Closed Bug 1852541 Opened 1 year ago Closed 1 year ago

meet.google.com - Cannot join meetings when Canvas Randomization is enabled

Categories

(Core :: Privacy: Anti-Tracking, defect, P2)

Product:
Core
Component:
Privacy: Anti-Tracking
Version:
Firefox 119
Type:
defect

Tracking

()

Status:
VERIFIED FIXED
Milestone:
120 Branch
Tracking Flags:
Tracking Status
firefox119 --- unaffected
firefox120 --- verified

People

(Reporter: rbucata, Assigned: tjr)

References

(Blocks 1 open bug, Regressed 1 open bug,
URL
)

Details

Attachments

(4 files)

Bug 1852541: Do not randomize the canvas if it is one uniform pattern r?timhuang
48 bytes, text/x-phabricator-request
Details | Review
Bug 1852541: Fix tests and add one for constant canvas r?timhuang
48 bytes, text/x-phabricator-request
Details | Review
Bug 1852541: Improve the odds of Canvas Randomization bit-flipping r?timhuang
48 bytes, text/x-phabricator-request
Details | Review
Bug 1852541: Clarify some function names r?timhuang
48 bytes, text/x-phabricator-request
Details | Review

From github: https://github.com/webcompat/web-bugs/issues/126901.

<!-- @browser: Firefox 119.0 -->
<!-- @ua_header: Mozilla/5.0 (Windows NT 10.0; rv:109.0) Gecko/20100101 Firefox/119.0 -->
<!-- @reported_with: unknown -->
<!-- @public_url: https://github.com/webcompat/web-bugs/issues/126901 -->

URL: https://meet.google.com

Browser / Version: Firefox 119.0
Operating System: Windows 10
Tested Another Browser: Yes Safari

Problem type: Something else
Description: Cannot join meetings with privacy.resistFingerprinting set to true
Steps to Reproduce:
Unable to attend any Google meet meetings with privacy.resistFingerprinting set to true not reproduced on Chrome or Safari.
<details>
<summary>View the screenshot</summary>
<img alt="Screenshot" src="https://webcompat.com/uploads/2023/9/6ebb44fb-690b-4fef-8a1e-3cc8de9c4536.jpeg">
</details>

<details>
<summary>Browser Configuration</summary>
<ul>
<li>None</li>
</ul>
</details>

From webcompat.com with ❤️

Change performed by the Move to Bugzilla add-on.

The issue was reported via the webcompat.com reporter. Since the issue is reproducible with an altered pref, privacy.resistFingerprinting set to TRUE, we have moved the issue accordingly. Please feel free to move the issue to the relevant Project and Component.

Blocks: fingerprinting-breakage
URL: https://meet.google.com/
status-firefox119: --- → affected
OS: Android → All
Hardware: Unspecified → All
See Also: → https://github.com/webcompat/web-bugs/issues/126901
Version: unspecified → Firefox 119

Hello, I was the original reporter. I also reproduced this issue with privacy.resistFingerprinting set to false but privacy.fingerprintingProtection set to true.

Can we close this bug since this pref isn't supported?

Flags: needinfo?(tihuang)

I think we should still leave this bug open for tracking the issue. Ideally, we should find the root cause and then decide on the following action to do here.

Flags: needinfo?(tihuang)

FPP is supported. I can reproduce it with FPP enabled, and override testing reproduced it with -AllTargets,+CanvasRandomization. (For -AllTargets it did not reproduce.) Will try to dig into why though....

Spent a while debugging this, unsuccessfully from the JS code side of things, so I switched to using modified Firefox and looking specifically at the canvas calls from that side. Meet was rendering two canvases: one 400x200 that made a very typical fingerprinting image, and one 5x5 with a constant pattern. Trial and error showed that if we didn't modify the 5x5 image, then Meet would work. My conclusion is that they are checking for randomization or some other error.

I did experience inconsistency with my testing. Sometimes the page failed even though no pixels were modified. Sometimes it passed with only 1 or 2 pixels modified.

