These sorts of features are added to JS because they enhance user interaction. The audio API is an obvious example, and one of the big reasons canvas is used is that it has good 2d performance and lets you draw arbitrary stuff easily - good for game. You can't decouple this from the hardware; audio will need to go through the sound card and removing GPU acceleration from canvas kills it. The only thing that can be done is slightly fuzzing inputs the program collects (the saved PNG or the listened audio) - but this again interferes with real use cases, such as web audio editors and image editors, where this method forces lossy editing and importing.
Already I have to use another browser to use games or other 3D content because I have WebGL disabled in Firefox, and for 2d stuff the resistFingerprinting option reduces timer accuracy, which messes with game loop timing and makes the game totally unplayable. Making audio and video even harder to use is not good.
The only solution is to not allow this stuff to happen in the first place by using a permissions system. Adding more permissions popups is bad, so permission needs to be implicitly allowed by the user. Autoplay is a good example of this, calls to play() are blocked unless the call is being made in response to a click handler. Permissions for really recording audio/video through a webcam/mic also work well.
> You can't decouple this from the hardware; audio will need to go through the sound card and removing GPU acceleration from canvas kills it.
What you can do is require that the hardware produce bit-identical output for given input no matter how it's actually implemented, a bit like how HTML5 exactly defines rendering for any stream of input characters nowadays. Sure, this level of exactness might impose a performance cost, but it would improve privacy.
OTOH, you still have timing fingerprinting, so maybe you just can't win.
I'd like properly anonymous stuff as well, but I agree and understand you argument. Given the performance hit we'd need to take to accomplish that's it'd be almost akin to paying a tax or protection fee in terms of cycles to avoid compromise - "It'd be a real shame if someone fingerprinted you..."
It's part of the reason why I get excited about toolkits like unity that remove the direct hardware interaction, but so far the limitations they impose always have come with serious costs as well.
It's an arms race, and the problem is that there are two groups of "bad guys."
One group of "bad guys" are the ones who want to track what you're doing even after you've cleared your cookies or track you across different domains or different apps. I would argue that this group is the smaller group, but browsers have been taking actions to make their jobs harder, including the "Facebook fence" that Firefox implemented.
There's a second group, which is the cybercriminals (or maybe just grey-market). Think Russian bot farms and purchase fraud bots, but also the guys who sell clicks and followers and rankings, and the ticketmaster bots and black friday bots and such. Those guys do their business by creating thousands or millions of fake accounts, and then funneling their transactions through them. They generally use scripts and cloud farms (sometimes even physical device farms). So app makers and websites need a way to detect when they're being attacked by one of those guys, and the way they do it, is more and more, through fingerprinting.
So every step browser and OS makers take to make the first group of "bad guys" jobs harder also makes the second group of "bad guys" jobs easier, because it makes it easier for them to pretend to be legitimate users.
Haha, true. If Sundar ever decided to screw somebody and was willing to use all of Google's data without any care of the legal ramifications, that person would be broke and homeless within the hour. For a lot of people, probably in jail within a couple of days.
That's why I consider Google, FB, and these other surveillance-capitalists data-Superfund sites.
There are massive amounts of jail sentences, international incidents (probably including potential wars), murders, divorces, and destroyed relationships in those silos just waiting to come out.
Like a VM or a container to launch a browser. A canvas fingerprint needs to be different everytime it's calculated.