How exactly?
Recent Firefox releases have tackled the next-largest leaks of user information used by online fingerprinters. This ranges from strengthening the font protections to preventing websites from getting to know your hardware details like the number of cores your processor has, the number of simultaneous fingers your touchscreen supports, and the dimensions of your dock or taskbar. The full list of detailed protections is available in our documentation.
Our research shows these improvements cut the percentage of users seen as unique by almost half.
Wow excellent work by Mozilla! They’ve been on a streak recently with new privacy features, keep em coming.
Glad to see they are still focusing on security. Still using a FF-based browser myself
It is not a security feature it’s a privacy feature
Security features would be things like Sandboxing
like what?
edit: this was a joke that Mozilla doesn’t have the word sandboxing in their vocabulary. The Fission for Android bug turns 6 years old in a few weeks.
IMO it benefits user’s security as well, as fingerprinting is known to be utilised to track and target individuals, the new protections makes it (slightly) more difficult to happen.
Would the changes impact the fingerprinting protections introduced by Mullvad and Tor? I imagine that they have already implemented most or even more of these features in the past.
yeah you can say that, I think preventing fingerprinting though is more privacy and optionally anonymity as so much it is security
like preventing fingerprint doesn’t mean the web browser’s sandboxing is stronger all of the sudden for example.
It is one of the (plenty) aspects where Firefox is falling behind.
Still, progress is progress.
I have no idea what are the difficulties holding them back on this. It is indeed mindblowing.
However I still use it(mull/ ironfox) in most cases, including most PWAs, cause it supports uBo, so it is perfect for day to day use, given user (me) has good digital hygiene and basic OPSEC.
I am really surprised about this blog post for a few reasons.
Did removing the following fingerprinters
- strengthening the font protections
- preventing websites from getting to know your hardware details
- number of cores (now only says whether you have 8 or 16 based on the closest to your actual number)
- number of simultaneous fingers your touchscreen supports (says either 0,1,2 or 5)
- dimensions of your dock or taskbar (doesn’t share it)
really reduce 
fingerprintable unique users by half? Seems really promising.
I do have questions about the measurement they made. Which users did they use for their test? And what does unique means ? (Because AFAIK fingerprintable is always guessing you are likely the same person, not being sure of it.)
I’m making a few speculative leaps here, but I believe that the improvements alluded to in the blog post[1] most likely correspond with this Bugzilla meta-issue which is tracking the rollout of ‘phase 2’ of the Fingerprinting Protection (FPP) rollout.
I do have questions about the measurement they made.
I believe this issue is probably a good place to start if you want to know more about the methodology and objectives.
Would the changes impact the fingerprinting protections introduced by Mullvad and Tor?
I believe these changes impact the feature called FPP[2], which probably doesn’t directly impact Tor Browser or Mullvad Browser (If I understand correctly, enabling RFP[3] (which these browsers both do), supercedes FPP, and probably already provides a higher degree of protection. But again, some of this is uncomfirmed speculation on my part, based on the language used in the blog post.