Proposal: Improve Tor Browser font whitelist / bundled fonts
In legacy/trac#13313 (moved) we introduced a new font whitelisting mechanism. Tor Browser only allows certain fonts to be used in the browser, in order to prevent bad people from trying to identify you by detecting what fonts are installed on your computer. Font whitelisting is also available in Firefox, off by default. (The whitelisting is controlled by a pref, "font.system.whitelist", which contains a comma-separated list of allowed font names. You can edit this pref by opening a tab and browsing to
On Window and Mac, we mostly whitelist certain system fonts that are bundled with the operating system by default. We bundle a few Google Noto fonts as well for languages that don't have a built-in platform font.
On Linux, we bundle a large number of Google Noto fonts, plus Arimo, Cousine, and Tinos. We don't expose any system fonts, because these aren't consistent across Linux flavors.
My strategy for choosing fonts for the whitelist was to try to cover all possible languages with at least one font, and get the work done as efficiently as possible. I whitelisted Mac and Windows fonts that have been available for a long time and should be on essentially all systems. Bundling fonts from the Noto collection was a quick and dirty method for covering any missing fonts for different languages.
But there are probably more appealing fonts for some languages that we could use, especially on Linux. For example, in legacy/trac#20820 (moved) we are considering switching Linux from Noto Japanese to mona.ttf because the latter looks better (according to Yawning) and because mona.ttf can be used in the ancient Japanese art of ascii calligraphy. I also heard from someone who knows that the Tamil font on Windows is not too beautiful.
So it would be a useful project to go through each of the fonts on each platform and see if there are better fonts that could be used instead. Important considerations would include:
- Character coverage
- Font licensing
- Font file size
This would require asking the opinions of native speakers of various languages.
Ideally, we could come up with a new font whitelist and bundling list for Mac, Windows and Linux, where the fonts are beautiful and users are happy.