[HN Gopher] Bunny fonts - privacy respecting drop-in replacement... ___________________________________________________________________ Bunny fonts - privacy respecting drop-in replacement for Google Fonts Author : merlinscholz Score : 426 points Date : 2022-06-19 11:24 UTC (11 hours ago) (HTM) web link (fonts.bunny.net) (TXT) w3m dump (fonts.bunny.net) | hedora wrote: | I wonder if browser manufacturers could do a better job of this | by just keeping a list of junk that > 99% of web browsers will | eventually download anyway, and then just prefetching it all at | initial install. | martini333 wrote: | Host your own damn fonts. like holy shit | unicornporn wrote: | A CDN for this? Sorry, but just store the fonts on the same d**n | server you're serving the site from. Files are tiny, it's not | 1080p video we're talking. | aembleton wrote: | d**n? | | Is that damn, or down, or something else? Why astreisk it out? | unicornporn wrote: | Damn if you want it spelled out. | 60Vhipx7b4JL wrote: | No info how to host this myself? I thought the top goal was to | host the crap yourself so you don't have to load from google. | kadutskyi wrote: | How many fonts do people use on their websites? 2-3? Just host | them on your server. It will add 2-3 more requests when user | first loads you websites but after that fonts are cached so no | more additional requests. | 323 wrote: | Don't trust Google, trust us, a 30 person company. | | This is exactly what a FBI/CIA/GCHQ/FSB front company would say. | They love to set up fronts in good-reputation countries, like | Switzerland, or Slovenia in this case. | moffkalast wrote: | > like Switzerland, or Slovenia | | As a Slovenian, thanks for the laugh. | epigramx wrote: | Sites like this have many Google employees though. | Nextgrid wrote: | Google has a proven track record of being malicious and a | business model that relies on it. | | If I had to choose I'd take the unknown evil rather than the | 100% known evil, though in this case it's dumb to use either | option when you can trivially self-host. | mimsee wrote: | Or better yet, include the ttf/woff/woff2 files inside your | project as an npm package using Fontsource[0]. | | [0]: https://github.com/fontsource/fontsource | usrn wrote: | Or even better just don't use custom fonts because they break a | lot of things anyway. | xigoi wrote: | I wish there was a way to use KaTeX/MathJax without custom | fonts. | vehemenz wrote: | Can you give some examples? Custom web fonts have been well | supported since the late aughts. | usrn wrote: | They're a big reason pages load slowly and cause text to | jump around when they do. Custom web fonts are awful. | lelandfe wrote: | And while we're at it, custom colors are a big reason for | legibility issues. Custom colors are awful. | jhanschoo wrote: | Font variety help legibility through creating distinctions in | context and hierarchy, though. | aldebran wrote: | Won't that cause the fonts to download again if they were | loaded by Google fonts? I thought the reason to use something | like Google fonts was to have the fonts download only once. | eurasiantiger wrote: | That hasn't worked for a while. Browsers will NOT use cached | resources loaded for foo.com when loading bar.com, even if | they are the same resource from the same CDN. | chiefalchemist wrote: | Can you provide a link to support / verify this? | steve_taylor wrote: | https://google.com | kenniskrag wrote: | https://developer.chrome.com/blog/http-cache- | partitioning/ | blip54321 wrote: | If it were me, I'd make third-party font sources require a SHA | hash. In pseudocode: | url("https://fonts.googleapis.com/comic-sans", sha="abcd1234") | | This way: | | - If my browser has comic-sans cached, no request is made | | - Caching works even if the same resource is sourced from | multiple places (e.g. I can host comic-sans locally, but if they | got it from a CDN, they don't need to get it again) | | - If a malicious site replaces a resource, that's flagged | | I think the trick would be to make this optional (but | bandwidth/privacy-saving), and gradually to make this | increasingly mandatory for different types of resources. AJAX | calls obviously can't have SHA hashes, but JavaScript libraries | can. | missblit wrote: | Couldn't you use a Content-Security-Policy for this? | | https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Co... | https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Co... | jfk13 wrote: | Sounds like you're basically reinventing SRI: | https://en.wikipedia.org/wiki/Subresource_Integrity | | One issue with cross-site caching, though, is that it may | enable timing-based attacks on privacy. | blip54321 wrote: | No, I'm not reinventing it, but extending it by: | | 1) Mandating it for certain types of resources | | 2) Extending caching to cover the cross-site case. | | Can you please explain the proposed timing-based attack? | midislack wrote: | Do people still seriously download fonts? I turn that crap off. | pdimitar wrote: | And I am supposed to believe a semi-pretty marketing site that | they don't do server statistics gathering that they periodically | sell to Google, Facebook and any other data brokers? | | Yeah, sure. | | Or maybe just host your own fonts. 350KB traffic per unique | visitor per month isn't going to kill your bill unless you serve | millions of visitors a day. | richdougherty wrote: | While we're talking about privacy and CDN delivery, check out | Decentraleyes. It's a browser extension which keeps a local cache | of common CDN-delivered files. | | https://decentraleyes.org/ | | I wondered if it supports fonts out of the box, but not | currently. | | https://github.com/Synzvato/decentraleyes/issues/105 | cramforce wrote: | Do not use this, use Google Fonts, just self-host them. This site | claims better privacy, but does so using the wrong solution since | you still have to trust them. | | Self host (supported by Google Fonts but not by this service): - | Better privacy - Better performance (no extra DNS lookups, TLS | connection) | | Their default embed code is a CSS @import directive. These must | never be used in production code (It's fine as a directive for | the compiler for local files but not with remote URLs). Leads to | FOUC and FOIT. | | Also, next step in amateur hour: They serve their CSS and fonts | on the same domain as their marketing website. Cookies galore. | aembleton wrote: | > Leads to FOUC and FOIT. | | What are those acronyms? | wkirby wrote: | Flash of Unstyled Content and Flash of Invisible Text. | | * FOUC: when you see content in the wrong font, then it | switches to the correct font, sometimes leading to page | layout jumps. | | * FOIT: when you see _no_ text content because the desired | font is missing with no fallbacks/the CSS directed not to use | fallbacks. Once the font loads, page layout might jump. | cramforce wrote: | Here the definition is actually broader than FOUC just for | the font part. It can cause rendering without any CSS | 0des wrote: | Flash of Unstyled Content, and Flash of Ice Tea | xnacly wrote: | This looks really interesting, does anybody have an insight on | whether or not all families on gfonts are also on bunny fonts? | phphphphp wrote: | Google Fonts: "1424 of 1424 families" | | Bunny Fonts: "1429 families" | | Presumably Bunny Fonts is, essentially, just a pass through to | Google Fonts. | abrudz wrote: | > With a zero-tracking and no-logging policy | | Behold exhibit A: https://i.imgur.com/6F7fZVm.png | notpushkin wrote: | Next project idea: cdnjs.bunny.net. | Destiner wrote: | I'd suggest stop using 3rd party font hosting altogether and | adopt something like Fontsource [1]. That way, no reliance on 3rd | parties, full privacy, and full control over font file changes | (yeah, apparently, fonts are changed from time to time). | | [1] https://fontsource.org | Raed667 wrote: | All these hoops we have to jump though and products to create, | juste because the USA decided that no other country matters, and | pushed the CLOUD Act | | https://en.m.wikipedia.org/wiki/CLOUD_Act | gbear605 wrote: | It's also good because Google almost certainly uses data from | Fonts for selling ads. I'm much more concerned about that than | the theoretical uses by the US Govt, though I'm not a fan of | those either. | thematrixturtle wrote: | https://developers.google.com/fonts/faq#:~:text=/google/font. | ... | jefftk wrote: | _The Google Fonts API is designed to limit the collection, | storage, and use of end-user data to only what is needed to | serve fonts efficiently. | | Use of Google Fonts API is unauthenticated. The Google | Fonts API does not set or log cookies._ | | In other words, data from font serving does not feed into | advertising personalization. | | (Disclosure: I used to work on ads at Google) | johnchristopher wrote: | > _Google Fonts logs records of the CSS and the font file | requests, and access to this data is kept secure._ | | and https://www.theregister.com/2022/01/31/website_fine_g | oogle_f... | | leads me to believe that Google has PI when people visit | sites using google fonts. | | Even if they don't use it for advertising purposes long | term log keeping is not required to serve fonts. | | It doesn't really matter what the service is doing, they | didn't ask for consent to log the IP of people | downloading fonts. | | To be perfectly clear: it wouldn't keep me from sleeping | at night and fonts permissions should be bundled with | cookie consent or there should be a permission prompt | (just like when asking for youtube vid.). | jefftk wrote: | "by including Google-Fonts-hosted font on its pages, | passed the unidentified plaintiff's IP address to Google | without authorization and without a legitimate reason for | doing so" | | It isn't about whether the IP address was logged, but | about whether it was sent. Which is an unavoidable aspect | of loading a resource from a server. | johnchristopher wrote: | My concern is totally about whether or not the IP is | logged though and google's vague language doesn't clear | doubts about that. On the contrary: | | > Google Fonts logs records of the CSS and the font file | requests, and access to this data is kept secure. | | Why does it point this data is kept secure if there is no | PI in the first place ? | hedora wrote: | Secure from whom? The mob? China? The US government? | Google? | | I'm more worried about the last two than the first two. | It'd be illegal for them to secure it against US law | enforcement, and they don't claim they're secure the data | they log against access from themselves. | reaperducer wrote: | _The Google Fonts API is designed to limit the | collection, storage, and use of end-user data to only | what is needed to serve fonts efficiently._ | | There's an awful lot of weasel words in there. | | If it was a simple "The Google Fonts API doesn't collect | or store any user data" that would be good. But there's | so much hidden language in that one sentence. | | - "Designed" -- Well, it was designed to do that, but it | doesn't. After we're caught, we'll put out a press | release saying We Can Do Better(tm). | | - "Limit" - It limits the collection. It doesn't prevent | the collection. It doesn't not collect any data. It just | collects "limited" data. And "limited" is defined by us | and can be revised whenever we want. | | - "collection, storage, and use of end-user data" has so | many ways to be abused. | | - "efficiently" -- Efficient for who? Google? Google's | advertising department? Google's profiling department? | What if there's an inefficient way? What if there's a | more efficient way, but it gives Google less data? | | All this may seem unkind, but Google has earned the | planet's distrust. In the early years, Google didn't | believe that reputation matters. It does. And that's why | the legal departments of billion-dollar companies like | the one I work for don't allow us to use Google products. | yunohn wrote: | There is no such thing as absolute privacy. By virtue of | being a web-hosted service, you will need to interact | with the end server, and that already has the potential | to expose details like IP, referer, user-agent, etc. | | The wording around designing and limiting collection is | acknowledging this inherent problem and letting the user | know that they've done their best to prevent malice. | | It's not weasel wording except for anons who like hating | on the internet. | kube-system wrote: | You can load fonts with absolute privacy from google by | not loading fonts from google. | eurasiantiger wrote: | The service serves very fine-grained CSS based on device | detection. I'm sure there is some fingerprinting going | on. | bscphil wrote: | Thank you for saying this. Memory suggested that this was | the case; I think one problem that happens on this site | is that people distrust Google so much that they will | trust some completely unknown organization that they've | never heard of before over one (Google) that has | presumably made themselves legally liable if they use | your data to track you. | | (I would also note to everyone that you can simply | disable sending referrers third party, which means that | even if Google is using this data to track you, they | won't know what sites you are visiting unless those sites | use very specific combinations of fonts.) | wewxjfq wrote: | Does Chrome send the unique identifier with Google Fonts | API requests? If so, they don't need cookies. | jefftk wrote: | Are you talking about the x-client-data header (which | isn't unique, but is relatively high entropy at <= | 13-bits)? [1] that is used for evaluating the effect of | experiments that Chrome is running on other Google | services, which does include ads. But it is not used for | personalization (I wish they would say that publicly). | | For example, when I look at a Google Fonts request in | Chrome developer tools I see: x-client- | data: CKe1yQEIkrbJAQiitskBCMS2yQEIqZ3KAQiVocsBCOeEzAEIhKv | MAQjys8wBCL+1zAE= Decoded: message | ClientVariations { // Active client experiment | variation IDs. repeated int32 variation_id = | [3300007, 3300114, 3300130, 3300164, 3313321, 3330197, | 3342951, 3347844, 3348978, 3349183]; } | | Each of those numbers represents an experimental | treatment that is currently active for my Chrome | instance. (It looks like more entropy because it's | multiple values, but they're all derived from a single | 13-bit per-instance seed.) | | [1] https://www.google.com/chrome/privacy/whitepaper.html | #variat... | pdkl95 wrote: | > is relatively high entropy at <= 13-bits | | That is only true _if-and-only-if_ we pretend those 13 | bits are the only identifying information being sent to | Google when requesting a font. The HTTP request is almost | certainly being sent to Google wrapped inside an IP | protocol packet. For most[1] requests, there are _at | least_ 24 additional bits (why 24? see: [3]) of very- | identifying data in the IPv4 Source Address field. More | fingerprinting can be probably done on other protocol | fields, and IPv6 obviously adds an additional 96 bits. | Yes, IP addresses are not unique, but ~13 bits is easily | sufficient to disambiguate most hosts on a private | network behind a typical NAT. Correlating the tuple {IPv4 | Src Addr, x-client-data} received on a font request is | trivial: it only requires a user to login to any Google | webpage that includes a font request. | | >> re: your [1] A given Chrome | installation may be participating in a number of | different variations (for different features) at the | same time. These fall into two categories: | Low entropy variations, which are randomized based | on a number from 0 to 7999 (13 bits) that's randomly | generated by each Chrome installation on the first run. | High entropy variations, which are randomized using | the usage statistics token for Chrome installations | that have usage statistics reporting enabled. | | How many users have 'usage statistics reporting' enabled, | and are there for a "High entropy variation"? Is it | enabled by default and thus will only be disabled by the | minority of people that know how to opt-out? | | [1] Google reports[2] they currently see about a 60%/40% | ratio of IPv4/IPv6. | | [2] https://www.google.com/intl/en/ipv6/statistics.html | | [3] my previous posts on this topic - re: x-client-data | https://news.ycombinator.com/item?id=23562285 re: | 24-bits-per-IPv4 | https://news.ycombinator.com/item?id=15167059 | [deleted] | brycewray wrote: | Interesting and cool, although apparently no variable fonts[0] as | yet. While it's best to self-host whenever possible, this appears | to be a great alternative to GFs if one isn't willing or able to | do that. | | [0]: https://web.dev/variable-fonts/ | favourable wrote: | This is a great project, but I learned to use a system font | stack[0] instead to address latency issues on my sites. I run an | e-commerce site and every millisecond in rendering time is | potentially a lost sale. It needs to be fast, especially for | those on 3G (or 2G?) connections. | | [0] https://systemfontstack.com/ | _fat_santa wrote: | I have a question about system fonts. Whenever I declare system | fonts I always use: `serif`, `sans-serif`, or `monospaced` | rather than the actual fonts like: | | ``` | | font-family: -apple-system, BlinkMacSystemFont, avenir next, | avenir, segoe ui, helvetica neue, helvetica, Cantarell, Ubuntu, | roboto, noto, arial, sans-serif; | | ``` | | Am I doing it wrong by declaring it just like `font-family: | sans-serif`? | ayushnix wrote: | No, you're not doing anything wrong. In fact, you're giving | users choice to use the fonts that they want, if they | customize their fonts in their web browser. However, this | choice comes at the cost of potentially ugly default fonts | out of the box. Courier New, Times New Roman, Arial, for | example. Of course, this is completely subjective. | | Use `font-family: sans-serif` for your everything on your | website except code blocks and inline code elements, which | should use `font-family: monospace, monospace`. Yeah, you | have to specify `monospace` twice. If you don't, monospace | fonts will be unnaturally smaller than sans-serif fonts. | | Please don't use serif fonts on your website, ever. Most | people on the planet don't have a high resolution display and | serif fonts look chipped and broken on those displays. Serif | fonts make sense if you're using them inside a media query | for print. | xigoi wrote: | No, it's a matter of preference. The default fonts in some | browsers are pretty ugly, so if you want at least a chance of | getting a better font, you can use a stack like this. But | it's fine if you don't. | meribold wrote: | > The default fonts in some browsers are pretty ugly | | Is this really the case anymore these days? I think Firefox | uses Courier New on Windows as the default monospaced font, | but other than that I'm not aware of popular browsers using | terrible fonts by default. | | A nice aspect of using just serif or sans-serif is that | users who configured their browser's font options get what | they chose. | jfk13 wrote: | > I think Firefox uses Courier New on Windows as the | default monospaced font | | Actually, it was recently changed to use Consolas: | https://bugzilla.mozilla.org/show_bug.cgi?id=1607913 | chipotle_coyote wrote: | The system font stacks are trying to target the fonts that | the _operating system_ uses by default (e.g., using San | Francisco as the sans serif font on a Mac). If you just use | "serif", "sans-serif", and "monospaced", you're targeting the | fonts that the _browser_ uses by default, which probably aren | 't the same fonts. | | So, you're "doing it wrong" in the sense that you're not | actually doing the same thing, but you're not _wrong_ in some | kind of cosmic sense. :) | | (This does make me wonder for the first time why, when system | font stacks started to become popular, browsers didn't just | make the system fonts the