Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ToDo: diffs FF119-FF120 #1772

Closed
earthlng opened this issue Nov 24, 2023 · 8 comments
Closed

ToDo: diffs FF119-FF120 #1772

earthlng opened this issue Nov 24, 2023 · 8 comments
Labels
diffs enhancement task

Comments

@earthlng
Copy link
Contributor

earthlng commented Nov 24, 2023
edited by Thorin-Oakenpants

FF120 release date: Nov. 21st 2023

FF120 release notes
FF120 for developers
FF120 security advisories

93 diffs ( 53 new, 26 gone, 14 different )

new in v120.0:

  • FYI
    • pref("dom.cache.privateBrowsing.enabled", false);
    • pref("privacy.globalprivacycontrol.pbmode.enabled", true);
    • pref("privacy.fingerprintingProtection.granularOverrides", ""); // FPP stuff
    • this is the 🔥 button in PB mode, coming soon - let it bake (currently nightly only)
      • pref("browser.privatebrowsing.resetPBM.enabled", false);
      • pref("browser.privatebrowsing.resetPBM.showConfirmationDialog", true);
      • resetPBM

ignore

click me for details

==NEW

pref("browser.migrate.chrome.get_permissions.enabled", true);
pref("browser.newtabpage.activity-stream.system.showSponsored", false);
pref("browser.search.newSearchConfig.enabled", false);
pref("browser.shell.checkDefaultPDF", true);
pref("browser.shell.checkDefaultPDF.silencedByUser", false);
pref("browser.shopping.experience2023.ads.exposure", false);
pref("browser.startup.windowsLaunchOnLogin.disableLaunchOnLoginPrompt", false);
pref("browser.startup.windowsLaunchOnLogin.enabled", false);
pref("browser.theme.windows.accent-color-in-tabs.enabled", false);
pref("browser.urlbar.quicksuggest.rustEnabled", false);
pref("browser.urlbar.suggest.recentsearches", true);
pref("browser.urlbar.switchTabs.searchAllContainers", false);
pref("clipboard.imageAsFile.enabled", true);
pref("cookiebanners.bannerClicking.pollingInterval", 500);
pref("cookiebanners.bannerClicking.timeoutAfterDOMContentLoaded", 20000);
pref("cookiebanners.bannerClicking.timeoutAfterLoad", 5000);
pref("cookiebanners.service.enableGlobalRules.subFrames", true);
pref("dom.iframe_lazy_loading.enabled", false);
pref("dom.security.https_first_schemeless", false);
pref("dom.w3c_pointer_events.getcoalescedevents_only_in_securecontext", false);
pref("dom.webgpu.testing.assert-hardware-adapter", false);
pref("dom.webgpu.workers.enabled", false);
pref("editor.block_inline_check.use_computed_style", false);
pref("extensions.formautofill.heuristics.interactivityCheckMode", "focusability");
pref("extensions.script_about_blank_without_permission", false);
pref("gfx.canvas.remote.allow-in-parent", false);
pref("gfx.canvas.remote.texture-timeout-ms", 10000);
pref("gfx.canvas.remote.worker-threads", -1);
pref("gfx.font_rendering.fallback.unassigned_chars", false);
pref("gfx.video.convert-yuv-to-nv12.image-host-win", true);
pref("image.mem.max_legal_imgframe_size_kb", -1);
pref("javascript.options.wasm_tail_calls", false);
pref("layout.css.always_underline_links", false);
pref("layout.css.text-wrap-balance-after-clamp.enabled", true);
pref("layout.css.text-wrap-balance.enabled", false);
pref("layout.css.text-wrap-balance.limit", 10);
pref("layout.css.zoom.enabled", false);
pref("layout.details.force-block-layout", true);
pref("media.wmf.hevc.enabled", 0);
pref("messaging-system.askForFeedback", true);
pref("network.auth.use_redirect_for_retries", false);
pref("network.http.http2.move_to_pending_list_after_network_change", false);
pref("network.url.strict_protocol_setter", true);
pref("print.enabled", true);
pref("privacy.fingerprintingProtection.WebCompatService.logLevel", "Error");
pref("privacy.query_stripping.strip_on_share.enableTestMode", false);
pref("toolkit.shopping.environment", "prod");
pref("webgl.gl_khr_no_error", false);

