[inetknght]

> I just have this suspicion that sooner than later they will be used as a vector for some kind of security issue.

You mean like being rendered into a canvas to get a high-entropy fingerprint of your device?

[abjKT26nO8]

TrueType implementations need to include an interpreter for a Turing-complete language (the hinting language). More about vulnerabilities:

1. https://security.stackexchange.com/questions/91347/how-can-a...

2. https://threatpost.com/of-truetype-font-vulnerabilities-and-...

3. https://googleprojectzero.blogspot.com/2015/07/one-font-vuln...

[skrebbel]

How do downloadable web fonts help with that?