Introduction
This is something I’ve been thinking about for a couple years now, and I wanted to get y’alls thoughts on it.
After following the privacy space for several years, I cannot even count the number of times I have heard something, generally speaking, along these lines:
Brave provides better privacy and fingerprinting protection than Firefox by default, but it has weaker protections than hardened Firefox or LibrewolfI've been a Firefox user myself for a long time. But I can't help but wonder, is the wisdom that hardened Firefox is more resistant to fingerprinting actually true?
Firefox, Brave, and Pool Size
Part of what gets me—and this question was somewhat reinvigorated for me when Brave recently removed its Strict fingerprinting protection in favor of a single toggle, citing that hardly anyone used the strict mode—is that I can't help but shake the feeling that just using a hardened version of Firefox (or Librewolf) might shrink the crowd you're blending in with too much.Mobile
I especially worry about this with mobile. I am aware Privacy Guides doesn't currently recommend Firefox for Android because:On Android, Firefox is still less secure than Chromium-based alternatives: Mozilla's engine, GeckoView, has yet to support site isolation or enable isolatedProcess.
Though, this is not my question. Strictly from a fingerprinting sense, and I am the first to admit I have nothing to back this up whatsoever, so do tell me if this sounds like nonsense, I can’t shake the feeling that like, by the time you’ve gone through the trouble of downloading Firefox for Android, enabling Resist Fingerprinting, turning on UBO, maybe even using it on hard mode… you might be one of a very small number of users visiting a website who matches that profile.
By comparison, I have a much easier time imagining that the pool of users who clicked the “on button” for Brave’s now one-size-fits-all fingerprinting protection is probably going to be a bit bigger.
Perhaps my gut feeling here is colored by the fact that I have run into several folks in day to day life who are using Brave, but I haven’t run into many others besides myself who use Firefox, and I have never run into another Firefox for Android user.
Desktop
I have an easier time imagining a larger pool when it comes to desktop Firefox than mobile. But I ultimately end up with the same kind of question. I would imagine a large portion of Firefox's install base isn't using RFP. I see Firefox all the time installed on university workstations, I've seen it on public computers, I've seen it in many places where RFP wouldn't be used. Not to mention anyone that has Firefox for *any* other reason besides privacy. I think it is fair to say that Firefox's total marketshare is not representative of the number of users who are using RFP.It's no secret Firefox in itself would stand out compared to Chromium, though perhaps that is not the case strictly compared to the Brave flavor of Chromium. Nevertheless, I have the same type of question here; by the time you use Firefox with RFP, UBO, and maybe some other privacy related settings, isn't it possible that you've singled yourself out just by the nature of being part of a presumably very small pool? It seems like the pool of people who use Brave with its, again, pretty much one-button fingerprint protection might be larger. Or is the pool for Firefox not as small as I am imagining?
Different Methods of Fingerprinting Protections
One potential wrinkle I see is that Brave's fingerprint protections are randomization based. As opposed to TOR-Style fingerprinting protections which try to make everyone look the same, Brave intentionally makes everyone look unique.One might naturally ask "what crowd are you thinking that you're blending with, if everyone looks unique?"
And indeed, point well taken, but they can still see you are a chromium user, as opposed to a Firefox user, for example. I know it is also possible to tell that you’re a Brave user. To the extent that Firefox might single you out as one of a very very small group of hardened Firefox users on a given site, it doesn’t necessarily follow in my mind that Brave’s randomization based approach would not still benefit from looking like “one of many Brave users,” even if you look like a different Brave user each time. Intuitively, that would seem to be the best of both worlds, at least to me. You blend in amongst a crowd of Brave users, but aren’t identified as any single repeating one. As opposed to potentially being narrowed down to maybe even a handful of hardened Firefox + UBO users if you go on a less mainstream site.
A similar question—not quite the same, but addressing the same point—was answered last year, where a PG team member pointed out:
There is no crowd of “Chrome users” to blend in with, because you can’t blend in to a crowd filled with completely unique browsers. (A study published in 2017 demonstrated an approach that could uniquely identify 99.24% of users, without even taking into account their IP address.)That certainly sounds true since that question was asking about blending in with chromium generally. As I understand it, that study was talking about identifying "normal" users uniquely, e.g. the average chrome or Firefox user with no protection. And indeed, you cannot blend in with "chrome users generally," because there is no crowd, because they are all unique, and statically so.
Using a privacy browser like Firefox with Arkenfox tweaks cannot make you stand out more, because when you are already completely unique, becoming “more unique” is impossible.
That logic does not seem to fit exactly when it comes to looking like other Brave users though, or at least, it does not intuitively make sense to me, given that you can blend into a crowd of randomized brave users and look like "just another brave user with fingerprint protection."
But the idea that "Using a privacy browser like Firefox with Arkenfox tweaks cannot make you stand out more, because when you are already completely unique, becoming “more unique” is impossible" does not address the fact that if you're only one of a handful of people using a privacy browser on a given site, then you're unique enough, no? That is to say, I'm not sure what good it would do if only a handful of people with FF + UBO + RFP visited that site in the first place, which seems like a particularly acute worry to me with FF for Android.