Should the new feature have user font randomization? As far as I know, practically 99.9% of users do not intsall custom font on their device.
Integration with Shields
In both default and aggressive configurations, Brave will allow websites to access all Web fonts, OS fonts for your current top language preference, and a randomly selected (i.e. farbled) set of user fonts. As with all of Brave’s fingerprint randomization protections, the set of user fonts the page can access is randomly determined for each site and for each browser session; a site will always be able to access the same fonts during the same browser session.
The thought came from when a user noted it in a reddit discussion about the topic. See his second comment in the thread. (Avoid his debate in the first comment, but only see his second comment)
I’m not sure I understand the claim being made. Web sites generally do not assume the presence of users fonts (since most users wont have any particular fonts), so I do not expect any “added inconvenience” when browsing the Web. Far and away the most common use for querying for non-standard fonts is fingerprinting.
What is the inconvenience folks are worried about?
Should the new feature have user font randomization? As far as I know, practically 99.9% of users do not install custom font on their device.
This is exactly what makes these fonts so identifying when they are present
More users have these present than you’d expect, since many applications install additional fonts as well, unknown to users.
Again, I do not think this is correct. I expect it to be closer to 10% or 25%. This is slightly out of date at this point, but this 2015 paper found ~34% of measured users to have uniquely identifying fonts. I’m familiar with several other papers in the area
coveryourtracks.com (EFF’s project) finds that there are ~17 bits of identification based on the diversity of user fonts too
users send extra data (randomized) to servers/websites?
Just to clarify, Brave is exposing (not sending) strictly less information with pages with this change. By default Chromium allows sites to access all user fonts on a device. With this change Brave, Brave now allows sites to learn of a random (and changing) subset of user fonts.
All browsers allow access to browser fonts, system fonts, user fonts to website servers, as I understand it.
Currently, of the major browsers, only Safari and Tor Browser prevent pages from learning about user fonts. After this change Brave will also prevent users from being fingerprinted based on user fonts (though in a different technique, one we think provides stronger protections against fingerprinting based identification)
Personally, I thought that users will not install custom user fonts on their devices and the number will be around 99%. Most users I presume do not know what fonts even are. I think, various applications on the device later on may install fonts (user fonts) on their own without the consent of the user, thus increasing the percentage above 10%.
The same is said in the brave blog post:-
User Fonts : Additional fonts installed by the user, either directly (downloading and installing a font from a website) or indirectly (because other software on your computer has installed fonts, e.g. office suites, presentation editing tools, or image editing software). These are most useful for fingerprinting.
If the percentages are correct, (reference to 10-25, 34%) then I would say it is reasonable to randomize the user font data.
I have participated in the beta testing of this feature on the nightly/beta channel. Will report if I find anything.