search

privacytools / privacytools.io

🛡🛠 You are being watched. Protect your privacy against global mass surveillance.
https://www.privacyguides.org
Creative Commons Zero v1.0 Universal
3.12k stars 384 forks source link

🌐 Website Issue | False anti-fingerprinting #1663

Closed smnthermes closed 4 years ago

smnthermes commented 4 years ago

Description

privacy.trackingprotection.fingerprinting.enabled isn't a true anti-fingerprinting measure, but only a blocklist provided by Disconnect, therefore redundant with uBlock Origin filters.

Mikaela commented 4 years ago

Assuming that everyone is using µBlock Origin and will not look into extensions and tweaks separately?

Thorin-Oakenpants commented 4 years ago

In Firefox, the UI uses the term fingerprinters - nowhere does it claim to spoof or block fingerprinting techniques themselves (e.g. JS/APIs). And nowhere does it say it is all inclusive. It is simply a mechanism to block some known fingerprinting scripts - and will get better in time (see OpenWMP initiatives).

The blocklist is not only a blocklist provided by Disconnect - it is also curated from OpenWPM crawls and research

The same can also be said of uBO. It too is not a true anti-fingerprinting measure - it too is simply a blocklist. IDK if anyone maintaining the filterlists for uBO incorporates the fingerprinters list from Mozilla - but even if they did .. and it was on by default ... not everyone uses uBO. I don't see a "fingerprinters" list on by default in UBO. I see a few in the built-in default ublock filters, but they're almost all identical except for the domain (I'm not an expert on filterlists).

here is a list - I just searched the ublock filters for the first three items 2leep, 33across and 365media and couldn't find them - they may be in another built-in filter list, but I'm not going to waste my time.

Additionally, not everyone uses uBO the same. What about users who disable it (e.g. the blue power button) or allow some third party scope (which lets in the fingerprinting script) on some site due to breakage (depending on their configuration).

And there are no compatibility issues - as long as ETP (Enhanced Tracking Protection) or UBO request a block, then it is blocked.

The assumption that Mikaela mentions you making is valid, and the suggestion you make is not.

+1trillion-bajillion-zillions for closing this as WONTFIX and a load of bollocks

Mikaela commented 4 years ago

Closing as per previous comment. Thank you @Thorin-Oakenpants