Feedback about "privacy.resistFingerprinting.spoofOsInUserAgentHeader" to false by default changes.

I just found that changes by chance. I've read a lot of articles, MR, issue threads about the changes on Gitlab. and I would like to give my feedback.

I think it's great to having an option allowing user to disable OS spoofing in User-Agent. But I still think that change the option to true by default might be a bad idea. since firefox(-esr) doesn't seems to adopting the change for RFP feature. and I agreed you can't hide OS info from active fingerprinting. but such change will make users in safest mode more distinguishable in case of passive fingerprinting and logging analysis. e.g., in case of server seizures, those request header logs might be compromised to the adversary and can lead reducing of users anonymity.

I think @thorin's proposal might be the best solution that balance between usability/compatibility (mullvad-browser#234 (closed)#note_2938920). Cause people using safest mode usually have threat model that care less about usability/compatibility. since disable JS can breaking most of websites.