I would absolutely send him an email to the effect of
"Per our multiple verbal conversations, this is just to serve as notice that, in my professional opinion, your refusal to allow me to upgrade a system at risk of multiple security vulnerabilities on a platform that is no longer supported is a risk that you are choosing to accept against my advise."
with a list of known major vulnerabilities attached if possible.
That way at least if this comes back to bite the company on the ass, he can't say "Well he never told me this was a problem!"
If you turn on resist fingerprinting then supposedly yes. It does pass the test with fingerprint.com then. Assuming you’re using a VPN of course.
I’ve been running with resist fingerprinting enabled for about a year and aside from the annoyance of having all your new windows spawn at a very small fixed size, the only major issue is knowing that for some websites to work you may have to enable HTML5 canvas for them. (It’s an icon that will appear in the location bar and you will know to look for if things that are supposed to be graphics in the web page are just a bunch of striped boxes instead.)