My apologies to the Bugzilla team for wasting their time holding my hand on this one. Would have honestly never noticed the little “HTML5” info icon to the left of the URL bar though without their help.
Yeah if it even drew something like “Canvas approval needed to see this image” or just the dang icon in the location bar that would be a start.
I suspect the assumption is that if you are okay digging into
about:config
to turn on the feature, you’re okay with all further interactions veins similarly hidden.
Surely this is a user experience that could be improved, no? Awesome feature but confusing solution.
Not really, because doing this will make you more fingerprintable (see my other comment). That’s why the default settings are striking a balance between making all users look similar and not breaking too many things (that would cause users to use user-specific overrides that make them more unique), and why
resistFingerprinting
is inabout:config
rather than a user-facing setting or enabled by default.Or use something like Chameleon and mess with
about:config
which makes every unique fingerprint, different as your data is scrambled. Firefox still haswebRTC
leakage, font fingerprinting, audio fingerprinting… That’s the reason why people use arkenfox’s user.js !
And when you do this, you are now more fingerprintable than you were with
resistFingerprinting
off, as the specific combination of anti-fingerprinting measures and canvas-enablement makes you more unique. Which is why it’s hidden inabout:config
.If you’re fingerprintable and your fingerprint changes every 60 seconds then it doesn’t really matter
You’re still better off hardening these settings
Yeah, as stated, only for sites you trust.
I was enabling it on at a cycling site that uses HTML5 Canvas to make their charts of how long chain lubricants last zoomable, haha.
I’ve actually seen that had no idea what it was!
Or email those admins and tell them to fix their website