Blocking plugin enumeration is major plus
Preventing websites from being able to enumerate plugins denies malicious "browser fingerprinters" a key piece of information used to track you even after you toss your cookies and your Flash cookies. I've taken to keeping all plugins disabled and turning them on only to actually use them to limit fingerprintablity. I will test this against Panoptickick when Firefox 29 has been out long enough to prevent the useragent from coming up as rare.
This means plugins should still be disabled except when actually used
Thanks for the update. There are certain other considerations in masking a browser: First of all, if you use the common tactic of having a browser report it is running under Windows, be sure not to allow ANY plugins and not to use Gstreamer for HTML5 video playback unless Firefox does not report how it plays back HTML5. I do not know if Firefox will identify the backend used for HTML5 playback right now, so I let it report that it is running under Linux. Torbrowser reports itself as Windows, the useragent comes up as matching that of one in 155 browsers. Firefox on Ubuntu by default comes up with a useragent string matching one in 885, still not very unique by itself, but there's a lot more information to worry about. Plugins, fonts, and HTTP accept headers are the worst culprits.
Originally Posted by Spittie
Fonts are greatly reduced as a fingerprintable item when Java is not installed and Flash is kept disabled until it has to be used.