You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This check is currently implemented in Gecko, but is behind a pref. I'm seeking more input on what we'd like to see before exposing the functionality without a pref being set.
The text was updated successfully, but these errors were encountered:
How much will the results of this API vary between Firefox users, and what would cause the variation?
Hmm. This API has become worse for fingerprinting since I last paid attention: Instead of exposing a boolean, there are now more outcomes. The explainer shows 10 distinct outcomes of which Firefox and Chromium presently know about 9.
The source of variation would be the combination of operating system, GPU driver(s), GPU(s), and screen(s). One might argue that WebGL already exposes a hopeless number of fingerprinting bits that correlate with these.
In the WICG issue, it's said: "Several open-access license servers exist for the purposes of testing and integration, and their CORS headers allow access from "*". So this becomes all sites running in a secure context. Any HTTPS-hosted site can do a license exchange with these open license servers."
So this means that even without this API, these fingerprinting bits are available to the Web, but this API makes the bits available with less effort and with out a (potentially detectable and blockable) HTTP round trip to an open-access license server.
I'll ping you off-GitHub about reducing the fingerprinting bits.
Request for Mozilla Position on an Emerging Web Specification
Other information
This check is currently implemented in Gecko, but is behind a pref. I'm seeking more input on what we'd like to see before exposing the functionality without a pref being set.
The text was updated successfully, but these errors were encountered: