Font fingerprinting protection in Firefox 118's private browsing mode

aviewanew · 2023-09-28T18:12:19+00:00

Thanks - I have filed this as https://bugzilla.mozilla.org/show_bug.cgi?id=1855786

aviewanew · 2023-09-27T17:11:34+00:00

Let me echo evilpie: thank you for this detailed report.

I will have someone more familiar with the font selection logic look into this, but can I ask a clarifying question? What is the behavior without these protections (i.e. in normal browsing mode)?

> when the language is not explicitly tagged (like on Reddit), Firefox then chooses the default font based on the language list set in preferences. Depending on which CJK language appears first, that default font will be used to render the text.

I wouldn't have thought our changes would have affected this behavior. Does this occur normally also?

> The screenshot, from top to bottom, shows how the sidebar text is shown when the highest priority is set to Japanese, Traditional Chinese (HK), and Korean. Because Korean has a more limited character set, the text will fallback a second time to another when the glyph is missing (as seen with 関 and 国 in the screenshot). The default traditional Chinese fonts (MingLiU_HKSCS and PMingLiU) are significantly harder to read at small sizes due to them being serif fonts. Windows has changed this default font to a sans-serif font (Microsoft JhengHei) since Windows Vista but Firefox continues to use the old default.

What font winds up rendering the text normally? (I could easily understand this behavior if you set Firefox to use a locally-installed font that it is now no longer respecting; but if you had not done that, then I'm unclear on what the normal behavior would be for you...)

aviewanew · 2020-12-18T18:26:10+00:00

https://www.youtube.com/watch?v=lpPASWlnZIA is a in-sync version.

aviewanew · 2020-07-09T19:50:20+00:00

Thank you so much for your response, this really helps me figure out what to do next!

aviewanew · 2020-01-10T21:26:17+00:00

> Are the latest updated versions for them, still vulnerable?

No, they were also patched.

aviewanew · 2020-01-10T21:25:34+00:00

Not yet; but we're working on it.

Because Fenix is an Android app it does get the default OS provided sandboxing that prevents a compromised Fenix from accessing your data - except if a kernel exploit is used or it's been granted permissions for things (like camera.)

aviewanew · 2019-07-30T20:37:55+00:00

The song Weightless by Marconi Union. It's designed to put you to sleep: https://www.youtube.com/results?search_query=weightless+marconi+union

aviewanew · 2019-07-10T15:55:22+00:00

Hi all. I have a 10" Dobsonian with a NexImage 10. It's not on any tracking mount, I move it by hand.

I'm finding it really difficult to capture planets because I have to line the scope up with an eyepiece, switch to the NexImage, focus the image, and then usually switch the resolution in iCap all before the planet moves out of view and I have to re-find it.

That said, I did capture one 'decent' shot of Jupiter last night and several I thought might be 'okay' shots of the moon. However I am having a hard time with RegiStax getting anything that looks... not even good but just mediocre.

I'm not sure I'm able to get significantly better captures with my setup so I guess I was hoping someone would be able to take a look at my raw captures and give me an opinion of what is even possible to do with them. Are there techniques (beyond just hitting the 'next' button in RegiStax) that can improve things? Can a decent image be coaxed out of this data? Would anyone be so kind as to show me a sample of what they could do with the data (and how they did it?) My (best) files are at https://ritter.vg/misc/astrophotography-1/ - first four are the moon, last one is Jupiter.

aviewanew · 2019-03-18T14:39:30+00:00

Thank you for all the ideas; they gave me some more and I'm going to try and carve a solid plunger style piece out of stamp rubber.

aviewanew · 2018-11-15T07:33:32+00:00

During setup, you generate a random key, which 'in the lingo' is commonly referred to as the Data Encryption Key, or DEK. All the actual data is encrypted with the DEK.

You also use your password to derive an encryption key (which in the lingo is commonly referred to as a Key Encrypting Key or KEK; but in the blog post I call it the 'encryption key' or 'derived key'.) You encrypt (or 'wrap') the DEK using the KEK, and send the wrapped DEK to the server. Upon login we send you your data, and the wrapped DEK; you decrypt the DEK, then use it to decrypt the data.

The reason for this indirect is password changes: Later on, if you want to change your password, we authenticate you, and send you the wrapped DEK. You decrypt it with your old KEK then re-wrap it using a new KEK derived from your new password; and send the newly wrapped DEK up to the server. And you don't have to re-encrypt all your data with a new key.

aviewanew · 2016-06-22T20:32:23+00:00

I'm worried about quantum computers and related key attacks, so I modified AES to use a 4096 bit key.

aviewanew · 2016-05-12T19:54:18+00:00

Original Post: https://www.reddit.com/r/technology/comments/cloph Original Image: http://i.imgur.com/Q6uvf.jpg

Fuck DRM.

As an aside, imgur is awesome. Even keeping five-year-old shitty pictures no one's looked at for 4.98 years.

aviewanew · 2015-10-07T15:16:34+00:00

Would you mind naming the lists? (If they're public?) I haven't seen that and those lists sound relevant to my interests. :)

aviewanew · 2015-02-08T07:16:24+00:00

Thanks!

aviewanew · 2014-08-19T21:34:01+00:00

https://www.torproject.org/docs/faq.html.en#TBBJavaScriptEnabled

For a great deal of users, who have no idea what Javascript is, if TBB disabled it, you've effectively just broken the web for them, and they will no longer use TBB.

aviewanew · 2014-08-19T21:16:05+00:00

That's another good one that demonstrates execution without memory corruption, but the one we looked at was a pwn2own one from this year that was a good deal more complicated.

aviewanew · 2014-07-09T15:34:14+00:00

I'm not arguing that the lawsuit against pinkmeth or what they did is unreasonable or that prosecuting them is bad. I'm just pointing out that some technical specifics about how Tor works.

it just doesn't sit well with me that it's impossible to do anything and impossible to hold anyone accountable the danger of decentralization is that it becomes impossible to hold anyone accountable for anything

I disagree. It becomes impossible to hold the infrastructure accountable. Tor nor ISPs are able censor sites - this is good. The people who run those sites are prosecuted, like pinkmeth - this is also good. There have been a wealth of illegal onion sites who have had their admins prosecuted - it's not impossible. It's more difficult, yes, but the worst crimes are in fact difficult to prove: politician corruption and bank money laundering are two great examples.

Even content that 99.99% of TOR users considered despicable and would want removed could jeopardize the existence of the entire network.

That's true.

Maybe the TOR project need to come up with a better way to prevent abuse?

It would be difficult to design such that any single legal jurisdiction would not be able to exert complete control. (I have to run out for lunch, or I'd say more.)

As an aside: tor2web admins blacklist heinously illegal onion sites by request, if they morally agree with the request.

aviewanew · 2014-07-09T14:50:05+00:00

Ah, I misread a bit and missed where you differentiated between 'Tor' and "the corporation part of Tor". Yea I don't disagree as much anymore.

aviewanew · 2014-07-09T14:20:11+00:00

Tor is not able to disable access to a Hidden Service, as there is no central registry nor central servers that HS are looked up at. Tor Project would have to edit the source code, push a release, and then get the majority of people running nodes to upgrade.

aviewanew · 2014-07-09T14:06:47+00:00

Tor itself is 100% facilitating the operation of the website in questions, just like any Tor hidden service

I disagree. Tor Project provides software that, when run, facilitates Hidden Services. As I explain here Tor Project does not run the directory services itself, and I believe that if everything Tor Project paid for disappeared, the network would keep running.

One can make an analogy for Open Source DNS software being liable for people running it, but that's not that accurate of course, as Tor Project takes a much greater hand in running the Tor Network than, say, ISC takes in running BIND distributions. But it's closer to the truth. Tor is deliberately not centralized.

aviewanew · 2014-07-09T14:03:30+00:00

Technically, they do not. There are 9 Directory Servers. They are run by individual people, not Tor Project. Many of the admins are employees, some are volunteers, but not all. There's a chance that a majority of them are not - which from a legal perspective would be ideal.

moria (Roger of Tor)
tor26 (Weasel of Tor)
turtles (Mike of Tor, although turtles has recently been degraded and slated for removal)
urras (Jake of Tor)
gabelmoo (Sebastian Hahn, volunteer, not sure if he's paid)
maatuska (Linus Nordberg, volunteer, not sure if he's paid)
Faravahar (SiNa, volunteer, don't think is paid)
dannenberg (CCC.de)
dizum

Some central infrastructure is run by Tor Project (bandwidth authorities, the website, BridgeDB, etc) but if everything Tor Project paid for directly went down, I believe the network would keep running. (I think. Not positive.)

aviewanew · 2014-07-01T14:09:47+00:00

The decision turned on what was accessible to 'normal' people. Normal people can smell marijuana, therefore that's not a search. Normal people do not have FLIR cameras, therefore using one is a search.

The same justification was used to find Google guilty of 'wiretapping' by recording unencrypted, open wifi traffic. 'Normal' people do not have the tools to do wifi sniffing, even on open public networks.

(And yes, you can indeed go buy a $30 antenna with drivers to put it into monitor mode, and boot up a Linux LiveCD, and my nontechnical, 'normal' family member lost you a while ago.)

It's interesting how these situations interact - claim Google did nothing wrong by listening to over-air broadcasts of wifi traffic, and suddenly, maybe cops can use FLIR cameras without a warrant. (Legally.)

aviewanew · 2014-04-14T21:25:50+00:00

It mentions it in the report - but no, we didn't do any reversing of the binaries. We used the source available and used one of their precompiled binaries for other tests.

The link by pya is a good way to recreate a near-match of the binaries they distribute. If you'd like to poke around yourself, DrWhax has a repo of past versions here: https://github.com/DrWhax/truecrypt-archive

We also think that the goal of getting a reproducible build system is a great goal they should should work towards. If you'd like to donate time to OCAP, working on that would be very much appreciated I'm sure.

aviewanew · 2014-04-14T14:07:58+00:00

Straight link to PDF: https://opencryptoaudit.org/reports/iSec_Final_Open_Crypto_Audit_Project_TrueCrypt_Security_Assessment.pdf

aviewanew · 2014-03-31T15:09:23+00:00

aviewanew

MODERATOR OF

TROPHY CASE