Users enable `privacy.resistFingerprinting` and then are surprised when it causes problems
Categories
(Core :: DOM: Security, enhancement, P3)
Tracking
()
People
(Reporter: metasieben, Unassigned)
References
(Blocks 2 open bugs)
Details
(Whiteboard: [domsecurity-backlog1])
Ever since privacy.resistFingerprinting was added every guide to harden Firefox
includes this pref, mostly without mentioning the consequences of enabling it has.
AFAIK this was added as part of the TOR-uplift project; while it (might) make sense for
the TOR browser, enabling this in Firefox produces lots of problems and support-request.
Maybe there should be a infobar, similar to the >Your browser is being managed by your
organisation.<, when privacy.resistFingerprinting is enabled, linking to a sumo-article
about the pref(eg. what it does) and how to disable it.
|
Reporter | |
Updated•7 months ago
|
|
||
Comment 2•3 months ago
|
||
I think this is worth having this discussion here, since it's slightly different than bug 1490728.
In the past we have sometimes made the pref name scary to avoid scams that say "just set 'browser.require-cors:false' and go to this link!".
I think that would be a good preventative measure if we can find a good name that implies breakage may occur.
"privacy.resist-fingerprinting-so-hard-that-websites-break" is one possibility.
|
|
||
Updated•3 months ago
|
|
||
Updated•2 months ago
|
Description
•