Mozilla Connect

Thanks for submitting an idea to the Mozilla Connect community! Your idea is now open to votes (aka kudos) and comments.

@Jon 

When will you be able to develop the ability to randomize fingerprints?There are many kinds of fingerprints, such as canvas, webgl, font, audio, clientrects, timezone, your randomized fingerprint function should be able to achieve random changes for all fingerprints, and each visit to a website, the fingerprint must be different

Fingerprint randomization

Firefox should learn from Brave's approach to resisting fingerprinting. The brave browser is a different fingerprint every time it is launched, and although the fingerprint is unique, the fingerprint can change randomly each time it is launched, which can activate the role of anti-fingerprint tracking. I know from other users that Firefox's anti-fingerprint approach is to make each browser fingerprint less unique. Therefore, after setting privacy.resistFingerprint to true, Firefox cannot be maximized when it starts, you set the same width and height to the browser, but this does not make sense, because the user will still maximize the browser, you set the same width and height will affect the user experience, the best way to resist fingerprint recognition is a random fingerprint like Brave. I hope you will seriously consider my suggestions

Similar idea here: Firefox browser should have randomized fingerprint 

Great idea and very much inline with what Firefox should continue to do: good privacy.

(Note: similar ideas have been merged into this thread)

I think that this is something that is really missing with Firefox, and it's one of the many reasons of why Firefox always fails with EFF's fingerprinting detection website.

Tor Browser and Brave managed to hide browser fonts without breaking anything, so it's not that impossible. They just need to be hidden for JavaScript and report either a null or random value.

I don't know when Mozilla will be able to develop this feature, but it doesn't seem like Mozilla cares much about that

Absolutely a must. Brave does it. Firefox should definitely have it too since it's all about privacy and being independent.

Thank you for the comment. We agree and we are working on a host of fingerprinting solutions. We already support canvas randomization and just extended font fingerprinting protection to mobile (previously it was only on desktop). We have also added floating point fingerprinting protections and are diligently looking for other fingerprinting vectors beyond the ones Brave has implemented.

It has been a long journey carving this work out and I'm very proud of our security teams diligent efforts driving this forward.

Yes, Firefox really needs it. It's the only thing that Firefox lacks for a privacy browser. I hope one day it will match or exceeds Brave's level.

Firefox doesn't need much change to make a big difference here, it already is pretty string in most areas but lets itself down in just a couple.

Using coveryourtracks.eff.org for these metrics:

Firefox reports CPU count in the headers. While Firefox shows the 20 cores I have, Mullvad reports 2. Nobody needs to know exactly how many cores I have, especially as Memory and CPU class are already N/A. So here's one simple change that would be good.

The big problem for FF is canvas and webgl reporting. Compare FF to Mullvad:

For Firefox:

• Canvas: One in x browsers have this value: 211.5
• WebGL: One in x browsers have this value: 505.91

Mullvad, that randomizes the hash:

• Canvas: One in x browsers have this value: 5.63
• WebGL: One in x browsers have this value: 12.57

So you can see Mullvad's response makes it much less likely to be uniquely identified.

However there are some huge wins for Firefox. Look at screen size reporting. FF reports the monitor resolution where as Mullvad reports window size even though Letterboxed.

• Firefox: One in x browsers have this value: 16.29
• Mullvad: One in x browsers have this value: 11189.52

Ouch! Letterboxing is a fine idea but really isn't going to make a difference. Simply reporting the screen size works way better.

And after typing all that out, I read @wildcardcameron reponse that randomisation is implemented! hoorah.. its not in desktop v139 though, or if it is then these 2 needs to be strengthened (font protection is pretty good already, much better than Mullvad)

EFF's coveryourtracks claims my Firefox fingerprint is unique (my Mullvad is apparently 1 in 150,000 so its either me or Dave out of their 300,000 test fingerprints. That's... err... better I suppose.)

@wildcardcameron In addition to canvas fingerprint randomization, WebGL fingerprint randomization, ClientRects fingerprint randomization, webGPU fingerprint randomization, and AudioContext fingerprint randomization are also required. Can you answer here how I randomize, every time I refresh a page? Or is it randomized every time the browser is launched? Or is it randomized every once in a while?