It's actually quite hard to fake fingerprints thoroughly and coherently. There's a whole bunch of different Javascript API's a website can use to obtain fingerprintable data through, and some API's are browser specific or sometimes something simple, like the order of the objects returned, may be browser specific and give you away.

If you were to spoof coherently, you'd need to ensure that you can defend against all (most) of the attacks that attempt to verify your browser. This would require all kinds of astute manipulations to forge a fingerprint that can't be detected by the server, particularly if your running a different browser than the one you say you are (for example, your on FF but say IE).

Complete randomization has it's limits too, particularly if your randomly spoofing attributes. You can exhibit a new fingerprint easily, but is that fingerprint coherent (e.g., user agent is in accord with some other attribute, no Chrome API's in your spoofed Firefox browser)? Some sites probably won't care, most may not even check, but fingerprints could be used as an additional security mechanism (e.g., for banks). If the site doubts that you are who you say you are, then they may decide to deny access or require further authentication. Such mechanisms could be helpful against projects like FraudFox.

In either case, just because the site knows you are spoofing doesn't mean they know the truth nor that they can fingerprint enough attributes to track you over time.

Plug: We worked on a small prototype that, instead of spoofing, randomly assembled components and generated unique environments using Virtualbox, we also have a docker version that is lighter now. Here's our paper. https://hal.inria.fr/hal-01121...

We think it's more flexible than Tor since instead of attempting to construct one fingerprint, a user can have trillions. Also, we don't improse any specific browser or version, giving users more choice. Tor however addresses other concerns too that our small project didn't look at (e.g., IP address).

Actually there are commercial fingerprinting services. The Cookieless Monster does a good job at analyzing them. Many sites like Google, Twitter, Facebook and others mention the colleciton of "device information" in their privacy policies too.

We had to start somewhere. Mostly geeks go to the site anyway, so the data is skewed towards them.

It started as a small project to understand fingerprinting.So far it's been quite successful for our research purposes :)

It's just a site that collects stats and then shows them. It also implements other fingerprinting techniques that other sites do not. How is this unscientific or fear mongering?

As said before, we needed to start somewhere, right? It seems people have taken unexpected interest in the site. We'll be improving it little by little.

Besides, as others have said, panopticlick paints a far worse picture with more data. Now consider that they fingerprint less attributes than amiunique.

Disclaimer: my colleagues and I work on, among other things related to fingerprinting, amiunique.org

You're spot on, that's exactly what it says.

We're looking into putting in a recommendation system to help users improve their anonymity.

It's sufficient for us to do quite a bit of analyses on the data and to possibly implement and provide the recommendation system. The data is however highly skewed towards geeks and towards user's in France (a.k.a french geeks!).

Disclaimer: a couple of colleagues and I created amiunique.org to get some data to understand fingerprinting better. It's a small student project but we feel there's potential. We were not ready for so many people to take an interest :)

Yes, recommending what to do to improve anonymity is one of our next possible steps, but to do so you need to have data to know what to recommend, hence the site. We're looking into a recommendation system for future work.

P.S. I worked a little bit amiunique.org

Sites recover the plugin list to see if you support whatever content they want to send you. If you don't have a certain plugin the site can fallback to some other way of displaying the information or it can refuse to do anything. For example, trying Flash to diplay a video then falling back to html5.

Is it useful ?
Somewhat, albeit less and less with html5. Also, there's many plugins sites don't need to know about, as for example a pdf plugin. Some plugins should be totally transparent because they don't interact with the site.

Is it bad for anonymity? Yes, it's terrible.