I'm curious about how TOR protects users from being fingerprinted, especially since one of the reasons we can be easily identified on Linux is because of unique fonts. Can websites track us using "invisible" traits like the fonts we have installed when we're using TOR?
4 Answers
If someone really wants to track you and has the resources, it can be quite difficult to stay hidden. There have been cases where authorities managed to unmask TOR users despite its protections, especially in serious cases involving illegal activities. Connecting online always leaves some traces, no matter the method.
When we talk about TOR, we need to clarify if we mean the web browser or the Tails OS. Fonts aren't the major issue for fingerprinting; it's more about your behavior—what you type and where you go that creates a profile of you.
Fingerprinting using invisible metrics isn't really something TOR deals with directly. It's more focused on stopping people from knowing which servers you're connecting to rather than preventing detailed tracking like fingerprinting.
TOR primarily aims to anonymize traffic between users and servers, rather than focus on protecting against fingerprinting directly. While the TOR browser might have features to minimize it, defeating fingerprinting is largely outside its main mission.

I found that I have a unique fingerprint based on my fonts when testing with EFF's tool. My Firefox setup has certain fonts that make me identifiable, unlike Brave.