Closed
Bug 1345965
Opened 8 years ago
Closed 8 years ago
font fingerprinting protection not enabled
Categories
(Firefox :: Security, defect)
Tracking
()
RESOLVED
DUPLICATE
of bug 1336208
People
(Reporter: wckronholm, Unassigned)
Details
Attachments
(1 file)
26.58 KB,
image/png
|
Details |
User Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0
Build ID: 20170303012758
Steps to reproduce:
I checked for font fingerprinting via EFF's Panopticlick (https://panopticlick.eff.org/), first using FF51, then upgrading to FF52. I am on Ubuntu 64 bit 16.04.
Actual results:
The results are the same for me before and after: many, many fonts listed contributing to a unique fingerprint.
Same results with a fresh profile.
Expected results:
I expected the results to be a very short list of fonts, similar to the results obtained for a Tor browser.
Others report that after upgrading to FF52, the list of fonts is very restricted, but that is not the case for me.
Reporter | ||
Comment 1•8 years ago
|
||
I just tried the same thing in a Private Browsing window, and I get a very short list of fonts there.
bug 1336208, or in http://www.ghacks.net/2016/12/28/firefox-52-better-font-fingerprinting-protection/: You need to do the following to use a system font whitelist in Firefox: ...
Status: UNCONFIRMED → RESOLVED
Closed: 8 years ago
Component: Untriaged → Security
Resolution: --- → DUPLICATE
Reporter | ||
Comment 3•8 years ago
|
||
Did the following:
Type about:config in the browser's address bar and hit the Enter-key afterwards.
Confirm that you will be careful if the warning prompt is displayed.
Right-click in the main pane listing all preferences, and select New > String from the context menu.
Name the new parameter font.system.whitelist.
Now add fonts to the whitelist separated by comma: Helvetica, Courier, Verdana is a valid value for instance.
But instead of Helvetica, etc, I entered Wingdings 2, Wingdings 3, which is the same result I get with Tor browser.
I checked on Panopticlick again, no change.
I cleared cookies for the eff site as well. No change. The instructions in your link have no effect for me.
You need to log in
before you can comment on or make changes to this bug.
Description
•