Browser Hardening, Privacy, Anti-Fingerprint and Anti-Telemetry Guide

0xDE57 · March 15, 2025, 9:52pm

fascinating thread linked on one of those extensions:

TimHolus · March 15, 2025, 10:06pm

Hit the table and the scissors will speak up…

br12

TimHolus · March 16, 2025, 10:48am

Apparently still relevant in 2025…

TimHolus · March 19, 2025, 12:02pm

TimHolus · March 20, 2025, 7:08pm

0xDE57 · May 7, 2025, 11:00pm

Them data brokers be outa control…

0xDE57 · May 7, 2025, 11:09pm

It should be noted that these flags don’t take effect until restarted.

0xDE57 · May 7, 2025, 11:47pm

Found where this is in source: Navigator.cpp - mozsearch

I find this irritating. Why can’t I set a custom UA while also using RFP?

I guess I’ll need to start compiling my own firefox fork, if I had time.

MazeFrame · May 8, 2025, 12:02am

I mean, with the right spoofing, a community could all become one blob.
Would still not “hide among the masses”, but “we are blob”.

0xDE57 · May 8, 2025, 12:09am

But they don’t spoof platform. That’s dumb, IMO. It should always report windows, so we can become “the blob”

MazeFrame · May 8, 2025, 12:16am

ftfy

MazeFrame · May 8, 2025, 12:26am

Idea: Browse through Steam (middle-click anything in the shop)

In the very least, that will cause some interesting data-anomalies.

0xDE57 · May 8, 2025, 12:26am

a few ways to fix this.

a new config option. maybe something like privacy.resistFingerprinting.overrideUA that uses the user provided UA from general.useragent.override
blob mode: always return windows regardless of platform. doesn’t matter if you run windows, mac, linux, you’re on windows now. might have to make an exception for android, otherwise you’ll be loading the desktop version of sites on mobile, not so user friendly.

Blob mode should also report as Chrome, not FF.

TimHolus · May 8, 2025, 9:29am