Opened 3 years ago

Closed 3 years ago

#16005 closed defect (fixed)

webgl.min_capability_mode might be too minimal

Reported by: mikeperry Owned by: mikeperry
Priority: Medium Milestone:
Component: Applications/Tor Browser Version:
Severity: Keywords: tbb-fingerprinting, tbb-usability-website, ff38-esr, tbb-5.0a-highrisk, GeorgKoppen201506R, TorBrowserTeam201507R, MikePerry201507, tbb-5.0a4
Cc: gk Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

We set webgl.min_capability_mode in an effort to resist fingerprinting. Unfortunately, it seems minimal mode might be a little too minimal. It completely breaks the HexGL racing game (at http://hexgl.bkcore.com/play). We should try to figure out what exactly about minimal mode is breaking this game, and make a guess as to if it is really a fingerprinting issue.

Given that my 4 year old laptop with Intel built-in graphics was completely capable of playing this game with this pref unset, it seems that maybe webgl.min_capability_mode is a little too minimal, and could be altered to represent a slightly less restrictive set of capabilities without much fingerprinting risk.

Child Tickets

Attachments (3)

0001-Bug-16005-Relax-minimal-mode.patch (6.1 KB) - added by mikeperry 3 years ago.
Patch against Arthur's FF38 branch.
macbook_webgl_values.png (65.6 KB) - added by gk 3 years ago.
old_netbook_webgl_values.png (39.9 KB) - added by gk 3 years ago.

Download all attachments as: .zip

Change History (28)

comment:1 Changed 3 years ago by gk

Cc: gk added

comment:2 Changed 3 years ago by mikeperry

Keywords: ff38-esr added

I'll have a look at what minimal mode does during the ff38-esr review.

comment:3 Changed 3 years ago by mikeperry

Note to self: Glance over WebGL 2.0 while looking into this, and file new ticket(s) if needed.

comment:4 Changed 3 years ago by gk

Owner: changed from tbb-team to mikeperry
Status: newassigned

comment:5 Changed 3 years ago by gk

Looking at #13022 while you are at it might me useful as well.

comment:6 Changed 3 years ago by mikeperry

Keywords: tbb-5.0a-highrisk added

Tag the set of things that are risky to debut in the 5.0-stable release without testing in a prior alpha.

comment:7 Changed 3 years ago by mikeperry

Keywords: TorBrowserTeam201506 added

Ensure all tbb-5.0a items are on the June radar.

comment:8 Changed 3 years ago by mikeperry

Keywords: MikePerry201506 added

comment:9 Changed 3 years ago by mikeperry

https://www.browserleaks.com/webgl turns out to be a very useful resource for this. It saved me from having to implement a new test page specifically for these capabilities.

comment:10 in reply to:  3 Changed 3 years ago by mikeperry

Replying to mikeperry:

Note to self: Glance over WebGL 2.0 while looking into this, and file new ticket(s) if needed.

WebGL2 is prefed off by default in FF38-esr. I filed #16404 to review this by ff45-esr.

comment:11 Changed 3 years ago by mikeperry

Keywords: TorBrowserTeam201506R added; TorBrowserTeam201506 removed
Status: assignedneeds_review

Ok, mikeperry/bug16005 has changes that allow http://hexgl.bkcore.com/play to work, and also reduce the fingerprinting differences I noticed between TBB on a 2009 laptop, a 2012 gaming machine, a 2013 Nexus 7, and a 2013 Moto E. I took the minimum capabilities from the intersection of those devices.

https://gitweb.torproject.org/user/mikeperry/tor-browser.git/commit/?h=bug16005

Changed 3 years ago by mikeperry

Patch against Arthur's FF38 branch.

comment:12 Changed 3 years ago by mikeperry

Actually, I just got a signal 13 trying to push bug16005 to our gitweb mirror. Maybe we're out of space for FF38?

I attached the format-patch against a3d058766d1c0e20f073406a4da2dfea49a06edc of arthur/tb_GECKO380esr_2015050513_RELBRANCH+1 as https://trac.torproject.org/projects/tor/attachment/ticket/16005/0001-Bug-16005-Relax-minimal-mode.patch

comment:13 Changed 3 years ago by gk

Keywords: GeorgKoppen201506R added

comment:14 Changed 3 years ago by mikeperry

gk - Did you try your test of the game with disabling webgl.min_capability_mode? If the game doesn't work for you after flipping that pref, then I think some other issue is breaking it on your system...

comment:15 Changed 3 years ago by gk

After some back and forth it seems there are some issues with my old OS X system using the ESR 38 based Tor Browser. Might be a more general bug in our toolchain or something only happening locally. I'll file a ticket as soon as we have an alpha I can point to. On Windows 7 on a different computer it is working fine for me.

The code looks good, I think, but I have two questions:

1) I am a bit worried about not disabling the highp precision. Are we sure that all GPUs support it? It seems to be optional: https://community.arm.com/groups/arm-mali-graphics/blog/2013/05/29/benchmarking-floating-point-precision-in-mobile-gpus (while this post is mobile specific it might apply to the desktop world as well).

