I can’t get the same CanvasBlocker extension for Brave as I can for Firefox, so I want to know.
The short answer is “yes”, its changed per eTLD+1, per session.
The long answer is “it depends”, since there are possible ways clever attackers could strip the noise out of the canvas fingerprint to get a constant, but less identifying, canvas hash. This is true of canvas blocker too.
Is anyone trying to fix this loophole in Brave or CanvasBlocker?
It’s not a loophole as such. It’s a cat and mouse game that the trackers are constantly evolving and adjusting to new counter measures and we are doing the same.