Can someone explain how this would prevent fingerprinting? IP, user-agent, window-size and other details can reliably identify most of the the other http sessions anyway. Blocking trackers seems as important to me.
Well credit where it's due, the anti-fingerprinting is actually a TOR project. The project you linked to is an attempt to bring TOR's protections into the mainline Firefox browser. Obviously TOR has more stringent goals than Firefox so many privacy features are currently hidden behind the `privacy.resistFingerprinting` option in about:config.
It wouldn't. It merely makes it more difficult for Facebook to track you on third-party websites, as fingerprinting is more difficult and error-prone than simply re-using your cookie.
My question was rhetorical :-). I agree with you that it is harder and noisier to perform fingerprinting, but I still wish for Mozilla to evangelize a more complete solution. The current one creates a somewhat sense of false security, in my opinion.
It does not. I'd guess it hardly makes a dent in their tracking. The only sure way to block completely is to use a custom router on your network - an outgoing firewall. Via a custom dns server on my router, all requests from any device, browser, app, etc for the facebook or any ad or tracking domains never leave my network. This is powerful. Windows 10 intrusive spying can be blocked as well. Basically anything that I can't figure out what it is is blocked, and it's a lot. If I ever acquire malware that phones home, it should detect as well.
The great thing is when you block all that, your internet is much faster.
You can already go a long way without as much technical commitment with a PiHole setup that simply poison DNS queries.
It can't compete with the total control you get with crafting specific firewall rules but it has most of the same effect while being a lot simpler to manage.
Would you comment on what router and software you are using, how difficult it is to maintain, and any surprises you have had using it (things you depend on breaking).
It's Ubuntu. Protectli is the equipment, easily obtainable on Amazon. If I had to do over I would use PCEngines however since they use core boot. Edit: you will also need a wireless access point to plug into a lan port. Ubiquity unify is great and is much better coverage than the consumer grade router this replaced.
Up for months, incredible speed, no maintenance, except to add new domains to block when they prove to be spyware. Twitter may be next on the list since it is of declining use to me.
I'll add that I'm by no means a linux whiz, but learned a lot by doing this project.
Biggest issue is explaining to guests why they can't access facebook.
Another bene is you no longer have the planned obsolescence of consumer grade equipment. I fully expect this thing to last a decade, and "firmware" is automatically updated via linux.
If you want something high-performance that you can have running quickly, you can do this with a Turris Omnia router + Pi-hole (DNS ad-blocker). The Omnia is about $300. I've done a blog post explaining how to get everything set up here, and it's CC0 public domain licensed so you can copy or adapt it however you like: https://www.tombrossman.com/blog/2017/how-to-install-pi-hole...
No surprises, the Omnia updates itself and reboots automatically (you get an email warning of you want to intervene) and everything 'just works'.