==REMOVED, RENAMED or HIDDEN

pref("browser.display.focus_background_color", "#117722");
pref("browser.display.focus_ring_on_anything", false);
pref("browser.display.focus_ring_style", 1);
pref("browser.display.focus_ring_width", 1);
pref("browser.display.focus_text_color", "#ffffff");
pref("browser.display.use_focus_colors", false);
pref("browser.migrate.content-modal.enabled", true);
pref("browser.urlbar.bestMatch.blockingEnabled", true);
pref("browser.urlbar.bestMatch.enabled", false);
pref("browser.urlbar.eventTelemetry.enabled", false);
pref("browser.urlbar.merino.enabled", true);
pref("browser.urlbar.quicksuggest.blockingEnabled", true);
pref("browser.urlbar.quicksuggest.remoteSettings.enabled", true);
pref("browser.urlbar.resultMenu", true);
pref("browser.urlbar.suggest.bestmatch", true);
pref("cookiebanners.bannerClicking.timeout", 3000);
pref("extensions.formautofill.firstTimeUse", true);
pref("gfx.webrender.blob-images", true);
pref("layout.css.computed-style.styles-outside-flat-tree", false);
pref("media.audiograph.single_thread.enabled", true);
pref("media.clockdrift.buffering", 50);
pref("network.http.useragent.forceRVOnly", 109);
pref("network.websocket.auto-follow-http-redirects", false);
pref("privacy.partition.bloburl_per_agent_cluster", false);
pref("security.webauth.webauthn_enable_android_fido2", false);
pref("widget.windows.titlebar-accent.enabled", false);

==CHANGED

pref("browser.newtabpage.activity-stream.discoverystream.config", "{\"api_key_pref\":\"extensions.pocket.oAuthConsumerKey\",\"collapsible\":true,\"enabled\":true}"); // prev: "{\"api_key_pref\":\"extensions.pocket.oAuthConsumerKey\",\"collapsible\":true,\"enabled\":true,\"show_spocs\":false,\"hardcoded_layout\":true,\"layout_endpoint\":\"https://getpocket.cdn.mozilla.net/v3/newtab/layout?version=1&consumer_key=$apiKey&layout_variant=basic\"}"
pref("browser.theme.toolbar-theme", 2); // prev: 1
pref("devtools.performance.recording.features", "[\"js\",\"stackwalk\",\"cpu\",\"screenshots\"]"); // prev: "[\"js\",\"leaf\",\"stackwalk\",\"cpu\",\"screenshots\"]"
pref("devtools.performance.recording.features.remote", "[\"js\",\"stackwalk\",\"cpu\",\"screenshots\",\"java\"]"); // prev: "[\"js\",\"leaf\",\"stackwalk\",\"cpu\",\"screenshots\",\"java\"]"
pref("dom.window.sizeToContent.enabled", false); // prev: true
pref("javascript.options.gc_delay.interslice", 250); // prev: 100
pref("javascript.options.wasm_function_references", true); // prev: false
pref("javascript.options.wasm_gc", true); // prev: false
pref("layout.css.light-dark.enabled", true); // prev: false
pref("network.early-hints.preconnect.enabled", true); // prev: false
pref("pdfjs.enableStampEditor", true); // prev: false
pref("privacy.globalprivacycontrol.functionality.enabled", true); // prev: false
pref("privacy.query_stripping.strip_on_share.enabled", true); // prev: false
pref("security.enterprise_roots.enabled", true); // prev: false
@earthlng
Copy link
Contributor Author

earthlng commented Nov 24, 2023
edited

some bugzilla tickets

  • browser.display.focus_background_color
    Bug 1857915 - Remove about:PreferenceStyleSheet.

  • browser.display.focus_ring_on_anything
    Bug 1857915 - Remove about:PreferenceStyleSheet.

  • browser.display.focus_ring_style
    Bug 1857915 - Remove about:PreferenceStyleSheet.

  • browser.display.focus_ring_width
    Bug 1857915 - Remove about:PreferenceStyleSheet.

  • browser.display.focus_text_color
    Bug 1857915 - Remove about:PreferenceStyleSheet.

  • browser.display.use_focus_colors
    Bug 1857915 - Remove about:PreferenceStyleSheet.

  • browser.migrate.chrome.get_permissions.enabled
    Bug 1818237 - Make it possible to request permission to access Chrome-browser profiles.

  • browser.migrate.content-modal.enabled
    Bug 1855280 - Remove the ability to switch to the old migration wizard.
    Bug 1837009 - Enable variant 2 of the new migration wizard to ride out by default.
    Bug 1821744 - Enable the new migration wizard by default on Nightly.

