resistFingerprinting signature (UTC + letterboxed window + 2-core, all at once)
br.rfp_browser ·
browserlayer
environmentcategory
What it catches
Tor design: RFP forces UTC, letterboxes to 200x100, clamps hardwareConcurrency to 2 (conjunction required — each alone is common). Identifies a privacy browser = elevated risk, NOT a bot conviction (Tor/Mullvad/RFP-Firefox users are HUMAN). v0.73.4: category corrected artifact->ENVIRONMENT to match that intent — RFP is a privacy feature, not a bot signature, so it must only CORROBORATE (cap at suspicious), never convict. Previously its artifact category let a real Tor user noisy-or rfp_browser + the RFP-blocked canvas to bot. Paired with the detector.applicability N/A that drops the privacy-browser farbling artifacts (canvas_noise/audio_noise) for an RFP session.
Signals it reads
browser.rfp_browser
How it fires
present