This is sure to inflame, but don't shoot the messenger! My friend just sent me <EDITED BY MODERATORS>, some artsy fartsy avant garde digital publishing. It lets you type in any website, and will download the webfonts for you instantly.<EDITED BY MODERATORS>
, explaining the why and how of the tool, as well as explaining font licensing in general and the morality behind it all.
I personally find their justifications pretty half-baked--most foundries offer trial fonts as well as student discounts. And obviously there's a huge difference between pirating photoshop and pirating a font from an independent foundry. To say that the latter is a necessary creative tool for younglings as a justification for this click-and-go pirating app doesn't sound like a well thought-out argument to me.
Anyway, I figured you fine folks would at least like to know about this, and I also welcome your opinions.
Final question...I noticed some foundry websites have their fonts protected from this tool. How do I guard my woff2's from being snatched like this? Is it basic CSS/HTML or is there more to it?
Comments
For instance, in Chrome all you need to do is right-click anywhere on the page, choose Inspect, then go to the Network tab, and filter for Font (then you need to refresh the page, since only resources loaded after developer mode has been opened are listed).
This site, though, is directly urging its users to “steal” fonts. The tool apparently makes it easier than the well-known browser download feature, which is decidedly user-unfriendly and not at all advertised as a way to steal IP or circumvent licensing.
What we have here is something that really shouldn’t be allowed in its current form (in my opinion). Whatever the legal reality is, it’s morally wrong.
You can crop some tables to make font at least Windows-incompatible to install + base64 as most user-unfriendly format for regular person, as an option.
What you are proposing was resoundingly rejected by browser makers a decade ago, for exactly the reasons you mention. It requires proprietary secret elements to make anything resembling real security. And even then, it would doubtless get hacked—just a matter of time.
Web browser vendors would have to adopt this whole extra security thing, and for what? To enable fonts... but they/we already have fonts on the web! So it is just to help font vendors.
They wouldn’t collectively all agree to do anything this strong a decade ago, when the prize being dangled in front of them was “real fonts on the web” for the first time. So they sure as heck won’t do it now, when there is ZERO benefit to their end users.
All that is ALSO true, and those sorts of reasons are certainly among the reasons browser makers do not see it as a reasonable thing for them to tackle.
I think that's a separate issue.
When I said this was a separate issue, it wasn't because I thought that people weren't pirating .woff fonts in order to turn them into .otf fonts. What I meant was that I felt that having fonts turn up on pirate sites, while a serious problem, was a more limited one than having every font ever used as a webfont trivially available for downloading, even if no legitimate purchaser had ever intended to contribute to piracy.
I don't agree with your conclusion because the other edge of the blade with webfonts is that it is much easier to find and enforce violations. I've gotten to the point that 99% of my enforcements start with a found web embedding violation. The other 1% are the customers telling me themselves without realising it and the occasional app embedding.
Do you know the term "teaching your garden to weed itself"? That's what webfonts achieve for font licensing.
Another well-known garden analogy is the “garden fence.” WOFF — after all the initial thrashing around about EOT and DRM was over — ended up as a container for fonts whose purpose is to allow a font to work for a web page but to not be installable on the desktop. It’s a very mild form of security. But if someone downloads a WOFF and pulls the font out in order to install it, they have just “hopped the garden fence.” In other words, they have just taken a deliberate action to circumvent something. If I don’t have a fence around my yard, someone can trespass and say “I didn’t know I was trespassing.” If I have a fence and they jump it, it’s now harder for them to argue they didn’t knowingly trespass. WOFF allows foundries to say, “Your misuse wasn’t inadvertent, it was deliberate.”
PS - we don't usually treat .otf embedding by licensees who otherwise have an embedding license as a violation. It's just not worth the bother.
On Github, this sort of query still works, though.
@JoyceKetterer Is there a specific strategy you use to find webfonts in the wild?
Up until very recently my main one was fontsninja but they are pivoting in a way that isn't compatible with my work flow. We're starting to look into large b to b services that offer pre crawled data of high traffic sites. This will be the first time I've used a service not catered to the font industry but so far we're getting some pretty encouraging data.
I use all these crawlers both for license enforcement and to find uses to feature on fontsinuse.
It possibly delivers lots of results for "trending fonts", but it may not return any results for other candidates. The costs on my end are the same though.
If someone has a "fair" pricing model for this scenario I'm open to it