  • browser.privatebrowsing.resetPBM.enabled
    Bug 1856896 - Enable browser.privatebrowsing.resetPBM.enabled in Nightly.
    Bug 1846498 - Add a restart PBM session button and panel for private windows.

  • browser.privatebrowsing.resetPBM.showConfirmationDialog
    Bug 1846498 - Add a restart PBM session button and panel for private windows.

  • browser.search.newSearchConfig.enabled
    Bug 1855084 - Set up SearchService to be able to switch to a new configuration and schema.

  • browser.shell.checkDefaultPDF
    Bug 1854504 - Add DECLINE_DEFAULT_PDF_HANDLER message action

  • browser.shell.checkDefaultPDF.silencedByUser
    Bug 1854504 - Add DECLINE_DEFAULT_PDF_HANDLER message action

  • browser.shopping.experience2023.ads.exposure
    Bug 1858470 - Record ads exposure counter for opted-in users

  • browser.startup.windowsLaunchOnLogin.disableLaunchOnLoginPrompt
    Bug 1849252 - Added UI components and notification for Firefox launch on Windows login

  • browser.startup.windowsLaunchOnLogin.enabled
    Bug 1843202 - Added Nimbus experiment to Windows autostart on login

  • browser.theme.toolbar-theme
    Bug 1857743 - Default toolbar-theme to 2 on Windows and macOS.

  • browser.theme.windows.accent-color-in-tabs.enabled
    Bug 1857743 - Move system-accent-color-in-tabs pref to the front-end.

  • browser.urlbar.bestMatch.blockingEnabled
    Bug 1857391 - Remove Firefox Suggest "best match" as its own separate feature.
    Bug 1827904 - Enable the result menu by default on all channels.
    Bug 1815889 - Enable quick suggest and best match blocking in Nightly and Earyl Beta.

  • browser.urlbar.bestMatch.enabled
    Bug 1857391 - Remove Firefox Suggest "best match" as its own separate feature.

  • browser.urlbar.eventTelemetry.enabled
    Bug 1853910 - Remove Legacy Event Telemetry Dependencies.

  • browser.urlbar.merino.enabled
    Bug 1858553 - Remove the merinoEnabled Nimbus variable and fallback pref.

  • browser.urlbar.quicksuggest.blockingEnabled
    Bug 1858547 - Remove the quickSuggestBlockingEnabled Nimbus variable and fallback pref.
    Bug 1827904 - Enable the result menu by default on all channels.
    Bug 1815889 - Enable quick suggest and best match blocking in Nightly and Earyl Beta.

  • browser.urlbar.quicksuggest.remoteSettings.enabled
    Bug 1858549 - Remove the quickSuggestRemoteSettingsEnabled Nimbus variable and fallback pref.

  • browser.urlbar.quicksuggest.rustEnabled
    Bug 1854059 - Convert Suggest remote settings component to a BaseFeature.

  • browser.urlbar.resultMenu
    Bug 1827966 - Part 4: Remove resultMenu pref and support for dismiss and help buttons.
    Bug 1827904 - Enable the result menu by default on all channels.
    Bug 1813517 - Add hidden pref for allowing Tab to skip over the menu button.
    Bug 1811870 - Enable urlbar result menu in Nightly.

  • browser.urlbar.suggest.bestmatch
    Bug 1857391 - Remove Firefox Suggest "best match" as its own separate feature.

  • browser.urlbar.suggest.recentsearches
    Bug 1852848 - Implement recent searches provider.

  • browser.urlbar.switchTabs.searchAllContainers
    Bug 1479858 - Added option for UrlBar search open tabs to ignore userContextId.r=mak,dao

  • clipboard.imageAsFile.enabled
    Bug 1854747 - Stop exposing the image data as file to clipboard;

  • cookiebanners.bannerClicking.timeout
    Bug 1855177 - Do not run cookie banner clicking query selectors on every mutation.
    Bug 1812369 - Refactor cookie banner handling clicking timeouts.
    Bug 1783045 - Part 3: Implementing CookieBanner JSWindowActor to handle the cookie banner.

  • cookiebanners.bannerClicking.timeoutAfterDOMContentLoaded
    Bug 1812369 - Refactor cookie banner handling clicking timeouts.

  • cookiebanners.bannerClicking.timeoutAfterLoad
    Bug 1812369 - Refactor cookie banner handling clicking timeouts.

  • cookiebanners.service.enableGlobalRules.subFrames
    Bug 1855178 - Add a pref to disable sub-frame cookie banner rule clicking for global rules.

