- From: KOLANICH <notifications@github.com>
- Date: Fri, 05 Jan 2018 20:44:35 +0000 (UTC)
- To: w3c/permissions <permissions@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Friday, 5 January 2018 20:45:17 UTC
>The browser can handle that, as mentioned in the Firefox bug up above, by whitelisting a set of local fonts visible to the webpage. That avoids the fingerprinting vector entirely, and I'd support that. (The page would then only have access to the whitelist fonts, and whatever they pull in themselves via @font-face.) According to my previous (long ago) experiments even identical fonts and browser binaries leak some info about environment. I had posted the link above, you can try that yourself on your PC. First install TBB into a main system and acquire a fingerprint. Then fully restart TBB and acquire another fingerprint and make sure that they match. Then run an OS in a VM, install TBB there and aquire another fingerprint. Then compare the fingerprints. You may also want to try it with different versions of usual Firefox with privacy.resistFingerprinting=1. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/w3c/permissions/issues/165#issuecomment-355660685
Received on Friday, 5 January 2018 20:45:17 UTC