Join a browser fingerprinting study

This [0] is a great set of configurations for the Firefox browser that remove many fingerprinting vectors. It turns on several fingerprint-homogenization features that the TBB project upstreamed into Firefox. Check it out!<p>(By using this, G--gle will hound you with impossible capchas and privacy-forward search engines will think that you&#x27;re a bot.)<p>Most of these fingerprinting vectors are from the browser and the scourge of JS. I wonder about the footprint left by a user who doesn&#x27;t use a browser, or instead uses some kind of parsing client that just fetches HTTP or data from API endpoint. Aside from the IP address, there are other ways to fingerprint a user based on network requests from various protocol leaks, many are presented here [1][2]. Are there any leak vectors missing from this list?<p>[0]: <a href="https:&#x2F;&#x2F;github.com&#x2F;pyllyukko&#x2F;user.js" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;pyllyukko&#x2F;user.js</a><p>[1]: <a href="https:&#x2F;&#x2F;www.whonix.org&#x2F;wiki&#x2F;Protocol-Leak-Protection_and_Fingerprinting-Protection" rel="nofollow">https:&#x2F;&#x2F;www.whonix.org&#x2F;wiki&#x2F;Protocol-Leak-Protection_and_Fin...</a><p>[2]: <a href="https:&#x2F;&#x2F;www.whonix.org&#x2F;wiki&#x2F;Data_Collection_Techniques" rel="nofollow">https:&#x2F;&#x2F;www.whonix.org&#x2F;wiki&#x2F;Data_Collection_Techniques</a>

Firefox makes a fuss about anti-fingerprinting, and I have &quot;Enhanced Tracking Protection&quot; set to Strict, yet I see uncommon values for WebGL Vendor and WebGL Renderer in <a href="https:&#x2F;&#x2F;amiunique.org&#x2F;fp" rel="nofollow">https:&#x2F;&#x2F;amiunique.org&#x2F;fp</a> . Unless this study feeds into changing things like that, it seems a bit pointless.

Unfortunately, I think these studies are a bit naive because the proprietary, data-driven, probabilistic fingerprinting models used by Facebook and LinkedIn (to name two of the most elaborate fingerprinters) are years ahead of anything a few researchers could come up with.<p>1. Get a gazillion users on your site<p>2. Require a user account tied to a real person<p>3. Log IP, host, geolocation, and as many JavaScript&#x2F;browser APIs as you can (there are hundreds at this point)<p>4. Among the fields you track, find the ones that ones that are the most stable and unique over time<p>5. Assign some probabilities to these fields to eliminate false positives<p>6. Generate personas for users for when they are at home, work, one their phone, etc.

This title lead me to believe I&#x27;d be finding the <i>result</i> of a study.. not receiving the sales pitch. There have been studies before[0] with available tools[1] and advice[2].. perhaps this should be linked to the results [3] OR the title updated to &quot;Join a browser fingerprinting study&quot;<p>[0]: <a href="https:&#x2F;&#x2F;coveryourtracks.eff.org&#x2F;static&#x2F;browser-uniqueness.pdf" rel="nofollow">https:&#x2F;&#x2F;coveryourtracks.eff.org&#x2F;static&#x2F;browser-uniqueness.pd...</a> [1]: <a href="https:&#x2F;&#x2F;coveryourtracks.eff.org&#x2F;" rel="nofollow">https:&#x2F;&#x2F;coveryourtracks.eff.org&#x2F;</a> [2]: <a href="https:&#x2F;&#x2F;restoreprivacy.com&#x2F;browser-fingerprinting&#x2F;" rel="nofollow">https:&#x2F;&#x2F;restoreprivacy.com&#x2F;browser-fingerprinting&#x2F;</a> [3]: <a href="https:&#x2F;&#x2F;browser-fingerprint.cs.fau.de&#x2F;statistics?lang=en" rel="nofollow">https:&#x2F;&#x2F;browser-fingerprint.cs.fau.de&#x2F;statistics?lang=en</a>

I&#x27;ve signed up to see what it could find, but when I open the fingerprinting page in Firefox I just get loading spinners for most of the JS based tracking.<p>I think Privacy Possum has prevented fingerprinting. I&#x27;ll disable it for now, but I do wonder what this would mean for the results of the study.

I think we killed it.

I am sorry. Not going to tie my email address to something trying to fingerprint my browser.