  • devtools.performance.recording.features
    Bug 1858420: Remove the old "leaf" feature from the profiler features prefs

  • devtools.performance.recording.features.remote
    Bug 1858420: Remove the old "leaf" feature from the profiler features prefs

  • dom.cache.privateBrowsing.enabled
    Bug 1835300: New pref to enable CacheAPI support for PBM.r=dom-storage-reviewers,asuth,janv

  • dom.iframe_lazy_loading.enabled
    Bug 1860057 - Turn dom.iframe_lazy_loading.enabled to nightly only
    Bug 1622090 - Implement loading=lazy for <iframe>

  • dom.security.https_first_schemeless
    Bug 1812192 - Store schemeless address bar loads in loadinfo and upgrade to https with fallback

  • dom.w3c_pointer_events.getcoalescedevents_only_in_securecontext
    Bug 1858434 - Expose getCoalescedEvents only on SecureContext,

  • dom.webgpu.testing.assert-hardware-adapter
    Bug 1853952 - Add a pref to assert that wgpu tests run on hardware.

  • dom.webgpu.workers.enabled
    Bug 1858732 - Allow WebGPU to be enabled on DOM workers via a pref, disabled by default.

  • dom.window.sizeToContent.enabled
    Bug 1855348 - Disable Window.sizeToContent by default.

  • editor.block_inline_check.use_computed_style
    Bug 1851951 - Make HTMLEditor refer computed display instead of the HTML default style at considering block or inline element

  • extensions.formautofill.firstTimeUse
    Bug 1847888 - P1. Remove first time use preference

  • extensions.formautofill.heuristics.interactivityCheckMode
    Bug 1847687 - Enable checking a credit card or address field's focusability by calling Services.focus.elementIsFocusable before autofilling -

  • extensions.script_about_blank_without_permission
    Bug 1853409 - Part 2: Require "all urls" match pattern for top-level match_about_blank

  • gfx.canvas.remote.allow-in-parent
    Bug 1852144 - Disable remote canvas globally in case of unrecoverable error.

  • gfx.canvas.remote.texture-timeout-ms
    Bug 1852145 - Part 3. Make PCanvasManager manage PCanvas.

  • gfx.canvas.remote.worker-threads
    Bug 1852145 - Part 2. Spawn worker threads in CanvasRenderThread.

  • gfx.font_rendering.fallback.unassigned_chars
    Bug 1862182 - Create a pref to allow font fallback for unassigned Unicode codepoints.

  • gfx.video.convert-yuv-to-nv12.image-host-win
    Bug 1857385 - Enable uploading yuv video to NV12 ID3D11Texture2D at WebRenderImageHost on Windows until release
    Bug 1856516 - Enable uploading yuv video to NV12 ID3D11Texture2D at WebRenderImageHost on Windows until early beta
    Bug 1855277 - Add a capability to upload yuv video to NV12 ID3D11Texture2D at WebRenderImageHost on Windows

  • gfx.webrender.blob-images
    Bug 1611626 - Remove gfx.webrender.blob-images.

  • image.mem.max_legal_imgframe_size_kb
    Bug 1853026. Add a pref for fuzzers to limit image size so fuzzing can proceed more quickly.

  • javascript.options.gc_delay.interslice
    Bug 1856574 - Run GC/CC slices before page load only if GC/CC is ongoing, and increase the slice delays,

  • javascript.options.wasm_function_references
    Bug 1845373 - Enable Wasm GC proposal in release.

  • javascript.options.wasm_gc
    Bug 1845373 - Enable Wasm GC proposal in release.

  • layout.css.always_underline_links
    Bug 1858397 - Pref for always underlining links.

  • layout.css.computed-style.styles-outside-flat-tree
    Bug 1851087 - Remove layout.css.computed-style.styles-outside-flat-tree pref

  • layout.css.light-dark.enabled
    Bug 1856999 - Enable light-dark() by default.

  • layout.css.text-wrap-balance.enabled
    Bug 1731541 - Add CSS property text-wrap: auto | stable | balance.

  • layout.css.text-wrap-balance.limit
    Bug 1731541 - Implement text-wrap: balance for nsBlockFrame reflow.

  • layout.css.text-wrap-balance-after-clamp.enabled
    Bug 1855763 - Disable -moz-transform and enable zoom on Nightly.
    Bug 1731541 - When line-clamp is in effect, make text-wrap:balance consider only the lines up to the clamp limit.

  • layout.css.zoom.enabled
    Bug 1855763 - Disable -moz-transform and enable zoom on Nightly.
    Bug 1854441 - Initial zoom property implementation.

