8 reasons to ditch Chrome and switch to Firefox

Thales

Level 15
Verified
Top Poster
Well-known
Nov 26, 2017
708
If you had actually read the article, you would have come across this:

4. Other Security Researchers' Views on Firefox

Also, use Firefox, go to any site that tests your browser fingerprint and dare to tell me it will report as anything but unique.View attachment 267099
I wanted to check this but here is the result
1653967685873.png
 

Sorrento

Level 9
Verified
Well-known
Dec 7, 2021
402
I made a post in another thread saying I have issues with Firefox for some time & I tried LibreWolf a few weeks ago with problems - Installed Wolf again yesterday after refusing to be beaten & it's been perfect in a day & a half with no problems :)
 

SpiderWeb

Level 10
Verified
Well-known
Aug 21, 2020
468
Fingerprinting paranoia has always been silly to me. What's the point? Yes I will be unique by virtue of having a rare browser on a rare OS with a rare architecture, using a rare resolution, in a rare time zone. How many people have the latest Firefox running on macOS on an M1 Macbook Air in the USA Pacific Time zone with my screen resolution? Those basic and essential datapoints make me nearly unique but I refuse to hide them because I have experienced too much breakage and alert notifications if I completely hide my fingerprint. At the end Firefox at least gives you an option to tweak your privacy to your liking. You can lock it down to Tor Browser levels if you want and even stricter than that. I have containers and First Party Isolation enabled. Google Chrome immediately phones back to Google everything you do. Tweaking Chrome privacy settings is a pointless placebo.

GSUW9NK.jpg
 

rain2reign

Level 8
Verified
Well-known
Jun 21, 2020
363
What settings/addons are you using in your Firefox?
Mine is hardened (as good as I can harden it) but still gives a unique fingerprint with 18 bits of identifying information.
I want to get mine to partial or randomized without NoScript but it stays unique.
The whole point of hardening is to plug any holes in favour of either [1] Security or [2] Privacy, rarely both. By doing this you do stand out from the crowd more and more, and as you stand out more your fingerprint becomes more unique. If you truly want to blend in than you'd use chrome or edge in its default settings, with an exception for Safari on Apple devices. You will have to choose how far you want to go with hardening for your specific uses yourself. And in terms of using Firefox or any browser based on it: the more unique addons you use, the more unique you remain.

The eff fingerprinting site, coveryourtracks, only compares you to past users that HAVE used that specific website before from their database. And Firefox is nearly always either fully unique or near-unique (had this once).
 

Stronghold

Level 1
May 27, 2022
21
The whole point of hardening is to plug any holes in favour of either [1] Security or [2] Privacy, rarely both. By doing this you do stand out from the crowd more and more, and as you stand out more your fingerprint becomes more unique. If you truly want to blend in than you'd use chrome or edge in its default settings, with an exception for Safari on Apple devices. You will have to choose how far you want to go with hardening for your specific uses yourself. And in terms of using Firefox or any browser based on it: the more unique addons you use, the more unique you remain.

The eff fingerprinting site, coveryourtracks, only compares you to past users that HAVE used that specific website before from their database. And Firefox is nearly always either fully unique or near-unique (had this once).

When I look at the test the most identifiable entropy comes from WebGL, while disabled, it still renders an identifiable hash that's linked to my GPU.

I know that if you want to blend in you have to use the browser that is used most with the settings that are used most but by spoofing settings you become less unique.
I don't use that many add-ons but isn't the point of hardening to make it look as much like the Tor browser as possible? Which would increase privacy and security of the browser. That's what I understood about it when reading the Arkenfox wiki a long time ago.

After tweaking my CanvasBlocker add-on, which partially works when hardened, I went from Unique to Nearly-Unique, but I can't get it any better than that.
 
  • Like
Reactions: Sorrento and Kongo

rain2reign

Level 8
Verified
Well-known
Jun 21, 2020
363
When I look at the test the most identifiable entropy comes from WebGL, while disabled, it still renders a identifiable hash that's linked to my GPU.

