Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

One of the most effective methods of fingerprinting people is to enumerate the fonts they have installed on their machines (via flash). You don't even need the browser version number to uniquely identify most - the only solution is to disable flash.


As chrome sandboxes flash, I wonder how much hassle it would be to only allow a small subset of fonts through?


Most browsers have "run plugins on click" options, very useful in general.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: