-
Notifications
You must be signed in to change notification settings - Fork 973
Fingerprint based on system fonts #2259
Comments
scriptsafe Added a new Fingerprinting Protection section with 8 new options (disabled by default): Canvas Fingerprint Protection - protect against fingerprinting attempts through elements, with the following options: Block Audio Fingerprinting - prevent fingerprinting via the AudioContext API Block WebGL Fingerprinting - prevent fingerprinting via the WebGL API Block Battery Fingerprinting - prevent fingerprinting via the Battery API Block Device Enumeration - prevent having hardware devices detected via the WebRTC API Block Gamepad Enumeration - prevent having hardware devices detected via the Gamepad API Block Canvas Font Access - prevent system fonts from being enumerated through elements Reduce Keyboard Fingerprinting (for advanced users) - make keypress timings more random to increase anonymity (note: adds a random delay between keypresses)) Install from the Chrome Web Store: https://chrome.google.com/webstore/detail/scriptsafe/oiigbmnaadbkfbmpbfijlflahbdbdgdf |
The thing is that the systems fonts are detected via JavaScript and Flash (tested on Google Chrome) |
So there is no way to block this? Fingerprinting by browser type and fonts would make every user unique on it's own. In Firefox one can use Blender to fake using the most popular browser version/operating system and block font detection. |
cc: @diracdeltas |
https://browserleaks.com/fonts#comment-3084234018
We also could limit the amount of available fonts. @diracdeltas wdyt? |
we could limit the font list for users who have FP set to block all (vs block 3rd party which is the default) but it would make some sites look uglier |
I personally think that if the change is announced via twitter and documented on changelog and wiki, it should not be a great issue. |
This issue now lives at brave/brave-browser#816 . |
Describe the issue you encountered: On my environment the system fonts make the browser unique much more than any other leakages do. Is there any way to fix this?
The text was updated successfully, but these errors were encountered: