[jacquesm]

Panopticlick is thrown off course but that's just because they don't actually try to track you persistently. Any party that does want to track you will use many more channels than just the UA and will happily re-acquire you if all you just did was upgrade your browser.

If you:

- upgrade your browser

- switch to a new IP

- wipe all your cookies

- change your browsing habits dramatically

(don't visit the same 10 websites over and over again)

Then maybe you could avoid re-acquisition.

[MichaelGG]

Panopticlick does use several methods. But, by far, the biggest thing is the UA (and most likely measured incorrectly as I explained). I'd bet using a popular OS/browser probably only leaks like 4 bits' worth. The next highest thing is resolution, but only because I tried it on a phone with unusual settings (Huawei Mate 2 with scaling).

IP address is a big one, but if browsers respected your explicit proxy settings instead of ignoring it for WebRTC, then changing it is easy. History, supercookies, and other stuff is taken care of by private mode, or, at worst, wiping out all browser info (private mode doesn't clear HSTS).

My point is that all is not lost, that supercookies are not a given. Thus saying WebRTC gets a free pass because things are already broken is simply wrong and a misleading argument to push data channels in where they don't belong.