defaults, though. Sure, it would | mean that web pages that only specified "sans-serif" would | change appearance between the old and new browser versions, | but if they only specified "sans-serif" they were declaring | "I don't care what font you give me as long as it's sans | serif" anyway.) | kevincox wrote: | Browsers "fixed" the problem by adding system-ui, ui-sans- | serif and ui-serif. | | I guess displaying an ugly font was important for backwards | compatibility so instead of fixing millions of existing | wrbsites they created new keywords that you need to opt | into. | cageface wrote: | This is my preferred solution too. It's really not necessary to | use custom fonts to achieve a nice design in most cases. | AtNightWeCode wrote: | Except for Android, very poor default fonts. | kube-system wrote: | They won't notice if your website looks bad: https://images | .techhive.com/images/article/2014/04/customize... | chrismorgan wrote: | The particular stacks advocated by that site aren't | particularly good (though they're not all that bad either). It | was discussed at https://news.ycombinator.com/item?id=31543054 | a few weeks ago. | | I would scrap _at least_ Avenir Next, Avenir, Helvetica Neue, | Helvetica, Ubuntu, Roboto, Noto, Arial, Apple Garamond, Times | New Roman, Droid Serif, Times, Source Serif Pro, Apple Color | Emoji, Segoe UI Emoji, Segoe UI Symbol, Monaco, Liberation Mono | and Lucida Console, and probably a couple more, for one of | three reasons: that the family is superfluous, for an obsolete | platform, or inferior. | zerocrates wrote: | Most actual versions of this kind of thing out in the wild | have Roboto; what's your reasoning for wanting to exclude it? | "Inferior"? | chrismorgan wrote: | Superfluous: it's there for Android, but I believe that | sans-serif will normally resolve to that anyway. | | (I'm not _certain_ about that, and can't confirm it as I | don't have ready access to Chrome on Android but I got the | impression some years ago that Chrome on Android uses the | system font, which is Roboto. But even apart from that, the | general idea is "stop specifying specific fonts and let the | browser do its thing and the user get their chosen fonts, | unless what the browser does by default is _too_ bad, like | Courier New for monospace".) | zinekeller wrote: | _looks at Samsung and Chinese manufacturers having their | own house fonts_ | | ... and now you know why Roboto is _explicitly_ included | - because sans-serif won 't necessarily resolve to Roboto | on an Android device. | politelemon wrote: | On the font pages, they use this as the example sentence: | | > The quick brown bunny jumps over the lazy dog. | | While the site is trying to be quirky and cute, replacing 'fox' | with 'bunny' doesn't showcase what 'f' and 'x' look like. | jobigoud wrote: | Shortest I could find in a few minutes: | | The quick brown fox jumps over the glazed bunny. | ntoskrnl wrote: | If a fox encountered a glazed bunny in the wild, it probably | wouldn't jump over it... | gandalfgreybeer wrote: | By this logic, why would it also jump over a lazy dog? | bee_rider wrote: | Perhaps the dog had cornered the fox, but in an a | location that the dog couldn't reach. So it decided to | wait the fox out, but then fell asleep because it is | lazy. | zarzavat wrote: | Wrote a quick Python script to explore alternatives. The best I | found with two words was: | | - The quick brown bunny jumps over the lazy podgy fox. | | If you want to do it with one word you can do: | | - The quick brown bunny jumps over the oversexualized | dragonfly. | tigerlily wrote: | A touch of DRY and you get: | | - The quick brown bunny jumps the oversexualized dragonfly. | dspillett wrote: | Or "The quick brown bunny jumps over the sexualized | dragonfly", which scans a little better for me. | jaclaz wrote: | I propose: | | The quick brown bunny jumps over the lazy dog, here, fixed. | httpsterio wrote: | you can replace the text with whatever you wish though so it's | not an issue | RobLach wrote: | It's an issue because you have to replace the text. | sdze wrote: | Why wouldn't I just self-host the fonts on my server? What are | the benefits of such CDN? Years ago I could understand it because | it may reduce latency (cache), but since browsers don't cache | from 3rd party servers anymore, also this is argument is obsolet. | nyanpasu64 wrote: | I just went through the process of self-hosting Google Fonts. | The process is actually surprisingly tricky. | | Google Fonts lets you download fonts for desktop use, in the | form of .ttf or .otf rather than the .woff[2] with one file per | Latin/Greek/Vietnamese/etc. script served by Google Fonts | itself. If you want the same font-embedding CSS as Google Fonts | itself, you can use https://google-webfonts- | helper.herokuapp.com/fonts (a font browser, outdated, doesn't | support font-display: swap), or | https://nextgenthemes.com/google-webfont-downloader/ (a | converter from Google Fonts CSS URLs to downloadable font | packs, supports font-display: swap, it works well but I chose | to not host the large CSS files with embedded fonts in base64 | format). | | As a technical curiosity, the second site _can_ suffer a race | condition resulting in partial or broken file downloads (I | never tested what happens), if two people request the same font | bundle at the same time, and they overwrite each other: | https://github.com/nextgenthemes/open-webfonts#bug-reports-a... | | I wish browsers would give users an option to set the default | font-display policy to swap. | quickthrower2 wrote: | I would guess they have a server nearer your client than you | do. | marginalia_nu wrote: | Fonts would be served over the same HTTP/2 line as your main | content though. | | That's pretty much always faster than a new TLS handshake, | regardless of roundtrip. | Gordonjcp wrote: | Exactly this. The last mile is always going to be the | slowest. Where you serve stuff from makes (almost) no | difference). | lbotos wrote: | Browsers don't use cross-site cache anymore (so if 2 sites are | both using google fonts you don't get the speedup) but I | _think_ browsers still cache content from request to request | for a domain. | | Additionally, a CDN will let that content be closer to your | customer, so even if it wasn't cached with the magic of CDNs it | should be faster than one origin server. | jefftk wrote: | _> Browsers don 't use cross-site cache anymore_ | | Correct. The last major browser stopped in early 2021. | | _> I think browsers still cache content from request to | request for a domain._ | | Definitely! A cache still provides substantial speedup. | Modern browsers fragment the cache on a per-site basis: | www.example.com and www.example.org don't share, but | www.example.com and forums.example.com do share. | blondin wrote: | people finding excuses against your suggestion are choosing to | ignore history. | | PDF won the text presentation format war because among other | things, PDF embedded the user's font. | | for consistency, and if you care about not using google's CDN, | just self-host your fonts. | Twixes wrote: | True that there's no 3rd party caching benefit anymore, but | it's still just very convenient - select fonts a'la carte, copy | the CSS/HTML snippet, paste it in, and that's it. All for free, | no licensing considerations with Google Fonts. | markx2 wrote: | Firefox > Settings > General > Fonts > Advanced | | Uncheck "Allow pages to choose their own fonts, instead of your | selections above" | | No remote fonts anywhere. | weird-eye-issue wrote: | Breaks lots of icons and such right? I disabled fonts for like | a day with Ublock Origin but it was too inconvenient | midislack wrote: | Just close the offending site and never, ever return. Works | wonderfully! | markx2 wrote: | I have not noticed any breakage though it may well happen. | | But pages are fast to load, I get a consistent chosen font | across all sites and my privacy (at least for font loading) | is respected. | reaperducer wrote: | A few elections ago, the New York Times used a font of | state glyphs to display icons in its real-time election | results.+ | | If you didn't have that font, you couldn't figure out the | election results without clicking through to each state's | page to see the results. | | + It's quite nice. If memory serves me correctly, the Times | even open-sourced it. | xigoi wrote: | If you block via uBlock Origin, you can make exceptions for | sites that get broken too much. | weird-eye-issue wrote: | Yeah but it just kept happening so much with regular | browsing I decided it was simply not worth it | moffkalast wrote: | You underestimate the average person's laziness. | zagrebian wrote: | Shouldn't the website disclose who funds this service? Like, | what's the catch? | mishafb wrote: | It is a real cdn with paying customers, trying to advertise its | product, there is no catch | omoikane wrote: | After changing the sample text on fonts.bunny.net to something | that is non-English, all missing characters are all rendered with | the same font. Chrome inspector will show the actual font being | used under "Rendered fonts", and it appears to be whatever the | locally configured fallback is. | | This is in contrast with the behavior on fonts.google.com where | missing characters are rendered with an inline image to | explicitly show the missing glyph. | | I prefer the fonts.google.com behavior here, which makes it | easier to find fonts that have all the glyphs I need. | AtNightWeCode wrote: | This has a joint problem with GF though. There is no option to | download the resulting font. | usrlocal1023 wrote: | The service doesn't seem to support IPv6 as there are no AAAA DNS | records. $ dog A AAAA fonts.bunny.net CNAME | fonts.bunny.net. 10s "bunnyfonts.b-cdn.net." A | bunnyfonts.b-cdn.net. 10s 195.181.164.130 CNAME | fonts.bunny.net. 9s "bunnyfonts.b-cdn.net." A | bunnyfonts.b-cdn.net. 9s + 195.181.164.130 | moffkalast wrote: | I'm still not entirely sure why