Also, I want to thank Raul and everyone for bringing this bug to our attention, it would have been a big issue to leave unaddressed.

Assignee: nobody → tom
Status: NEW → ASSIGNED
Severity: -- → S3
Priority: -- → P2
Pushed by tritter@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/6dff3776d3d5 Do not randomize the canvas if it is one uniform pattern r=timhuang,jgilbert https://hg.mozilla.org/integration/autoland/rev/dbb5ce808936 Fix tests and add one for constant canvas r=timhuang
Pushed by tritter@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/9dea05c869be Do not randomize the canvas if it is one uniform pattern r=timhuang,jgilbert https://hg.mozilla.org/integration/autoland/rev/7f516f079dd4 Fix tests and add one for constant canvas r=timhuang

Backed out for causing build bustages + bc failures.

Flags: needinfo?(tom)
Flags: needinfo?(tom)
Flags: needinfo?(tom)
Summary: meet.google.com - Cannot join meetings with privacy.resistFingerprinting set to true → meet.google.com - Cannot join meetings when Canvas Randomization is enabled

Our current algorithm gives a lot of test failures and test-verfiy failures.
After some logging and debugging, my best guess is that we are just getting
unlucky.

I would see test failures (failed to detect a randomization was applied) when
we e.g. fliped a mere 16 bytes from 0 -> 1. When we flipped some values from
0 -> 2 that would more reliably cause a change.

While debugging I felt these would be more descriptive function names

Depends on D190283

Pushed by tritter@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/8832d7e6c0dc Do not randomize the canvas if it is one uniform pattern r=timhuang,jgilbert https://hg.mozilla.org/integration/autoland/rev/4e369c26c1f6 Fix tests and add one for constant canvas r=timhuang https://hg.mozilla.org/integration/autoland/rev/21d022246ce0 Improve the odds of Canvas Randomization bit-flipping r=timhuang

Backed out for causing build bustages in nsRFPService.cpp

  • Backout link
  • Push with failures
  • Failure Log
  • Failure line: /builds/worker/checkouts/gecko/toolkit/components/resistfingerprinting/nsRFPService.cpp:1373:24: error: code will never be executed [-Werror,-Wunreachable-code]
Flags: needinfo?(tom)
Pushed by tritter@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/0af1e383e35e Do not randomize the canvas if it is one uniform pattern r=timhuang,jgilbert https://hg.mozilla.org/integration/autoland/rev/187a1f13809f Fix tests and add one for constant canvas r=timhuang https://hg.mozilla.org/integration/autoland/rev/eae33625ba1e Improve the odds of Canvas Randomization bit-flipping r=timhuang

https://hg.mozilla.org/mozilla-central/rev/0af1e383e35e
https://hg.mozilla.org/mozilla-central/rev/187a1f13809f
https://hg.mozilla.org/mozilla-central/rev/eae33625ba1e

Status: ASSIGNED → RESOLVED
Closed: 1 year ago
status-firefox120: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → 120 Branch
Flags: needinfo?(tom)

The patch landed in nightly and beta is affected.
:tjr, is this bug important enough to require an uplift?

  • If yes, please nominate the patch for beta approval.
  • If no, please set status-firefox119 to wontfix.

For more information, please visit BugBot documentation.

Flags: needinfo?(tom)

This doesn't affect Beta (unless someone has modified preferences) because Canvas Randomization is only enabled in Nightly.

status-firefox119: affectedunaffected
Flags: needinfo?(tom)

Verified as fixed on the latest Nightly 120.0a1 - I'm not seeing any errors when joining Google Meets calls while the preference "privacy.fingerprintingProtection" is enabled - tested on macOS 11.7, Ubuntu 20.04 and Windows 10.

Status: RESOLVED → VERIFIED
status-firefox120: fixedverified
Pushed by tritter@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/35e20e70da91 Clarify some function names r=timhuang
See Also: → 1875789
Regressions: 1876149
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: