font fingerprinting protection not enabled

RESOLVED DUPLICATE of bug 1336208

Status

()

RESOLVED DUPLICATE of bug 1336208
2 years ago
2 years ago

People

(Reporter: wckronholm, Unassigned)

Tracking

52 Branch
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(1 attachment)

(Reporter)

Description

2 years ago
Created attachment 8845555 [details]
Font results after upgrading to FF52

User Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0
Build ID: 20170303012758

Steps to reproduce:

I checked for font fingerprinting via EFF's Panopticlick (https://panopticlick.eff.org/), first using FF51, then upgrading to FF52. I am on Ubuntu 64 bit 16.04.


Actual results:

The results are the same for me before and after: many, many fonts listed contributing to a unique fingerprint.

Same results with a fresh profile.


Expected results:

I expected the results to be a very short list of fonts, similar to the results obtained for a Tor browser.

Others report that after upgrading to FF52, the list of fonts is very restricted, but that is not the case for me.
(Reporter)

Comment 1

2 years ago
I just tried the same thing in a Private Browsing window, and I get a very short list of fonts there.

Comment 2

2 years ago
bug 1336208, or in http://www.ghacks.net/2016/12/28/firefox-52-better-font-fingerprinting-protection/: You need to do the following to use a system font whitelist in Firefox: ...
Status: UNCONFIRMED → RESOLVED
Last Resolved: 2 years ago
Component: Untriaged → Security
Resolution: --- → DUPLICATE
Duplicate of bug: 1336208
(Reporter)

Comment 3

2 years ago
Did the following:

    Type about:config in the browser's address bar and hit the Enter-key afterwards.
    Confirm that you will be careful if the warning prompt is displayed.
    Right-click in the main pane listing all preferences, and select New > String from the context menu.
    Name the new parameter font.system.whitelist.
    Now add fonts to the whitelist separated by comma: Helvetica, Courier, Verdana is a valid value for instance.

But instead of Helvetica, etc, I entered Wingdings 2, Wingdings 3, which is the same result I get with Tor browser.

I checked on Panopticlick again, no change.
I cleared cookies for the eff site as well. No change. The instructions in your link have no effect for me.
You need to log in before you can comment on or make changes to this bug.