How to disable JavaScript in PDF documents in Firefox | #firefox | #chrome | #microsoftedge

@”Anonymous” * [Editor: removed]

> Where would user agent sniffing come in at: surely every single script would check that?

Even non-fingerprinting scripts check that, which is why I didn’t explicitly include it. Every fucking website checks that. Use your brain, yes, how about you set an example here for once.

> A metric is a metric.

Yes, some with more entropy, some with less, which is why some get checked more often, and some less. Some scripts also check many to get a more complete picture. Is this the fingerprinting ABC, or?

> You protect them all.

Nobody does that, complete bullshit.

> which is clearly why Brave pissed around with audio with very low entropy, and ignored fonts (and other metrics) with very high entropy

Oh, so you are again pissing on fingerprinting defenses that are still in their infancy? Great, I am sure FF got it right in its first year, hell, its first month. Oh wait…

> A naive script is fooled by randomness. Firefox’s RFP includes randomness. You know this (after having been told a dozen times) and even finally admitted that RFP alone is effective at defeating naive fingerprinting (after screaming hundreds of times that it isn’t).

You are claiming that FRP also beats advanced scripts which is bollocks, only Tor does that because there is a crowd to hide in. Those piss poor user.js scripts provide you with no crowd. Yet you are still claiming that those scripts do anything, which is somewhat between dumb and dangerous. General use browsers can likely only beat naive scripts. I don’t dispute that. Web compatibility is a great limiting factor here.

Firefox doesn’t beat naive scripts as long as WebGL leaks, by the way. Prove me wrong, naive scripts DO check for that. Providing no value for WebGL fixes exactly nothing.

> With advanced scripts, Brave is completely fucked.

So is Firefox. RFP can’t defeat advanced scripts. Firefox likely can’t even defeat naive scripts because of the WebGL leak.

> canvas protection can be totally bypassed and this was the first thing they did: doesn’t inspire any confidence

Will be fixed, you expect Brave to achieve perfection in like, the first month, while giving Firefox a pass for WebGL leaks after years and years of development. LOL, you utter hypocrite.

> audio can be totally bypassed: Brave *knew* this and still choose to implement it, because they only care about naive scripts

They also care about web compatibility concerns, which is why they implemented it in the way they’ve implemented it. Brave is a general use browser. (So is Firefox, it too fails against advanced scripts, but hey, ignorance is bliss…)

> some randomness is a joke: stripping out leading, trailing and double spaces in userAgent, how amateur and pathetic

I know that you don’t care about breakage, but you know, web compatibility concerns are a thing for a general use browser that is not Tor.

> nothing has been done for screen, device pixel ratio, fonts, timezone, languages, and dozens and dozens and dozens more

Perfection in their first year, giving Firefox a pass for certain leaks even after years of development etc. Same old story all over again. Why do you think that Brave Software calls the FP defenses a work in progress?

> which at a bare minimum (naive scripts) is the equivalent of Brave, you look at your own fucking beloved shilled product

The problem is not me, the problem is you, because you claim that RFP can defeat advanced scripts (it can’t), berate Brave for doing the sensible thing which is to try and beat naive scripts, while not giving two shits about web compatibility (which is the reason advanced scripts aren’t tackled by Brave). It’s always the same old, tiring story with you.

> At least Firefox implement protections that aren’t bypassed, and understand what the fuck is going on.

Fix the WebGL and extension ID leak and then we’ll talk.

> Like the proper solution for audio which is already known.

Web compat is a thing, you know. Firefox’s solutions, copied from Tor, have no place in a general use browsers. The alu hat community enabling RFP because some idiotic user.js tells them to are easy prey for advanced scripts (“advanced” here apparently meaning scripts that check for WebGL, lol).

Listen, nothing you say will convince me or any other sane person to sacrifice web compatibility, performance, overall security by switching to the dying product Firefox. You see, FF’s RFP won’t beat advanced scripts, there is no crowd to hide in. That’s what Tor is for. For naive scripts alone (most of which are likely already blocked by any adblocker), I won’t switch to a browser that is inferior in so many areas. I also don’t buy into your bullshit scare claims that the things Brave doesn’t cover YET will never be tackled. What you say is not convincing in the slightest. Just move on and attend to other matters, I am sure the dwindling Firefox bubble will gladly be listening to you.

Original Source by [author_name]

Leave a Reply

Your email address will not be published.

thirty nine − = 35