TeamViewer installs font for web fingerprinting

TeamViewer installs an ominous font on Windows users that enables web fingerprinting, phishing and scams.

Why does TeamViewer install one almost illegible and not really usable font? Norwegian software developer Daniel Aleksandersen took a closer look at the ominous font and its purpose. In his opinion, this font serves only one purpose. Web fingerprinting.

TeamViewer font: a rather unique and mostly illegible design

TeamViewer AG, headquartered in Göppingen, Germany cannot complain about a lack of sales. Since its inception 2005, the software is said to have been installed on more than 2.5 billion devices worldwide.

TeamViewer-Schriftart
TeamViewer font

But why does the world’s most popular remote desktop program install a font on our computers that it never uses itself? What’s more, the characters included in the font have a rather unique and mostly illegible design (see image). TeamViewer itself does not use this font. It doesn’t seem to have any special function. Or does it?

Web pages can recognize the fonts installed on our computer

As far as software developer Daniel Aleksandersen is concerned, this TeamViewer font has only one special purpose. It is intended to enable websites to recognize TeamViewer users.

The odd and almost illegible proportions of the TeamViewer font are appropriate good for creating fingerprints. I believe that is its real purpose.

There is no other use for installing a unique, non-general purpose font like this with your software other than to enable browser-based fingerprinting.

Daniel Aleksandersen

Why is the font only installed on Windows machines?

The remote desktop program does not ship this unique font in its Mac and Linux versions. The ominous font is apparently only installed together with the Windows version.

This information is also the reason why I am convinced that the font in the TeamViewer client software does not have a purpose accomplished. Why is it required for Windows but not for the other supported platforms?

Daniel Aleksandersen

Aleksandersen asked the company from Göppingen for clarification, but so far has TeamViewer has not yet commented on the allegations. And an explanation would probably be more than appropriate. After all, it is certainly not just some senseless “gimmick”.

TeamViewer font: increased risk of phishing and Scam

According to Daniel Aleksandersen, the font even increases the risk of phishing and scams that could specifically target TeamViewer customers.

It tells every website we visit whether you are a TeamViewer customer. This could allow for more targeted social engineering attacks based on knowing whether the software is installed or not.

There is no reason to waste time with a support scam that asks the victim to install a remote access tool if they already have one installed.

Daniel Aleksandersen

Aleksandersen also sees a possible legitimate use of this font:

TeamViewer may verify the presence of the font (and therefore whether you have the software installed) when you follow a special link to invite a screen share.

The links are then used to invite others to connect to your computer.

Aleksandersen

But why only at Windows users? And why expose users to this unnecessary risk? Is this font used to allow partner ad networks to better target TeamViewer customers and non-customers with customized advertising messages?

If so, that would certainly not be a very smart move by a company, whose software has been installed more than 2.5 billion times.

Tarnkappe.info

Related Articles

Back to top button