anyone would load fonts from a | 3rd party link that's bound to break sometime. Just add it to | your assets like a normal person and Cloudflare will cache it | for you anyway. | | The license is non-standard too, something called SIL. I'm not | gonna bother looking up what that weird thing permits when I | can get thousands of CC0 fonts from like a dozen sites. | matthews2 wrote: | > The license is non-standard too, something called SIL. I'm | not gonna bother looking up what that weird thing permits | | It's the same as Google Fonts (because they're the same | fonts). Most of the fonts are released under the terms of the | SIL Open Font License 1.1, and a handful of them released | under the terms of the Apache License 2.0. | | Most free fonts are OFL'd. | DantesKite wrote: | Google uses fonts to track users? I didn't know that. Man, that's | crazy. | mda wrote: | It doesn't. | huhtenberg wrote: | How is this service financed exactly? | | One would expect this to be at the top of their FAQ. | jorams wrote: | Bunny.net is a CDN company with paying customers. This is a | free service provided by that company. | sascha_sl wrote: | Presumably marketing budget. | | Bunny is an extremely affordable CDN. The business they'd get | from medium to large sites that already trust them enough to | serve fonts over them should easily make up for it. | [deleted] | hannob wrote: | I find it really strange where some privacy debates have gone | wrong, and this is a perfect example. It's basically a form of | "don't trust them, better trust us, also we're in a country with | better privacy laws". Which is an imperfect solution at best, and | given that I have no idea who bunny.net is it's a questionable | one at best. | | If you embed a font hosted somewhere else you expose some of your | user data to them. Now with fonts there's a really simple | solution: Just don't. As an added bonus, hosting fonts on your | own server is faster as it goes through the same HTTP connection. | | There are situations where you can't completely avoid privacy | issues, and then you can try to do better than others. But if you | can completely get rid of a privacy issue then obviously that's | what you should do. | _fat_santa wrote: | > If you embed a font hosted somewhere else you expose some of | your user data to them. Now with fonts there's a really simple | solution: Just don't. As an added bonus, hosting fonts on your | own server is faster as it goes through the same HTTP | connection. | | I never quite understood the debate around fonts. You could use | the CSS/Link import that Google provides, but that's never the | optimal solution. Like you I always download the fonts and use | them directly via @font-face. | | The only advantage I see to using Google Fonts / some privacy | respecting font service like this one, is when you are first | prototyping an app and want to either test fonts, or want to | move quickly and not worry about setting up fonts properly. We | also used in a places like Storybook where having correctly set | fonts is not as important. | | But even if you did use it in prototyping, it's best practice | to pull down those fonts and store them locally before going to | production (at least in my mind). | | Am I missing something? | ncmncm wrote: | On Firefox desktop, I force literally all fonts -- serif, | sans, what-have-you -- to Linux Libertine. Dingbats can look | odd, but you get used to that. | | For reasons I am sure I will never fathom, browsers on mobile | provide all the same settings options, and religiously ignore | them. | heretogetout wrote: | If the font is already in your browser cache (which it might | be if they're hosting it on a common CDN) web pages should | load with the correct font right away instead of either | loading blank areas or a default fallback font before | switching to the correct font, causing jank. | | The best solution here is to use standard fonts that are | available in all browsers, of course. | modeless wrote: | Sorry, not since cache partitioning. | https://developer.chrome.com/blog/http-cache-partitioning/ | | Privacy killed the shared cache. | SquareWheel wrote: | And it's such a niche privacy issue too. I would gladly | take a shared cache over cache isolation. Especially for | something used on as many sites as Google Fonts is. | yetanother12345 wrote: | > have no idea who bunny.net is | | $ whois bunny.net (...) Registrant Name: Registration Private | Registrant Organization: Domains By Proxy, LLC Registrant | Street: DomainsByProxy.com Registrant Street: 2155 E Warner Rd | Registrant City: Tempe Registrant State/Province: Arizona | Registrant Postal Code: 85284 Registrant Country: US (...) | | > we're in a country with better privacy laws" | | ...it appears that the domain registrant is not, so you will | just have to trust that the company is not in the US or not | owned by a US entity (mostly relevant for the rest of the | world, probably). | | > with fonts there's a really simple solution: Just don't | | This was worth repeating :) | helldritch wrote: | This is run by BunnyCDN, I've been one of their smaller users | for a few years now (live video hosting and delivery, mostly | .m3u8, mpegts, HTTP Live Streaming type of stuff) and I've | always found their service reliable and cheap. One of the | primary reasons I liked them was that their API is REALLY | fast at making changes to the files (you make the call and | 100ms later the file attributes / content have been updated | throughout all their delivery locations) and the interface is | pretty easy to use. | | This isn't an advertisement, I had a very specific use-case, | but it follows into this: | | Of course, just like with Google, we are the product here. | Google Fonts is an analytics data collection platform, Bunny | Fonts is an advertisement for their CDN services. | | I'm going to stick with a /fonts/ directory, I think, despite | being one of their current users. It's really not very much | bandwidth for the fonts, it's not 2010 anymore, and I prefer | the control (and the local development environment being the | same, I don't always have internet and I don't want a dev | toggle for something as silly as fonts). | tyingq wrote: | It seems okay to me for the case of google. Since Google-owned | sites, Adsense, Gmail, and Google Analytics are so ubiquitous, | things like a font download are trivially easy for Google to | correlate to your other activity. There's much less value for | BunnyCDN to abuse it, because they don't have the critical mass | of your other activity. | | Yes, just serving up your own fonts is better, but this is an | improvement that seems to work with only a minor change. | rrdharan wrote: | I see this completely the opposite. There's much more risk to | Google to be lying about the privacy agreement applicable to | Google Fonts (https://developers.google.com/fonts/faq#what_do | es_using_the_...) than there is to some unknown company that | won't be a target for regulators and won't make any news for | casually violating your privacy through shoddy engineering | work or incompetence let alone maliciousness. | tyingq wrote: | I read that pretty carefully, and didn't see anything about | not saving and correlating the visit with other logs they | have. | ncmncm wrote: | I perceive exactly zero risk to Google in lying about | literally anything at all. Have you ever heard about them | being even slightly inconvenienced in response to any | abuse? | judge2020 wrote: | For both bunny.net and Google Fonts, using a CDN is useless | with the advent of timing attacks related to the browser | cache https://news.ycombinator.com/item?id=24894135. Storing | fonts on the same domain avoids a DNS lookup and extra TCP | connection. | rmbyrro wrote: | Can someone point out a good reason for not downloading the | font files and serving them directly from your CDN or servers, | without any calls to third-parties in your HTML? | TheRealPomax wrote: | We can reasonably assume that bunny.net doesn't also correlate, | cross-link, and permanently store which sites our IPs visit, | for the purposes of enhanced ad delivery. Which Google does: | that's literally what every single service they offer does in | addition to "the thing you need that service for". Even sites | that don't offer Google ads or Google analytics _still provide | Google with behavioural data linked to you_ by using Google | fonts. | | So no, this is not one of those examples, this is a great | example of someone setting up a service to remove all those | free, extra data points that Google harvests. Today it's fonts. | Maybe tomorrow, it's the rest of their "it's not explicitly | Google Analytics" offerings. | skybrian wrote: | I don't think we can reasonably assume either of those | things. You're speculating about both Google Fonts and Bunny | fonts based on very little information. | TheRealPomax wrote: | No, and yes, respectively. If you consider "Google | recording and monteizing on CORS URL requests" speculation, | I'm not sure you know much about the company we're talking | about here. They've been sued and fined over tracking quite | a number of times. | | Do we know whether bunny.net is any better? In the | abstract, no we don't, but we're not dealing in abstracts, | so we actually do because of where they operate. A real | European operation (not an international company with EU | presence but an HQ outside of direct EU jurisdiction) is by | default quite a bit better at not violating GDPR, and runs | the actual risk of being fined into financial insolvency | (rather than getting a few hundred million slap on wrist | that a multibillion dollar company goes "pff, whatever, let | legal sort it out" to). | | By virtue of Google's track record, and by virtue of where | this new service is located, and the track record of EU | based services with regards to privacy compared to their US | counterparts: | | Yes, we can _very_ reasonably assume both of those things. | skybrian wrote: | I used to work at Google and I'm sure I don't know how | most of it works, outside the area I worked in. It's a | big company and the systems are complex. | | Why do you think you know how it works? What do you | actually know about Google that doesn't come from outside | speculation? | | That link says that a website leaked an IP address to | Google. It doesn't say that Google did anything with the | IP address. | [deleted] | ntoskrnl wrote: | If you're requesting data over a network, ultimately you have | to trust someone. Fwiw bunny.net is pretty well respected. I | view them as one level "below" the mega-enterprise CDNs like | Cloudfront/Akamai, the same way Digital Ocean is one level | "below" AWS/GCP/Azure | lolinder wrote: | > If you're requesting data over a network, ultimately you | have to trust someone. | | If I self-host my fonts, the people I have to trust are only | those people I have no choice but to trust: those who get my | site into the user's browser. Every additional cross-domain | request I add is an extra party I have to trust. | 1337shadow wrote: | Can't you self host this? | jokethrowaway wrote: | The only reason is to escape regulatory fines for something 99% | of the world doesn't give a shit about. | | Not using fonts is not always an option | kevin_thibedeau wrote: | > Not using fonts is not always an option | | The silliness of this is that someone is going through the | effort to set up hosting for a website but hosting the | _fonts_ is just too difficult and has to be delegated to a | third party. The laziness of webdevs never fails to astound. | lolinder wrote: | I don't think it's laziness. My conscious brain knows that | it's anachronistic, but I still have the instinct to use a | CDN for the shared caching between sites. Obviously, | browser privacy changes mean that isn't a valid reason any | more, but for me the instinct is still there. | vorticalbox wrote: | > Not using fonts is not always an option | | Do you have an example where doing something in an external | font is not possible in one that's built into the browser? | colejohnson66 wrote: | Sure, not all sites need them custom fonts; I hate when I'm | reading a page and it reflows because the font changed, but | there's legitimate uses for fonts. Case in point: icon | fonts that work using the "private use area" in Unicode. | moritzwarhier wrote: | I always opt for self-hosting, be it fonts or other assets. | Sometimes I am briefly envious of the ability to use things | like Google Fonts, Unpkg or polyfill.io when setting up a | project. But I started doing web dev in 2018 when GDPR was | introduced here, and I always was kind of paranoid regarding | that. | | Self-hosting is probably a better habit to acquire anyway, the | only alternative being explicitly contracting with a company | that offers edge CDN. | | https://google-webfonts-helper.herokuapp.com/fonts | | is great for quick self hosted local Google Webfonts | fritigern wrote: | > we're in a country with better privacy laws | | Speaking as a European: I think this is a very important topic | for us. I don't think Americans and American companies | understand how little trust rest of us have for the American | government. Working with a company that is not subject to the | whims of the American government is a huge privacy win. If a | company pitches me a product, they start 1 points ahead if they | are based on Switzerland, Netherlands or somewhere similar. | BurningFrog wrote: | The US government has some restrictions of spying on inside | the country. Much less so abroad. | | So you're safer from the USG inside the US. | | Then again, they don't have a great track record of following | those restrictions, so I doubt it really matters. | dundarious wrote: | I'm surprised you emphasized government wrt. privacy here. | Sure, despite the fact that the US government institutions | have more mechanisms for oversight and transparency after 20 | or 40 years, etc., they are certainly the most profligate in | their use of surveillance and hacking, etc., and US three | letter agencies are the most adept at completely side- | stepping those publicized limitations -- so it's not like the | government isn't an issue, and the US government most of all. | | But when it comes to surveillance on this quotidian level, I | think private/corporate surveillance it's far more relevant | and problematic. In that regard, I'd slightly prefer a | European country with good privacy laws like those you | listed, because (probably) Bunny is not itself at the level | of a panopticon such as Google, and the likelihood it has or | would avail of avenues for resale to panopticon capable data | brokers is less than it would be for US companies. | | But even there, it does seem like a quite incremental | improvement. The door is still wedged open, but now probably | less wide, and probably with a stronger doorstop. It would be | nice to not leave the door open at all. | fritigern wrote: | I am not worried too much about corporate surveillance. I | can always shop somewhere else. I can't change my | government. | | I use DDG because I don't like Google. I can't do the same | with my government. | DocTomoe wrote: | > ... for the American government | | or any government, especially our own, for that matter. Some | just have a better track record at being bound by the rules | they give themselves than others. | fritigern wrote: | When it comes to privacy and human rights, America's record | is one of the worst in the world. | kopochameleon wrote: | Says who? "Worst in the world" would suggest worst | 10-20%, while most metrics I can find put America in the | best 60-20% | | https://ourworldindata.org/human-rights | | https://freedomhouse.org/countries/freedom-world/scores | | https://www.cato.org/human-freedom-index/2020 | | From your repeated comments in this post saying | essentially "America bad" without any additional details | it seems like you may have some anti-American bias | unrelated to the topics at hand leading you to | proselytize against all US associated activities. It may | be worth questioning some of your priors. | shrimp_emoji wrote: | I always had the suspicion that the (seemingly higher) | interest in privacy/FOSS in Europeans is fueled partly by | anti-Americanism. In America, even if you don't trust the | government, at least it's _your_ government, so I don 't feel | like that plays as big a role, and any interest in | privacy/FOSS (like mine) is untempered by the anxiety of an | alien government's interference. :p Regardless, I love how | much more Europeans seem to value privacy. | fritigern wrote: | > I always had the suspicion that the (seemingly higher) | interest in privacy/FOSS in Europeans is fueled partly by | anti-Americanism. | | Of course it is. After American Wars in the Middle East | killed and displaced millions, there is good reason to be | wary of Americans and the American government. | [deleted] | marcosdumay wrote: | > at least it's your government | | What? Your government is the worst one to go not respecting | your rights. | fritigern wrote: | I worry more about my government compared to the | government of a county far away that has no power over | me. | judge2020 wrote: | How do the laws play out in practice? If bunny.net started | storing user agent and IP address information indefinitely, | and someone complained, how likely is it enforcement action | is actually enacted on them? It seems such a low-impact | privacy violation would be a waste of time for a GDPR/etc | agency to focus on compared to things like ad companies | selling location data. | brnt wrote: | > How do the laws play out in practice? | | I think this is important to consider. In practice, it's | difficult to have any recourse with an American company. In | Europe it's more expected and common that government and | consumer orgs take an active role. Both legal culture and | culture-culture (?) are just very different, leading people | to preferring to steer clear of this expensive and | adversarial (compared to EU climes) environment. | judge2020 wrote: | That's the exact scentiment the parent to my comment is | suggesting; I'm saying that GDPR agencies probably aren't | going to care at all about the type of data sent to a web | host when all they're doing is serving fonts for 3p | websites. | geraneum wrote: | People are talking about the possibility of being spied on by | governments. I think if you're targeted by government or | intelligence agencies, then even self hosting most likely | won't save you from them. | | What is important here, and why these laws matter, is how | trivial it is to get access to your data, or for companies to | sell your data. That's why I appreciate the European's effort | to have better laws for our privacy. | | If you really want to be government proof, then you better | host everything in a server in a remote secret location out | of their reach. | dorgo wrote: | Goverments and intelligence agencies can't target everyone. | But they can gather data for future use. So if you don't | give them your data you won't be targeted in the future. | geraneum wrote: | This is a good point. I would say we shouldn't make it | easy for the governments to access the data as well as | private interest or companies. These are not mutually | exclusive. | | EU privacy laws are a step in the right direction. It's | progress. We can build on it. | pdimitar wrote: | This goes both ways, the lack of the usual amount of data | about you is a data point in itself. | | `SELECT * from citizens where data_points < 50;` | | And then somebody aims a botnet armed with zero-days in | your direction. But yeah, that requires dedicated | adversaries that actually notice you -- which is not a | given, I'll agree. | fritigern wrote: | You are probably right, but that doesn't mean I want to | make it easy for them. | ByteJockey wrote: | > I don't think Americans and American companies understand | how little trust rest of us have for the American government. | | Have you... have you seen our politics? What makes you think | that we think other people trust our government? We don't | trust our government. Hell, it's trusted so little that one | of our large political parties is basically entirely devoted | to making sure that the government can't get anything done. | KennyBlanken wrote: | That political party's actions are about weakening the | federal government so as to make it easier for large | corporations to behave abusively, not because of trust. | States have less resources, and can be played against each | other. | | The public-facing excuse for Joe Q Public is "they can't be | trusted!", "less taxes on your hard-earned money" (when | corporate share of taxes has plunged from the 50-50 split | it used to be, increasing individual taxes), "the | government is not efficient" (usually because of lots of | onerous regulations and reporting and oversight that, ahem, | a certain political party insisted on to fight "abuse") | ncmncm wrote: | ... and, at the same time, to radically increasing | government spending literally everywhere except where there | might be a possibility of benefit for an individual who | needs help (just because said individual could possibly be | ("a") black). | troynt wrote: | Would you trust a Switzerland based company that uses GCP or | AWS? | encoderer wrote: | Surely you realize that if a modern sophisticated | _government_ wants to see your data, they are going to be | able to access it, even if it's stored in the Netherlands? | What threat are you protecting yourself against? | dorgo wrote: | > What threat are you protecting yourself against? | | Against modern sophisticated governments who are busy, | lazy, distracted to ask Netherlands to give them my data. | I'm not exactly a high priority target. All I have to do is | to make it a little harder for them to access my data. | fritigern wrote: | No reason to make it easy for them. | | Also, proper client side encryption is really difficult to | break. Usually they need to compromise the client in order | to read it. | the_common_man wrote: | So, with this logic you would host your data in Russia | (just to give a random country) ? | pdimitar wrote: | Why not? Make encrypted backups with `borg` and use | `rclone` to distribute them to a number of free cloud | storage services -- this is what I and many others do. | One of my destinations is Yandex Disk. They all only see | an encrypted Borg repo. And in the next few weeks or | months I'll make sure they won't even be seeing that. | Just a few opaque files several tens of megabytes big | each. I wish them luck cracking it, lol. | | What are they going to do, fly to my fringe country, | knock on my door and politely ask me to stop storing | encrypted blobs on their servers? No, they will not. | First, their TOC does not forbid it and second, they are | way too lazy to scope me out of the crowd, and third, | they will only start shutting users down if their free | plan starts costing them too much. I've been doing this | for years and nobody seems to give a frak (Google | included). | | And I am just a regular guy who wants to make sure his | code and passion projects (and personal / family photos) | are never going to get lost even in a case of disaster. I | never in my life did anything to warrant government | attention. | josefx wrote: | If the government wants to go after you in specific? You | might be screwed. If the government wants to identify | "criminals/degenerates" by checking against | sexualPreference="gay", semitic="yes", numAbortions > 0. | Then you at least wont turn up because that would require a | lot more effort. | throwaway1777 wrote: | Between the joke of an energy policy in Germany this year and | Douglas Murray's books I have no confidence in European | governments either. I used to feel Europe's system was more | competent but the illusion has been shattered. | 0des wrote: | Wait what the heck are they doing to books? | zeven7 wrote: | To add to that now every other website has an annoying and | useless cookie dialog I have to dismiss, as if that's | forward progress in privacy protection. | dspillett wrote: | That is the website owners implementing the rules in the | worst way possible, either through incompetence or | through deliberately trying to annoy (or fool) you into | accepting everything. | | Be angry at the sites, not the legislation. | lolinder wrote: | Can I be angry at both? Legislation is only required to | regulate bad behavior by some set of entities. As such, | legislation should be written _assuming_ that those | entities will exploit any loopholes. Malicious compliance | is exactly what the EU should have expected and planned | for. | dspillett wrote: | _> Malicious compliance is exactly what the EU should | have expected and planned for._ | | It usually isn't compliance, malicious or otherwise. | | It is malicious "we know we are breaking both the letter | and the intent, but we know they don't have resources to | properly enforce against _everyone_ , so we are going to | chance it for as long as we can". The vast majority of | these consent systems are not compliant with any of the | relevant regulations (ePrivacy Directive, GDPR, CCPA, | ...). They will fix it when they get a slap on the wrist. | If they get anything it will be a slap or a warning | because while anyone in their right mind is pretty sure | that the non-compliance is deliberate, that is nigh-on | impossible to conclusively prove. | 6510 wrote: | They are now forced to tell you what they are doing. That | it makes you angry is a design goal. | dspillett wrote: | Well, not quite. They are forced to stop hiding what they | were doing. They _could_ make everything opt-in, and it | could be simple single checkbox or button, they are not | forced to do any of what they are currently doing. | | And if it makes people angry at the legislation, the | lying back-stabbing "your privacy matters to us" | arseholes in marketing are successfully making that goal | backfire. | pydry wrote: | >If a company pitches me a product, they start 1 points ahead | if they are based on Switzerland | | Crypto AG was based out of switzerland. | fritigern wrote: | It was owned by American Government. | kube-system wrote: | Secretly, for decades. | | You don't know who secretly owns any companies in | Switzerland today. Your favorite Swiss VPN could be owned | by Equifax or Acxiom for all you know. | [deleted] | fredgrott wrote: | is that really a mistrust of US gov and firms or a mistrust | of the results of the exportation of US Federalisms? | kube-system wrote: | Unless you're under a totalitarian government, spies aren't | really interested in most people's data. Data brokers, on the | other hand, are willing to sell anything they can profit | from. | fritigern wrote: | eivarv wrote: | Yet bulk data collection (in effect "mass surveillance") | happens, and poses a risk in and of itself to data | subjects. | kube-system wrote: | You can't use the internet without risk. All you can do | is measure relative risks and decide which are | acceptable. Means, motive, and opportunity matter. | Someone who is missing the motive portion is less of a | concern than someone who has all three. | fritigern wrote: | No one expects zero risk, it's about reducing risk. I | choose to avoid American companies in favour of non- | American competitors because the American government is | hostile to privacy and is a warmonger. | kube-system wrote: | 90%+ of governments are more hostile to privacy than the | US. It might make sense to prefer countries with GDPR, | but the vast majority of "non-American countries" have | even worse protections for your data. | | > and is a warmonger. | | This is flamebait unrelated to data privacy risk. If you | don't want to use American companies because you have an | political opposition to supporting US companies, that's | also a valid opinion. You don't have to twist it into a | data privacy argument. | fritigern wrote: | > This is flamebait unrelated to data privacy risk. | | It's not flamebait, it's a legitimate reason. A country | who has been killing people in various wars/invasions is | unlikely to behave ethically when it comes to privacy. | | If you behave unethically in one area, I have every | reason to assume that you'll also behave unethically in | another area. | kube-system wrote: | The number of governments that have not had to deal with | ethics concerns is exactly zero. | | Rather than drawing a broad hand-wavy link between ethics | concerns and respect for privacy, you'd be much more | accurate in measuring privacy by directly considering | their practical legal frameworks that protect privacy. | | > A country who has been killing people in various | wars/invasions is unlikely to behave ethically when it | comes to privacy. | | This doesn't hold up. There are many countries that will | straight up man-in-the-middle internet traffic with no | oversight that have been at peace longer than Germany. | fritigern wrote: | > The number of governments that have not had to deal | with ethics concerns is exactly zero. | | Some are worse than others. America is one of the worst. | War, invasions, mass surveillance, mass incarcaration... | kube-system wrote: | This is simply not factual, it is an information | availability bias. America is one of the most publicized | nations, and sunlight is one of the best disinfectants. | By any academically rigorous measure, the US ranks high | in ethics, along with most other western style democratic | systems. | fritigern wrote: | Tell that to the people that were killed by American | military in Iraq, Afganistan, Libya, Syria, Pakistan, | Yemen and probably other places I am forgetting. | kube-system wrote: | This has nothing to do with internet privacy. | fritigern wrote: | Of course it does. | | A country like America that has been murdering people in | many wars around the world without