Stop your fonts from being fingerprinted or interrogated. Protect your privacy by only using white-listed fonts.
Your list of fonts can help identify your browser and allows you to be tracked. See https://panopticlick.eff.org
By adding elements to the page with different fonts and then measuring the width on the page, a website can use JavaScript to identify which fonts you have. This plugin is an attempt to minimise tracking without blocking all javascript.
This plugin enforces a whitelist of font-familys on DOM elements modified using:
CSSStyleDeclaration.setPropertyCSSStyleDeclaration.fontFamilyCSSStyleDeclaration.cssTextElement.setAttributeElement.innerHTMLElement.outerHTMLNode.appendChild
There are still some ways around it, but this is super-effective for the current fingerprinting libraries.
The whitelist contains the array commonFonts and any webfonts downloaded by the page. You can modify the array to appear as a different system, although the fonts must actually exist on your system for them to be identified by the tracker.
I'm not in the mood to pay Google the $5 for Chrome Web Store registration today so for now we will use an unpacked extension.
- Clone the repo somewhere
git clone https://github.com/bcaller/font-privacy-chrome.git - Go to chrome://extensions
- Enable developer mode
- Click Load unpacked extension
- Select the font-privacy-chrome folder
- Also optionally check the box "Allow in incognito" next to the Font Privacy
It is also recommended that you turn off Flash autorun to prevent your fonts from being fingerprinted more extensively. You will then need to right-click on a Flash element to load it. To do this go to Settings; Show advanced settings; Privacy; Content Settings; Plug-ins; Let me choose when to run plug-in content.
fontas well asfont-familyCanvasRenderingContext2D.font