[SideQuark]

Different browsers will leak different data from this (and subsequent) methods. And so what if there are some easier things one can gather; fingerprinting relies on gathering many things. You claim it needs a "large number of statistically unique" items, which is wrong. One statistically unique item is enough, but that's hard.

What is actually used is enough (not large, not small, not one usually... just enough) items with some spread in statistics such that one gathers enough such things so they can conclude to some level of certainty the device is uniquely determined.

Thus any new piece of data that provides any amount of device discrimination is useful. This new method fits the bill. And it will open the door to much more advanced attacks, as all new attacks do.

[slashdev]

I don’t think you really know what you’re talking about. This won’t be used for fingerprinting. There are easier ways.

[SideQuark]

Having done both fingerprinting and anti- fingerprinting tech for DoD work I'm quite confident I know what I'm talking about.

Easier ways, i.e., more well known, are also more commonly spoofed, blocked, faked, or mitigated by all major intelligence agencies and large sections of industry. New methods are always welcome, and they too will eventually become less useful as mitigations and defenses are developed. It's an arms race, and you're happy to throw rocks at people in T-shirts when professionals have moved on to more sophisticated weapons and armor.

Feel free to address the content of the message once you have actual facts. To help you get some I'd recommend reading a few recent papers from https://scholar.google.com/scholar?hl=en&as_sdt=0%2C15&q=bro...