> "bots". Not web browsers running Javascript, processing cookies, and so on
even the simplest bots nowadays can run Javascript and process cookies. What's much harder for a bot (or some other actor that has been doing shady things across many websites) to uniquely fake are things like the graphics card (WebGL Vendor & Renderer), audio and other hardware, which gets queried during fingerprinting.
Full fingerprinting is relatively expensive, so it originally was used by fintechs to combat fraudulent/automated signups, but with the third-party cookie situation it might be already economical to track regular users for ads/retargeting.
even the simplest bots nowadays can run Javascript and process cookies. What's much harder for a bot (or some other actor that has been doing shady things across many websites) to uniquely fake are things like the graphics card (WebGL Vendor & Renderer), audio and other hardware, which gets queried during fingerprinting.
Full fingerprinting is relatively expensive, so it originally was used by fintechs to combat fraudulent/automated signups, but with the third-party cookie situation it might be already economical to track regular users for ads/retargeting.