Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

EFF Publishes Study On Browser Fingerprinting

Soulskill posted more than 3 years ago | from the do-we-need-proxybrowsers dept.

Privacy 80

Rubinstien writes "The Electronic Frontier Foundation investigated the degree to which modern web browsers are susceptible to 'device fingerprinting' via version and configuration information transmitted to websites. They implemented one possible algorithm, and collected data from a large sample of browsers visiting their Panopticlick test site, which we've discussed in the past. According to the PDF describing the study, browsers that supported Flash or Java on average supplied at least 18.8 bits of identifying information, and 94.2% of those browsers were uniquely identifiable in their sample. My own browser was uniquely identifiable from both the list of plugins and available fonts, among 1,557,962 browsers tested so far."

Sorry! There are no comments related to the filter you selected.

Winning (-1, Redundant)

memyselfandeye (1849868) | more than 3 years ago | (#36330074)

Zazzoo. 20.57 bits. What do I win? :(

Re:Winning (1)

thijsh (910751) | more than 3 years ago | (#36330142)

I have exactly 20.57 bits too! I guess you're that special 1 in 1558541... ;)

Re:Winning (0)

Anonymous Coward | more than 3 years ago | (#36330202)

20.57 here as well. Xubuntu with Firefox.

Re:Winning (0)

Anonymous Coward | more than 3 years ago | (#36330292)

also 20.57, Chromium on Kubuntu

Re:Winning (1)

PIBM (588930) | more than 3 years ago | (#36330366)

It`s simple: since your representation was not seen before, and that there`s now been 1,559,692 test, you can obtain your minimum number of bits (the maximum is unknown) as being the log (1,559,692 ) / log (2), the exponent to 2 required to obtain so many tests..

Re:Winning (0)

Anonymous Coward | more than 3 years ago | (#36330386)

Also 20.57, Chromium on Arch Linux (Gnome 3).

Re:Winning (1)

Yvan256 (722131) | more than 3 years ago | (#36330608)

20.57 bits too. Safari 5 on Mac OS X with plug-ins and Java disabled, javascript enabled.

Re:Winning (0)

Anonymous Coward | more than 3 years ago | (#36331696)

I have 20.58! (Firefox 3.5.4 on Windows XP)

Do I get a prize?

Re:Winning (4, Interesting)

CastrTroy (595695) | more than 3 years ago | (#36330204)

I've always wondered about this stuff. If you're one of the 6 people on the internet who care about this stuff, and therefore block all their fingerprint methods, doesn't that make you somewhat unique? Wouldn't it make more sense to return a random list of fonts, a random user agent, and randomize all the other information they are fingerprinting you with to make it seem like you're a different person every time, rather than being one of only 6 people who have a very simple UserAgent string, with no extra stuff tacked on the end?

Re:Winning (1)

gomiam (587421) | more than 3 years ago | (#36330266)

I would actually look for the more common fingerprints and return them. One hides better when one looks like the environment, right?

Re:Winning (1)

CastrTroy (595695) | more than 3 years ago | (#36330324)

Exactly. If you follow the information on the Panoptoclick site, then it tells you to disable a bunch of stuff, that only a very small number of people will do. Toss in that information with tracking your IP to a city, and you are probably very unique, yet panoptoclick says you aren't unique anymore. I think the methods for determining uniqueness are very flawed. I mean, if everybody followed the recommendations they put out, then the entire internet would look homogeneous, and everyone would be the same, and untrackable. However, this is entirely not the case, and following their directions makes you stick out in a crowd.

That unique identifies marsh gas... (4, Interesting)

AlexiaDeath (1616055) | more than 3 years ago | (#36330102)

I visited that site several times with the same browser over several weeks, each time it was unique. Some plugin had updated, some font had been installed... So for tracking me it would be totally useless. The uniqueness it identifies is only valid for a session or two.

Re:That unique identifies marsh gas... (5, Informative)

Anonymous Coward | more than 3 years ago | (#36330176)

If you read the article they write that it's trivial to track users despite minor fingerprint changes. Page 13 of the PDF.

Re:That unique identifies marsh gas... (4, Insightful)

AlexiaDeath (1616055) | more than 3 years ago | (#36330250)

Read the relevant section. They tested the algorithm against browsers that had cookie indication of sameness.
"We ran our algorithm over the set of users whose cookies indicated that they were returning to the site 1{2 hours or more after their first visit, and who now had a different fingerprint."
Take that out and you get a flood of false positives.

Re:That unique identifies marsh gas... (1)

Anonymous Coward | more than 3 years ago | (#36331784)

No, actually. They tested the ones with cookies against their entire database, then tested their answer against the cookie. They guessed 65% of the time and were right 99% of the time. The false positive rate was 0.86%. Basically, 64% of the time they will still be able to track you. And this is their "crude" algorithm.

Repeating myself for clarity:

They only used the cookies to test for correctness of their guess, not to make the guess.

Re:That unique identifies marsh gas... (1)

AlexiaDeath (1616055) | more than 3 years ago | (#36347914)

Im reading the quoted sentence clearly stating that they picked users they had cookies for. Out of those were the matches made.

Re:That unique identifies marsh gas... (1)

phme (1501991) | more than 3 years ago | (#36336308)

From the paper:
"We implemented a very simple algorithm to heuristically estimate whether a given ngerprint might be an evolved version of a ngerprint seen previously. [...] Excluding users whose ngerprints changed because they disabled javascript (a common case in response to visiting panopticlick.eff.org, but perhaps not so common in the real world), our heuristic made a correct guess in 65% of cases, an incorrect guess in 0.56% of cases, and no guess in 35% of cases. 99.1% of guesses were correct, while the false positive rate was 0.86%. Our algorithm was clearly very crude, and no doubt could be significantly improved with effort."

Re:That unique identifies marsh gas... (1)

AlexiaDeath (1616055) | more than 3 years ago | (#36347898)

Yes, I read it. But the results are also marsh gas if you take the cookie based set selection out of it.

Re:That unique identifies marsh gas... (0)

Anonymous Coward | more than 3 years ago | (#36330254)

I guess that this kind of tracking would be used as a last resort if no other tracking mechanism was available. Cookies are much easier to work with.

But even if your browser fingerprint changes, if there's some kind of continuous information which links the old fingerprint to the new one -- such as a cookie, for example -- then it can be linked back again.

So an example of real-life usage would be that I'm tracking users with cookies, but I want to be able to maintain that tracking if they clear their cookies. So I keep their browser fingerprint on file as well.

If the user clears their cookies, then I fall-back to the browser fingprint. While it may change over time, it's less likely to change between the time the user clears their cookies and the next time they visit me. It could change, of course, in which case I really have lost track of them, but if it hasn't changed then I can restore their cookies and continue monitoring them.

In short, yes, you're right that this technique alone will not really be useful for long term user tracking. But combined with other existing techniques, it could be very powerful. (and yes, by 'powerful', I mean 'dangerous in the wrong hands'... ;) )

Re:That unique identifies marsh gas... (1)

AlexiaDeath (1616055) | more than 3 years ago | (#36330364)

Okay, that is a bit more sensible talk. It still boils down to "Whitelist your god damn cookies".

Re:That unique identifies marsh gas... (1)

DarwinSurvivor (1752106) | more than 3 years ago | (#36335924)

It's difficult now, just as creating reliable dynamic interfaces is difficult *cough*slashdot*cough*, then people wrote libraries such as jquery to deal with such things. If this fingerprint thing takes off, I guarantee someone will do the same and it'll be nothing more than a bolt-on library with a "gen_fingerprint" and "update_fingerprint" binding that will let even the greenest of script kiddies could pull it off.

Bits of identifiable information (5, Interesting)

mattdm (1931) | more than 3 years ago | (#36330124)

"18.8" doesn't sound like a big number, until you consider what it stands for. Each bit of information halves your uniqueness. That means that you can be picked out of a crowd of 2^18.8 people -- 456,419. With an estimated two billion people on the internet today, that means you're down to being one in 4500. That's about the same as saying "My name is Matthew Miller and I live in the United States." Not particularly private!

Another way to think of it is this: those two billion people represent 31 bits of uniqueness. Every bit of information revealed knocks off some of that. When you're down to one, you're positively identified. Your web browser is giving up at least 18.8 of those thirty for nothing, leaving you with just about 12.

Re:Bits of identifiable information (4, Insightful)

fnj (64210) | more than 3 years ago | (#36330210)

Er, actually each bit of information doubles (not halves) your uniqueness.

Re:Bits of identifiable information (1)

Windrip (303053) | more than 3 years ago | (#36331256)

Who modded this comment insightful? Obviously those who didn't RTFA.

From pg. 6

Surprisal can be thought of as an amount of information about the identity of the object that is being ngerprinted, where each bit of information cuts the number of possibilities in half.

Re:Bits of identifiable information (3, Insightful)

SydShamino (547793) | more than 3 years ago | (#36331308)

Halving the possibilities doubles the uniqueness.

Re:Bits of identifiable information (1)

Anubis IV (1279820) | more than 3 years ago | (#36333464)

Pedantry at its finest.

Re:Bits of identifiable information (1)

ugen (93902) | more than 3 years ago | (#36330218)

Your face gives out about 25 bits :) (Depending on how acute the perception is of someone looking at it). Your fingerprints are good for pretty much the entire 32 bit. Even your voice is probably good for 20 bits or so, with appropriate equipment.

The only way to be untrackable is to be completely undistinguishable from a very large set of people. It is possible, but what fun would that kind of life be? You can't both *be* a unique individual and expect others not to notice that/not to treat you like such.

Re:Bits of identifiable information (0)

Anonymous Coward | more than 3 years ago | (#36330560)

Your face gives out about 25 bits :) (Depending on how acute the perception is of someone looking at it).

So there are only 33,554,432 different possible faces? Sounds like bullshit.

Re:Bits of identifiable information (1)

Inda (580031) | more than 3 years ago | (#36330870)

Take the population of the UK - 66m

Two people will share the same face.

You can't tell me you've never seen two people who look like the pitting image of each other.

Re:Bits of identifiable information (1)

icebraining (1313345) | more than 3 years ago | (#36331048)

The keyword is perception. You can't distinguish different but very similar faces.

Re:Bits of identifiable information (1)

phme (1501991) | more than 3 years ago | (#36336318)

Indeed. But your biometric data is unlikely to be in present in a single database of perhaps a billion people. Yet.

Re:Bits of identifiable information (0)

Anonymous Coward | more than 3 years ago | (#36330276)

Well, I have three computers and a phone, and they all have different "fingerprints". I also use computers at college. If I was really paranoid I could use virtual machines and different browser setups. With IPV6 there are going to be more and more online "identities". The problem is that I only have one credit card.

Re:Bits of identifiable information (1)

Bengie (1121981) | more than 3 years ago | (#36332306)

"That means that you can be picked out of a crowd of 2^18.8 people -- 456,419. With an estimated two billion people on the internet today"

Tack on your IP address and they can figure out which city you're connecting from. So, I can be identified out of a crowd of 456k people, but my city only has 10k people. Sounds like they probably keep track of me quite easily.

Re:Bits of identifiable information (0)

Anonymous Coward | more than 3 years ago | (#36365266)

Hey, how'd you know my name and where I live?!?

Here's mine... (0)

Anonymous Coward | more than 3 years ago | (#36330166)

Here's mine... [imageshack.us] As great as it feels to be unique, most tracking is done via scripting so I'm not concerned one bit. My browser is upgraded every other week or I'm running nightlies. Does anybody care about this?

Re:Here's mine... (0)

Anonymous Coward | more than 3 years ago | (#36330274)

AC links to a picture. Yea I'm not clicking that.

Re:Here's mine... (0)

Anonymous Coward | more than 3 years ago | (#36330632)

Coward.

Re:Here's mine... (0)

Anonymous Coward | more than 3 years ago | (#36331052)

Don't worry, it's just the list of browser characteristics and how unique each one is.

What if you use "default" for your browser? (1)

cpu6502 (1960974) | more than 3 years ago | (#36330188)

The author said his browser was identifiable because of his font and addon settings. i.e. He probably customized it.

But what about those of us who use "default" settings and customize virtually-nothing? Are we identifiable, or do we got lost in the crowd? I suspect the latter.

Re:What if you use "default" for your browser? (1)

Nursie (632944) | more than 3 years ago | (#36330226)

You, and 99% of the people who neither know nor care about privacy, are all fine. standard os, standard browser, no uniqueness.

the like of me on debian wheezy with iceweasel and a few privacy plugins, conversely, are east to track. turns out blending into the crowd is effective. who knew?

