Open Bug 1428034 Opened 2 years ago Updated 2 months ago
Apply Resist Fingerprinting Protection to Web
GL's read Pixels method
For more details see Bug 1422890 In general though, we want to protect WebGL's ReadPixels method to prevent a website from rendering something, and using subtle rendering differences to fingerprint a user. (Same as Canvas.) Like canvas, the short-term fix for this will probably be to provide a blank result and throw the Canvas permission prompt. Before doing so, we should block on Bug 1428033 and then confirm that rendering differences *can* still be used to fingerprint users. (It would be great if they couldn't!) We will also need to look at the WebGL APIs and figure out if there are APIs that can be used to infer data besides readPixels. For example hypothetical getPixelColor or isPointOnLine methods. Finally, it would also be good to document the path forward for making WebGL unfingerprintable entirely. Tor does not need us to get this into ESR60, but it is a hole in FF's RFP mode.
> making WebGL unfingerprintable entirely This is not possible. I do not believe WebGL rendering differences have the same magnitude of fingerprintability as fonts on canvas2d. I'm going to need some PoCs before we crimp WebGL for this.
Status: NEW → UNCONFIRMED
Ever confirmed: false
Priority: -- → P5
Whiteboard: fingerprinting → fingerprinting gfx-noted
You can find an image hash that uses WebGL's readPixels here: https://browserleaks.com/webgl I am tentatively working on a patch for Bromite (Chromium fork) that would address this fingerprinting vector, see the related issue here: https://github.com/bromite/bromite/issues/131 The idea is to modify the RGB color components of a few pixels with some noise, as it has already been implemented for the canvas (https://github.com/bromite/bromite/blob/70.0.3538.71/patches/BRM053_Canvas-fingerprinting-mitigations-for-image-data-and-webGL.patch). (Ugly, but effective?)
FYI: It is also implemented in the extension Canvas Blocker . I'll needinfo him so he can help or offer any insight if required/asked, and be aware of the coming changes. Fairly sure he has a test for WebGL readPixels. Normally they're all here  but I don't see a front facing link. He been delving into this stuff for years and is very thorough.  https://addons.mozilla.org/en-US/firefox/addon/canvasblocker/)  https://github.com/kkapsner/CanvasBlocker  https://canvasblocker.kkapsner.de/test/
I do not expect adding random noise to be effective. It will change the output of the image, resulting in a new base64 representation, and a new hash - yes. This would break naive tracking; but as soon as the trackers decide they want to still track you (which would happen if these were implemented by default or adopted with any significant user base) - they could bypass it. The noise can be subtracted out by comparing multiple images. Or they can report the entire image to the server and use fuzzy image comparison algorithms.
@tjr according to the papers I have read there is a certain amount of noise that makes the techniques you described not effective anymore; the mitigations adopted in Bromite/ungoogled-chromium are currently not adding enough noise to qualify for that but could be modified to do so. I am maintaining a collection of the papers/approaches discussed in Bromite issue tracker here: https://github.com/bromite/bromite/wiki/Fingerprinting A more comprehensive list is probably here: https://amiunique.org/links (NOTE: although the page there says "scientific papers", I would not assume they have all been peer reviewed and accepted). The most simple countermeasure to satisfy the invalidation criteria you exposed would be to have different noise-addition thresholds, including an option with more noise that can satisfy image subtraction techniques and fuzzy algorithms (it is sufficient to add noise in the same order of magnitude of the standard deviation of the fuzzy algorithm to defeat it).
Whiteboard: fingerprinting gfx-noted → [fingerprinting] [gfx-noted] [fp-triaged]
You need to log in before you can comment on or make changes to this bug.