Device fingerprinting is one of the biggest privacy problems as explained because people think cleaning cookies, using proxy servers or blocking domains can protect them (when blacklisted trackers simply ask a whitelisted tracker to iframe their code from a new domain).
Tor might fix the problem but it isn't practical because 99% of people don't use Tor and Tor users don't use it for 99% of their online activity, maybe because of security concerns about exist node for HTTP traffic, heavy attacks against Tor network from nosy governments, or just speed problem. We need a solution for normal web browsers.
Disabling javascript may prevent some data leakage but we can't do that because most websites won't work properly without javascript. Even without javascript we have unique fingerprints because 99% of users don't disable it (even Noscript whitelisted google.com and several other tracker by default, and Noscript only has 2 million user compared to billions of internet users).
For example: Alice searches "abc" with her real fingerprint. later she trying search "xyz" but anonymously (VM+proxy+remove cookies+block javascript/flash/java). Since 99% of people have javascript with a unique fingerprint, by disabling it and using a blank fingerprint Alice tells the search engine provider they can analysis just 1% of their users. if "xyz" has unique patterns, (e.g grammar mistakes, rare queries etc) the search provider can relate it to Alice when she took all steps to protect her identity but failed because other people didn't. i think the only way is putting ourselves into 99% category.
My questions:
is there any software to add/remove/change parameters naturally with one click? (if ThreatMetrix's claim is true about CPU clock time differentials to create perfect fingerprints and detect any proxy or how far our PC is located from server then i guess no software can help.)
When Firefox is open source is there any patch to make one-time NP-complete natural fingerprint in private browsing mode and became haystack ?
or we have to wait several more years for no reason?