WingNews logo WingNews
top | item 44670438

(no title)

mysterypie | 7 months ago

> go to about:config and setting privacy.resistFingerprinting = true in your Firefox browser

Two questions jump to mind:

Why isn't this the default in Firefox?

What is the downside? I.e., what can break by enabling this parameter?

discuss

order

JohnFen|7 months ago

It's isn't the default because the countermeasures cause a lot of side-effects. If it were on by default, new users would probably think the browser is broken or buggy.

Here's what the settings do and what sort of side-effects you might experience:

https://support.mozilla.org/en-US/kb/resist-fingerprinting

Yeul|7 months ago

Yeah I have it on but I use a second browser for banking and government business.

jeroenhd|7 months ago

> What is the downside

Just of the top of my head:

- Timezone is set to UTC which means any web calendar input becomes confusing at best

- Canvases turn into random stripes, which leaves artefacts all over many websites

- Some websites outright block you as bots (twitch does this)

- Some web APIs break, which can be a pain if you're web apps that rely on them

You can add websites to a whitelist to avoid the downsides on some sites (privacy.resistFingerprinting.exemptedDomains) but it's a pain to do that for every website.

Szpadel|7 months ago

other downsides, cloudflare, PayPal and all kinds of finance related sites will assign high threat level for you and you will make your life miserable for causes ranging from captcha through rejecting your purchases to even blocking you access.

and the worst part is that this didn't changed the fingerprint generated by mentioned here site just increases suspect level to 9

keyringlight|7 months ago

The biggest one I've noticed which I think is linked to that preference is sites using Cloudflare sending you into an endless loop of a bot check.

micromacrofoot|7 months ago

It's actually part of the privacy preferences in the normal settings, and they supply this warning

> This setting may cause some websites to not display content or work correctly. If a site seems broken, you may want to turn off tracking protection for that site to load all content.

Some sites use light fingerprinting to provide features

jeroenhd|7 months ago

resistFingerprinting is stricter (and has worse side effects) than the standard "strict" privacy protection.

rinz|7 months ago

Some websites prefilled username to allow quicker re-login - this kind of features. Worst case scenario, you will get a first-time visit experience all over again

Cyykratahk|7 months ago

The most obvious downside for me was remote terminal windows (e.g. using ttyd) being unusable because canvas rendering was "broken".

capitainenemo|7 months ago

That one at least is easy to fix, since firefox shows a little icon in url bar if it is blocking canvas data, and the remote site asked for it. You just click on it to whitelist that site.

I've had more issues personally with resist fingerprinting making major sites completely unusable (drupal.com, walmart.com..)