hesitation is unlikely | to take my privacy seriously. They don't respect my right | to live, do you think they will respect my right to | privacy? | kube-system wrote: | Germany is widely regarded as having the best privacy | laws in the world, and they participate in NATO | conflicts. | | Several countries in SE-Asia have been at peace for much | longer and will happily man-in-the-middle your internet | traffic at the whim of their unchecked government powers | [e.g. https://en.wikipedia.org/wiki/Internet_censorship_i | n_Vietnam]. | | A country's participation in war and their effective | protections for privacy are not strongly correlated, | demonstrably so. | 6510 wrote: | I think he is referring to the drone strikes based on | meta data. | kube-system wrote: | Maybe, but that doesn't have any relation to the state of | data privacy in a particular country. Most of the | countries with almost no data protection at all (or laws | that _require_ your data to be compromised) don't even | have drones. | pdimitar wrote: | Have you considered that Switzerland and Netherlands might | just, you know, hand other agencies your data without telling | you? | | At this point we're supposed to believe what amounts to feel- | good talk. | | But I keep asking: "How do we know for sure?" | | I haven't done anything illegal nor do I need to protect some | mega-important knowledge but I still dislike giving easy | access to my data so I automated parts of my workflow to | double-encrypt my most important data and send it to several | off-sites plus an own self-hosted server. | | Sure, they likely know remote Linux network zero-days but the | odds of them wanting to target me in particular are minuscule | so... -\\_(tsu)_/- | yieldcrv wrote: | The internet culture's understanding of Swiss privacy laws | are laughable at best. Switzerland has existing laws to any | and everything for records. | | You are trusting them just as much as a server in any other | country. Saying "Switzerland" is all marketing for privacy | enthusiasts who aren't going to do anything on their own. | itake wrote: | My understanding of privacy international privacy stuff is if | a European gov wants to spy on their own citizens, but the | law prevents them, they phone up the USA and have the USA do | the spying(hacking?) and get the data from them. | | European countries do the same for USA gov on US citizens. | judge2020 wrote: | https://en.wikipedia.org/wiki/Five_Eyes?wprov=sfti1 | | In the US at least, any spying is illegal when both parties | are within the US and the packets never leave the US. | patrec wrote: | > In the US at least, any spying is illegal when both | parties are within the US | | And no doubt it must be even more illegal to then perjure | yourself in front of congress about not having engaged in | such illegal spying, when in fact you have. | DocTomoe wrote: | And, who ever got executed for spying domestically? Who | ever got a prison sentence in line with the rough prison | sentences the US happily gives out for much lesser | offenses? Wo ever got so much as a bad performance | review? | | Noone? Why am I not surprised? | the_only_law wrote: | Illegal things are ok if they involve "national security" | or are useful for cold war dick measuring. | DocTomoe wrote: | In countries that follow the rule of law, they are not. | kube-system wrote: | Who has been executed for violating GDPR? | | Laws can be enforced without executing people. | DocTomoe wrote: | That's why I gave two "lesser punishments", which also | are apparently not used. | [deleted] | 6510 wrote: | More interesting : Anyone outside the US is fair game. | Anything goes - by law. | pdimitar wrote: | As if anyone have ever proven that those laws were broken | -- which we know they were -- let alone ever get | convicted of it. | | These laws are a formality and have no teeth. | youngtaff wrote: | But if you arrange for the packets to be routed outside | the US and then back all sorts of possibilities open up | ajsnigrutin wrote: | Yep, that's why they "coincidentally" do a traffic stop, | and find stuff "by accident". | misslibby wrote: | I'm a European and I have very little trust in European | governments. Not much trust in the US government, either. | blooalien wrote: | I'm an American and I have next to _zero_ trust for | governments in general. "Absolute power corrupts | absolutely" and humanity has given too few entirely _too | much_ "absolute power". I feel much the same about most of | the massive corporate entities as well. | jen20 wrote: | The difference is Europe is better at restricting | corporate overreach than the US is, regardless of how | similar their governments have become. That said, I'd | take almost any European government over any US | government of my entire lifetime, especially when it | comes to actually enacting privacy legislation. | | I couldn't care less about web fonts though. I'm not | downloading them from Google or "bunny.net" or anywhere | else. My computer has some of the nicest-looking fonts | around as system defaults, and websites can either work | with that or get put into reader mode. | ajsnigrutin wrote: | Yep, and also the whole EU... Every few months, they either | want to make encrpytion illegal, scan more private data, | scan files on end user devices, outright ban e2e | encryption, or worse. | dmix wrote: | And we can thank EU for the extremely annoying cookie | pop-up's on every website. Every site has a slightly | different UI and the options/button labels always vary. | Declining is always a multi-step process with various | checkboxes. | | They are never geo-filtered either so everyone is forced | to see them. | | I'm usually a big advocate for privacy and this was | obviously done with good intentions but there were so | many better ways to do it and I doubt 99% of people do | anything but click okay without reading it. | | At least if the browsers did it the UI would be | standardized and you could have default persistent | settings. | | Now that there has been a massive effort to implement it | I doubt it will ever get fixed or go away. Even though | the decline of supercookies and Firefox's new 3rd party | policy has largely made it obsolete. | cromka wrote: | > Declining is always a multi-step process with various | checkboxes. | | https://oblador.github.io/hush/ | | You're welcome! | bitofhope wrote: | >And we can thank EU for the extremely annoying cookie | pop-up's on every website. Every site has a slightly | different UI and the options/button labels always vary. | Declining is always a multi-step process with various | checkboxes. | | No we can't. We can think of scummy adtech companies who | feel entitled to their business model. | | The GDPR very specifically says that the option to | decline tracking must be at least as easily accessible as | the option to accept. | | The only way the EU is to blame for the pop-ups is that | the regulation hasn't been enforced strictly enough. | 6510 wrote: | If the cookies are needed for functionality the popup is | not required. | [deleted] | ajsnigrutin wrote: | Criminals will avoid laws, and lawmakers should write | laws in a way that makes them hard to be avoided. | | If they asked anyone with atleast a minimal technical | knowledge, they'd get a lot better solutions. | anyfoo wrote: | > And we can thank EU for the extremely annoying cookie | pop-up's on every website. Every site has a slightly | different UI and the options/button labels always vary. | Declining is always a multi-step process with various | checkboxes. | | I don't understand this line of thinking. You are | declining the cookies, so obviously you prefer not to be | tracked. And it's obvious that it's not the EU who made | the varying, annoying, and often purposely misleading | dialog boxes to decline the cookies, but the companies | who want to force their tracking on you. Without the EU | law, they would just do it without asking for permission. | So why blame the EU? | dmix wrote: | Of course the outcome of random unfriendly and annoying | UIs is the only predictable outcome... so why wouldn't | the EU responsible? Who else would be? | | Would some design guidelines be helpful? Maybe but it's | still fundamentally flawed and I doubt it'd be enforced. | | As I said the only possible option where there could be | design cohesion is via the browsers (or maybe a EU- | controlled open source JS plugin but that's even worse). | | I don't ever use the cookie popups because fine-tune | control of cookies doesn't have much privacy ROI. I | _want_ to use cookies on most sites and ublock does the | rest. | | I highly, highly doubt the tiny percentage of people not | using an adblocker but are still technical enough to uses | cookie popups regularly and effectively is really worth | the cost. | | I get the impression people _want_ this to be a good | idea, because it sounds like one, instead of considering | whether it is. | | Has the ever been a study that shows the real-world | utility of forcing sites to use cookie popups? | anyfoo wrote: | > Of course the outcome of random unfriendly and annoying | UIs is the only predictable outcome... so why wouldn't | the EU responsible? Who else would be? | | "Of course burglars choosing less protected houses is the | only predictable outcome... so why wouldn't the makers of | security systems be responsible? Who else would be?" | | I still don't get it. Without the EU laws, it wouldn't be | magically easier to block tracking cookies, they wouldn't | offer a choice _at all_? What are you arguing for? | | > As I said the only possible option where there could be | design cohesion is via the browsers (or maybe a EU- | controlled open source JS plugin but that's even worse). | | We tried that, it failed: | https://en.wikipedia.org/wiki/Do_Not_Track | | > I don't ever use the cookie popups because fine-tune | control of cookies doesn't have much privacy ROI. I want | to use cookies on most sites and ublock does