ToDo: followsups / extras / ideas #3

[Thorin-Oakenpants]

🔹 Pages I use to keep tabs on a few things

• SpiderMonkey
• L10N
• Experimental features (not always up to date!)

---

🟥 ToDo

🟩 perf

• ongoing: reduce fonts in list(s) - see #34

🟩 isVars

• harden isFF with items from isEngine, and thus isEngine for gecko/goanna
• replace isEngine math (for non-gecko/goanna)
• harden isOS
• harden navKeys with knownGood, knownPoison from isEngine

🟩 general: fingerprints, sections, lies

• general: add overlay popup to show results for each section and overall
  • examples: https://developer.chrome.com/blog/what-is-the-top-layer/
• general: add a user-initiated i.e [click here]'s global FP
  • reset each gRun
  • update or add each metric when a metric is run
• handle passing objects as well as arrays
• don't use .join()
  • don't use .join() on arrays for all sDetail data (where we can now use objects or arrays)
  • don't use .join() anywhere else unless we have to (or it is safe)
• preserve typeof where possible
  * e.g. screen metric width/height is a joined string but we already test for NaN
• general: ongoing
  • knownLies (from mathematical proofs etc)
  • apply prototypeLies to metrics
  • logic -> check knownLies -> if no lies then check prototypeLie -> into the section hash data -> into overall hash data
• general: ongoing
  • robust error handling, detection of script blockage: e.g. screen.js needs work

🟦 screen

• screen: vw + wh units, visualviewport etc see expand screen methods #29
• screen: android 73+: see 1514429:
• screen: android: investigate a history of changes as soon as possible
  • e.g global.js is where I grab initial viewport and window sizes

🟦 ua

• ua: refactor
  • always return 11 results
  • relax oscpu for specific linux distro strings
  • harden oscpu: win7 vs win8/10 via tiny font check
  • harden userAgent from the other parts: i.e userAgent is constructed using a set method
  • bypass more parts of the userAgent than just version where possible
  • only bypass the six "hardcoded" parts - we always detect without proxyLies
  • don't try to bypass the variable FF strings because that may indeed be the string, e.g forks, special user builds, useragent-override pref(s) ... only detect untrustworthy via proxyLies

🟦 feature detection

• feature detection: new math test for android if isVer is FF68+
  • moved to misc, split into RFP vs other, extended tests to cover android entropy

🟦 language

• language: investigate NumberFormat v3 1648137 + 1795756
• language: add fractionalSecondDigits etc
  • see 1645107, also FF121 1855747
  • https://github.com/tc39/ecma402/pull/347
• future
  • Intl.Segmenter - 1423593, github, spec
  • Temporal - 1519167, github, article, spec + cookbook
  • Intl.LocaleInfo - 1693576, github
  • Intl.Enumeration - github
  • Intl.MessageFormat - github

🟦 storage

• storage: auto-output estimate as it doesn't need permission
• storage: finish the tests

🟦 devices

• devices: screen refresh - see add animation / screen refresh/hrtz #168
• devices: more pointer tests
  • android: touch tests: radiusX/Y, screenX/Y, clientX/Y
  • pointerid
• devices: enumerate gamepads/vrdisplays

🟦 svg

• svg: such as
  • ExtentOfChar
  • SVGTextContentElement.prototype.getComputedTextLength
  • SVGPathElement.prototype.getTotalLength
  • SVGGeometryElement.getPointAtLength()

🟦 canvas

• canvas: add noise fingerprint (just for toDataURL)
• canvas: harden RFP random detection - see https://arkenfox.github.io/TZP/tests/canvasrfp.html
• canvas: add offscreenCanvas
• canvas: add convertToBlob

🟦 webgl

• webgl: add properties/parameters: split into 1, 2, experimental groups and subgroups e.g. affected by RFP/prefs
  • split: e.g. minimal mode RFP restrictions in 1217290 FF57+
• webgl: add image tests
  • make sure to expand/test on error entropy for readPixels
  • e.g. in VM's which usually block the graphics driver and the error messages can differ
  • make sure error entropy is handled for TB slider and VMs

