-
-
Notifications
You must be signed in to change notification settings - Fork 385
📝 Correction | privacy.trackingprotection.enabled makes the browser send the DNT header #2414
Comments
I don't see the issue. Most users will have tracking protection and DNT enabled by now. |
They don't, most browsers don't have it enabled by default, including chrome, ungoogled-chromium, firefox, brave and bromite. Which means that only the few that enabled it manually are actually sending DNT, which makes fingerprinting much easier. And websites simply don't respect the DNT header, which is why it's being deprecated |
Can you please set ETP to Strict (without setting DNT to always) and test if the header is sent? PTIO is moving in the direction of just setting ETP to strict without tweaking from about:config. And it would be interesting to know if then DNT is sent. |
Yeah, setting ETP to Strict both firefox desktop and mobile send DNT. Using every other tweak privacytools suggests except |
Yeah so you will be in the pool of all people that have strict mode on. As long as you do not modify anything else I do not see the issue. I think Firefox purposefully does this so that more people with have DNT and therefore you won't stand out. |
Exactly, you'll be in the small pool of people who use firefox, and in that pool you will be in the section of those who set strict ETP on. That's excactly why it makes fingerprinting easier. And since nobody uses it for its purpose, it can be used to target those who care for their privacy, so they can advertise VPNs and tech-related stuff |
Description
I have noticed that setting
privacy.trackingprotection.enabled
totrue
makes the browser send DNT to every website. While this was theoretically a nice improvement when it was created, now it's not used by almost any website and insted helps tracking a lot, since very few browsers send this header.Why I am making the suggestion
This feature is counterproductive to users' privacy
My connection with the software
I use firefox daily and I noticed the header sent to every website
The text was updated successfully, but these errors were encountered: