FontEnigma

2»

Comments

  • Michael Rafailyk
    Michael Rafailyk Posts: 208
    edited September 26
    LeMo aka PatternMan aka Frank E Blokland said:
    if you type the alphabet in one direction, the obfusction in the opposite direction will become clear when you copy the result into a text editor. Evib~dvoo~hklggvw}
    If you need to preserve the entered text so that it is available for copy-pasting, here's an idea that came to mind – with duplicating the text element – one for typing the text and one for displaying the font.

    Here is the link to a test layout. Green cursor is the upper (operable) element – here you see only cursor. Blue text is the lower element with displayed font – the text is copied here with JavaScript.
    https://jsfiddle.net/4p8zgfhx/

    Explanation.

    Place two text elements above each other (absolutely positioned inside the container), with the same font size and line height (to synchronise the caret position). Lower text element is the rendered font with obfuscation, that user will see. Upper text element is the transparent font without obfuscation (and with empty glyphs), that user operate. Top element should have transparent text but visible caret. Both fonts should have the same horizontal metrics (for displayed letter) to synchronise the caret. Then use JS to copy text from user-operable upper element to lower element.
  • John Savard
    John Savard Posts: 1,203
    Simon Cozens said:
    Exactly. What does "protecting against the casual attacker" mean when the attack method of the casual attacker is to simply download the font from a web site where it's been provided by the sophisticated attacker?

    Well, one may not be able to protect against the sophisticated attacker cracking any technical means of copy protection one might be attempting to use with one's font.
    But one can certainly make use of things like DMCA takedown requests when one's cracked font is appearing on somebody's web site. That would be protection against the casual attacker.
    Another example of protecting against the casual attacker would be to insist that people using the font for a web site use some copy protection mechanism. However, my understanding is that these days the most commonly used browsers don't support copy protection for web fonts any longer; and back when they did, each browser supported a different scheme. Absent a means of copy protection, one just looks at the page source, then the CSS file source if necessary, and downloads the font, which is within the abilities of a casual attacker.
  • Michael Rafailyk
    Michael Rafailyk Posts: 208
    John Savard said:
    However, my understanding is that these days the most commonly used browsers don't support copy protection for web fonts any longer; and back when they did, each browser supported a different scheme. Absent a means of copy protection, one just looks at the page source, then the CSS file source if necessary, and downloads the font, which is within the abilities of a casual attacker.
    There is a technique for loading a font as an encoded flow. It's good enough protection from a lazy attacker who just know how to save the file from a page cache (because now the font there is encoded), however it is still not a bulletproof approach. The problem is that the font customer (website owner) needs to do an extra steps for this (PHP, JS), and this is a huge stumbling stone. I would say, a stone unliftable for most. Not to mention that many people won't agree to the font not being stored in the cache but being dynamically loaded every time.

    So all these discussed techniques can only give an initial effect on the font market / type tester website, until the font is purchased.
    But one can certainly make use of things like DMCA takedown requests when one's cracked font is appearing on somebody's web site. That would be protection against the casual attacker.
    Usually, by that time the font has already been downloaded many times, most of which occur in the first few days.

    Another idea that requires some technical resources (startup for some enthusiasts) is to have a database of malicious addresses (where fonts are usually leaked) and automatically scan it regularly for certain font names. It sounds crazy, but who knows what the future holds. In a better world where governments were concerned about this, some anti-crime agency would be handling all of this. In a better world.
  • LeMo aka PatternMan aka Frank E Blokland
    LeMo aka PatternMan aka Frank E Blokland Posts: 772
    Hi Michael, although I find it hard to imagine a scenario where users need to copy readable text from the type tester, maybe hiding the obfuscation at first sight would be useful, and implementing it should not be too difficult. The current version of FontEnigma (which uses a somewhat more complex obfuscation than the initial release) already translates pasted text on the fly. The reverse should also be possible by intercepting the copy event and replacing the selection with decoded text before it is written to the clipboard. I will give this a try in the near future.
  • LeMo aka PatternMan aka Frank E Blokland
    LeMo aka PatternMan aka Frank E Blokland Posts: 772
    edited September 30
    The latest version of FontEnigma now decodes text copied or cut from the type tester. So instead of getting obfuscated strings like ‘U§ir€’ when copying something like ‘E=mc²’, you now get the actual readable text as displayed.

    DTLs FontEnigma type tester

    It might not be a game-changer, but it definitely makes things a bit neater and more user-friendly.
  • Roel Nieskens
    Roel Nieskens Posts: 196
    It might not be a game-changer, but it definitely makes things a bit neater and more user-friendly.
    And a lot easier to reverse engineer :-)
  • LeMo aka PatternMan aka Frank E Blokland
    LeMo aka PatternMan aka Frank E Blokland Posts: 772
    Yes, perhaps a little. However, basically this information was already available, as the submenu shows.
  • LeMo aka PatternMan aka Frank E Blokland
    LeMo aka PatternMan aka Frank E Blokland Posts: 772
    In the latest version of FontEnigma, I have added a couple of things to help make it harder to grab the fonts or inspect the page easily.

    Obfuscating font paths in FontEnigma

    First, the browser’s context menu is disabled on desktop (both right-click and keyboard). On mobile it is still allowed, otherwise users would not be able to copy and paste text. The oncontextmenu event is also locked on the <body>, in case someone tries to override it.

    More importantly, the woff2 font files are now XOR-encrypted, and then decrypted on the fly in the browser using JavaScript. Once decoded, the fonts are loaded using FontFace and referenced via a temporary ‘blob:’ URL, which disappears as soon as the page is refreshed or closed.

    I must admit, however, that all of this together only adds up to a small additional hurdle that a serious attacker can undoubtedly get around.
  • LeMo aka PatternMan aka Frank E Blokland
    LeMo aka PatternMan aka Frank E Blokland Posts: 772
    In addition, the ‘blob;’ URL now expires immediately.

Categories