Considering the development model used by most modern web browsers, I'm pretty certain those who do this type of fingerprinting in the real world will long ago have adjusted their matching algorithms to be aware of this. I doubt they even care if they get a fully unique fingerprint, they probably just define some percentage of matching as being "close enough to a likely match" to report you as being someone they have seen before.

Just mentioning this lest anyone get the wrong idea that setting your browser to update frequently might be a defense.

Identity matching algorithms use a fuzzy match to identify users because the only way to get an exact match is with by storing an identifier on the user's machine, or in memory for the duration of the browsing session. A lot of factors can change and it may not significantly alter the weight of the match.

One of the most effective methods of fingerprinting people is to enumerate the fonts they have installed on their machines (via flash). You don't even need the browser version number to uniquely identify most - the only solution is to disable flash.

As chrome sandboxes flash, I wonder how much hassle it would be to only allow a small subset of fonts through?

Most browsers have "run plugins on click" options, very useful in general.