Collect Telemetry on the differences in system fonts
Categories
(Core :: Graphics: Text, enhancement, P2)
Tracking
()
| Tracking | Status | |
|---|---|---|
| firefox57 | --- | wontfix |
People
(Reporter: tjr, Assigned: xeonchen)
References
(Blocks 1 open bug)
Details
(Whiteboard: [fingerprinting] [fxprivacy] [gfx-noted] [fp-triaged])
Differences in System Fonts cause a strong fingerprinting vector. If we can measure how different peoples system fonts are, and what percentage of the web relies on the outliers, we might be able to enforce a system font whitelist that does not allow our users to be fingerprinted via this vector.
|
||
Updated•7 years ago
|
|
||
Updated•7 years ago
|
|
Reporter | |
Updated•6 years ago
|
| Comment hidden (obsolete) |
|
||
Comment 3•4 years ago
|
||
Jonathan, can this bug be marked as a dupe of bug 1619349?
|
||
Comment 4•4 years ago
|
||
Yes, probably so. The telemetry added in bug 1619349 doesn't actually "measure how different peoples system fonts are" (it's not clear to me how we could do that), but does report how often fonts outside the OS's default installed set get used ("what percentage of the web relies on the outliers"); e.g. https://telemetry.mozilla.org/new-pipeline/dist.html#!measure=USER_FONT_FAMILIES_PER_PAGE.
If we can measure how different peoples system fonts are, and what percentage of the web relies on the outliers, we might be able to enforce a system font whitelist that does not allow our users to be fingerprinted via this vector.
You should never do that. Your database can get into hands (i.e. requested by a subpoena or just leaked) of malicious actors. Like NSA, PRC or Australia (Australian citizens are required by law to either assist their intelligence (including inserting backdoors and providing data) or face jail terms, so all staff dependent on Australia should be dismissed from any jobs allowing them to assist Australian intelligence services) intelligence.
Description
•