🟦 audio

• audio: see audioLies + audio data #67
  • expand methods: see audioLies + audio data #67 (comment)
  • detect known lie: see audioLies + audio data #67 (comment)
  • MOAR: see DynamicsCompressorNode.reduction - audioLies + audio data #67 (comment)
• audio: android bug? ac-outputLatency is always 0 even after two tries
  • see 1612093 as well
  • we can ignore this, since we it is hard-coded in RFP, is zero otherwise, except on newer android versions where we just return "variable" (not entirely sure this is the case for android, but since we know RFP protects this, we don't need to collect entropy)

🟦 fonts

• fonts: add domrect methods (bounding, bounding range, client, client range)
  • and use this (if trustworthy) for sizes (more precision)
• fonts: graphite: use base64
• fonts: transform - on domrect
• fonts: fontFace: enumerate some weighted fonts, check RFP/TB leaks
• fonts: max sizes
• fonts: add system-ui to tests 1226042
• fonts: update lists
  • windows up to 11
  • mac up to macOS 15
    • now 10.15 is the minimum in ESR128+ we can also clean out some old crap
  • android updated with moz telemetry data
  • linux: load some VMs and pick the eyes out
• fonts: add more enumeration methods (maybe via [click here])
  • font face (we already have this for smaller test for weighted fonts)
  • textmetrics (we already have this for a smaller test for offscreen)
  • svg
• unicode support + FP based on code points assigned per script/version
• emoji support + FP
• textMetrics: randomness
  • https://gregtatum.com/writing/2021/diacritical-marks/ for combining unicode
  • double char non-matching
  • combine char with preceeding/next char in looped list: triple-variable-char test
  • number of decimal places
  • non 128ths

🟦 media

• media: improve audio/video lists
  • reduce list for perf (we only care about FF), add items for entropy
• media: mediacapabilities FP
  • also see 1461454
  • https://w3c.github.io/media-capabilities/#security-privacy-considerations
• media: image hash: encoding/decoding FP?

🟦 css

• css: prefers-contrast notation - tests, article
  • WTF is this 1658780
• css: detect changes to expected values (e.g. dark readers)
  • e.g. window.getComputedStyle(document.getElementsByTagName("body")[0]).backgroundColor

🟦 elements

• clientrect
  • add more methods: BBox, rootBounds etc
• line height
  • loop sizes, use clientrect lies to determine fallback method, transform scale to hopefully force decimal precision: devicePixelRatio may cause entropy plus it also means clientrect lies make sense
  • transform:scale() to force decimals
  • loop by generic-value font-family
• mathml
  • https://frederic-wang.fr/update-on-open-type-math-fonts.html
  • loop sizes
  • transform:scale() to force decimals
  • use domrect, not offSet
  • record width and height
  • use multiple mathml divs to measure different mathml things
    • e.g. https://privacycheck.sec.lrz.de/active/fp_ml/fp_ml.html
    • http://eyeasme.com/Joe/MathML/MathML_browser_test.html
• widgets / form controls
• all other elements

🟦 misc

---

🟫 BACKBURNER

• canvas: add iframe tests (linked to CB's test page instead for now)
  • we can deal with iframes way down the track, along with workers
• devices: use precision timing bypasses to estimate cores
• fonts: fontfallback: investigate further
  • when document fonts are blocked, the first run misses fonts it picks up on subsequent tests: currently mitigated by doing a 2-font "priming" run: but this is not an elegant solution
• fonts: can we do anything with zalgo
  • https://en.wikipedia.org/wiki/Zalgo_text, http://www.eeemo.net/, https://lingojam.com/GlitchTextGenerator
  • interesting: https://gregtatum.com/writing/2021/diacritical-marks/
• general: make worker fingerprint global
  • waste of time until we start adding lots of worker tests
  • currently there is only the ua and language sections, results are not used anywhere
  • instead all worker data should be a separate global FP which we use after the fact to report lies
    • i.e we still output a sub-section worker hash (and diffs to doc), but report lies/mismatches in global
• general: make iframes fingerprint global (same deal as workers above)
  • waste of time until we start adding lots of iframe tests
• language: injecting resource:// css files for app lang leaks
• other: WebRTC
• other: isAdBlocking [also: hash of results]
• other: sanitizing / zombie storage - prototype
• other: RFP timing tests
• screen: android: improve keyboard PoC to use setInterval to detect a static change
• screen: android: exploit font inflation
• screen: android: exploit position (top/bottom) of toolbar in Fenix [yes, I can detect this]
• screen: mod/add border-snapping subPixel devicePixelRatio PoC to use clientrect

...

