Closed Bug 1345965 Opened 7 years ago Closed 7 years ago

font fingerprinting protection not enabled

Categories

(Firefox :: Security, defect)

52 Branch
defect
Not set
normal

Tracking

()

RESOLVED DUPLICATE of bug 1336208

People

(Reporter: wckronholm, Unassigned)

Details

Attachments

(1 file)

User Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0
Build ID: 20170303012758

Steps to reproduce:

I checked for font fingerprinting via EFF's Panopticlick (https://panopticlick.eff.org/), first using FF51, then upgrading to FF52. I am on Ubuntu 64 bit 16.04.


Actual results:

The results are the same for me before and after: many, many fonts listed contributing to a unique fingerprint.

Same results with a fresh profile.


Expected results:

I expected the results to be a very short list of fonts, similar to the results obtained for a Tor browser.

Others report that after upgrading to FF52, the list of fonts is very restricted, but that is not the case for me.
I just tried the same thing in a Private Browsing window, and I get a very short list of fonts there.
bug 1336208, or in http://www.ghacks.net/2016/12/28/firefox-52-better-font-fingerprinting-protection/: You need to do the following to use a system font whitelist in Firefox: ...
Status: UNCONFIRMED → RESOLVED
Closed: 7 years ago
Component: Untriaged → Security
Resolution: --- → DUPLICATE
Did the following:

    Type about:config in the browser's address bar and hit the Enter-key afterwards.
    Confirm that you will be careful if the warning prompt is displayed.
    Right-click in the main pane listing all preferences, and select New > String from the context menu.
    Name the new parameter font.system.whitelist.
    Now add fonts to the whitelist separated by comma: Helvetica, Courier, Verdana is a valid value for instance.

But instead of Helvetica, etc, I entered Wingdings 2, Wingdings 3, which is the same result I get with Tor browser.

I checked on Panopticlick again, no change.
I cleared cookies for the eff site as well. No change. The instructions in your link have no effect for me.
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: