testing on creepjs has revealed that, while creepjs can maintain a consistent fingerprint on my browser through every setting configuration I've tried, each time I change a setting the fingerprint gets lost. In other words, if I let creepjs perform battery fingerprinting when I didn't previously, it won't recognize me as the same person. ("person" here obviously meaning device)
While this does imply that it would be possible to improve the anti-fingerprinting measures in order to prevent this (i.e. : spoof them more believably instead of just blocking the API calls) a far easier stop-gap method would be to enable a mode which randomly cycles settings on and off.
This would mean at any given time a different set of aspects for your browser are being blocked and you look like a unique individual.
Crucially though, it does have to be a distinct third option, because if it just cycled EVERY possible fingerprinting method there is a high liklihood many of the more aggressive fingerprinting blocks might cause issues. If, however, you let users pick from "always off" to "always on" to "random" then they would be able to more closely match their fingerprint protection against what they need to not be blocked for sites to still function. (ex : youtube absolutely hates it when you turn on timezone spoofing, not quite the same topic since that's more of a privacy thing than a fingerprinting thing, but illustrates the point)
Ideally of course the choices would be between "on" "off" and "spoof" but believably spoofing fingerprints is a whole deal in and of itself.
testing on creepjs has revealed that, while creepjs can maintain a consistent fingerprint on my browser through every setting configuration I've tried, each time I change a setting the fingerprint gets lost. In other words, if I let creepjs perform battery fingerprinting when I didn't previously, it won't recognize me as the same person. ("person" here obviously meaning device)
While this does imply that it would be possible to improve the anti-fingerprinting measures in order to prevent this (i.e. : spoof them more believably instead of just blocking the API calls) a far easier stop-gap method would be to enable a mode which randomly cycles settings on and off.
This would mean at any given time a different set of aspects for your browser are being blocked and you look like a unique individual.
Crucially though, it does have to be a distinct third option, because if it just cycled EVERY possible fingerprinting method there is a high liklihood many of the more aggressive fingerprinting blocks might cause issues. If, however, you let users pick from "always off" to "always on" to "random" then they would be able to more closely match their fingerprint protection against what they need to not be blocked for sites to still function. (ex : youtube absolutely hates it when you turn on timezone spoofing, not quite the same topic since that's more of a privacy thing than a fingerprinting thing, but illustrates the point)
Ideally of course the choices would be between "on" "off" and "spoof" but believably spoofing fingerprints is a whole deal in and of itself.