…which has its own track record of subtle website breakage, something that is difficult to notice and impossible to mitigate short of disabling this globally. Don’t get me wrong, it’s nice that this exists, but it’s disabled by default for a reason. There are no silver bullets here.
> …which has its own track record of subtle website breakage, something that is difficult to notice and impossible to mitigate short of disabling this globally. Don’t get me wrong, it’s nice that this exists, but it’s disabled by default for a reason. There are no silver bullets here.
If Firefox had bigger marketshare, that breakage would magically turn into bugs in the broken websites.
I find it helpful to realize when websites are taking measures to track me. If their site is broken by privacy protections, maybe I don't want to be using that site any more.
It tends to make animations sluggish, see for example https://github.com/framer/motion/issues/441. That’s not because they are trying to track you but simply because requestAnimationFrame (which has its legitimate uses) can potentially be used for fingerprinting. No regular user is going to make the connection between broken functionality and this setting, and I’ve seen developers waste lots of time on this.
I actually use Firefox to resist fingerprinting, but it's definitely annoying and not for everyone. For one, all times are presented to me in UTC now. I understand why Firefox doesn't present my real timezone, but it's kind of absurd to complain that the website is broken in that case and not the JS API.
resistfingerprinting works by making JS APIs less useful, even if used legitimately. If you rely on something that is both accurate and distinct to a user for functionality, that functionality os going to be broken by fingerprinting mitigation. There is no "fingerprinting API" that can simply be disabled, it's a combination of many APIs that all have real-world not-evil uses.
Note: I am the author of this article.