I’ve been playing around with resistFingerprinting in Firefox.
I started out with privacy.resistFingerprinting = yes.
Then, I noticed this would break the dark mode in websites. So I disabled resistFingerprinting again and instead added privacy.fingerprintingProtection.overrides = +AllTargets,-CSSPrefersColorScheme.
Explanation
This basically means: RFP disabled [default], FPP enabled [default], FPP to use all RFP protections, except for the CSSPrefersColorScheme one
Then, I noticed that in my web calendar and other places, it would always show me everything in UTC time. So I added -JSDateTimeUTC as well.
Then, I noticed that Google Maps (the only Google product I’m still using) wouldn’t allow me to enable the 3D/Globe View. So I added -WebGLRenderCapability.
Then, I noticed that in browser-based OnlyOffice I couldn’t use keyboard shortcuts anymore. So I added -KeyboardEvents.
So now I have privacy.fingerprintingProtection.overrides = +AllTargets,-CSSPrefersColorScheme,-JSDateTimeUTC,-WebGLRenderCapability,-KeyboardEvents
So far, I haven’t had any issues. Web apps seem to work fine, nothing breaks (as long as I sometimes give canvas access), and I feel like I’ve got a good balance between the compatibility of vanilla Firefox and the privacy of Librewolf/MullvadBrowser/Arkenfox.
Is there any point in having such a Frankenstein configuration? On the one hand, I’m still benefitting for the majority of the resistFingerprinting protections. On the other hand, I’m not really blending in with the rest of the RFP crowd anymore. How sophisticated are the fingerprinting scripts used in practice? Is a little bit of RFP better than none? Or is it all or nothing?