[burke]

You can test whether a font is installed with any number of tricks. For example, render white text on a white background with "sans". Then, change the font to the candidate font, with a fallback of sans. If the width of the text changes, the font must be installed.

[michaelvillar]

Interesting.

Maybe browsers shouldn't have access to system fonts except a specific set. Websites can't assume fancy fonts are installed anyway, I don't think it would be a problem?

[roel_v]

Yeah, all we'd have to do is convince every manufacturer of operating systems and/or browsers to agree on a common set of fonts, work out licensing/font rendering technology issues etc., then convince all web developers across the world (or at least a sizable portion) to redevelop their websites to work with this list, then enforce the font restriction, and then convince users that this is somehow a good idea because invariably a bunch of the websites they use are going to break. We also need to do it within a few years, otherwise it's too late, and our main argument is going to be 'but maybe websites can use fonts as part of a fingerprint to track what websites we are visiting'.

[michaelvillar]

You couldn't be more wrong about this.

- You need to convince only one browser. People that care about privacy will use that browser.

- You don't need licensing, they still use the OS fonts. They just limit the fonts available.

- You don't need to convince web developers because they already use these fonts and only these fonts. Who's using Papyrus?

- 1997 websites are going to break. Again, new websites use only a set of system fonts or fancy web fonts.

[tankenmate]

You're both wrong; most people at the point of browsing don't care that much for privacy. Most users would hand out their passwords for a chocolate bar! [0] How much less would they care about their privacy let alone understand how one browser is better than another.

[0] http://news.bbc.co.uk/1/hi/technology/3639679.stm

[thinkpad20]

Very interesting, but it still seems like browsers would be able to prevent that: simply restrict the font list to a generic set when in incognito mode. Similarly for any other fingerprint thing. Of course, in the most general case this might be hard (or impossible) to prevent fully, but a browser developer should be able to at least get close to minimizing it... I would think?