I'm looking at ways to potentially reduce tracking via browser fingerprints. https://panopticlick.eff.org/ When I go to that url in CentOS FireFox - my browser is very distinct. For me I believe this is largely caused by gstreamer. I run a modern gstreamer, not the CentOS packages gstreamer. My modern gstreamer also includes a lot of the patent-encumbered codecs, and on that eff project page, I can see them being reported by the GStreamer plugin as supported, making my firefox very unique and subject to tracking via browser fingerprint. I'm not sure there is anything I can do about that, other than going back to stock gstreamer which I can't do because I need gstreamer support for some codecs not supported by stock CentOS gstreamer. I think for anything that is a plugin, I think the browser should ask the user. That would make browser fingerprinting more difficult. One of the plugins though that is detected is from rhythmbox. I didn't even know there was a rhytmbox plugin for firefox. /usr/lib64/mozilla/plugins/librhythmbox-itms-detection-plugin.so It is part of the core rhythmbox package. I certainly have no need for it, and I doubt very many people do. It seems to me that maybe that plugin should be part of a sub-package to rhythmbox rather than rhythmbox itself, strictly from a security perspective so that if there is an exploitable bug in it, it will only be a vector for those who actually want that plugin. Does anyone actually use that plugin for anything? Maybe it should just be removed from the Fedora / RHEL / CentOS world.