Git/firefox-user.js
1
0
Fork 0
mirror of https://github.com/arkenfox/user.js.git synced 2025-10-30 21:35:27 +01:00
Code Issues Packages Projects Releases Wiki Activity

Updated 3.3 Overrides [To RFP or Not] (markdown)

Thorin-Oakenpants
2022-11-05 06:40:37 +00:00
parent 2fd2fc35a8
commit 710f2facfd
1 changed files with 3 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
3.3-Overrides-[To-RFP-or-Not].md

@@ -52,19 +52,15 @@ Only Tor Browser can confidently address advanced scripts: enough metrics covere
Arkenfox's primary objectives have always been security, privacy and mitigating the very real and substantial forms of tracking such as state and navigational, rather than prioritizing the potential threat of a widespread advanced fingerprinting script. Arkenfox's primary objectives have always been security, privacy and mitigating the very real and substantial forms of tracking such as state and navigational, rather than prioritizing the potential threat of a widespread advanced fingerprinting script.
**_That said, arkenfox does resist stateless tracking_**: **_That said, arkenfox does resist stateless tracking. Do not listen to random [non-experts](https://old.reddit.com/r/firefox/comments/wi9vee/firefox_and_fingerprinting/ijae7ow/)_**:
- 🔹 It enables ETP's [Fingerprinters](https://blog.mozilla.org/security/2020/01/07/firefox-72-fingerprinting/) (and recommends uBlock Origin) - 🔹 It enables ETP's [Fingerprinters](https://blog.mozilla.org/security/2020/01/07/firefox-72-fingerprinting/) (and recommends uBlock Origin)
- 🔹 It enables RFP - 🔹 It enables RFP
- RFP is a robust, performant, built-in browser solution that does not leak (see RULE 1) - RFP is a robust, performant, built-in browser solution that does not leak (see RULE 1)
- RFP randomizes canvas to catch naive scripts (most scripts are naive with canvas) - RFP randomizes canvas to catch naive scripts (most scripts are naive with canvas)
- RFP doesn't require a crowd or care about Tor Browser to fool naive scripts
- RFP contains timing mitigations as a bonus against many side channel attacks - RFP contains timing mitigations as a bonus against many side channel attacks
- RFP can't make fingerprinting worse, you are already unique if you do nothing
**_Do not listen to random [non-experts](https://old.reddit.com/r/firefox/comments/wi9vee/firefox_and_fingerprinting/ijae7ow/)_**
- 🔹 RFP doesn't require a crowd or care about Tor Browser when it comes to naive scripts
- 🔹 RFP can't make fingerprinting worse, you are already unique if you do nothing
- 🔹 RFP has a net privacy benefit (see the resistance points above)
So if a fingerprinting script should run, it would need to be universal or widespread (i.e it uses the exact same canvas, audio and webgl tests among others - most aren't), shared by a data broker (most aren't), not be naive (most are) and not be just first party or used solely for bot detection and fraud prevention (most probably are) <sup>1</sup>. So if a fingerprinting script should run, it would need to be universal or widespread (i.e it uses the exact same canvas, audio and webgl tests among others - most aren't), shared by a data broker (most aren't), not be naive (most are) and not be just first party or used solely for bot detection and fraud prevention (most probably are) <sup>1</sup>.