Opened 6 months ago

Last modified 3 months ago

#33151 new defect

Broken font rendering in Tor Browser (uneven and inconsistent spacing between glyphs)

Reported by: TrickleSubzeroSpoof Owned by: tbb-team
Priority: Medium Milestone:
Component: Applications/Tor Browser Version:
Severity: Normal Keywords:
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Tor Browser 9.0.4 (based on Mozilla Firefox 68.4.1esr) (64-bit)

Example URL of a poorly rendered webpage: https://www.erowid.org/general/about/about.shtml

It's the worst with the smaller text.
I'm attaching a cropped screenshot of the area where it's in particular easy to see. 2nd image = the same but with underlined areas with the most extreme rendering errors.
(by the way, headers are unaffected because they aren't actually text, they are images)

AFAIK, the text should be rendered the same way on all platforms to avoid fingerprinting. But if this is platform specific bug, then I can provide any info about my hardware/OS/etc. privately to help solving this bug.

The same page renders just fine in Firefox 72.0.2 on the same system.

Child Tickets

Attachments (4)

Screenshot_20200204_181059.png (21.0 KB) - added by TrickleSubzeroSpoof 6 months ago.
Screenshot_20200204_181059_underlined.png (20.4 KB) - added by TrickleSubzeroSpoof 6 months ago.
same but with highlighted errors
Windows-FF-vs-TB.png (55.3 KB) - added by Thorin 6 months ago.
TB vs FF on windows
FF-hintslight-manjaro-kde.png (25.1 KB) - added by TrickleSubzeroSpoof 6 months ago.
how it looks in FF (default font rendering settings in manjaro/kde)

Download all attachments as: .zip

Change History (8)

Changed 6 months ago by TrickleSubzeroSpoof

Changed 6 months ago by TrickleSubzeroSpoof

same but with highlighted errors

comment:1 Changed 6 months ago by TrickleSubzeroSpoof

Also, "Security Level" setting doesn't change font rendering, the issue reproduces both with "Standard" and "Safer" (haven't tried "Safest").

comment:2 in reply to:  description ; Changed 6 months ago by Thorin

Replying to TrickleSubzeroSpoof:

AFAIK, the text should be rendered the same way on all platforms to avoid fingerprinting. But if this is platform specific bug, then I can provide any info about my hardware/OS/etc. privately to help solving this bug.

  • font whitelisting is different per os (windows, linux, mac: not sure what android is doing)
  • not everyone necessarily has all fonts in the whitelist: mac should be consistent, windows I know has some entropy (differences), and Linux I suspect would be the most diverse
  • not everyone has the same version of the font whitelisted

That said, the webpage's css shows arial,sans-serif for the side-bar links

I'm not a font kerning expert, but it looks pretty much identical to me in TB vs FF on my windows system - and both are using the same font: Arial - I'll attach a pic.

What OS are you on?

Changed 6 months ago by Thorin

Attachment: Windows-FF-vs-TB.png added

TB vs FF on windows

Changed 6 months ago by TrickleSubzeroSpoof

how it looks in FF (default font rendering settings in manjaro/kde)

comment:3 in reply to:  2 Changed 6 months ago by TrickleSubzeroSpoof

Replying to Thorin:

  • font whitelisting is different per os (windows, linux, mac: not sure what android is doing)
  • not everyone necessarily has all fonts in the whitelist: mac should be consistent, windows I know has some entropy (differences), and Linux I suspect would be the most diverse
  • not everyone has the same version of the font whitelisted

That said, the webpage's css shows arial,sans-serif for the side-bar links

I'm not a font kerning expert, but it looks pretty much identical to me in TB vs FF on my windows system - and both are using the same font: Arial - I'll attach a pic.

What OS are you on?

My OS is Manjaro/KDE.
I looked at your screenshot (Windows-FF-vs-TB.png), both variants are obviously suffering from the same issue as described in this report - kerning is way off.

To compare, this is how it looks in FF: (see the last attached pic) - much more readable.

comment:4 Changed 3 months ago by TrickleSubzeroSpoof

Still reproduceable in TB 9.0.9

Note: See TracTickets for help on using tickets.