Comment by Yoric
2 days ago
It's a really hard line to walk.
If you put too much in your Telemetry/crash reports, yeah, users become fingerprintable.
On the other hand, if you return spoofed values, it means that Firefox developers cannot debug platform/hardware-specific crashes. If you disable Telemetry, improving performance becomes impossible, because you're suddenly unable to determine where your users suffer. If you remove WebGL, plenty of websites suddenly stop working, and people assume that Firefox is broken.
> If you put too much in your Telemetry/crash reports, yeah, users become fingerprintable.
It's not only what gets send to Mozilla as telemetry or crash reports that is a problem. That can be turned off (many Linux distros do), or firewalled.
The main issue is that websites can more or less accurately identify users uniquely by extracting information that they should not have access to if the browser was designed with privacy in mind.
This includes, but is not limited to, fonts installed, system language, time zone, window size, browser version, hardware information (number of cores, device memory), canvas fingerprint, and many others attributes. When you combine all of that with the originating IP address, you can reliably determine who visited a website, because that information is shared and correlated with services where people identify themselves (Google accounts, Facebook, Amazon, etc.) Even masking your IP may not be enough because typically there is enough information in the other data points to track you already.
All of this is true, but it's a problem of the entire web platform and specs, so if you want to favor untraceability above compatibility, you'll need a dedicated privacy-hardened browser. Firefox aims to be better at privacy, but still respect the web specs.
Sure, but then don't go grandstanding about privacy. You can't have both.
And saying that improving performance is impossible without it is hyperbolic. Developers did that before every major application turned into actual spyware. Profilers still work without it.
Profilers only work once you have identified the problem. Telemetry lets you find out about it in the first place.