2) Could you add a comment explaining what these *ALIASED*RANGE things are for (given that these are not existing in vanilla code) and what |1, MINVALUE_GL_ALIASED_LINE_WIDTH_RANGE| and |1, MINVALUE_GL_ALIASED_POINT_SIZE_RANGE| mean in this context? One might think that they make values in these ranges (1-5 and 1-255) acceptable which might depend on user configuration/hardware which is not the case I guess. Having some explanatory remarks might help understanding this part.

comment:16 in reply to:  15 Changed 3 years ago by mcs

Replying to gk:

The code looks good, I think, but I have two questions:
...

r=mcs
Kathy and I reviewed the code as well and it looks OK, although gk's questions are good ones.

comment:17 in reply to:  15 ; Changed 3 years ago by mikeperry

Replying to gk:

After some back and forth it seems there are some issues with my old OS X system using the ESR 38 based Tor Browser. Might be a more general bug in our toolchain or something only happening locally. I'll file a ticket as soon as we have an alpha I can point to. On Windows 7 on a different computer it is working fine for me.

The code looks good, I think, but I have two questions:

1) I am a bit worried about not disabling the highp precision. Are we sure that all GPUs support it? It seems to be optional: https://community.arm.com/groups/arm-mali-graphics/blog/2013/05/29/benchmarking-floating-point-precision-in-mobile-gpus (while this post is mobile specific it might apply to the desktop world as well).

Unfortunately highp precision seems to be required for this game to avoid the flickering. On my mobile and desktop CPUs, https://www.browserleaks.com/webgl lists the "Best Float Precision" for both vertex and fragment shaders as [-227, 227] (23). I am not sure if this is a function of highp or not, though. The browserleaks result didn't seem to change for me when toggling the pref or with the patch. Does it for you?

2) Could you add a comment explaining what these *ALIASED*RANGE things are for (given that these are not existing in vanilla code) and what |1, MINVALUE_GL_ALIASED_LINE_WIDTH_RANGE| and |1, MINVALUE_GL_ALIASED_POINT_SIZE_RANGE| mean in this context? One might think that they make values in these ranges (1-5 and 1-255) acceptable which might depend on user configuration/hardware which is not the case I guess. Having some explanatory remarks might help understanding this part.

Ok, I will add some comments to this code before merging.

Last edited 3 years ago by mikeperry (previous) (diff)

comment:18 Changed 3 years ago by mikeperry

Actually, gk - can you disable webgl.min_capability_mode and attach a screenshot or printout of https://www.browserleaks.com/webgl on that old mac when you get a chance? I want to verify that it's not below/different than any of the values I saw.

Changed 3 years ago by gk

Attachment: macbook_webgl_values.png added

comment:19 Changed 3 years ago by gk

Attached. Seems at least two values are lower (Aliased Point Size Range and Max Combined Texture Image Units).

Changed 3 years ago by gk

comment:20 Changed 3 years ago by gk

I've attached the values of an old netbook as well. Not sure if that game is actually running properly with these values as the CPU seems to have trouble with handling all the associated scripts. But the setting is rendered properly.

comment:21 Changed 3 years ago by mikeperry

Keywords: TorBrowserTeam201507R added; TorBrowserTeam201506R removed

Transfer review tickets to next month.

comment:22 Changed 3 years ago by mikeperry

Keywords: MikePerry201507 added; MikePerry201506 removed

Move my tickets over for July

comment:23 in reply to:  17 Changed 3 years ago by gk

Status: needs_reviewassigned

Replying to mikeperry:

Replying to gk:

1) I am a bit worried about not disabling the highp precision. Are we sure that all GPUs support it? It seems to be optional: https://community.arm.com/groups/arm-mali-graphics/blog/2013/05/29/benchmarking-floating-point-precision-in-mobile-gpus (while this post is mobile specific it might apply to the desktop world as well).

Unfortunately highp precision seems to be required for this game to avoid the flickering. On my mobile and desktop CPUs, https://www.browserleaks.com/webgl lists the "Best Float Precision" for both vertex and fragment shaders as [-227, 227] (23). I am not sure if this is a function of highp or not, though. The browserleaks result didn't seem to change for me when toggling the pref or with the patch. Does it for you?

I get the same results (that is [-2127, 2127] (23)) on all of my machines. We might actually be good with Tor Browser on desktop at least but who knows. I opened #16473 to get some solid data.

comment:24 Changed 3 years ago by mikeperry

Keywords: tbb-5.0a4 added

Tag some 5.0a4 goals.

comment:25 Changed 3 years ago by mikeperry

Resolution: fixed
Status: assignedclosed

I pushed a commit to pick up gk's netbook minimum values to origin for 5.0a4. Calling this fixed now.

Note: See TracTickets for help on using tickets.