- From: CSS Meeting Bot via GitHub <sysbot+gh@w3.org>
- Date: Tue, 17 Sep 2019 06:11:25 +0000
- To: public-css-archive@w3.org
The CSS Working Group just discussed `mitigations for font based fingerprinting`. <details><summary>The full IRC log of that discussion</summary> <mstange> Topic: mitigations for font based fingerprinting<br> <mstange> github: https://github.com/w3c/csswg-drafts/issues/4055<br> <mstange> chris: The issue is that you can pretty much identify individuals based on the set of installed fonts.<br> <mstange> ... For example, I have all CSS test fonts installed and some fonts for languages I don't spec, and that identifies me uniquely.<br> <AmeliaBR> s/spec/speak/<br> <foolip> fantasai, florian, TabAtkins: we're in the #testing meeting debating what your requirements actually are. can we interview you later?<br> <mstange> ... One proposal was to only report fonts that are the standard fonts for that platform.<br> <mstange> ... But this would cause you to re-download fonts you already have.<br> <mstange> ... This consumes unnecessary bandwidth.<br> <mstange> florian: On some OSes, even the set of default fonts can almost uniquely identify you.<br> <mstange> myles: It is impossible for the spec to describe the set of default fonts.<br> <mstange> ... The proposal is to say in the spec that browsers must have some affordances to protect user privacy by having some sort of (?)<br> <mstange> florian: On the performance vs privacy question, I lean towards privacy. On performance vs internationalization, it's less clear: If you don't have the font for a particular language and can't read the text, that's bad.<br> <mstange> chris: There is a strong web compat problem here. Things that used to work should not break.<br> <mstange> florian: When working means look pretty, there's a trade-off. When it means you cannot read it, it's different.<br> <mstange> myles: WebKit has been doing this for over a year. We discard user-installed fonts.<br> <mstange> florian: Mongolian without fonts is unreadable.<br> <mstange> ... When it is readable, removing the fonts breaks it.<br> <mstange> myles: It's a trade-off.<br> <mstange> heycam: How did you choose that list of fonts?<br> <mstange> myles: I commented on the issue.<br> <heycam> s/heycam/thomas/<br> <fantasai> It was also pointed out that downloading fonts can cost money in some areas, and this is more likely to be the case in areas which are more likely to use minority languages<br> <mstange> thomas: Rather than a bespoce list, could we come up with a list that can be updated periodically? Some list that covers languages for i18n use cases, as well as some fonts that are installed on machines.<br> <fantasai> and which have less money to spend<br> <mstange> iank_: The information about fonts is queriable by measuring the bounds of boxes, without getting the list of fonts from an API.<br> <mstange> Rossen_: We will pause the discussion of this issue and unpause it after the break.<br> </details> -- GitHub Notification of comment by css-meeting-bot Please view or discuss this issue at https://github.com/w3c/csswg-drafts/issues/4055#issuecomment-532075130 using your GitHub account
Received on Tuesday, 17 September 2019 06:11:27 UTC