Breaking (shitty and user-hostile) websites by default is still a lot better than ignoring your privacy preferences and trying to psychologically manipulate you by default.

privacy.resistFingerprinting is something I had to set to false in my user.js, but I had my own user.js with my own privacy settings anyway. The rest of the settings it provides are very good for a default though.