I know that if you want to blend in you have to use the browser that is used most with the settings that are used most but by spoofing settings you become less unique.
I don't use that many add-ons but isn't the point of hardening to make it look as much like the Tor browser as possible? Which would increase privacy and security of the browser. That's what I understood about it when reading the Arkenfox wiki a long time ago.

After tweaking my CanvasBlocker add-on, which partially works when hardened, I went from Unique to Nearly-Unique, but I can't get it any better than that.
That is a misunderstanding that comes up quite often, in my experience, when people (start) reading into browser privacy. Hardening does not have to be the same as TOR. If your use-case compels you to be as close to TOR, you should use TOR browser rather than hardening Firefox and/or use ArkenFox. Hardening means that you intend to make your browser as robust as possible for your individually specific uses and habits. For some it's a little tweaking for privacy gains, for others its pure security, and for the rest it's a mix of both or an extreme route for idealogical reasons as an example.
 
Last edited:

Kongo

Level 35
Verified
Top Poster
Well-known
Feb 25, 2017
2,479
What settings or add-ons are you using in your Firefox?
Mine is hardened (as good as I can harden it) but still gives a unique fingerprint with 18 bits of identifying information.
I want to get mine to partial or randomized without NoScript but it stays unique.
check out my security config. There you can see my Firefox settings in detail. (y)
 

Stronghold

Level 1
May 27, 2022
21
That is a misunderstanding that comes up quite often, in my experience, when people (start) reading into browser privacy. Hardening does not have to be the same as TOR. If your use-case compels you to be as close to TOR, you should use TOR browser rather than hardening Firefox and/or use ArkenFox. Hardening means that you intend to make your browser as robust as possible for your individually specific uses and habits. For some it's a little tweaking for privacy gains, for others its pure security, and for the rest it's a mix of both or an extreme route for idealogical reasons as an example.

Except nobody wants to use Tor unless they need to for anonymity because it's too slow for daily use.
Most average privacy aware internet users turn on a non-logging VPN service to prevent certain actors from spying on their normal browsing behavior and make sure every site they visit uses HTTPS.
If a browser fingerprint becomes too unique it will break any form of privacy you built by using VPN services, proxies or any other form of privacy enhancing methods (excluding Tor and similar networks) because they will be fingerprinted on every site they visit no matter what IP they use, making them unique and very easy to track.

check out my security config. There you can see my Firefox settings in detail. (y)
I will check out your config (y)

I tested with some other sites and Cover Your Tracks might not be the best test to run because it only tests your uniqueness based on the browsers they tested, without showing unique identifiers.
When I test my canvas on Canvas Fingerprinting it has a different hash every refresh so I'm 100% unique, but I'm not because it's spoofed each visit so while it shows 100% it is 0%. Cover Your Tracks does not test for this behavior.
 
Last edited:

Kongo

Level 35
Verified
Top Poster
Well-known
Feb 25, 2017
2,479
I will check out your config (y)

I tested with some other sites and Cover Your Tracks might not be the best test to run because it only tests your uniqueness based on the browsers they tested, without showing unique identifiers.
When I test my canvas on Canvas Fingerprinting it has a different hash every refresh so I'm 100% unique, but I'm not because it's spoofed each visit so while it shows 100% it is 0%. Cover Your Tracks does not test for this behavior.
One site I really like: Device Info - Web browser security, privacy, and troubleshooting tool.
 

Stronghold

Level 1
May 27, 2022
21
The Live Key Press and Mouse Position are a scary feature, is there a way to disable/spoof those?

All other features look OK.
I tried testing it with and without a VPN, it detects a VPN but doesn't detect the host OS, the Time Zone is incorrect while the location of testing is the same, that may be because Firefox sets the time to UTC +0 when Fingerprinting is blocked.
It detects spoofing of fingerprints but it doesn't matter that it does since they don't get a unique ID.
All devices (CPU, GPU etc.) are unknown or read incorrectly (2 core CPU), it can't detect browser add-ons, it can detect plugins.

Device Info and Browserleaks are able to detect ad block lists but that's not hard to do, the server can do redirect tests to known blocked domains on the lists.

The only semi identifiable material I can find are fonts (even though uBlock blocks fonts) and plugins (not the add-ons).
Brave does a better job with plugins, I don't know how to spoof either in Firefox.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top