[Thorin-Oakenpants]

interesting perf

• https://endtimes.dev/why-your-website-should-be-under-14kb-in-size/
• https://news.ycombinator.com/item?id=32587740

Of course nothing really happens in TZP until we receive all the JS files, at which point we start timing, but makes you wonder if trying to get most JS files under 14kb speeds up the initial loading - but wait, that's compressed .. check your network console

of course I expect creepy to simply wrap it's entire code into < 14kb, because, nerd!

[abrahamjuliot]

I'm currently at 140kb and CSS is 157kb 😭.

[Thorin-Oakenpants]

@abrahamjuliot OMG - https://bugzilla.mozilla.org/show_bug.cgi?id=1519167#c117 .. anba had to stop at part 99

[Thorin-Oakenpants]

well I got my 11.5 yr old PC down to ~210ms (including adding the webgl at around 15ms)

anyway, here's my new rig, current code

• this is running as file:// and then hitting F5 to eliminate noise and get a stable and best case
  

@abrahamjuliot ... I think I can get down to 50ms . what do you think?

[abrahamjuliot]

Nice. Do we lose a lot of entropy with shorter font lists? Maybe that can be cut by half.

[Thorin-Oakenpants]

So I just removed a lot of fonts in windows, will check mac later on. I have a win11 desktop rig, with 182/186 fonts tested (everything MS provides incl win11, including all supplemental, and downloads such as 'Cascadia Code','Cascadia Mono') - I do not have 'Arial Unicode MS','MS Reference Specialty','MS Outlook' (which are installed with office or other MS products, IDK about office365) .. not looked at the new office font .. and I don;t have 'AlternateGothic2 BT' which is in the RFP font vis level 1 for some reason (can't be assed looking up to re-read why jonathan added it, but it's not a MS font AFAICT, but it is in kBaseFonts). The 187th font is a poison pill

So .. I fixed some names up, and it's all peachy.

I had to remove anything that is a "variant" .. black, cond, light, demi, semi, whatever, ultra, etc - because they are not stable. I have an issue open for font variants. Remember when you said you had windows 10/11 sometimes detect Arial Black and sometimes now, or Arial Narrow .. whatever. Well, this seems to be due to some change in windows and/or Firefox. I believe it's due to the OS as FF is stable as fuck on my old machine.

unstable is like this

• start new browser session, first load - it will detect some fonts as their namesake, e.g. it will detect Corbel Light because Corbel is used, and it will record the size as Corbel's, when Corbel Light is actually different. Or it will not detect a font.
• do a refresh and then it becomes stable with all fonts detected and with the correct sizes, i.e actually using the font

So I surmise this has to do with font-weight, and I think all I need to do is, in a new test or wrapped into this one, is break the fonts lists into weights and loop weights, list, font (and record base the same)

Anyway, so fonts dropped from 240 to 190 in windows. But I added an extra char (a tofu) in the test string. The shorter the test string the faster the test (less glyphs to get per font). So perf didn't change much. The font string used in the test doesn't increase detection of fonts, but it increases the bumber of sizes collected

	if ("windows" === os) {
		// Mō = 124 +"á" = 125 +"Ω" = 127 (win7)
		// Mō - 141 +"á" = 142 +"Ω" = 144 | Mō - 141 +tofu = 154 | (win11: have 182/186 fonts
		let tofu = get_fntCodes("tofu")
		fntString = isTB ? "?-"+ tofu : "Mō"+ tofu

^ that's Mō gave me 141 sizes for 182 fonts, but Mō+tofu gave me 154 sizes for 182 fonts

now I have a mac, I'll be doing all that for mac. Linux and android font lists don't have any "variants"

I think fonts sizes may provide entropy (sort of an equivalency of system scaling, subpixels, cleartype, font version maybe), and I test them all because besides the core group they're all supplemental and you can't really leave any out - although I have, see code for why (assumptions, e.g if you have Segoe UI Variable Display then you're going to have Segoe UI Variable Small and Segoe UI Variable Text and they are the same size, etc

With variants, there are so many (I and I will not be testing styles, e.g. italic), I may have to be more selective. But overall, it's up to me to cover as much as possible, or all of it .. so that when we do collect some data, we can see where the entropy is coming from. At least in FF116+ it's limited to Win10+ and macOS 10.16+ (or whatever it was)