I was running a privacy oriented profiles on FireFox for years and kind of gave up recently.
You lose a lot of functionality and still get singled out because of some random property that is unique to your system.
this post was submitted on 22 Apr 2025
72 points (98.6% liked)
Privacy
37075 readers
541 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
It's not that you can't at all, it's just that you'd either need to give up a lot of the functionality of a lot of sites or at least reduce the usability of many sites and your browser or configure whitelist and such for every site manually and deal with breaking changes when websites update.
using the tor browser is the safest, easiest and most practical solution. while they CAN fingerprint the tor browser, its the exact same fingerprint for everyone making tracking it effectively meaningless, and you get a random IP to boot.
the problem is some sites block it and you have to insist a bit.
You can. Librewolf with canvas blocker, turned on in settings, Chameleon, and uBlock and/or(?) JS blocker like NoScript. Edit.
Canvas blocker and a JS blocker limits a lot of what Google can see and fingerprint per page. And you'll be shocked at first how many pages have google trackers that a JS blocker kills. It's easier to turn things on one at a time than claw back data once it's out of your hands.
Chameleon spoofs a lot of other details, like browser, system time, languages, headers, etc. So for what can be seen, it's always changing and harder to corroborate. This plus moving VPN locations is what is needed.
Also, TOR does the job, but not the most fun internet experience.
i think neither method is fun. tor is more practical (and more private) than hooking and configuring a bunch of extensions that may or may not work well into firefox imo.
i use tor to be annonymous, and a regular browser for trusted sites or ones not working without JS/blocked on tor. i tend not to use sites that are too annoying about blocking tor unless i really need it.
Canvas blocker is redundant with Librewolf's protections (privacy.resistFingerprinting), same with JS blocker redundant with uBlock Origin. You make yourself more fingerprintable. It is better that you first understand what protections you have and why before adding new addons that increase attack surface. The features you are looking for are included already.
You're correct. I was thinking of how I have Floorp set up.
CreepJS doesn't see NoScript as an extension and only catches me if I don't switch IPs. Time zone is also worth adjusting of one is serious.
Instead of canvas blocker, check out JShelter.
There only problem being that 90% of webpages fail to load properly without JS, not to mention the ones that depend on features that aren't available LW enhanced protection enabled. Each page I visit, I have to create exceptions or they sit there blank.
Of course, and I'm saying that while turning JS on for Bob's website is maybe acceptable, leaving it turned off for gstatic, googleadmamager, etc. also on Bob's website is easier than the other way around. Layers of defense. Don't count on canvas blocker.
Though this is just for what you want to obscure. It doesn't make any sense to openly interact with Google or Meta products with all this going on. Use for your socials, anything tied to your name or face, regular vanilla FF with containers for safety. Let G associate that IP/geography and fingerprint with what you HAVE to do publicly visible. Then you close FF, change VPN locations, and open private mode Librewolf. It's full plausible deniability. Or use TOR, same same.
Convenience and security are a trade off. Find the balance that works for you based on your threat model. It's different for everyone.
And to test whether this works you can visit
How do I read/use this site? What's important?
Load it and it fingerprints your browser. You can add a signature to that fingerprint.
Make whatever changes you want to make to resist fingerprinting and reload the page. If it displays your signature then it has identified you, if not then your changes worked.
Ideally, every page refresh would generate a new unique fingerprint so the page can't link you to the last time you loaded the page (which is what tracking is, essentially)
The site also displays all of the data that it can see, for advanced users
And I pass this test, plus the EFF cover your tracks test, and AmIUnique, all the time.
You can’t, but this helps
Librewolf with anti fingerprinting turned on
Or https://addons.mozilla.org/en-US/firefox/addon/canvasblocker/
It's possible to block it to a large extent, but quite inconvenient. People don't like inconvenience.
It's not just inconvenient, it literally makes large parts of the internet inaccessible, even important and useful parts that are not just memes and SoMe.
whats some?
Burn your fingerprints
is it possible to burn them out permanently?
You can, turn off your devices and go outside.