Open Bug 1935585 Opened 1 year ago Updated 7 months ago

Firefox 128.5.0esr 64bit on Debian12 with privacy.resistFingerprinting=true cannot use camera

Categories

(Core :: Privacy: Anti-Tracking, defect, P3)

Product:
Core
Component:
Privacy: Anti-Tracking
Version:
Firefox 128
Type:
defect

Tracking

()

Status:
UNCONFIRMED

People

(Reporter: soumen.chakrabarti, Unassigned)

Details

Attachments

(2 files)

Screenshot of vertical color patterns
34.33 KB, image/png
Details
Browser alert about canvas based fingerprinting
31.64 KB, image/png
Details

User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:128.0) Gecko/20100101 Firefox/128.0

Steps to reproduce:

Linux 6.1.0-28-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.119-1 (2024-11-22) x86_64 GNU/Linux
Stock Debian running gnome on xwayland 2:22.1.9-1
Installed Firefox 128.5.0esr (64-bit) from Debian repo.
Connected USB webcam (but same issue with built-in webcam).
Visited either https://meet.google.com/landing or https://app.zoom.us/wc/
Started a trial meeting to see what webcam is capturing.
Video captured was acceptable, meetings could be held normally.

Next, visited about:config and set these two flags to true:
privacy.resistFingerprinting
privacy.fingerprintingProtection
Then tried the meeting services again.

Actual results:

This time, psychedelic colored vertical color bands are seen in the webcam preview. Other parties in meetings see the same patterns. (Screenshot attached.)

If privacy.resistFingerprinting is switched to false, the meeting services work well again. Restarting the browser is not needed.

Expected results:

Webcams and meetings should work normally irrespective of the settings of
privacy.resistFingerprinting
privacy.fingerprintingProtection

The Bugbug bot thinks this bug should belong to the 'Core::Privacy: Anti-Tracking' component, and is moving the bug to that component. Please correct in case you think the bot is wrong.

Component: Untriaged → Privacy: Anti-Tracking
Product: Firefox → Core

Fatih, could you take a look? Thanks

Flags: needinfo?(fkilic)

Sure, the issue seems to be about a mix of canvas placeholder and google meet background settings. I assume they do the processing client side and use canvas, but our canvas placeholder shows up instead of the webcam + background.

Corvus, can you try clicking the canvas icon you see in the URL bar and refresh the page?

Flags: needinfo?(fkilic) → needinfo?(soumen.chakrabarti)

When I click the icon in the URL bar I get an alert from Firefox asking me if I should enable HTML5 canvas access, and that it can be used for fingerprinting. If I enable canvas access, the camera begins to work.

At some level this absolves Firefox from any further responsibility regarding fingerprinting. However, the overall experience defeats the purpose of fingerprint prevention. I would like to add a feature request to Firefox whereby a third option beyond yes/no is added to HTML5 canvas access, enabling which will make Firefox add random noise to the canvas before passing it on to apps running inside the browser, like Zoom or Google Meet.

This is a legitimate part of adequately sandboxing applications running inside a browser, such as providing configured location, time, and virtual devices. Otherwise the cat-and-mouse game between privacy respecting browsers and nosy apps will continue.

Thanks for your prompt attention!

[1] https://fingerprint.com/blog/canvas-fingerprinting/

Flags: needinfo?(soumen.chakrabarti)

I would like to add a feature request to Firefox whereby a third option beyond yes/no is added to HTML5 canvas access, enabling which will make Firefox add random noise to the canvas before passing it on to apps running inside the browser, like Zoom or Google Meet.

We actually kept applying noise in RFP even after granting permission, but we removed that in bug 1896175. It was based on this bug from Tor Browser.

You can achieve what you want to do to with normal overrides though. (remote settings allow canvas randomization in FPP for google.com)

privacy.fingerprintingProtection = True
privacy.fingerprintingProtection.overrides = +AllTargets
privacy.resistFingerprinting = False

The recommended combination:

privacy.fingerprintingProtection = True
privacy.fingerprintingProtection.overrides = +AllTargets
privacy.resistFingerprinting = False

does not work for me. I still get the shimmering vertical color bands.
Deleting "+AllTargets" to the blank default instantly fixes camera access.

Huh interesting, can you try the following?

privacy.fingerprintingProtection = True
privacy.fingerprintingProtection.overrides = +AllTargets,-CanvasImageExtractionPrompt,-CanvasExtractionFromThirdPartiesIsBlocked,-CanvasExtractionBeforeUserInputIsBlocked
privacy.resistFingerprinting = False

This is closer to RFP but should disable vertical color bands you see completely.

Yes, +AllTargets,-CanvasImageExtractionPrompt,-CanvasExtractionFromThirdPartiesIsBlocked,-CanvasExtractionBeforeUserInputIsBlocked blanks out the camera to black, but it does not allow either party to see what's in front of the camera. Was that your intention?

Ah no it definitely wasn't my intention. Unfortunately, I cant reproduce it on my end, so I don't know why that's happening for you.

Severity: -- → S3
Priority: -- → P3
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: