Fluxfonts is a unique tool that cloaks your device’s unique font fingerprint by continuously installing and uninstalling new fonts that are generated on the fly. Version 2.0, released some days ago, is the first release of Fluxfonts that lets you protect for device running Windows 10.
Fluxfonts is a tool I started in 2013 when web browsers and especially the Adobe Flash Player plugin would leak information about the installed fonts and plugins on a system. Browsers have since made attempts at clogging up their information leaks, and the Flash plug-in is slowly being strangled to death by the browser vendors and even Adobe themselves. However, device fingerprinting using fonts are still achievable through the browser using CSS introspection. Programs and apps running on the local system still have unfettered access to the list of installed fonts.
You can download the latest release of Fluxfonts from GitHub releases. You can also find a new binary installer for Windows. Fluxfonts also supports Linux, MacOS, and FreeBSD.
The original post I wrote about Fluxfonts holds more information about how it all works. You can test your browser’s fingerprint at Am I Unique? Note that not all browsers are subject to font-based fingerprinting.
Fluxfonts is only made available for Windows 10 as Microsoft’s latest version of their operating system made it significantly easier to port a POSIX oriented program to Windows APIs. The appearance of the Clang C compiler in Visual Studio 2017 also removed the need to dumb down the code by introducing support for C99. Support for older versions of Windows would simply demand too much of my time.
There isn’t anything new in 2.0 for users on Linux and FreeBSD except a slightly more aggressive font deletion mechanism. The large version number jump from 1.2 to 2.0 is purely for marketing the Windows port.