- From: pes10k via GitHub <sysbot+gh@w3.org>
- Date: Wed, 12 Feb 2025 21:44:53 +0000
- To: public-css-archive@w3.org
Im encouraged by the ongoing discussion here! However, I do not think think this approach would address the privacy concern, for several reasons: - allowing sites to access 8 (or even << 8) system fonts is a tremendous amount of fingerprinting surface - as the proposal partially notes, this proposal, in its initial form, provides an unbounded amount of fingerprinting surface. If the limit is "you can load up to N system fonts", then presumably this means websites are able to check for for fonts until they've found N fonts the user has installed (which would mean a potentially infinite number of checks). No/0 fingerprinting "bits" can be just as identifying as yes/1 bits. The assumption that "most fingerprinting depends on which fonts you do have" is not correct. - tying which fonts a site can access in a 3p/iframe/etc context to what fonts the sites previously accessed in the 1p/top-level-frame context opens up all sorts of third-party tracking vectors, and undoes the protections that dual-keying storage imposes. -- GitHub Notification of comment by pes10k Please view or discuss this issue at https://github.com/w3c/csswg-drafts/issues/11571#issuecomment-2654910327 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Wednesday, 12 February 2025 21:44:54 UTC