I'm all in favor of resetting the UUID every startup because it removes a unique persistent ID that can be used to track users of extensions that leak their UUID into content. But it's not a sufficient fix: it still allows tracking/correlation within a single session when these leak, and if any of the resources are abusable a malicious page can still figure out the current UUID and conduct the attack all within the same session.
Bug 1717672 Comment 2 Edit History
Note: The actual edited comment in the bug view page will always show the original commenter’s name and original timestamp.
I'm all in favor of resetting the UUID every startup because it removes a unique persistent ID that can be used to track users of extensions that leak their UUID into content. But it's not a sufficient fix: it still allows tracking/correlation within a single session when these leak, and if any of the resources are abusable (see bug 1711361) a malicious page can still figure out the current UUID and conduct the attack all within the same session.