The question is how to protect against fingerprinting?
Protecting yourself against some scripts is easy and convenient with uBlock Origin. Tracking by URLs can be handled by ClearURLs. Cookies are easy to address with containers, ideally temporary ones with per domain isolation. IP tracking can be addressed partially using a VPN or Tor.
But fingerprinting is hard. Some Tor browser configurations go as far as fixing the window size. Things like timezone, user agent or available fonts leak a lot of unique information. Any simple setup that doesn't have too many caveats?
I love tor-browser project, what I don't like it's the hostile web you uncover with it. Browsing with tor-browser has become a CAPTCHA minefield.
Everything, everywhere there's a "human" captcha waiting for You. Sometimes I have to do the challenges 3 or more times. There's opportunities that even after a 4th attempt it just doesn't work.
This is funny and relatable, but from my anecdotal experience it doesn't really matter whether you click boxes that contain a little corner of the object you're supposed to identify. I think those are weighted less, or the scoring mechanism isn't that simple/binary, or something like that.
It often doesn't even matter to click wrong boxes to a certain degree. Green or red points are usually accepted as traffic lights (often no need to click the whole traffic light) and anything white painted on a street is usually accepted as a crosswalk and so on. Skipping/verifying the second task without even bothering to look at it (i.e. immediately after clicking "next" on the first one) usually works well, too. The AI based on the ML at work here seems not to be very sophisticated.
These captchas are used to crowdsource training data for semantic segmentation ML models. By shifting the image around, users statistically fill out the boundaries of objects by selecting which squares include the object. As a result, in many captcha instances, you see objects right at rectangle boundaries.
https://github.com/arkenfox/user.js
is militantly maintained.
It documents and make it easy to use many of the features upstreamed into Firefox by the Tor Project.
Currently trying out resistFingerprinting and I really don't like that it resets my zoom level on every new tab. I understand that there might be scenarios where not doing so would pose a risk (e.g. when a site opens another site in a new tab and they exchange their observed zoom level behind the scenes) but I'm okay with that. Most of the time I'd zoom back in anyways, so is there a way to disable that specific feature of RFP?
Protecting yourself against some scripts is easy and convenient with uBlock Origin. Tracking by URLs can be handled by ClearURLs. Cookies are easy to address with containers, ideally temporary ones with per domain isolation. IP tracking can be addressed partially using a VPN or Tor.
But fingerprinting is hard. Some Tor browser configurations go as far as fixing the window size. Things like timezone, user agent or available fonts leak a lot of unique information. Any simple setup that doesn't have too many caveats?