Comment by nalekberov

3 months ago

Fingerprinting is nearly impossible to resist these days anyways, no matter which technics Firefox uses to reduce it, and sometimes it actually makes the browser appear more unique.

Last time I tried everything I could to prevent Firefox from calling home, it was still requesting Mozilla servers. Though I haven’t given up, my plan is disabling it at source code level and build my own release.

11 comments

nalekberov

Reply
pixelmelt  3 months ago

I'm working on building a bot detection platform to defend websites right now and yeah, without immense effort on the part of the browsers, you are correct. Any of the apis they injected noise into here will be updated in the competant fingerprinting programs as well. The only real solution is to not enable JavaScript at all.

vablings  3 months ago

I think this is a nihilistic view. The browser ultimately sends only what the webpage requests. If we gut the ability for websites to request large swathes of information such as every supported TLS Cipher suite and also better protections such as GDPR to make it illegal for browsers to track this information unless a user signs up and also not gating information behind said sign-ups

  • nalekberov  3 months ago

    I couldn't quite catch what you meant, but

    > The browser ultimately sends only what the webpage requests.

    You should do research before making such claims.

  • philipallstar  3 months ago

    > and also not gating information behind said sign-ups

    "People should do work for free" isn't very workable.

    • wtallis  3 months ago

      I don't think there's anything in GDPR or similar laws about disallowing paying for a subscription with money. It's merely about killing the practice of paying with your privacy for something otherwise labeled as "free".

      4 replies →

  • kube-system  3 months ago

    >The browser ultimately sends only what the webpage requests.

    You've got 6 layers under your browser before that data is sent -- some of those are useful for fingerprinting. Also, browser behavior and feature sets are not and likely will never be 100% uniform.

    > GDPR to make it illegal for browsers to track this information

    Unfortunately the internet is global and people outside of the reach of those jurisdictions can just exist outside of the reach of those laws. Consider the existing landscape of malicious internet traffic and scams which are already illegal in almost every country -- they are still a widespread problem.

    • vablings  3 months ago

      Browser behavior and feature sets are mostly uniform apart from some specific semantics. Companies like Google should absolutely be anti-trusted out of owning the Chrome Browser and it should be required that because you are "selling a browser" you must inform each user of the transaction of data

      When I say selling, I mean that in the truest form. Google chrome isn't free; you just pay with your data rather than your wallet. You as a consumer should retain the full ownership and access/control of your data and that should be legible in a way you can inspect exactly what's going on. I think it would really wake up a lot of privacy folk to what actually goes on with people's data and things like facebooks Onavo VPN is more visible