As Google gives you the choice to opt out of cookie tracking, it silently starts collecting your online habits with fingerprinting.
  • masterofn001@lemmy.caEnglish
    85·
    3 天前

    You can also use canvas blocker add-on.

    Use their containers (firefox multi-account container add-on) feature and make a google container so that all google domains go to that container.

    If you want to get crazy, in either set in about:config or make yourself a user.is file in your Firefox profile directory and eliminate all communication with google. And some other privacy tweaks below.

    google shit and some extra privacy/security settings

    Google domains and services:

    user_pref(“browser.safebrowsing.allowOverride”, false);
    user_pref(“browser.safebrowsing.blockedURIs.enabled”, false);
    user_pref(“browser.safebrowsing.downloads.enabled”, false);
    user_pref(“browser.safebrowsing.downloads.remote.block_dangerous”, false);
    user_pref(“browser.safebrowsing.downloads.remote.block_dangerous_host”, false);
    user_pref(“browser.safebrowsing.downloads.remote.block_potentially_unwanted”, false):
    user_pref(“browser.safebrowsing.downloads.remote.block_uncommon”, false);
    user_pref(“browser.safebrowsing.downloads.remote.enabled”, false);
    user_pref(“browser.safebrowsing.downloads.remote.url”, “”);
    user_pref(“browser.safebrowsing.malware.enabled”, false);
    user_pref(“browser.safebrowsing.phishing.enabled”, false);
    user_pref(“browser.safebrowsing.provider.google.advisoryName”, “”);
    user_pref(“browser.safebrowsing.provider.google.advisoryURL”, “”);
    user_pref(“browser.safebrowsing.provider.google.gethashURL”, “”);
    user_pref(“browser.safebrowsing.provider.google.lists”, “”);
    user_pref(“browser.safebrowsing.provider.google.reportURL”, “”);
    user_pref(“browser.safebrowsing.provider.google.updateURL”, “”);
    user_pref(“browser.safebrowsing.provider.google4.advisoryName”, “”);
    user_pref(“browser.safebrowsing.provider.google4.advisoryURL”, “”);
    user_pref(“browser.safebrowsing.provider.google4.dataSharingURL”, “”);
    user_pref(“browser.safebrowsing.provider.google4.gethashURL”, “”);
    user_pref(“browser.safebrowsing.provider.google4.lists”, “”);
    user_pref(“browser.safebrowsing.provider.google4.pver”, “”);
    user_pref(“browser.safebrowsing.provider.google4.reportURL”, “”);
    user_pref(“browser.safebrowsing.provider.google4.updateURL”, “”);

    Privacy and security stuff:

    user_pref(“dom.push.enabled”, false);
    user_pref(“dom.push.connection.enabled”, false);

    user_pref(“layout.css.visited_links_enabled”, false);
    user_pref(“media.navigator.enabled”, false);

    user_pref(“network.proxy.allow_bypass”, false);
    user_pref(“network.proxy.failover_direct”, false);
    user_pref(“network.http.referer.spoofSource”, true);

    user_pref(“security.ssl.disable_session_identifiers”, true);
    user_pref(“security.ssl.enable_false_start”, false);
    user_pref(“security.ssl.treat_unsafe_negotiation_as_broken”, true);
    user_pref(“security.tls.enable_0rtt_data”, false);

    user_pref(“privacy.partition.network_state.connection_with_proxy”, true);

    user_pref(“privacy.resistFingerprinting”, true);
    user_pref(“privacy.resistFingerprinting.block_mozAddonManager”, true);
    user_pref(“privacy.resistFingerprinting.letterboxing”, true);
    user_pref(“privacy.resistFingerprinting.randomization.daily_reset.enabled”, true);
    user_pref(“privacy.resistFingerprinting.randomization.enabled”, true);

    user_pref(“screenshots.browser.component.enabled”, false);

    user_pref(“privacy.spoof_english”, 2);

    user_pref(“webgl.enable-debug-renderer-info”, false); user_pref(“webgl.enable-renderer-query”, false);

    • Chulk@lemmy.mlEnglish
      9·
      3 天前

      I’m still trying to wrap my head around fingerprinting, so excuse my ignorance. Doesn’t an installed plugin such as Canvas Blocker make you more uniquely identifiable? My reasoning is that very few people have this plugin relatively speaking.

      • RecallMadness@lemmy.nzEnglish
        2·
        2 天前

        Iirc, Websites can’t query addons unless those addons manipulate the DOM in a way that exposes themselves.

        They can query extensions.

        Addons are things installed inside the browser. Like uBlock, HTTPS Everywhere, Firefox Containerr, etc.

        Extensions are installed outside the browser. Such as Flashplayer, the Gnome extensions installer, etc.

        • RecallMadness@lemmy.nzEnglish
          1·
          2 天前

          Further: the Canvas API doesn’t have any requirements on rendering accuracy.

          By deferring to the GPU, font library, etc, tracking code can generate an image that is in most cases unique to your machine.

          So blocking the Canvas API would return a 0. Which is less unique than what it would be normally.

      • happydoors@lemm.eeEnglish
        2·
        3 天前

        Maybe if they can connect you to your other usage but it’s probably more of their resources and such a small % of the population that it isn’t worth the time to subvert? Idk just guessing here

    • oaklandnative@lemmy.worldEnglish
      21·
      2 天前

      I use (and love) Firefox containers, and I keep all Google domains in one container. However, I never know what to do about other websites that use Google sign in.

      If I’m signing into XYZ website and it uses my Google account to sign in, should I put that website in the Google container? That’s what I’ve been doing, but I don’t know the right answer.