Add plugin fingerprinting protection

[RoxKilly]

Upon reviewing the EFF's Panopticlick tool Mozilla found that the greatest source of browser fingerprinting risk is the list of plugins. Mozilla's recommendation at the time to mitigate the vulnerability was to set plugins.enumerable_names="" which would make the browser return undefined if JavaScript queried the list of installed plugins.

Earlier this year though, Mozilla backtracked and the browser removed and started ignoring this setting. The vulnerability returned.

On another bugzilla page, someone has recently suggested a workaround:
Object.defineProperty(navigator, "plugins", { value: [ /* non-enumerable whitelist of plugins whose names are not detailed/fingerprintable */ ]});

So I have 2 questions:

1. Does preventing plugin fingerprinting fit uBO's mission to protect users' privacy?
2. Would the suggestion work?

[gorhill]

Feature creep.

Browser fingerprinting is a vast undertaking, more than just foiling the specific mechanism you mention. If I accept to address that specific mechanism, this means I would accept to deal with all fingerprinting mechanisms, and this can go very far from uBO's primary purpose: an efficient blocker for network requests and DOM elements.

Best is that the whole task is left to another extension dedicated to that purpose -- that will be enough to keep somebody busy full time, and it does not have to be me.

[lewisje]

This looks like a job for a UserScript.