Closed Bug 1388743 Opened 4 years ago Closed 9 months ago

Collect Telemetry on the differences in system fonts

Categories

(Core :: Graphics: Text, enhancement, P2)

enhancement

Tracking

()

RESOLVED DUPLICATE of bug 1619349
Tracking Status
firefox57 --- wontfix

People

(Reporter: tjr, Assigned: xeonchen)

References

(Blocks 1 open bug)

Details

(Whiteboard: [fingerprinting] [fxprivacy] [gfx-noted] [fp-triaged])

Differences in System Fonts cause a strong fingerprinting vector. If we can measure how different peoples system fonts are, and what percentage of the web relies on the outliers, we might be able to enforce a system font whitelist that does not allow our users to be fingerprinted via this vector.
Priority: -- → P3
Whiteboard: [fingerprinting] [fxprivacy] → [fingerprinting] [fxprivacy] gfx-noted
Assignee: nobody → xeonchen
Priority: P3 → P2
Whiteboard: [fingerprinting] [fxprivacy] gfx-noted → [fingerprinting] [fxprivacy] [gfx-noted] [fp-triaged]
We might need to check this for bug 1502831
See Also: → 1502831

Jonathan, can this bug be marked as a dupe of bug 1619349?

Flags: needinfo?(jfkthame)

Yes, probably so. The telemetry added in bug 1619349 doesn't actually "measure how different peoples system fonts are" (it's not clear to me how we could do that), but does report how often fonts outside the OS's default installed set get used ("what percentage of the web relies on the outliers"); e.g. https://telemetry.mozilla.org/new-pipeline/dist.html#!measure=USER_FONT_FAMILIES_PER_PAGE.

Status: NEW → RESOLVED
Closed: 9 months ago
Flags: needinfo?(jfkthame)
Resolution: --- → DUPLICATE
Duplicate of bug: 1619349

If we can measure how different peoples system fonts are, and what percentage of the web relies on the outliers, we might be able to enforce a system font whitelist that does not allow our users to be fingerprinted via this vector.

You should never do that. Your database can get into hands (i.e. requested by a subpoena or just leaked) of malicious actors. Like NSA, PRC or Australia (Australian citizens are required by law to either assist their intelligence (including inserting backdoors and providing data) or face jail terms, so all staff dependent on Australia should be dismissed from any jobs allowing them to assist Australian intelligence services) intelligence.

You need to log in before you can comment on or make changes to this bug.