1450564 - Fine-tune fonts to compensate difference in dimensions to eliminate this fingerprinting possibility

Status: UNCONFIRMED

(Core :: Layout: Text and Fonts, enhancement, P4)

Description

[KOLANICH]

According to the discussion in https://github.com/w3c/permissions/issues/165 :

The idea is not only to ship fonts, but to take a base font (the original font file shipped with browser) and measure its glyphs on every supported environment, with as much diversity as possible, in the same way fingerprinters do. So we get a tensor n environments * m glyphs in superset of glyphs all the used fonts * 2 (width and height). m_{i,j,k}, i is env, j is glyph , k is dimension indexes.

Then we compute the median over each glyph in measurements and get Me_{j, k}.
This table is serialized, standardized and shipped with each browser. When a user starts a browser, a browser does rendering and calculates the sizes of glyphs the same way the reference ones are obtained. Then it calculates the differences. Then it modifies the shipped font files in the direction which should eliminate the difference (a gradient descent). Then repeats until convergence. Then it does the same with ligatures and kerning. After that the rendered font glyph sizes are considered similar enough to standardized ones. So when a webapp measures text we can return not the actual sizes, but the predicted ones (the predicted ones are the ones that are to be returned if there was no variability from env to env, is to be computed using standardized dimensions and some algo). The prediction algorithm must be standardized, so every browser must return the same value. And this should not make much disturbance, because simulated dimensions should be close enough to the real ones not to spoil rendering much.

Do that for each font.

This is only relevant to glyph size fingerprinting. Canvas image data still mustn't be exposed.