Re:What if you use "default" for your browser? (1)

cpu6502 (1960974) | more than 3 years ago | (#36330654)

>>>You, and 99% of the people who neither know nor care about privacy,

This is an incorrect conclusion.

Re:What if you use "default" for your browser? (1)

icebraining (1313345) | more than 3 years ago | (#36331108)

That statement contains no conclusion. Parent is joining two sets: (You) + (99% of the people who neither know nor care about privacy).

If parent had said "You, and the other 99%...", (s)he would be including you in the group, but that was not the case.

Re:What if you use "default" for your browser? (1)

glwtta (532858) | more than 3 years ago | (#36331044)

But what about those of us who use "default" settings and customize virtually-nothing?

I wouldn't be so sure. In my case, just the specific versions of the Java, QuickTime, and Flash plugins (Java 1,6,0,20; QuickTime 7,6,5,0; Flash 10,1,53,64;) provided about 20 bits of identifying information - quite a few people will have these "customizations", and the versions depend on when they were installed.

Available system fonts are affected by the applications installed, including the crapware that OEMs preload, even if you haven't installed any yourself.

On IE, the UserAgent string includes the patch version of every installed .net CLR (.NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729;).

There's really no "default" system.

Re:What if you use "default" for your browser? (1)

johncandale (1430587) | more than 3 years ago | (#36333242)

You also have your OS version, your system fonts, (sometimes installed by certain apps you installed), your screen resolution, your timezone, etc. Or you could just go to the website in the summary: http://panopticlick.eff.org/ [eff.org] and test yourself

how do they know it's unique? (1)

gl4ss (559668) | more than 3 years ago | (#36330206)

how do they know it's unique? they say my browser is unique, I got no serious doubts about that(nightlies), but how would they know if it's me browsing two times or someone else? my screen sizes going to be different when I go home, too. is this what my money would go to if I donated money to EFF? start doing a fooler filter, this research project as it is sucks and benefits mostly some people who are working on identifying unique visitors to ads/sites, though not much to them either. and another thing - has anyone tested with a brand new installation? would that end up as being unique, too? aurora had "at least 20.57 bits of identifying information". guess what, ie had exact same amount of bits of identifying information. though it had reported a different resolution(based on window size, I suppose). ie 64 bit.. well, panopticlick just didn't work with it at all(I super rarely use it).

Old news (2)

Plouf (957367) | more than 3 years ago | (#36330208)

Article dated from May 2010...

Re:Article is a dupe too! (4, Insightful)

thegarbz (1787294) | more than 3 years ago | (#36330398)

You think that's bad. The article is a dupe too [slashdot.org] .

Worse still it's not a dupe of say an Android article where searching for Android produces pages and pages of results. If you search in slashdot "browser uniqueness" you'll get 3 results, 2 of which almost have the same title.

I still think Slashdot would do just fine without editors.

Re:Article is a dupe too! (2)

ethork (1188253) | more than 3 years ago | (#36332752)

The amazing part is, that earlier article you linked to (from May 18, 2010) is itself a dupe of an even earlier article [slashdot.org] (Jan 27, 2010) from the same year!

Thanks, NoScript! (3, Informative)

nman64 (912054) | more than 3 years ago | (#36330238)

15.21 and 1:38023

The UA and HTTP_ACCEPT headers provided most of the bits, and those will be pretty common for anyone using the same browser version and platform. NoScript blocked most of the other detection techniques, and those results will be common with anyone else using NoScript or with JavaScript disabled.

Re:Thanks, NoScript! (0)

Anonymous Coward | more than 3 years ago | (#36345040)

Firefox privacy Add-ons include:

HTTPS-Everywhere

NoScript

randomUserAgent

TrackMeNot

Ghostery

BetterPrivacy

Adblock Plus

Anybody know of any other good ones? If we all install them all, we will all look the same...

No script FTW (2)

Infiniti2000 (1720222) | more than 3 years ago | (#36330246)

No script and whitelist-only cookies = 14.16 bits of info. The bottom six values are not available.

Re:No script FTW (0)

Anonymous Coward | more than 3 years ago | (#36331232)

I use NoScript, but even so it seemed that I was unique.

HTTP_ACCEPT Headers:
14.29 bits

Ouch.

