- From: CSS Meeting Bot via GitHub <sysbot+gh@w3.org>
- Date: Tue, 17 Sep 2019 07:51:06 +0000
- To: public-css-archive@w3.org
The CSS Working Group just discussed `mitigations for font based fingerprinting`. <details><summary>The full IRC log of that discussion</summary> <emilio> Topic: mitigations for font based fingerprinting<br> <emilio> github: https://github.com/w3c/csswg-drafts/issues/4055<br> <emilio> TabAtkins: [introduces the issue]<br> <emilio> TabAtkins: we expose a lot of PI data on the web<br> <emilio> ... even if you plug fonts we're probably not below the level where you cannot identify a single user<br> <emilio> ... to do that you probably need to do software rendering on canvas for example<br> <emilio> ... so unless somebody comes up with a list of stuff and data<br> <emilio> ... I think we shouldn't do that<br> <emilio> ... a bit annoying from a PR standpoint to argue why it doesn't really matter but...<br> <emilio> myles: our goal is to remove all the sources of fingerprinting on the web<br> <emilio> ... we should reduce as much as possible<br> <emilio> TabAtkins: you cannot remove all of them<br> <emilio> ... no media queries, etc..<br> <emilio> TabAtkins: unless you could reduce it to 20 you haven't done anything<br> <emilio> myles: well you're closer to the goal<br> <emilio> [funny methafores]<br> <emilio> metaphors*<br> <Rossen_> q?<br> <emilio> TabAtkins: going from "individually identify someone" to "individually identify someone" does nothing<br> <emilio> ... there's a specific threshold we need to reach to do anything<br> <emilio> ... and nobody can<br> <emilio> myles: we'll try<br> <emilio> dino: I really believe we should ask the question for each feature of what the cost is<br> <emilio> ... I accept what TabAtkins says about the number of bits<br> <emilio> ... but it's this group's duty to do the cost of the feature vs. the privacy impact<br> <emilio> florian: cost is breaking the web for minority languages, benefit is not clear yet<br> <emilio> TabAtkins: w3c has the privacy interest group working on this, if their conclusion is that we can hit this range by doing this<br> <emilio> ... then happy to<br> <emilio> plinss: every time we add a bit we make it that much harder, if we throw our hands up in the air then sure, let's add identifiers<br> <emilio> thomas: There's also ways to alert the user it's being fingerprinted<br> <Rossen_> q?<br> <emilio> nmccully: I'm hearing mostly that it's not the right fix. We shouldn't make it worse but...<br> <leaverou> q+<br> <emilio> myles: our job is to design CSS APIs and we have to weight pros and cons. We found that font-based fingerprinting is one of the most unique ways users are fingerprinted. We also found that it doesn't affect most users' experience<br> <Rossen_> ack leaverou<br> <emilio> ... so pros and cons seem clear here<br> <dino> emilio: I agree with myles<br> <emilio> leaverou: Lots of old sites rely on common fonts like Calibri or Cambria installed<br> <florian> q?<br> <florian> q+<br> <emilio> ... also there's a perf impact of always downloading the font since sites tend to use `local()`<br> <emilio> ???: Are we getting ahead of the game between standards and impls<br> <fantasai> s/???/glenn/<br> <dino> s/???/Glenn/<br> <emilio> myles: the spec can't do much here<br> <Rossen_> ack flackr<br> <emilio> myles: we are an standardization, we can't do more that saying in the spec that should have privacy considerations<br> <Rossen_> ack florian<br> <emilio> ... but browsers like Safari can and have gone further<br> <emilio> florian: so you mentioned that you investigated the amount of sites<br> <emilio> ... that broke or not<br> <emilio> ... if you're removing language support minority users can't use the web<br> <emilio> ... also bandwidth may be a concern<br> <emilio> ... I don't care if sites are slowly slower for californians<br> <emilio> myles: having philosophical discussions is not particularly useful<br> <emilio> ... we need a concrete proposal<br> <emilio> ... and there's nothing to resolve on until there's one<br> <emilio> ... the spec already says that a UA may or not scan al fonts in the system<br> <emilio> Rossen_: out of time<br> </details> -- GitHub Notification of comment by css-meeting-bot Please view or discuss this issue at https://github.com/w3c/csswg-drafts/issues/4055#issuecomment-532105250 using your GitHub account
Received on Tuesday, 17 September 2019 07:51:07 UTC