Skip to content

Limit the fonts available in TorBrowser

According to the Panopticlick data set, the font list (which they obtained through plugins) was the second most identifiable chunk of data they saw, behind plugins themselves. We block plugins, but fonts are still available through CSS.

There are seemingly two potential ways to solve this:

  1. Ship with a fixed set of fonts in TorBrowser
  2. Limit the number of fonts that can be loaded on a single page

Because of the wide variety of languages we support, and because we'd like this feature merged upstream in Firefox, I think the way to do this is is #2 (closed). The maximum number of fonts per page should be governed by an about:config setting.

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information