Protecting identity - blocking System Fonts info
|
Dec. 10, 2010, 02:01 AM
Post: #16
|
|||
|
|||
RE: Protecting identity - blocking System Fonts info
I moved the Proxomitron to an XP Pro 32bit SP3 machine, IE7, Firefox, and Opera. On that machine the fonts displayed in all browsers.
On Windows 7 64bit, IE8, Firefox, Opera, Chrome, only IE8 does not display the fonts. I'm guessing that something, other than the Proxomitron, in the Win7 machine stops the font display for IE8 at BrowserSpy. The filter is removing the code as expected. The "Flash" cyan rectangle is created by the "<object>...: Toggle Flash" web page filter. I think, it may not be displayed until the page finishes loading. The changes that the "Blocking System Fonts info" filter makes could make the page 'hang'. |
|||
Dec. 10, 2010, 05:50 AM
Post: #17
|
|||
|
|||
RE: Protecting identity - blocking System Fonts info
I'm using:
1. WXP Pro SP2 with IE7, FF.3.6.10 and Iron.7.0.520. 2. WXP Home SP3 with IE6. And result is always consistent. No system fonts are displayed. Here is initial code ( http://browserspy.dk/fonts-flash.php ): Code: $(document).oneTime(4000, function() { When filter applied the resulting code is this one: Code: $(document).oneTime(4000, Code: $(document).oneTime(4000, function() { return; }); When you see that in W7 all fonts are displayed - have you checked the result of running filter? Does it create debug log similar to published above? Fonts should not be displayed unless your browsers call "obj.GetVariable("/:user_fonts")" function. And if the filter works in your environment - there should be no such call... As I've mentioned there is no cyan rectangle for Flash object in FF and Iron. Downloading of the page is complete. There is "timer" button and I may click on that allowing timer to run. There is no any difference (as expected - we have removed its content, see above). And finally, between tests don't forget to clean the browser cache (as I did in the beginning of this thread) |
|||
Dec. 10, 2010, 09:57 PM
Post: #18
|
|||
|
|||
RE: Protecting identity - blocking System Fonts info
The filter is changing the code as expected.
Thing is, I'm not suprised to see the fonts displayed (again no js or flash expert here). The complete unfiltered script is Code: <script type="text/javascript"> I think there are two mechanisms to gather the fonts. The second, activated by "if (!fontsok)", is removed by the filter. Took some time to find a free decompiler but the BrowserSpy flash file decompiles to Code: //---------------------------------------------------------------------- I think the flash uses "geturl" to call the function "fontList" and pass the escaped contents of "user_fonts". The "geturl" method appears to fail or be blocked on my Win7 64bit machine when using IE8. I thought it might be IE8's "protected mode" but it wasn't. Some web searching seems to indicate that "geturl" has not always 'worked' and is being deprecated. The panopticlick swf decompiles to Code: //---------------------------------------------------------------------- They have "geturl" call for "fontList" but they don't seem to use or need it. The "fontList" function is only found in the swf file for panopticlick. too curious |
|||
Dec. 10, 2010, 11:13 PM
Post: #19
|
|||
|
|||
RE: Protecting identity - blocking System Fonts info
Interesting. Is it my Flash (v.10,1,82,76) or is it my security settings for the Flash are responsible for what I experience? As I mentioned above - I see prompt from the Flash to run only on IE7 (not on FF and Iron) and even then when I ask it to run - it simply disappears... I have pretty strict restrictions on what Flash can do on my computers.
Good find on "TextField.getFontList();" Flash method within encoded files! It's looks like it's hard to block it. I guess even providing a dummy with the same name in JS will not work... BTW, I think the "panopticlick swf " is more targeted on tracking users then the BrowserSpy flash file. Why? It preserves the order of fonts, which bears an additional ID info... |
|||
Dec. 11, 2010, 12:22 AM
Post: #20
|
|||
|
|||
RE: Protecting identity - blocking System Fonts info
Firefox, Pale Moon, Iron, Chrome, Chromium, Safari, Sea Monkey, etc, yawn, all need their own Flash plugin installed that, IIRC, are NOT installed by default...
|
|||
Dec. 11, 2010, 02:09 AM
(This post was last modified: Dec. 11, 2010 02:15 AM by JJoe.)
Post: #21
|
|||
|
|||
RE: Protecting identity - blocking System Fonts info
Assuming that BrowserSpy works when the Proxomitron is bypassed, I don't know. A security app, ms security patch, or forgotten setting?
The set's toggle should be displayed whenever the filter matches and the page finishes loading, flash or no. I have Flash Player 10.1.102.64 for all browsers. http://filehippo.com/download_flashplayer/ The sure way to stop things like flash and java is to stop using them. This doesn't mean that filters to control them are worthless, however. |
|||
Jun. 06, 2011, 01:48 AM
Post: #22
|
|||
|
|||
RE: Protecting identity - blocking System Fonts info
Hi,
I'm new to Prox but I find it very powerfull so I decided it's the way to go. I'm trying to make a filter that would replace the output of the fonts functions used by Java. I'm not concerned about the Flash ones at the moment as I only allow flash on websites I need. Please just give me an ideea how to start, I'll find my way to the end and keep this thread updated. As soon as I complete this as a proof of concept I plan to make filters for most used functions threating privacy rather than blocking specific URL's and cases. Any help appreciated! |
|||
Jun. 12, 2011, 01:12 AM
Post: #23
|
|||
|
|||
RE: Protecting identity - blocking System Fonts info | |||
« Next Oldest | Next Newest »
|