvas shows random data.
Nice rabbit hole read: https://wiki.mozilla.org/Security/Fingerprinting
(Its like Wikipedia. You can’t stop clicking on links to find out more xD)
EDIT: fingerprint.com probably use Cookies and/or localstorage so the ID is the same when refreshing, but Firefox have protection in place for cross-site tracking and cookie sandboxing, etc (I won’t pretend like I know how everything work), but those protections helps against that type of services from what I recall.
Use Tor Browser. Don’t waste your life on micro-optimisation. You will get a lot more privacy with stuff like getting all your friends on Signal/SimpleX, etc.
You’re absolutely right micro-optimization, I found that I did too much of that in 2022 and 23 and really cut down on that this year, I found that doing so is basically never worth it. I’m not gonna do that with privacy either, I’m focusing on what actions I can take that will make big improvements to my privacy rather than tweak every little thing.
Use Tor.
Do you mean Tor Browser? Because using Tor alone won’t stop fingerprinting.
Yeah, edited.
use Tor Browser.
If your concern is fingerprinting, that is undeniably the best there is out of the box.
If you want Tor Browser without having to use the Tor Network, Mullvad is basically just that; Tor Browser without the Network.
Use Librewolf
Do you know if these folks actively develop it or do they just apply patches to the Firefox codebase ?
Like do they just pre configure a bunch of about config settings and the pre installed search or do they harden the binaries at compile time ?
I’ve not kept up with this but I’m curious if there is any real advantage of this over Firefox after it has been configured. If not I would stick with Firefox as it will get security updates quicker by people who know the source code intimately.
Anyway not shitting on anyone’s choices here just curious.
Both my browser and network level dns blocker blocked the test attacker site from loading but in general there are 2 approaches to this: minimize your fingerprint data points or change them to blend in with the crowd.
I think for the most part selectivly blocking js and cookies will do a lot for you. You can also block the canvas and limit fonts too. I’d also recommend a vpn as they can associate it with your ip too.
All good tactics…
It will limit some web functionality but you will notice the services that do that shit are some clown data harvesters…
My bank never gives me an issue… Why does reddit jaja
Tor Browser is the best way.
You can try playing with Arkenfox, installing uBlock Origin, fiddling with about:config, and giving yourself an aneurysm…
…or you could try Mullvad Browser. It’s a fork of Firefox, co-developed by Mullvad and The Tor Project, with impressive fingerprinting resistance (according to Cover Your Tracks). It’s like Tor Browser without Tor.
Also, install NoScript. It helps a lot.
- Use a fork of Firefox (librewolf), or a different open source browser
- even if you modify Firefox to remove all telemetry, Mozilla are bad actors, and will update to add new telemetry like Anonym or Cliqz by default after an update. Unless you really trust your package maintainer, use a fork or a different browser
- Force a common useragent
- Disable javascript everywhere, or use a browser without javascript, whenever possible
- trying to defend against fingerprinting with javascript enabled is futile, even things like your number of cpu threads (navigator.hardwareConcurrency), list of fonts, webgl support, supported codecs, browser permissions, and variations in canvas rendering can be used in fingerprinting
- tor browser is the only project I know of that can come close to avoiding fingerprinting with javascript, but even then you’re advised to avoid using javascript with tor browser
- use 3rd party clients for things like youtube that would normally need javascript
- trying to defend against fingerprinting with javascript enabled is futile, even things like your number of cpu threads (navigator.hardwareConcurrency), list of fonts, webgl support, supported codecs, browser permissions, and variations in canvas rendering can be used in fingerprinting
- Use a fork of Firefox (librewolf), or a different open source browser
Try out Librewolf it’s Firefox fork which is hardened out of the box so you don’t have to mess with settings too much.
https://addons.mozilla.org/en-US/firefox/addon/no-canvas-fingerprinting/
https://addons.mozilla.org/en-US/firefox/addon/font-fingerprint-defender/
https://addons.mozilla.org/en-US/firefox/addon/webgl-fingerprint-defender/
There’s a collection of similar extensions that worked for me to throw fingerprint.com off each time I opened an incognito window. Idk I’ve heard that having too many extensions can actually make the fingerprint problem worse. If this is a bad approach, I’m sure someone will correct me :D
One more good plugin in this line is Chameleon https://addons.mozilla.org/en-US/firefox/addon/chameleon-ext/
