Using fonts from Google? Potential privacy fuckup.

I played around with Mozilla’s Lightbeam yesterday, a fancy plugin that visualizes which of the websites you visit load content from the same services. This is interesting because these services could potentially spy on your browsing across sites even without the use of cookies, supercookies etc. Or at least the owner of the service knows that someone accessed a specific site at a specific point in time and loaded a specific file from their server.

Anyway, maybe it’s only my personal taste but Google seems to be one of the top companies that would be able to do this (yes, aside of NSA and all the other government agencies, obviously). So surprising, I know!

lightbeam-fonts-googleapis-privacyfuckup

Youtube is obvious, more or less every blog includes embedded Youtube-videos (including this one). I’m thinking of countering this with preview-gifs (or static jpgs) á la Boing Boing, Nerdcore, Kotaku etc. But this convenient „Click on the gif to play the video“ seems to demand a fair bit of programming (I’m guessing IFRAME?). I’m not sure about a solution for this yet.

The more interesting thing is fonts.googleapis.com. A lot of websites of seem to load stuff from there and I think we have to thank WordPress for that. Because the build-in themes that come with WordPress connect to Googles font-hosting service even if you have customized the themes and are using you own fonts. The HTML for this is generated via PHP and while there seems to be a way to turn this off I wasn’t able to do so.

But luckily there’s a plugin to disable Google Fonts! Thank you, Milan Dinić!

Leave a Reply