If there is a good way to control this (FF does a much better job -- could be tied to plugins and such tho), one could further reduce the number of identifying bits.
Chrome seems to do better (less unique) in both Hash of canvas fingerprint and Hash of WebGL fingerprint. I've summarized the main differences I see below, seems like combining the best of Chrome w/ the best of FF would result in even better privacy:
Edit: I think Chrome's HTTP_ACCEPT Headers is like that because I've installed/enabled many languages in it for l10n testing. I'm removing them now, which should make Chrome get a better score than FF.
FWIW, I've not taken the number quoted by the website ("at least x bits", which appears to be the maximum of the per-characteristic numbers, which sort of assumes that the characteristics are fully dependent (such that knowing further characteristics does not tell you anything beyond that one maximally informative characteristic)), but the sum of the per-characteristic numbers (which sort of makes the opposite assumption that the characteristics are fully independent, and knowing all the other characteristics does not reduce the information added by any one characteristic).
In my experience the biggest entropy generator with browser fingerprinting in system fonts. I ran Panopticlick against both my Firefox browser instance (running Ghostery, uBlock Origin, and Privacy Badger) against a Chromium instance running no plugins and both cases yielded 17 bits from browser fingerprinting. It makes me curious whether system fonts are a major source of privacy leakage.
What do you mean by 'secure'? I just ran panopticlick in a fresh installation of Chrome on Windows in incognito mode. It returned a near-unique fingerprint with >14 bits of estimated entropy.
Of course, that makes total sense, because many of the factors that can identify your system have little to do with the browser, but are determined by the underlying system: fonts, display, date/time information, graphics fingerprints, etc.
