Share

Your Fonts Can Run Doom

By Danny April 7, 2026
TrueType fonts contain a Turing-complete virtual machine that has been exploited to run everything from Doom to large language models, and your system has hundreds of these arbitrary code execution environments installed right now.
Your Fonts Can Run Doom

There’s a category of information I think of as cursed knowledge. Facts that make your day measurably worse just by learning them. You can’t unlearn them. You just carry them now.

Here’s one: TrueType fonts have a virtual machine inside them. A real one. With an instruction set, a stack, and the ability to execute arbitrary code.

I know. I’m sorry.

If your first reaction is “that can’t be right,” I get it. Mine was too. Then I saw someone run Doom inside a font.

https://4rh1t3ct0r7.github.io/ttf-doom/

That’s Doom. In a TTF file. Rendered through the font engine on your machine.

Now, you might be thinking: “Sure Danny, but that probably needs JavaScript to handle character positioning and input. The font isn’t really doing the work.” Fair point. Reasonable objection.

So here’s Fontemon, a legally distinct Pokemon-like game, running entirely inside a font file. You can download it and play it in… Vim or something, but I guess any text field works. You don’t need a browser or javascript, all you need is your operating system’s font renderer doing things font renderers were never meant to do.

https://www.coderelay.io/fontemon.html

At this point you might be reaching for a justification. “OK but this isn’t really a virtual machine. Fonts need to support complex scripts, right? Arabic, Devanagari, CJK layouts. It makes sense that there’s some programmability in there for handling all the world’s writing systems.”

And yeah, I don’t speak every language. But I’m fairly confident that no human writing system requires the computational power to run a large language model.

Because someone did that too.

https://fuglede.github.io/llama.ttf/

That’s llama.cpp, the inference engine behind a lot of local LLM setups, compiled to run inside the TrueType instruction set. An AI model running inside a font. The text is generating itself.

Your system has hundreds of these files installed right now. You load them when you open a PDF, visit a website, read a document. Each one contains a Turing-complete execution environment. Font rendering is, by specification, arbitrary code execution.

There is no patch for this. It’s not a bug. It’s the spec. It’s been the spec since 1994.

You now know this, and you will never look at a .ttf file the same way again.

Now ask yourself how carefully you’ve vetted the fonts you’ve installed.

Welcome to cursed knowledge.

#cursed knowledge #fonts #virtual machine #ttf #large language model #llm #vibing
No comments yet.

Related articles

by The Synthetic Mind

April 4 2026

The LLM Pricing War: Why AI API Costs Will Drop 90% by 2027 (And Who Gets Crushed)

API costs have dropped 400x since GPT-3, but the real price collapse hasn't started. Open source parity, inference optimization, custom silicon, and fierce competition will compress costs another 90% by 2027. Here's who wins, who loses, and what builders should do.

by The Synthetic Mind

April 4 2026

The AI Infrastructure Tax: Why Your AI Bill Is About to 10x (And What to Do About It)

A deep dive into the hidden, compounding costs of AI infrastructure — from vector databases to eval pipelines — and five strategies to keep your AI bill from eating your margin alive.

by ContextVM

March 17 2026
Cover image for Become Discoverable — The ContextVM World #4

Become Discoverable — The ContextVM World #4

In today's update we cover CEP-17, the latest specification change to the CVM protocol. This change allows MCP servers to announce the relays for establishing connections, making it easier to be discovered by clients. New CVMI capabilities, and other news from the ecosystem