Comment by 0xy
As someone who utilizes these tools for anti-fraud purposes, Firefox is just as trackable if not more trackable than Chrome (especially because you stand out by using a niche browser in the first place).
Firefox exposes a massive amount of identifiable information via canvas, audio device and feature detection methods. There's also active methods to detect private windows, use of the developer console and more.
Of course. There's data where there isn't data.
-make client load something
-client doesn't load it
-add.fingerprint.point(client,'doesnltloadthings',1)
-detect if client does something only a certain browser does
-client does it
-add.fingerprint.point(client,'doesthisbrowsderthing',1)
-window was resized/moved, send a websocket snitch to the backend
- keep a consistent web socket open, or fetch a backend-api call for updates on X events - more calls are made, means user is probably scrolling, inject more things/different things.
I see some js obfuscators out there where I look at the js file and it's all mumbo jumbo.
It is indeed a privacy nightmare, where whatever we do feeds the algorithms to aide in making other people do things.
But it's also used in network security, organizations etc. Staff/employees will use the system a certain way, if something enters it without the behaviors, it's detectable. I assume that's what you mean in anti-fraud.
Sad part is we don't know what the data is ever used for, and it's often bought and sold and the cycle repeats.