Currently, Firefox (and Chrome, Edge, and Safari) all unconditionally expose the WEBGL_debug_renderer_info extension to enable UNMASKED_RENDERER queries. Safari always claims "Apple GPU" instead of the actual GPU info, but the rest of us return some possibly-sanitized GPU description here. After bug 1715690 (in Firefox 91), we've bucketed UNMASKED_RENDERER into broad buckets, such that there should be practically zero additional fingerprinting bits as compared to other bits leaked from extensions/limits/rendering artifacts. Ideally I'd like us to be in a place where we expose a generic-but-useful RENDERER string universally, but reserve UNMASKED_RENDERER for authentic unfiltered driver RENDERER strings, perhaps as gated by user interaction or permission. So, what I'd like to try is to expose the sanitized UNMASKED_RENDERER as RENDERER, and disable WEBGL_debug_renderer_info in Nightly. --- about:support RENDERER: ANGLE (NVIDIA GeForce RTX 3070 Direct3D11 vs_5_0 ps_5_0) Currently: Currently: * RENDERER: Mozilla * VENDOR: Mozilla * WEBGL_debug_renderer_info Enabled by pref default: (disabled with ResistFingerPrinting) * UNMASKED_RENDERER: ANGLE (NVIDIA GeForce GTX 980 Direct3D11 vs_5_0 ps_5_0) * UNMASKED_VENDOR: Google Inc. Proposed: * RENDERER: ANGLE (NVIDIA GeForce GTX 980 Direct3D11 vs_5_0 ps_5_0) * VENDOR: Mozilla * WEBGL_debug_renderer_info Disabled by pref default: (additionally disabled with RFP) * UNMASKED_RENDERER: ANGLE (NVIDIA GeForce RTX 3070 Direct3D11 vs_5_0 ps_5_0) * UNMASKED_VENDOR: Google Inc. --- I could do similarly for VENDOR and UNMASKED_VENDOR, but VENDOR just isn't as useful as RENDERER, and can be easier to abuse. (e.g. works best on nvidia)
Bug 1722113 Comment 0 Edit History
Note: The actual edited comment in the bug view page will always show the original commenter’s name and original timestamp.
Currently, Firefox (and Chrome, Edge, and Safari) all unconditionally expose the WEBGL_debug_renderer_info extension to enable UNMASKED_RENDERER queries. Safari always claims "Apple GPU" instead of the actual GPU info, but the rest of us return some possibly-sanitized GPU description here. After bug 1715690 (in Firefox 91), we've bucketed UNMASKED_RENDERER into broad buckets, such that there should be practically zero additional fingerprinting bits as compared to other bits leaked from extensions/limits/rendering artifacts. Ideally I'd like us to be in a place where we expose a generic-but-useful RENDERER string universally, but reserve UNMASKED_RENDERER for authentic unfiltered driver RENDERER strings, perhaps as gated by user interaction or permission. So, what I'd like to try is to expose the sanitized UNMASKED_RENDERER as RENDERER, and disable WEBGL_debug_renderer_info in Nightly. --- about:support RENDERER: ANGLE (NVIDIA GeForce RTX 3070 Direct3D11 vs_5_0 ps_5_0) Currently: * RENDERER: Mozilla * VENDOR: Mozilla * WEBGL_debug_renderer_info Enabled by pref default: (disabled with ResistFingerPrinting) * UNMASKED_RENDERER: ANGLE (NVIDIA GeForce GTX 980 Direct3D11 vs_5_0 ps_5_0) * UNMASKED_VENDOR: Google Inc. Proposed: * RENDERER: ANGLE (NVIDIA GeForce GTX 980 Direct3D11 vs_5_0 ps_5_0) * VENDOR: Mozilla * WEBGL_debug_renderer_info Disabled by pref default: (additionally disabled with RFP) * UNMASKED_RENDERER: ANGLE (NVIDIA GeForce RTX 3070 Direct3D11 vs_5_0 ps_5_0) * UNMASKED_VENDOR: Google Inc. --- I could do similarly for VENDOR and UNMASKED_VENDOR, but VENDOR just isn't as useful as RENDERER, and can be easier to abuse. (e.g. works best on nvidia)