| 00:01 | <caitp-> | is it that unique? |
| 00:01 | <TabAtkins> | Yes. |
| 00:01 | <caitp-> | i'd bet most people don't intentionally seek out and add new fonts to their system |
| 00:02 | <TabAtkins> | It at least gives several bits to the fingerprint. |
| 00:02 | <TabAtkins> | They don't have to; the programs they install often do. |
| 00:02 | <caitp-> | sure, but there's already tons of those "fingerprinty" bits already exposed |
| 00:02 | <JonathanNeal> | Silverlight has InstalledFontCollection. AS3 has enumerateFonts. |
| 00:02 | <TabAtkins> | The precise version of Word you have affects which fonts you have installed. |
| 00:02 | <caitp-> | i'm not saying it would be good to make it worse :p |
| 00:03 | <TabAtkins> | I agree - I think fingerprinting is already so easy that it's not worth fighting against it. |
| 00:05 | <JonathanNeal> | For an unknown reason to me, Chrome returns a list of font families while every other browser returns a list of font families combined with their weight, as though it were compiled by filename. |
| 00:06 | <zewt> | unless you're behind a proxy fingerprinting is basically already irrelevant (IPs), so it seems like anti-fingerprinting stuff can mostly be behind a switch for those people |
| 00:07 | <zewt> | (not that I'd go too far--wouldn't want to expose a client UUID) |
| 00:07 | <JonathanNeal> | zewt: in private browsing, a browser could prevent JavaScript from fetching the installed font list. |
| 00:08 | <zewt> | like i said, a switch |
| 00:08 | <TabAtkins> | zewt: I mean, adding more fingerprinty stuff and saying "have a switch to disable it" just means a lot of pages will break. |
| 00:08 | <TabAtkins> | A switch that makes the APIs lie is better, but more work. |
| 00:08 | <zewt> | TabAtkins: "disable it" means "make them act like a common user" |
| 00:08 | <JonathanNeal> | zewt: and that’s already the case in the example I posted above. |
| 00:09 | <zewt> | eg. only list a few base fonts instead of all fonts |
| 00:09 | <TabAtkins> | So if we give up on stopping fingerprinting, we're still creating more work for those people who are concerned about it. |
| 00:15 | <JonathanNeal> | TabAtkins: where were you thinking of putting such a feature and how might you have expected it to work? Is there a draft anywhere? |
| 00:15 | <TabAtkins> | JonathanNeal: No draft. I would probably just let you enumerate all the fonts. Problem is what to expose on the object; local fonts don't have a single concept of "name". |
| 00:16 | <zewt> | can probably profile a lot from fonts anyway just by doing layout and checking the results to see if it's installed, so browsers that care about privacy would need to be able to limit available fonts anyway |
| 00:17 | <TabAtkins> | zewt: Yes, that's what I said earlier. If you just have a few thousand font names and a few seconds of compute time, you can probe someone's installed local fonts today. |
| 00:17 | <TabAtkins> | And you can't stop it. It's impossible, because "stopping" it would involve making font choice somehow not affect layout. |
| 00:18 | <TabAtkins> | Enumerating local fonts does *technically* increase the fingerprinting surface a little bit, as it exposes all fonts, not just those on your predefined list, but it's tiny relative to the existing fingerprint leak. |
| 00:19 | <zewt> | could stop it by limiting fonts, but only people who actually need that level of anonymity would want that (and that's not what "private browsing modes" are for) |
| 00:19 | <zewt> | TabAtkins: changes it in a different way (lots of people would be roughly the same, but a small number of people would be far more fingerprintable, which is what happens with a lot of fingerprinting) |
| 00:19 | <JonathanNeal> | TabAtkins: Looking, they do have a name field, and a name + style field. |
| 00:21 | <TabAtkins> | JonathanNeal: They have *several* name fields, and different OSes use different combinations of them. |
| 00:21 | <zewt> | (actually, doing that sort of thing in private browsing mode would probably be bad, since it gives a confusing message to naive users about what "private browsing" actually gives you) |
| 00:21 | <JonathanNeal> | TabAtkins: Right, I was just looking at otf. |
| 00:22 | <JonathanNeal> | Whatever Chrome/Flash is doing in my example seems right. The other browsers seem more primative. |
| 00:25 | <JonathanNeal> | So, at some level, I wonder if Chrome is already thinking about this. |
| 00:26 | <JonathanNeal> | Maybe not for such a feature, but for some reason, they group fonts by name only when they can. |
| 00:30 | <TabAtkins> | That is also a hard thing; some (legacy?) programs only allowed a small number of fonts per family, so large families had to be broken up, and some software manually re-stitches them back into a single virtual family. |
| 00:33 | <TabAtkins> | annevk: Please convince Domenic that he's wrong. ^_^ |
| 00:37 | <TabAtkins> | Domenic: You agreed with the pipe/broadcast distinction for Streams. Why do you disagree with it here? |
| 06:58 | <annevk> | TabAtkins: https://github.com/whatwg/dom/ does not show dom-core.bs |
| 08:48 | <strugee> | ] |
| 08:49 | <strugee> | sorry, didn't mean to say anything |
| 08:49 | strugee | rolls eyes at self |
| 20:36 | <TabAtkins> | annevk: Hmmmmm, my fork doesn't show dom-core.bs either. But where did it come from, then? I'm so confused. |
| 20:36 | <TabAtkins> | I guess I did it myself and then forgot about it? |
| 21:03 | <TabAtkins> | But for serious annevk, how did your fingers not fall off typing all these excessively long autolinks? |