“True Type Fonts as a CPU?”

Scott Hamilton January 3, 2026
true-type

Image fron wikiedia: This shows the difference between bitmap fonts and TrueType fonts. Bitmap fonts are pxel based, made from a fixed grid of boxes, filled to create different letters and TrueType fonts are drawn from lines and segments following a set path making them more easily scaleable.

By Scott Hamilton

We all think about viruses living in corrupted files, like bad software patches, downloaded games, and untrustworthy websites and e-mails. One of the last places we would think to look for a virus is in a font. I came across an interesting article last week by Laurie Kirk, a researcher at Google. In the short post on LinkedIn she talks about TrueType fonts and how the fonts are actually executed by a virtual machine inside your computer’s operating system. TrueType fonts are used in every modern operating system including MacOS, Linux, Windows, and Android, and they all use the same virtual machine code to draw the fonts on the screen and during creation of printable documents.

I knew that TrueType fonts were complicated to create on your own without the use of special font creation tools, but I never realized how complex they were until digging a little deeper. The TrueType font engine was developed by Apple in the late 1980s to compete with Adobe’s Type 1 postscript fonts. As part of this new type of font engine Apple developed an entire instruction set for drawing the fonts. So where we see a simple character being displayed on the screen, behind the scenes is a fairly complex software architecture.

The TrueType font instruction set, which is the list of commands the font engine understands, looks surprisingly like the instruction set for a simple computer processor. It has a set of 122 base instructions. While the base instruction set for most modern CPUs consist of only 81 distinct instructions, newer variants offer over 6,000. This means that programming the TrueType font engine like a CPU is possible, but probably not as easy as programming a computer CPU. In fact the binary structure of TrueType Fonts is very similar to the MacIntosh Mach-O executable files used in the same time period.

That leads to some additional questions as to what you can actually do with a TrueType Font file. As it turns out, there have been quite a few Windows system attacks that came in through the font engine. The only real limitation to thinking about the TrueType Font engine as a CPU is the fact that the engine is memory bound, which basically means it can only access a limited section of the main memory of the computer. It does not have access to things like your harddrive, usb drive, or any other devices attached to your computer, but it can read information loaded into your computer memory.

There is an experimental Pokemon game called Fontemon, which is a Pokemon-style game packaged as a TrueType Font. This clearly shows that nearly any kind of software can be written as a TrueType Font file, which makes me wonder how you can protect your computer if a hacker were to decide to utilize this knowledge. At this point, there have only been a few attacks based on the font engine, but there are actually several pieces of, for lack of a better term, software-fonts.

I really think that my absolute favorite, as it shows the real power of the font engine, is the llama.ttf, which is a 60MB font file. Llama runs an Artificial Intelligence model that generates stories. The Llama font seems like a completely normal font, until you see multiple exclamation points and then it starts generating the text of a randomly generated story.

Hackaday has a complete article about Fontemon created by Michael Mulet, which as mentioned above is a complete Pokemon-style game written entirely in a font file. This allows it to be played within any program capable of displaying fonts, for example, NotePad, which is the free text editor that comes with all Windows computers. The entire game can be played to the finish in about 20 minutes, but there are different paths through the game that can make it last much longer.

If you are interested in doing some “fun” software development projects, you can read the full TrueType Instruction set at https://developer.apple.com/fonts/TrueType-Reference-Manual/RM05/Chap5.html and if you have a good understanding of machine language and reading language specifications, you can write your own TrueType Font software. An interesting thing to do might be to rewrite the auto-correct code as a font file, so your font fixes your typos, or if you are like me, it creates typos for you. Until next week, stay safe and learn something new.

Scott Hamilton is an Expert in Emerging Technologies at ATOS and can be reached with questions and comments via email to shamilton@techshepherd.org or through his website at https://www.techshepherd.org.

More Stories

smarttv

“Cyberattacks on the rise”

Scott Hamilton January 18, 2026 0
USS_Constitution_fires_a_17-gun_salute

“Old Ironsides”

Scott Hamilton January 7, 2026
GPS-III-A

“How GPS Works”

Scott Hamilton December 17, 2025

You may have missed

image

Lesson 1: Principles of System Design

Scott Hamilton January 19, 2026 0
smarttv

“Cyberattacks on the rise”

Scott Hamilton January 18, 2026 0
Screenshot_2025-11-08_22-55-48

IT vs. Computer Science: A Practical Way to Pick Your Path (and Start)

Teresa Greenhill January 18, 2026 0
USS_Constitution_fires_a_17-gun_salute

“Iron Wood?”

Scott Hamilton January 12, 2026 0
USS_Constitution_fires_a_17-gun_salute

“Old Ironsides”

Scott Hamilton January 7, 2026
Share via
Facebook
X (Twitter)
LinkedIn
Mix
Email
Print
Copy Link
Powered by Social Snap
Copy link
CopyCopied
Powered by Social Snap