this post was submitted on 08 Aug 2024
3 points (100.0% liked)
Firefox
17937 readers
42 users here now
A place to discuss the news and latest developments on the open-source browser Firefox
founded 4 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Everyone’s up in arms about a literal anonymous counter, but the other option is the current “spy on everything you do”
How is Mozilla getting flak for this outside of a few hardcore nerds that are welcome to use chrome if they so desire…
And I say that as a huge privacy advocate. In the local tin foil hat “privacy matters” nerd and I honestly don’t see the problem.
And quite frankly anyone that’s said it’s a problem has only been able to come up with “it shouldn’t help them count your views “ which is ridiculous, because it’s very anonymous.
Sooo …. Help me out here, what’s the issue?
"The other option," like there's only one. Like you can't imagine anything else.
Until Mozilla got directly involved, other option was, fuck off.
"Why don't you just move to another country if you don't like it here?"
"I say this as a true patriot."
There's your issue.
Their argument was not that it's good because people can use Chrome - the remark about Chrome was a sarcastic side note that is not needed to support the argument that it's not clear what the issue is with an anonymous counter.
My issue was with that type of sarcasm, which is why I responded with a similarly dismissive sarcastic remark.
Dismissing people's complaints by saying "you can go use something else/move someplace else" is unhelpful and used to negate their complaints without ever having to address their source.
I doubt many people see an anonymous counter as a huge problem itself, I don't. The point is that this is a first step in a direction we don't want to see the software go. If you don't push back against these things from the moment they show up, they will continue to slowly inch in that direction until you end up in a nightmare like Chrome or Edge.
It isn't anonymous, it's slightly obscured.
They use ohttp ( a proxy ) run buy a "partner" they control to do the obscuring.
That should be part of people's informed threat modeling. Having a tattle tale in the browser reporting web activity to a third party is a big deal.
From what I've seen PPA doesn't depend on OHTTP to do the obscuring. This page mentioned Distributed Aggregation Protocol and differential privacy, that are meant to ensure that it is literally impossible for any one party to see your data. Not just "obscured", but impossible to access.
But be sure to let us know what data about us a partner could theoretically view, and how, if you disagree.
https://datatracker.ietf.org/doc/html/draft-ietf-ppm-dap#name-security-considerations
https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-vdaf-08#name-security-considerations
Clearly not impossible even according to the standards authors.
I see only two data leak risks mentioned:
The first doesn't need PPA. As for the second, Firefox can already conspire to compromise your privacy, if you're using it.
I'm still looking for some concise documentation about exactly what Firefox sends, and if I could, I would love to intercept that data so that I can send it myself at a later time, with extra details