While browser extensions are often suggested as a method to improve your privacy, they could make things way worse. I linked an article about the anti-fingerprint extensions however, every extension that you installed on your browser make you stand out more.
This happens even with adblocker extensions. First of all, enumeration badness it’s not a good approach against tracking, that’s why Tor browser doesn’t use any adblocker.
Site-specific or filter-based addons such as AdBlock Plus, Request Policy, Ghostery, Priv3, and Sharemenot are to be avoided. We believe that these addons do not add any real privacy to a proper implementation of the above privacy requirements, and that development efforts should be focused on general solutions that prevent tracking by all third parties, rather than a list of specific URLs or hosts.
Trying to resort to filter methods based on machine learning does not solve the problem either: they don’t provide a general solution to the tracking problem as they are working probabilistically. Even with a precision rate at 99% and a false positive rate at 0.1% trackers would be missed and sites would be wrongly blocked
Moreover, every site visited can detect every change you made including blocked domains and so, instead of achieve privacy you’ll stand out more. If you’re going to use and adblocker it’d be a good idea using only the standard filters.
You’re trying to blend in a crowd extremely small thus more easily fingerprintable using an approach that in fact doesn’t work. Users change the settings differently. Some of them could enable RFP but don’t disable WebGL, others could disable WebGL, enable RFP and do not disable JavaScript and so on. The combinations are unlimited because the are so many settings which users can change. This create an enormous fragmentation between users. This is why enable privacy setting by default it’s so important.
It’s true, JavaScript prevent a lot of fingerprint. However, Fingerprinting can be done with only CSS and HTML. It’s possibile using CCS to figure out your browser resolution or mouse moviments. Moreover, almost no one disable JavaScript, even between privacy users. So, even with RFP enable , website can still check your real UA. That’s why user agent should the same for every Firefox user by default.
This is a different problem. The fingerprint concern still remains regardless the first-party privacy of the browser you’re going to use.
Blocking ads/trackers, blocking third party cookies, use only https and so on is benefical, but browsers need to built these settings in a robust and long term way, instead of using add-ons.
I understand the need for privacy respecting default settings, but right now my browser doesn’t have a unique fingerprint, so it kinda works. surely it would be better if mozilla improved firefox, or I used Tor, but for my normal browsing websites don’t really need js, and when it’s turned off my browser isn’t really fingerprintable.
personally all I’ve done has been following what privacytools.io says, since it’s the most popular one that I know, and hope other have done the same thing so our fingerprints would look the same.
about the CSS, arkenfox user.js has letterboxing enabled, but I have no idea about mouse movement.
agreed, I assumed it must be the same for all users who enable RFP, but honestly I don’t know.
in general I agree, we should pressure Mozilla to make firefox better, but I don’t know how to do that really, I mean they haven’t deleted things like pocket, cloudflare, etc yet so they don’t seem interested in making a better firefox.