> Plainly false. You can minimize the number of bits of entropy in the
fingerprint even in situations where a couple of bits are unavoidable,
A single API may just yield a couple of bits, but it adds up when there
are hundreds of APIs, with new ones introduced every week. And you don't
need that many bits to uniquely identify someone.
But sure, leaking a few bits here and there might as well be unavoidable
when two of the three major browser vendors are ad companies and
preventing it isn't a priority. (See the saga about Google and 3rd-party
cookies.)
> and you can mitigate fingerprinting methods by detection and/or
blocking. Browsers do this today.
You can mitigate a finite set of fingerprinting methods that you know
of. It becomes exponentially harder with every new tracking vector that
is enabled by default, especially when the expectation is that things
Just Work.
(For example, blocking canvas readout breaks canvas-based image resizing
on lots of websites that use the first result from stackoverflow.)
> The web is crucial as the only free platform for distributing software
to a huge chunk of consumer devices. Apple would love to strengthen
their iOS app distribution monopoly by forbidding sophisticated web
apps. That's why they have dragged their feet implementing more advanced
web standards and limited their capabilities when they do implement them
(for example making fullscreen mode unusable for games).
Respectfully, I don't see a pressing need to solve the issue of "you
don't own Apple devices you pay for" by stuffing every possible API
under the sun into the browser.
Besides, I'm not advocating against sophisticated web apps; I just wish
browsers applied the principle of least privilege when adding features
ripe for abuse. e.g. maybe I would allow GPU access for a web-based 3D
game whose developer I trust, but not some random blog that will use it
to either fingerprint me or run a cryptominer.
This is a pet peeve of mine. I haven't seen a sane take on this anywhere. Getting rid of 3rd party cookies to prevent tracking has been a priority for Google for many years. Everyone thinks they haven't done it because they hate privacy or something; nothing could be further from the truth. They have been blocked on disabling 3rd party cookies because of antitrust concerns coming from other ad companies who object to being blocked from tracking users.
Antitrust concerns which wouldn't have had any weight if not for yet
another tracking mechanism that Google had intended to add in place of
third party cookies.[0]
It's not because Google "hates privacy", it's because Google operates
to generate profit, and it does so from targeted advertising.
See, you have it backwards. It's exactly the opposite. FLoC etc were designed to mitigate the antitrust concerns by replacing 3rd party cookie tracking for the other ad companies, allowing 3rd party cookie deprecation to proceed. By blocking FLoC, activists made it impossible for Google to deprecate 3rd party cookies in Chrome, as that would guarantee a loss in antitrust court.
Google themselves never needed FLoC for their own ads business. Their search and video ad businesses don't need 3rd party tracking to be successful. Google has the most first party data; users literally tell Google their intent directly by typing it into the search box. Advertising on 3rd party sites is a small minority of Google's revenue, and the part of that attributable to cross site tracking is even smaller.
But Google had to provide something to replace cookie tracking for the other ad companies that don't have the first party data Google has. Those ad companies rely on 3rd party cookies to compete with Google. If Google blocked 3rd party cookies in Chrome with no replacement they would instantly be sued for leveraging their browser market share to kill their competition in the ads market, and they would lose big.
A single API may just yield a couple of bits, but it adds up when there are hundreds of APIs, with new ones introduced every week. And you don't need that many bits to uniquely identify someone.
But sure, leaking a few bits here and there might as well be unavoidable when two of the three major browser vendors are ad companies and preventing it isn't a priority. (See the saga about Google and 3rd-party cookies.)
> and you can mitigate fingerprinting methods by detection and/or blocking. Browsers do this today.
You can mitigate a finite set of fingerprinting methods that you know of. It becomes exponentially harder with every new tracking vector that is enabled by default, especially when the expectation is that things Just Work.
(For example, blocking canvas readout breaks canvas-based image resizing on lots of websites that use the first result from stackoverflow.)
> The web is crucial as the only free platform for distributing software to a huge chunk of consumer devices. Apple would love to strengthen their iOS app distribution monopoly by forbidding sophisticated web apps. That's why they have dragged their feet implementing more advanced web standards and limited their capabilities when they do implement them (for example making fullscreen mode unusable for games).
Respectfully, I don't see a pressing need to solve the issue of "you don't own Apple devices you pay for" by stuffing every possible API under the sun into the browser.
Besides, I'm not advocating against sophisticated web apps; I just wish browsers applied the principle of least privilege when adding features ripe for abuse. e.g. maybe I would allow GPU access for a web-based 3D game whose developer I trust, but not some random blog that will use it to either fingerprint me or run a cryptominer.