How can you change "system fonts" in Firefox (to increase own safety & privacy)?
On Firefox, you may want to try the Random Agent Spoofer addon.
IMHO, this module is poorly named, probably for historical reasons, since the agent spoofing feature is completely optional and maybe not even the most interesting one.
This module should be merely seen as an anti-tracking module, gathering both specific features and Firefox tracking-related settings in a single place (including so-called "advanced" settings, like disabling WebRTC). Most Panopticlick tracking criteria can be found in its settings.
The list of available fonts can be restricted by setting Options > Standard options > Limit detectable fonts. Setting this option may however slightly alter website's look, but this should not have any major impact on usability.
While you are here, I also recommend to try disabling canvas support (Options > Script injection options > Disable canvas support) as this should tremendously improve your Panopticlick score. I'm using this since several months without noticing any impact of this setting, but YMMV.
Regarding the actual agent spoofing feature, I'm not very happy how this was implemented by this module. If you are on Windows, I would recommend letting this disabled. If you are on another OS, you may want to try to show yourself as the same Firefox version but on Windows (sadly you will have to manually select the version and manually change it after updates, that's precisely why I think this feature could be improved).
I do not recommend using randomly changing User-Agents (or even worse randomly changing screen sizes) or simulating a different browser than Firefox (as long as tracking is concerned, this may be useful for other purposes). This may be counter-productive: the goal of anti-tracking is not to make you randomly changing, as this will make you stand-out, the goal is on the contrary to blend in by looking similar to the crowd.
Do not hesitate to rely on Panopticlick's breakdown (the Show full results for fingerprinting link appearing at the end of the analysis) to determine which technique allows to most uniquely identify you. The most effective techniques will be the one you may want to address first, until you get to a reasonable privacy level.
While you play with this module, be aware that some settings may impair usability, or even break some websites. Nothing to be wary of, but just keep this in mind when you face some issues while browsing: check your own settings before blaming the website developer ;) !
Note:
Please note that I used the term reasonable privacy level, and nothing like "perfect" or "full" privacy: there is no way to be perfectly untrackable.
On a standard browser, you usually see in the "one in x browsers have this value" column from Panopticlick result details values reaching (tens of) thousands, which means that the corresponding technique alone statistically allows to uniquely identify your computer in large sets: these are the values you need to avoid since they are basically just candy for trackers.
Given the number of different hardware, operating systems, browsers, settings and versions out there, you cannot reasonably expect values below a few dozens.
If the reason behind this is not clear to you: imagine you are with two other users, a Mac user and a Windows user, which system should you impersonate so a tracking engine could mistake you for both?
This is just impossible: they are different, you cannot be equal to both. Say you are a Linux user, a third OS type, instead showing up as such show yourself as a Windows user: a tracker will still be able to distinguish you from the Mac user (hence the bits of identifying information will never be zero), but it will not be able to distinguish you (using this technique) from the Windows user (hence a lower value than if you showed up as the only Linux machine in this set of three).
The more diversity, the more identifiable become you browser without any chance to become "like everybody else". That's why on the Tor network it is recommended to not modify the Tor browser settings, in order to keep this diversity as low as possible and therefore making tracking as hard as possible.
The fonts installed on a system (and thus accessible to the browser) are a property of the system and not of the browser. And I'm pretty sure that you don't need to have flash to find out if a specific font is installed or not, i.e. some CSS and JavaScript is probably enough:
- Have some text with the font set to font1 and alternative font2 which is very different from font1.
- Have the same text with font set to font2
- Compare pixel length of the text with JavaScript: if they are the same then font1 is probably not installed.
This is really frustrating, I know we cannot fully protect our privacy ...
There are lots of ways to track a user. While this specific one could probably be disabled by switching off all active content (JavaScript, Flash...) others need you to disable caching (i.e. Etag tracking) etc. For way more but still incomplete information how you can be tracked see Technical analysis of client identification mechanisms.
... but we can surely at least make it a bit harder for others.
The techniques needed to fight tracking often impact the user more than the one who is doing the tracking. Unless collecting these information is prohibited by law the user is usually the loser.
On a Windows system, you can "hide" fonts using the Fonts control panel found under the Appearance and Personalization settings. Windows normally hides the fonts that are not for your keyboard language, but you can choose to hide or expose whichever fonts you want. Once hidden, your browser can no longer enumerate them.
Then the real trick is figuring out a safe list of fonts to expose, so you can blend in with a crowd of similarly configured browsers and systems. You generally want to emulate a default OS installation with no other apps. I don't know if EFF provides that data, though.
Alternately, you can randomly hide/unhide some fonts between browsing sessions, so you will appear as a different system each time you browse. Generally, I think tracking systems are often programmed like any other automated system: they probably are looking for an exact match, not a close match.
The primary drawback is that when you hide a font in your system, that font is gone from all your applications. If you are using this same system for artwork, you may not want to give up so many of your fonts.