[lillywastaken]

This is generally the case imo. Installing hardening tweaks/extensions/... to make yourself "more secure" and "more private" often just ends in increasing the viable attack surface and making yourself more identifiable (because such extensions/settings are very uncommon)

[Beldin]

In this case, it only toggles settings already baked in to the original software. That should not increase your attack surface unless the settings are poorly tested.

Moreover, it would not decrease your privacy unless:

1. The number of people messing with the setting is very small, AND

2. The default for the setting gives you at least as much privacy as flipping it does.

The second point is not often the case. For example, turning off WebGL provides 1 bit of info ("turned off WebGL"). Leaving WebGL on allows a website to measure your WebGL setup, which is typically far more revealing. Not everyone uses the same GPU hardware and screen, after all.

In general, flipping a setting to off reveals 1 bit of information - but it might indeed be 1 bit that few others know of, thereby reducing your anonymity group in that respect. Leaving a setting on allows a website to probe you further and find out things related to the setting.

See for example amIunique.org -- it tests 4 WebGL parameters, which, for me, have a similarity ratio of 1.17%, 0.94%, 2.68%, and 0.53%. Those are quite horrible numbers and would likely identify me uniquely unless they almost completely overlap.

[autoexec]

It's okay to have a unique fingerprint when it changes all the time. It's far better to always show up as someone new than to try to blend in with the crowd and pray that none of the countless and ever-changing ways to ID you individually doesn't give you away.