[ZiiS]

You can't go out in public naked and just ask everyone to look away. If you want someone you don't trust to run unvetted general purpose code on your machine you have to accept that you are trading away some privacy. You can sandbox them (wear cloths) but that doesn't give you strict privacy.

[danlitt]

I do wear clothes (all JS code runs in a sandbox).

This is a bit like saying "you should lock the door to your house" and therefore refusing to prosecute someone who steals from a house with a broken window frame. I did lock my door, and it's still a crime regardless!

[ZiiS]

I did not mean to excuse Firefox leaking this identifier or suggest we shouldn't strive to be as secure as possible. I just took issue with the blanket statement "should not have to choose". As well as making the Browser as secure as possible we also have to chose to limit functionality.

[stackghost]

It's not a binary situation. Lots of fingerprinting is based on e.g. audio or canvas rendering quirks. Browsers should be obfuscating that shit.

[ZiiS]

100% we should ensure that Browser's restrict fingerprinting as much as posible. I certainly set my Firefox to have many inconviniencies to reduce the fingerprint. I am just saying this is an engineering compromise and the tradeoff will be different for different people. Wishing we can have our cake and eat it dosn't help; you do have to choose between privacy and functionality.