alt Hacker NewsAll of these could have a set of standard non identifiable answers (eg. firefox reports the same 20 fonts, couple video formats, one among a few standard window sizes etc.) and for anything more extensive/precise, it would require the user's authorization and the user should have the option of feeding fake info (eg. fake timezone)
Replies
autoexec • today at 4:08 AM
Ideally you'd have browsers randomizing what they send instead of reporting the same info every time. That way even a deviation from the "norm" can't be assumed to ID someone.
Firefox's "Resist fingerprinting" does this. It sets timezone to UTC, standardizes the fonts, standardizes a whole bunch of other fingerprinting data, etc. It also has a "letterboxing" option to round screensize down to the nearest 100px and stuff too. Tor uses all of those settings by default, though they are also in standard firefox in about:config.
When i use Resist Fingerprinting my main issue is the timezone being set to UTC. most of the other stuff it does never causes issues. I guess sometimes sites need to read the canvas, but theres a permission box that allows that when needed. I wish there was a similar permission box for timezone.
The only other drawback to the "resist fingerprinting" option is you will encounter cloudflares' captcha checkbox everywhere and all of the time :(