Set up variations for features that can be disabled without much breakage

[groovecoder]

See https://github.com/fmarier/user.js/blob/SeaGL/user.js ...

user_pref("beacon.enabled", false);
user_pref("device.sensors.enabled", false);
user_pref("dom.battery.enabled", false);
user_pref("geo.enabled", false);
user_pref("media.eme.enabled", false); // proprietary DRM plugins
user_pref("dom.netinfo.enabled", false);
user_pref("pdfjs.disabled", true); // use external PDF viewer instead
user_pref("layout.css.visited_links_enabled", false); // regularly leaks
user_pref("media.video_stats.enabled", false);
user_pref("browser.casting.enabled", false); // https://bugzil.la/1111967

[groovecoder]

@fmarier - which of these are your personal preferences, and which ones are for improved privacy?

[fmarier]

I don't think it's worth spending much time on the settings that outright disable web platform features without data about how they're being exploited in the field.

The only ones that make sense to experiment with in the above list I would say are battery and sensors. The battery is typically not as big a deal on a laptop (as compared to a phone) and laptops rarely have gyroscopes that developers need access to (the only gyroscopes I know in laptops are inside hard drives).

Battery is a clear fingerprinting vector and would be worth spoofing (or disabling in Private Browsing) and the gyro can apparently be used as a microphone.