A history of Fingerprinting protection in Firefox
Fingerprinting is a common technique used predominantly by advertising agencies and marketing companies to track people on the Internet.
Mozilla introduced the preference privacy.resistFingerprinting in Firefox 41 as part of the Tor Uplift project.
The official Tor browser is based on Firefox ESR; Tor Uplift aims to introduce patches that the Tor development team makes to the Tor browser to Firefox. See our article on Tor Browser privacy changes coming to Firefox for additional information on Tor Uplift.
These preferences are set to disabled by default usually as they may break things on the Internet.
Fingerprinting protection is disabled by default in Firefox as it may cause quite a few issues currently when enabled. Mozilla did enable some forms of fingerprinting protections in Firefox 67 using the browser's anti-tracking functionality.
Firefox users may notice, for instance, that they cannot install extensions on AMO using the default method thanks to the integrated User Agent spoofing in fingerprinting protection (Mozilla AMO reads the version of the browser as Firefox 52.x regardless of the actual version of the browser).
Firefox may also open in a different window size than the one when it was closed.
Firefox users can enable fingerprinting protection in the following way:
- Load about:config in the Firefox address bar.
- Search for privacy.resistFingerprinting.
- Double-click on the preference.
- A value of True means that the protection is enabled.
- A value of False that it is disabled.
Fingerprinting protection started with basic protective features, but changes in recent versions of Firefox added a significant number of additional protections to the privacy feature.
The Ghacks User JS team keeps track of these changes on the project's GitHub page. You find the most important changes and the Firefox version they are implemented in below:
- Firefox 41:Â privacy.resistFingerprinting added to the browser. (418989)
- Firefox 50: spoof screen orientation (1281949)
- Firefox 50: hide navigator.plugins and navigator.mimeTypes (1281963)
- Firefox 55: spoof timezone as UTC 0 (1330890)
- Firefox 55: round window sizes to hundreds (1360039)
- Firefox 56: spoof/disable performance API (1369303)
- Firefox 56: spoof navigator API (1333651)
- Firefox 56: disable device sensors (1369319)
- Firefox 56: disable site-specific zoom (1369357)
- Firefox 56: hide gamepads from content (1337161)
- Firefox 56: spoof network info API as "unknown" (1372072)
- Firefox 56: disable Geolocation API (1372069)
- Firefox 56: disable WebSpeech API (1333641)
- Firefox 57: spoof media statistics (1369309)
- Firefox 57: enable fingerprinting resistance for WebGL (1217290)
- Firefox 57: reduce fingerprinting in Animation API (1382545)
- Firefox 57: enable fingerprinting resistance for Presentation API (1382533)
- Firefox 57: disable mozAddonManager Web API (1384330)
- Firefox 58: prompt before allowing canvas data extraction (967895)
- Firefox 59: spoof/block MediaDevices API fingerprinting (1372073)
- Firefox 59: spoof keyboard events and suppress keyboard modifier events (1222285)
- Firefox 64: spoof/suppress Pointer Events (1363508)
- Firefox 67: enforce ui.use_standins_for_native_colors=true (1485266)
- Firefox 67: RFP letterboxing, privacy.resistFingerprinting.letterboxing and privacy.resistFingerprinting.letterboxing.dimensions (1407366)
Mozilla maintains an incomplete list of information that is blocked or spoofed on the company's support website.
You have granted the website permission.
Your timezone is reported to be UTC
Not all fonts installed on your computer are available to webpages
The browser window prefers to be set to a specific size
Your browser reports a specific, common version number
Your keyboard layout and language is disguised
Your webcam and microphone capabilities are disguised.
The Media Statistics Web API reports misleading information
Any Site-Specific Zoom settings are not applied
The WebSpeech, Gamepad, Sensors, and Performance Web APIs are disabled
The GitHub page lists reported issues and follow-ups as well as pending changes as well.
Fingerprinting protection is a unique feature of the Firefox browser (and compatible web browsers).
While it is undoubtedly possible to reach a similar level of protection with browser extensions, scripts, and modifications, it is good to see that Mozilla is pushing this privacy-enhancing feature.
It is not clear whether this will ever be enabled by default or listed as an option in the Firefox preferences though.
Now You: Do you use privacy add-ons in your browser?