"0.39 bits"? (1)

therealkevinkretz (1585825) | more than 3 years ago | (#36330268)

Okay, my CS degree is fourteen years old but how can the information identifying whether or not my browser accepts cookies be '0.39 bits'? Isn't it a yes/no, single-bit piece of information? All the other information is described in non-whole-numbers also. Aren't bits discrete?

Re:"0.39 bits"? (2)

therealkevinkretz (1585825) | more than 3 years ago | (#36330302)

Oops. I should have read the article before asking. If anyone else misunderstood the values, the explanation is on page six of the article.

Re:"0.39 bits"? (1)

betterunixthanunix (980855) | more than 3 years ago | (#36330402)

Aren't bits discrete?

Not in information theory. Suppose I had an unfair coin; a priori, you know that the probability of the coin landing "heads" was 3/4. If I perform the experiment, how many bits of information will you gain when I tell you the outcome? It is clearly less than 1 bit, because if I perform the experiment 100 times, I will not need to send you 100 bits to describe the outcome of each toss (I should be able to compress that string, since there will be a strong bias).

Re:"0.39 bits"? (0)

Anonymous Coward | more than 3 years ago | (#36330412)

Okay, my CS degree is fourteen years old but how can the information identifying whether or not my browser accepts cookies be '0.39 bits'? Isn't it a yes/no, single-bit piece of information? All the other information is described in non-whole-numbers also. Aren't bits discrete?

Oh that? That is just a random bit of Schrödinger's cat.

Re:"0.39 bits"? (0)

Anonymous Coward | more than 3 years ago | (#36331476)

It's probably binary but one choice is far more likely than the other.

May 17th, 2010 ? (0)

Anonymous Coward | more than 3 years ago | (#36330308)

Breaking news, guys...

No Longer Unique :( (0)

Anonymous Coward | more than 3 years ago | (#36330388)

Sad times. Now I will never be a unique snowflake on the internets.

Time to create some fake fonts to gain my uniqueness again!

Re:No Longer Unique :( (1)

value (2182292) | more than 3 years ago | (#36330552)

Actually that would make you even more unique. Because no one else will create the same fake fonts as you...

My user agent string is unique (1)

amorsen (7485) | more than 3 years ago | (#36330460)

I haven't even customized my user agent string and I'm using the standard Fedora 14 browser, but my user agent string itself is unique... Seems like I am the only Danish Fedora 14 user who has clicked on panopticlick recently.

Unique? (1)

sgunhouse (1050564) | more than 3 years ago | (#36330502)

According to them, I'm the only person in the world using Opera 11.50 on 64-bit Linux. Yeah, right. Sample size isn't really large enough yet, I guess ... I'm sure using a beta version of Opera on 64-bit Linux is rare, but it is definitely not unique.

Re:Unique? (0)

Anonymous Coward | more than 3 years ago | (#36331392)

Are you a complete moron? They test all kinds of information that your browser submits, e.g. the fonts installed on your system. On the basis of all this information they calculate the number of bits that can be used to uniquely identify your browser.

It would be great if the only information your browser provided was that it's Opera 11.50 on 64-bit Linux, but the point is that it actually provides MUCH MORE information.

By design (0)

Anonymous Coward | more than 3 years ago | (#36330506)

It has never been a requirement for any browser to be immune to browser fingerprinting. Nice exercise in the obvious EFF.

Re:By design (1)

grahamm (8844) | more than 3 years ago | (#36330784)

But with the EU directive on cookies, triggered by privacy concerns, will the EU then introduce a ban on the the use of browser fingerprinting?

tell a white lie for a 9-bit fingerprint (1)

meyering (265933) | more than 3 years ago | (#36330788)

With firefox 3.6.18pre, a carefully chosen User Agent (below), default HTTP_ACCEPT headers and noscript, panopticlick says that my
fingerprint conveys 9.01 bits of identifying information.

Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.7) Gecko/20091221 Firefox/3.5.7

I guess I'd petter change something. (1)

Bryan Bytehead (9631) | more than 3 years ago | (#36330874)

My browser plug-ins make me unique. My fonts make me unique.

I'm unique. Just like everybody else...

Slashdot (1)

kelemvor4 (1980226) | more than 3 years ago | (#36330936)

News for nerds, stuff that was published a really long time ago.

