It seems like rather than adding a random amount to each sample (which lets them compute a mean by recreating the same audio and extracting out the differences), Safari could instead add randomness that is based on a key that rotates every hour. (Function of audio sample and key, so the noise would be the same in a given session, but useless for tracking an hour later).
If you averaged together ten such samples, you'd get something that approaches the true values from the device. The more samples you have, the closer it would get.
Fixing this would require removing the information leak entirely, not just masking it under a layer of random deviations.
The grandparent post accounted for exactly that criticism. By having the source of randomness fixed for a limited time period, a fingerprinting algorithm wouldn't be able to gather enough unique samples for averaging to be useful. And given the extremely fine differences in the floating point numbers, any injected noise would so overwhelm the data that you'd need hundreds, perhaps thousands of samples in order for averaging to be useful.
Wouldn’t it help if the noise added were deterministic based on origin? That way it can’t be averaged out by oversampling. So something like RNG_SEED = HMAC_SHA256(PERSISTENT_SECRET,Location.origin)
