While using local fonts is generally a good idea, this provides a reliable signal for fingerprinting.
Therefore I would prefer that every major browser (Safari, Chrome and Firefox) ships its own reasonably chosen set of fonts and doesn't access system fonts (however the user may grant access to system fonts if they are fine with fingerprinting).
This could also simplify web design because now there will be a somewhat standartized set of fonts.
Good to know it, but this is not enough. Browsers should not provide access to local fonts by default because it allows to identify an OS. Therefore, the only sane solution seems to bundle necessary fonts with a browser.
Of course, browser should use its own font rendering library instead of using a system one.
Of course, for browsers that target a single platform (like Safari which is available only on MacOs) this is not an issue, but Chrome or Firefox might be used on many platforms, like Windows 8, Windows 10, Windows 11, Debian, Ubuntu, FreeBSD, Plan 9, Chrome OS and so on.
Chrome's Local Font Access API allows web content to enumerate the names and meta data of local fonts, but doesn't block web content from guessing local font names (e.g. for fingerprinting). The use case is web apps like Figma that want to allow designers to use specific local fonts (such as custom or licensed fonts) in design documents.
That's the right solution. But it won't work for other browsers because unlike Safari, Chrome of Firefox might be used on tens of different OSes and there is no need for marketing companies to know what OS are you using.
Firefox has about:config prefs to block web content from using fonts other than their OS's default system fonts.
The pref names and their possible values:
# Visibility level of font families available to CSS font-matching:
# 1 - only base system fonts
# 2 - also fonts from optional language packs
# 3 - also user-installed fonts
layout.css.font-visibility.standard
layout.css.font-visibility.trackingprotection
layout.css.font-visibility.resistFingerprinting
Thank you for the link. I actually was wondering if there is a list of about:config properties and it seems that most of them are described in that YAML file.
I understand the benefits of font masking but the side effect is too bitter to swallow. Especially, the "chosen set of fonts," which mostly comprises outdated web safe fonts designed for the pixelated era, doesn't seem "reasonable" to my eyes; I simply can't bear looking at Arial, for one. The only workaround I've found is to sideload a CSS (hidden in developer preferences) containing a series of @font-face rules that hijack references to Arial to an online location hosted by myself. But obviously that's inelegant, taxing on performance, and unavailable on iOS.
Therefore I would prefer that every major browser (Safari, Chrome and Firefox) ships its own reasonably chosen set of fonts and doesn't access system fonts (however the user may grant access to system fonts if they are fine with fingerprinting).
This could also simplify web design because now there will be a somewhat standartized set of fonts.