Since version 118+, Firefox introduced FPP (Finger Printing Protection) which is in short water downed version of RFP (Resist Finger Printing).

FPP is enabled by default from version 119 onwards if you enable ETP (Enhanced Tracking Protection).

FPP randomizes canvas data subtly than RFP, which is why RFP breaks some sites. So, my question is, if we allow canvas data extraction for a broken site will it fallback to FPP’s subtle canvas randomization, or allowing it will expose canvas data completely if we have ETP enabled?

Relevant link: https://support.mozilla.org/en-US/kb/firefox-protection-against-fingerprinting

Edit: More info about HTML5 canvas fingerprinting https://webbrowsertools.com/canvas-fingerprint/

  • grandel
    link
    fedilink
    arrow-up
    1
    ·
    10 months ago

    Thanks for explainaing!

    Why bother creating an image though? Cant they just generate a random hash or id?

    • swayevenly@lemm.ee
      link
      fedilink
      English
      arrow-up
      1
      ·
      10 months ago

      I think the point is to get a consistent unique ID that follows you around. Whatever combination of text and images they are hashing will supposedly be unique to you, based on your hardware and software configuration.