One known problem is that on Firefox for Linux, every font you install via the package manager becomes a System Font, and thus is immediately “visible” as soon as Use Document Fonts is enabled, irrespective of the setting for CSS font visibility. I’ve even asked about here if it is possible to run multiple fontservers on a single session, as that would help palliate the fingerprinting by running Firefox profiles connected to different font lists.
As a relatively useful alternative, you can have Firefox profiles on different users, each having their own fontset available at .local/share/fonts, but for that to work you also have to remove all those extra fonts you installed via the package manager.
The second big one for me is how shocking I find it that timezone spoofing isn’t standard, now that so many people use VPNs. Why would someone connecting from Sweden have their clock set to GMT? Etc
I remember thinking how strange it is that websites can know all of your installed fonts when I was playing around with https://coveryourtracks.eff.org/ and https://www.amiunique.org/
I’m on linux and I have some extra fonts installed. Just the combination of them alone is so unique to me that you don’t need anything else.
One known problem is that on Firefox for Linux, every font you install via the package manager becomes a System Font, and thus is immediately “visible” as soon as Use Document Fonts is enabled, irrespective of the setting for CSS font visibility. I’ve even asked about here if it is possible to run multiple fontservers on a single session, as that would help palliate the fingerprinting by running Firefox profiles connected to different font lists.
As a relatively useful alternative, you can have Firefox profiles on different users, each having their own fontset available at
.local/share/fonts, but for that to work you also have to remove all those extra fonts you installed via the package manager.The second big one for me is how shocking I find it that timezone spoofing isn’t standard, now that so many people use VPNs. Why would someone connecting from Sweden have their clock set to GMT? Etc