alt Hacker News> I'd definitely love to see them take some steps, but at the points where a minor increase in privacy leads to a much worse UX for average people
Disabling Javascript or even just third party scripts does lead to major breakage, but reporting spoofed values for identifiers like Tor does not. The Arkenfox user.js does all of this and more, but these options are not enabled by default. This shows that Firefox does not care much about privacy in practice.
The only "breakage" that I have encountered with such a hardened configuration is related to the spoofing of the time zone. But the fundamental issue is that Javascript/browsers should have not been designed to allow websites to extract this kind of personal information in the first place. But even that is not enough and users are still fingerprintable. In an ideal world, the only thing a website should see is the originating IP and nothing else.
If anything, Brave has done more to harden Chromium than Mozilla has with Firefox, even though Brave comes with its own set of problems (scammy crypto integrations, AI, VPN and other stuff).
Replies
> Disabling Javascript or even just third party scripts does lead to major breakage
Maybe that's true for the websites you visit, like HN.
Very many, very popular sites don't run without JavaScript, including most shopping, social media, mapping, etc etc.
> Disabling Javascript or even just third party scripts does lead to major breakage, but reporting spoofed values for identifiers like Tor does not. The Arkenfox user.js does all of this and more, but these options are not enabled by default. This shows that Firefox does not care much about privacy in practice.
I suspect that it shows that Firefox developers do a good job at making Firefox work, and this good job enables forks to work.