  • layout.details.force-block-layout
    Bug 1856374 - Add a pref to stop forcing details elements to be blocks.

  • media.audiograph.single_thread.enabled
    Bug 1859201 hide media.audiograph.single_thread.enabled pref

  • media.clockdrift.buffering
    Bug 1844181 - Remove the media.clockdrift.buffering pref.

  • media.wmf.hevc.enabled
    Bug 1857097 - turn on HEVC decoding by default on Windows Firefox Nightly.
    Bug 1853448 - part4 : modify pref to allow more flexible strategy for enabling HEVC.
    Bug 1849392 - part4 : add HEVC support in the media engine.

  • messaging-system.askForFeedback
    Bug 1858254 - Add a new user pref to control messaging requests for user feedback.

  • network.auth.use_redirect_for_retries
    Bug 1820807 - Enable pref network.auth.use_redirect_for_retries for early beta.
    Bug 1820807 - Open redirected channel for auth retries in OnStopRequest.
    Bug 1820807 - redirect channel for auth retries.
    Bug 1820807: redirect channel for auth retries.

  • network.early-hints.preconnect.enabled
    Bug 1858712 - Enable Early Hints Preconnect

  • network.http.http2.move_to_pending_list_after_network_change
    Bug 1706377 - Always create new connection after network change,

  • network.http.useragent.forceRVOnly
    Bug 1806690 - Remove "rv:109.0" UA workaround for IE11.

  • network.url.strict_protocol_setter
    Bug 1851426 - Add pref to reland protocol setter to be more restrictive.

  • network.websocket.auto-follow-http-redirects
    Bug 1052909 - Remove network.websocket.auto-follow-http-redirects pref

  • pdfjs.enableStampEditor
    Bug 1859806 - Enable pdfjs.enableStampEditor in 120
    Bug 1859365 - Register pdfjs.enableStampEditor with Nimbus
    Bug 1843054 - Enable pdfjs.enableStampEditor on Release
    Bug 1843052 - Enable adding images in a pdf in nightly and early beta

  • print.enabled
    Bug 1854298 - Implement PrintingEnabled policy

  • privacy.fingerprintingProtection.granularOverrides
    Bug 1834274 - Part 2: Implement the FingerprintingWebCompatService.

  • privacy.fingerprintingProtection.WebCompatService.logLevel
    Bug 1834274 - Part 2: Implement the FingerprintingWebCompatService.

  • privacy.globalprivacycontrol.functionality.enabled
    Bug 1830623, part 2 - Add UI in about:preferences for GPC -

  • privacy.globalprivacycontrol.pbmode.enabled
    Bug 1857593 - Enable GPC in Private Browsing Mode by default -

  • privacy.partition.bloburl_per_agent_cluster
    Bug 1851211 - Remove privacy.partition.bloburl_per_agent_cluster pref
    Bug 1854403 - Set privacy.partition.bloburl_per_double_partition_key pref to be true.

  • privacy.query_stripping.strip_on_share.enabled
    Bug 1825584 - Integrate clean copy into QueryStringStripper.

  • privacy.query_stripping.strip_on_share.enableTestMode
    Bug 1842581 - Added tests to ensure functionality of clean copy and modified StripOnShare.json.

  • security.enterprise_roots.enabled
    Bug 1848815 - Add a user-facing setting to enable enterprise roots import, and enable it by default.

  • security.webauth.webauthn_enable_android_fido2
    Bug 1857336 - expose an nsIWebAuthnService on Android.
    Bug 1838526 - Add a CTAP2 capable virtual authenticator for tests.
    Bug 1813982 - XPCOM interface to authenticator-rs.

  • toolkit.shopping.environment
    Bug 1849401 - Allow switching between shopping prod, stage, and test environments via a pref.

  • webgl.gl_khr_no_error
    Bug 1841050 - Disable webgl.gl_khr_no_error on Windows.
    Bug 1841050 - Add pref webgl.gl_khr_no_error:true.

  • widget.windows.titlebar-accent.enabled
    Bug 1857743 - Move system-accent-color-in-tabs pref to the front-end.
    Bug 1843044 - Make titlebar system colors on windows and macOS reflect reality.

@earthlng earthlng pinned this issue Nov 24, 2023
@Dynamic5912
Copy link

Dynamic5912 commented Nov 25, 2023
edited

Will we see the other new features in 120 enabled by ArkenFox?