the rest. | | The cookies for functionality/session are not affected by | the cookie popup. | | > I highly, highly doubt the tiny percentage of people | not using an adblocker but are still technical enough to | uses cookie popups regularly and effectively is really | worth the cost. | | I use an adblocker and still decline on the cookie | popups. I assume you are doing, too, otherwise you | wouldn't complain about popups you don't see? | | > Has the ever been a study that shows the real-world | utility of forcing sites to use cookie popups? | | Me able to decline them is real-world utility. If a | majority or at least significant portion of users is | successfully tricked into accepting the cookies, then | that calls for a refinement of the law along with better | enforcement, not for retraction of the law. "Let them | have it", what a bleak, defeatist thing to suggest. | | You are blaming the makers of the law for what is very | obviously the fault of the perpetrators, who are trying | to get around the law in profoundly shady and just | downright shitty ways. | | I am glad the EU law exists, without it there wouldn't | even be the option. | ajsnigrutin wrote: | There are many ways to solve this issues, and EU chose | one of the worst ones, that for most people doesn't help | at all. | anyfoo wrote: | Sounds good, can you name a few ways? | | I'm being serious. If there are better ideas, which there | probably are, let's put them out there. | ajsnigrutin wrote: | Client side blocking (by that I mean removing them after | the tab/page close)? First for third party cookies, then | for all of them, and add a "button" next to the url bar, | to enable cookies for that specific site (to allow | logins). | jokethrowaway wrote: | Any government sending any request to any company is very | likely to get a compliant answer if they want to operate in | that market. | | You can only trust services like signal which make it | impossible for the operators to access your data | | GDPR is mainly against corporations making money out of | knowing who you are across the web, it won't save you from a | government actor | fritigern wrote: | Signal Foundation is based in the US. It takes only 1 | national security letter to compromise them. | 1vuio0pswjnm7 wrote: | "Which is an imperfect solution at best, and given I have no | idea who bunny.net is it's a questionable solution at best." | | Anyone doing internet research in Australia/NZ/Oceania who | peruses publicly available scans of HTTP or DNS ports would | likely be familiar with bunny.net as they are a large enough | CDN in the region to have many thousands of subdomains for | customer IPs. And if sorting by the non-numerical portion of a | subdomain, as these begin with the letter "b", it is seemingly | impossible to miss this company's presence toward the beginning | of the scan. | | The company has been around since 2012. It seems reasonable | that this CDN might offer alternative for its customers. Why | not. Look at how many extra "services' AWS offers. The founder | of bunny.net posts questions in nginx forums. I suspect a | customer could probably get him on the phone. This is not | Amazon or Google. Amazon sells goods. Google sells online | advertising services. Both are primarily intermediaries | (middlemen) who try to prioritise their own competing | goods/services. All the data those companies collect may feed | into another businesses that strives to study and understand | human behaviour, placing internet-connected microphones | (referred to only as "speakers") in people's homes. Bunny sells | CDN services. At present, that's it. | | 1. https://bunny.net/our-story | | The solution may be questionable for someone who does not know | bunny.net as a CDN, but for someone in the region who has a | paid agreement with the company, it seems to be a perfectly | reasonable solution, although certainly not the ideal one which | is of course to use local fonts. | | Or do not use fonts at all. As a text-only browser user, and | author of own utiliies for information retrieval, I can attest | that the world is not going to end if websites stop using CSS, | Javascript or other "features" that are easily used to assist | with surveillance for advertising purposes. In fact, IME, the | web actually works much faster for information retrieval | without those "features". | | The bizzare thing about this HN submission is that it purports | to be the recent announcement of fonts on the bunny.net blog | however it currently points to an "About" page not the blog | entry. The blog entry discloses the rationale for the decision | to incorporate in Germany and offer fonts. It suggests the | intended purpose here is not to protect www users, it is to | protect CDN customers. | | https://bunny.net/blog/bringing-privacy-back-into-your-own-h... | hsjdbdksjsj wrote: | you won't believe this, but as the end user you can solve this | in your life once and for all, and also improve your life! | something rare for online annoyances nowadays. | | any decent browser, i mostly use firefox, have a checkbox in | the font screen that prevents sites from changing the page | font. | | i set all sites to user Ubuntu Mono. always. all the time. | everywhere. | | the _only_ downside are sites that use winding-like | fontawesome. you will get "S" instead of the magnifyingglass | icon... i got used to things like that. Google meet screen is | particularly weird. meh. | | but after you are past the initial shock, having the same font | everywhere is the ideal usability hack. faster reading. less | distraction. it's perfect. | | and as a bonus i don't even care (as i block referrer headers | xdomain), not a single request ever goes to googlefont and the | likes. | nyanpasu64 wrote: | I used to disable font overrides altogether. Another failure | mode of that mode is that the omnipresent Material Icons | displays words (the font contains ligatures replacing words | with icons) instead of icons. | chrismorgan wrote: | Icon fonts that use the Private Use Area code points _do_ | still work when you just instruct the browser to not let | pages override your choices. This is the way almost all icon | fonts work. In the last few months I think I've observed only | three fonts not doing so; DuckDuckGo is one, the second was | some small business's site using a style from many years ago, | and the third is Google's Material Icons font, distressingly | widely used, which uses a ligation technique the implications | of which _really_ weren't thought through properly. (It was | supposed to improve accessibility in case of the font not | loading, but in practice it makes it disastrously bad much | more often, as can be seen on a number of Google properties, | like their docs sites and Google Translate which are both | significantly mangled by it.) | michaelmior wrote: | And that I don't get to see the site as the original designer | intended. It's of course perfectly fine for others to not | care about that, but I enjoy it. | KennyBlanken wrote: | You can also use the DecentralEyes plugin, which caches | javascript and font resources from the common third party | providers. | tokinonagare wrote: | > the only downside | | Ubuntu Mono coverage is only 1200 glyphs as per its website, | that's very very few. | ncmncm wrote: | Doesn't work on mobile anyplace I have tried. Setting is | there, result nil. | justinclift wrote: | Oh, that'd probably work really well with dyslexic style | "easier reading" fonts too. | | eg: https://opendyslexic.org / | https://github.com/antijingoist/opendyslexic | jstummbillig wrote: | Upside: Consistency. Downside: Consistency. | HelloNurse wrote: | Without forgetting consistent detection of fragile extreme | typography that breaks layout or looks strange when fonts | are replaced. | ajvs wrote: | Alternatively people can use uBlock Origin and simply block | all remote web fonts. It'll break some sites which use fonts | to replace icons, but the add-on can easily be disabled for | those specific sites. | miohtama wrote: | You can self host Google fonts, so you need to trust no one. | Not sure if I see the point of this service. | TazeTSchnitzel wrote: | Years ago I did sudo bash -c 'echo ":: | fonts.googleapis.com" >> /etc/hosts' sudo bash -c 'echo | "0.0.0.0 fonts.googleapis.com" >> /etc/hosts' | | and I haven't looked back. | einpoklum wrote: | I am often tempted to push this further to: | sudo bash -c 'echo ":: google.com" >> /etc/hosts' sudo | bash -c 'echo "0.0.0.0 google.com" >> /etc/hosts' | 0daystock wrote: | What exactly do you believe doing this will accomplish, other | than cutting off access from a search engine? | midislack wrote: | Stops the biggest advertiser from profiling you on every | site, obviously. | dan_pixelflow wrote: | It doesn't, though. Google use other domains. | midislack wrote: | Blacklist those too then. | blacksmith_tb wrote: | I'd suggest 1e100.net[1] too. | | 1: https://support.google.com/faqs/answer/174717?hl=en | sbf501 wrote: | ...and the other 10,000 sites you interact with per year? I | realize security posture is about layers, but this is | pointless. | TazeTSchnitzel wrote: | It's not for privacy's sake! I leave that to Privacy Badger. | | I just prefer having pages load quickly and don't generally | think custom fonts improve the experience. | quickthrower2 wrote: | Blazingly fast! | ilrwbwrkhv wrote: | Perfect and easy to switch. Great work bunny. Also their cdn is | the fastest I have ever used. | jollybean wrote: | Can someone please answer the question ... why don't companies | just self-host the fonts? And why aren't people doing that in the | first place? | grzm wrote: | Cost of storage and management. | | Time is money, and it's expensive to pay people to mess with | things if they don't have to. | | I might not choose to make the same tradeoffs, but I can | understand why others might. ___________________________________________________________________ (page generated 2022-06-19 23:00 UTC)