Not Always Nefarious (1)

Bloodwine77 (913355) | more than 3 years ago | (#36331104)

I perform some lazy browser fingerprinting and generate a hash for that visitor. I mainly use it for traffic purposes (tracking new visitors vs. returning visitors). I understand that it isn't foolproof and will generate some false results in some cases, but that is not important to me. I don't store any personal identifying information, just a hash.

It also is a way for my sites to stop trying to give cookies to visitors who have cookies disabled. It checks the hash and if that hash has been seen recently and did not have cookies enabled, then I don't waste the resources or requests to try to send them a cookie. Again, I do no client-side checking for cookies and it is all server-side. I assume that is more agreeable than trying to set a cookie stating that they do not want cookies ... which is hilarious that many sites do just that.

I am sure some people may use browser analytics for darker purposes, but I doubt I am the only person using it in a harmless manner.

Sometime used for legit reasons (1)

khendron (225184) | more than 3 years ago | (#36331194)

Many web sites that provide online financial services, and also gateways to MMORPGs, use browser fingerprinting to detect fraudulent use of the service. For example, if a user logs in consistently using a specific browser on a specific computer, and then logs in from a completely different browser, or from a different computer, then there is the suspicion that someone other that the user is logging in using stolen account information. The web site will in such cases ask for some 2nd form of authentication (eg. mother's maiden name, or something more secure) in order to protect the account.

By trying to block browser fingerprinting you might be protecting yourself from online tracking, but you are also preventing legit services from protecting you.

well (1)

Charliemopps (1157495) | more than 3 years ago | (#36331212)

Anyone have any tips or add-ons that block sending some of this information to make us less identifiable?

Re:well (0)

Anonymous Coward | more than 3 years ago | (#36332210)

Uh, wouldn't blocking data that others don't block actually make you more unique?

Re:well (0)

Anonymous Coward | more than 3 years ago | (#36367714)

Disable Javascript or use NoScript. Quite a bit of the info they gleen from your browser requires javascript for them to get.

If you are using an unusual browser or OS you might want to change your user-agent to hide this or even masquerade as a more common browser on a more common OS.

Wikipedia (1)

FhnuZoag (875558) | more than 3 years ago | (#36331362)

This sounds like it could have some uses for e.g. wikipedia, where instead of blocking vandals by IP, you can block individual users on a certain IP address block instead. This would work for people vandalising off university networks, for example.

Not very effective (0)

Anonymous Coward | more than 3 years ago | (#36331418)

I've tried this and similar sites multiple times in the past for the heck of it, each time for it to be able to determine anything I had to turn off several layers of protection, and even then the result was not really that useful (as in, it would change very frequently, when applied to a system that isn't frozen in time and actually gets updated).

Couldn't you design a plugin to spoof this? (0)

Anonymous Coward | more than 3 years ago | (#36331426)

Couldn't someone design a plugin to spoof these variables, so that it looks like you are using a basic, stock browser? Or to randomize them?

Is it possible to override the information that the browsers are sending to every website that you visit? This seems like it would not be too hard. Couldn't we block FireFox from sending our entire list of plugins to every website we visit, except for those that might be necessary for certain functionality, like Flash?

My browser ... (1)

PPH (736903) | more than 3 years ago | (#36331442)

... is my passport. Verify me.

Is there? (1)

koan (80826) | more than 3 years ago | (#36331490)

I've always wondered if there was a software for web browsing that would let you spoof all of that type of information, hiding OS type, browser version, JAVA, etc.

This is very old news (1)

hesaigo999ca (786966) | more than 3 years ago | (#36331638)

I remember when /. first covered the device fingerprinting method that was developed by some chinese kid using all sorts of details and flags to build the end fingerprint, which a 99% accuracy rate (supposedly reviewed by his peers at that time) some 10 years ago.....is this the same thing?
I don't know...but I am sure that he may be wanting compensation if they are using his code and not paying him.

A year old and still no fix for Flash font leakage (0)

Anonymous Coward | more than 3 years ago | (#36332228)

Yes, this information is at least a year old. And the main reason I am identifiable is because of Flash broadcasting the entire list of installed system fonts to anyone who asks. Yet when I go looking for ways to stop it, they do not exist.

Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?