Namely

Copy Link Without Site Tracking

Global Privacy Control

The cookie banner and URL protection

https://www.mozilla.org/en-US/firefox/120.0/releasenotes/

@Thorin-Oakenpants
Copy link
Contributor

  • Copy Link Without Site Tracking = already enabled
  • Global Privacy Control = the api is enabled, but you have to opt in
    • AF won't be opting you in - it is FPable and (mostly) pointless (IMO) since we already have state partitioning and we sanitize on close (and you should be masking your IP) - also, not sure on who would respect it (legally binding or not) . I say mostly because it may help e.g. on some sites you sign into all the time. We will stick to FF defaults
  • Cookie Banners
    • this is an annoyance, not a privacy issue (we partition and we sanitize)
    • cookiebanners.ui.desktop.enabled enables a UI in about:preferences#privacy
      • user_pref("cookiebanners.service.mode.privateBrowsing", 1); is what is set when I toggle the UI
      • cookiebanners.service.mode is not changed, but I would "guess" this is the settings for all windows
      • there are different settings, auto accept, auto reject etc
    • am happy to just will just let it ride the train with Firefox for now
  • URL Tracking Protection
    • it can ride the train - not adding it

not adding things that are in the midst of being rolled out or still being worked on - less items to maintain, answer questions about, cause breakage, etc

@Thorin-Oakenpants
Copy link
Contributor

What CVEs? This is a threat level that doesn't seem justified, even if there is a threat.

FWIW, it is fingerprintable, but not exactly friendly so super unlikely to be used: when disabled it will instantly return otherwise it only returns when the print dialog is closed (or never, e.g. you close the tab) - the unfriendly scare-away-users part is the print dialog opening. This is a bit like DRM enabled testing, when disabled it will cause an install prompt in FF

@theltalpha
Copy link

FWIW, it is fingerprintable

Hi, please allow a secondary question: How can one discern if a setting is fingerprintable or not? Thanks in advance.

@Thorin-Oakenpants
Copy link
Contributor

How can one discern if a setting is fingerprintable or not

I wrote a big ass long reply and then decided it was way too long. The short answer is you test it

Depending on what it is, you test in different ways, but the first thing you check are properties (and their typeof or value): e.g. window properties, HTMLElement, SVG etc

e.g. here is how I test you are at least v117

if (CanvasRenderingContext2D.prototype.hasOwnProperty("fontStretch")) return 117

now that doesn't have any prefs to turn it on or off, but if it did, that's how you would detect it. After that it you dig a little deeper

You also need to be careful of running things in console vs a page script, and check the scheme (e.g some things require secure context), and often it pays to always close all existing tabs and open a new one between tests, or even restart the session

@theltalpha
Copy link

Thank you very much!

I wrote a big ass long reply and then decided it was way too long.

Maybe you want consider this to become an Appendix to the wiki some day?!

@Thorin-Oakenpants
Copy link
Contributor

Thorin-Oakenpants commented Dec 2, 2023
edited

I will be writing some docs/parts-of-docs/blogs for Tor Browser on a bunch of FPing issues - sort of an intro and over-arching viewpoint, how we analyze it, how we mitigate it (strategies), and how to not fucking use online tests to check entropy

I had planned for ages to setup an arkenfox/blog where I could post things - e.g. how you can't hide your engine etc and FPing basics, so I wouldn't have to keep repeating myself - and in the last big wiki revamp about 2 years ago https://github.com/arkenfox/user.js/wiki/Appendix-B-Test-Sites-[Fingerprinting]#-foreword was going to point to that if I got around to it - but at the time I just settled for "not interested in discussing it" note in the wiki and I try to avoid the topic like the plague here

but now I'm part of Tor Project core .. and the last two meetups (april, oct) not only has FPing documentation been brought up, but also revamping the entire TB document (it's so out of date, e.g. flash, ftp, etc) so that's getting done. Also with Mullvad Browser now on board, we feel there is a need for some articles/docs/lesarn_mores (even a built in interface for FP checks) etc - dumbed down for lack of better words, simple etc to explain some things - in fact, much bigger than that - a guide with expandable sections if you wish to dive a little deeper

and I've been designated - so as much as I've been putting it off for 3 or more years, I'll have to start doing it - and peer reviewed of course

@Thorin-Oakenpants Thorin-Oakenpants unpinned this issue Dec 23, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
diffs enhancement task
Milestone
No milestone
Development

No branches or pull requests
4 participants
@theltalpha @Thorin-Oakenpants @earthlng @Dynamic5912