From 81d65d6eac6414e6660295430be779af89c9dbf6 Mon Sep 17 00:00:00 2001
From: Thorin-Oakenpants <Thorin-Oakenpants@users.noreply.github.com>
Date: Sun, 21 Apr 2019 13:48:48 +0000
Subject: [PATCH] also 1401

Font FP is fucked until RFP sorts it out: lets not kid ourselves here. I have had fpjs2 return a blank string of zero fonts for years: that's just a FP'able as anyone else (currently I'm now the same as TB windows: again, no better really). Time to see what the web actually looks like, after 4 years
---
 user.js | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/user.js b/user.js
index 5476e14..1135800 100644
--- a/user.js
+++ b/user.js
@@ -888,11 +888,10 @@ user_pref("security.insecure_connection_text.enabled", true); // [FF60+]
 /*** [SECTION 1400]: FONTS ***/
 user_pref("_user.js.parrot", "1400 syntax error: the parrot's bereft of life!");
 /* 1401: disable websites choosing fonts (0=block, 1=allow)
- * If you disallow fonts, this drastically limits/reduces font
- * enumeration (by JS) which is a high entropy fingerprinting vector.
- * [NOTE] Disabling fonts can uglify the web a fair bit.
+ * Disallowing fonts can reduce JS font enumeration, but not entropy. There are
+ * also other methods to fingerprint fonts. Wait for RFP (4500) to cover this.
  * [SETTING] General>Language and Appearance>Fonts & Colors>Advanced>Allow pages to choose... ***/
-user_pref("browser.display.use_document_fonts", 0);
+   // user_pref("browser.display.use_document_fonts", 0);
 /* 1402: set more legible default fonts
  * [NOTE] Example below for Windows/Western only
  * [SETTING] General>Language and Appearance>Fonts & Colors>Advanced>Serif|Sans-serif|Monospace ***/