Unable to load image
Reported by:

TeamViewer installs suspicious font only useful for web fingerprinting :marseyglow2:

https://www.ctrl.blog/entry/teamviewer-font-privacy.html

Orange site: https://news.ycombinator.com/item?id=32163940

RustDesk seems to be quite ok to use and self-hostable: https://github.com/rustdesk/rustdesk

Spice is pretty good too: https://www.spice-space.org/index.html

:#marseyspyglow:

So, here’s a bit of a mystery: Why does TeamViewer – the popular remote desktop program – install a font it doesn’t use on your computer? The abstract font (shown in the above image) doesn’t seem to serve any purpose in the software. Intentional or not, it enables websites to detect if you have TeamViewer installed on your computer.

You can see an almost complete type specimen of the TeamViewer font in the above illustration. It contains the characters to write TeamViewer plus the digits 7 and 8. The remaining 24 majuscules (uppercase) characters of the Latin alphabet are encoded as an apostrophe. The included characters feature a rather unique and mostly unreadable design.

It’s not uncommon for creative software — like Microsoft Office, LibreOffice, and the Adobe Creative Suite — to install complementary fonts. However, these fonts are all meant to enhance your use of the software by giving you more fonts options. You get the TeamViewer font as an option in all programs that support setting your own font (such as Microsoft Word).

Websites can detect the fonts you’ve installed on your computer. Font detection relies on brute-force testing. A webpage creates a hidden bit of text and measures how wide it is. It then changes the font to, say the TeamViewer font, and checks to see if the text changes width. If it does, then the website knows you’ve got that font installed on your computer — and by extension the software that installed it.

The odd and almost unreadable proportions of the TeamViewer font make it well-suited for fingerprinting. I believe this is also its true purpose. There’s no use case for installing a unique non-general purpose font like this along with your software other than enabling browser-based fingerprinting.

If the program needed this font for some obscure reason, it could load it from its own data directory. It doesn’t need to install the font as a generally available system font if it only served an internal use.

The TeamViewer client program doesn’t load the font file, list all the installed fonts, or reference the font file directly. As far as I can tell, the only TeamViewer software that references the font file is the TeamViewer installer and the uninstaller programs.

TeamViewer doesn’t bundle the font in its Mac and Linux versions. The font is only bundled alongside the Windows version. This tidbit of information is also why I’m convinced the font serves no purpose in the TeamViewer client software. Why would it be required on Windows but not the other supported platforms?

The current version of the font is called TeamViewer15. TeamViewer releases a new version of the font with every major version number change. A quick query on GitHub reveals that many font fingerprinting libraries include references to the font names TeamViewer15, TeamViewer14, and TeamViewer13.

The font raises the risk of phishing and scams targeting TeamViewer customers. It leaks who TeamViewer’s customers are to every website they visit. This could enable more targeted social-engineering messaging based on the knowledge about whether the software is installed or not. There’s no need to waste time in a support scam asking the victim to install a remote-access tool when they’ve already got one set up and ready to abuse.

After I learned about the existence of the TeamViewer font, I expected to find it used on the TeamViewer website. I assumed the website used it to adapt its contents to whether you have the software installed or not.

The TeamViewer website could, for example, change the download button to a purchase button, or give support documentation relevant to your version of the software. However, this is not the case. No public part of the TeamViewer website tries to load the font.

Update (2022-07-20): A reader identified and documented a usecase for the font on the TeamViewer website in a comment on Hacker News. The website checks for the presence of font (and thereby whether you’ve got the software installed) when you follow a special screen-sharing session invitation link. The links are used to invite others to connect to your computer.

I haven’t examined archived versions of the TeamViewer website; it might have used the font in the past. It really raises questions about the font’s true purpose, though. Is it used by partnering ad networks to better target TeamViewer customers and non-customers with custom messaging?

I’ve reached out to TeamViewer for clarification about the font’s purpose, and I’ll update the article if I hear back.

42
Jump in the discussion.

No email address required.

TeamViewer has always been pretty sketch.

Jump in the discussion.

No email address required.

Seriously, after the fiasco that when having TeamViewer and you walk away and come back to your mouse moving around looking for documents, if you're still using TeamViewer you deserve to be spied on.

Jump in the discussion.

No email address required.

Lol what?

Jump in the discussion.

No email address required.

Basically randos were able to remote through teamviewer without prompt and start going through your stuff to find important info.

Jump in the discussion.

No email address required.

How does that even happen lmao

Jump in the discussion.

No email address required.

You drop this on us without sharing what the frick you're talking about? Link or I'm banning you 😀

Jump in the discussion.

No email address required.

It was like six years ago, but basically people had unsecured teamviewers and people could just remote in:

https://security.stackexchange.com/questions/100646/computer-accessed-by-stranger-through-teamviewer

I tried to find the story but I winded up getting something better:

https://old.reddit.com/r/teamviewerandanydesk/comments/w1s5k7/closeted_crossdressing_strag_cuck_looking_for/

Jump in the discussion.

No email address required.

:#marseyxd:

![](/images/16583681779603522.webp)

Jump in the discussion.

No email address required.

ty champ, not as bad as it sounded

Jump in the discussion.

No email address required.

What? No.

My windows support guy made me install it so he can fix my virus and I had to pay him in amazon gift cards.

Jump in the discussion.

No email address required.

Splashtopchads stay winning

Jump in the discussion.

No email address required.

Oh, go crawl back into DeuxRAMA, or GoldandBlack, or whatever other gross anarchocapitalist incel spawnpit you originally crawled out of. Mammals are talking here, Pepe.

Snapshots:

https://news.ycombinator.com/item?id=32163940:

https://github.com/rustdesk/rustdesk:

Jump in the discussion.

No email address required.

Reported by:

Hat

Jump in the discussion.

No email address required.

Link copied to clipboard
Action successful!
Error, please refresh the page and try again.