This is not sustainable and fingerprinting is just one side of this whole fragmented mess we're in. Browsers should present very few fingerprintable attributes by default. By now I'm convinced user-preferred languages is the only really defensible header. Everything else? Ask for permission.
The way we're doing capability permissions on the web (to the extent browsers do it at all) is just broken. A barrage of piecemeal modal dialog boxes is not the way forward. It needs to be drastically simplified. A website should be treated exactly like any other kind of app: if it needs to use extended features, it should put that into a manifest so the browser can provide a specific list of items for the user to approve or reject.
If none of these permissions are given, sites should be extremely restricted in what they can do, including cookies and localStorage.
Let's get rid of UserAgent and codec compatibility headers. Especially UserAgent is already useless and both should be replaced entirely by an improved feature detection system.
There are only 3 major browser vendors left. They could fix this within months. This is not a technology problem, it's a question of will and ad revenue.
The way we're doing capability permissions on the web (to the extent browsers do it at all) is just broken. A barrage of piecemeal modal dialog boxes is not the way forward. It needs to be drastically simplified. A website should be treated exactly like any other kind of app: if it needs to use extended features, it should put that into a manifest so the browser can provide a specific list of items for the user to approve or reject.
If none of these permissions are given, sites should be extremely restricted in what they can do, including cookies and localStorage.
Let's get rid of UserAgent and codec compatibility headers. Especially UserAgent is already useless and both should be replaced entirely by an improved feature detection system.
There are only 3 major browser vendors left. They could fix this within months. This is not a technology problem, it's a question of will and ad revenue.