I wrote a fairly long comment touching on why most browser and extension privacy features are just theatre and in reality tend to reduce privacy:
reddit.com/r/GrapheneOS/c
Services like Panopticlick are also incredibly misleading. Their approach is flawed and the data is tainted.
Conversation
Also gave a shout out to Apple for shipping some genuinely useful privacy features in Safari. There are not many attempts at browser privacy features that I can say that about. It's nearly all privacy theatre. Safari does that too, but they shipped a few genuinely good features.
1
3
In general, extensions reduce privacy. Changing site-visible settings reduces privacy. Deviating from standard content filtering lists reduces privacy. If you use uBlock Origin and you deviate from the standard filters, that can be detected. Sites can enumerate what is blocked.
3
6
Replying to
Do routes set in a machine's HOSTS config get detected similarly to an element block?
1
Replying to
Sure, the site can iterate through a list of domains and see if access to them is blocked. It's similar to running through a list of known fonts as part of detecting them. Once they have a way to differentiate, they just need to run through a list to obtain a fingerprint from it.