fsebugoutzone.org:9999

       Post 9hlEAdtk541PJrnu40 by kellerfuchs@vulpine.club
 (DIR) More posts by kellerfuchs@vulpine.club
 (DIR) Post #9hl7jXl0CmZwjJPX72 by lanodan@queer.hacktivis.me
       2019-04-13T08:30:55.457337Z
       
       0 likes, 0 repeats
       
       Link Click Analytics and Privacyhttps://webkit.org/blog/8821/link-click-analytics-and-privacy/
       
 (DIR) Post #9hl7yPwZXNfaqBun9U by lanodan@queer.hacktivis.me
       2019-04-13T08:33:36.250882Z
       
       0 likes, 0 repeats
       
       Also, I do not really agree with their point of view on ping/beacon so I guess I’ll try writing a blog post about it.
       
 (DIR) Post #9hl8CJ3lvc1JXquCPY by lanodan@queer.hacktivis.me
       2019-04-13T08:36:07.327642Z
       
       0 likes, 0 repeats
       
       TL;DR: With beacon/ping you can throw the networking part to /dev/null and lie about supporting them so they do not try something like XHR instead.
       
 (DIR) Post #9hlB9pHJz3T0SkkgC0 by kellerfuchs@vulpine.club
       2019-04-13T08:44:04Z
       
       0 likes, 0 repeats
       
       @lanodan Bleh, the post is also off-puttingly self-congratulatory.&gt; WebKit always strives for privacy by default. [...] To the best of our knowledge, no other browser on the market offers similar protections.Eeeh, no?  Firefox worked with Tor to develop first-party isolation (basically, if you are browsing on randowebsite.com, anything loaded in there (including third-party JS, cookies and such) uses a separate browser state from anyotherweb.site.That subsumes all the tracking protection mentionned in the paragraph I elided  😹
       
 (DIR) Post #9hlB9pRFO9PGxXObfE by lanodan@queer.hacktivis.me
       2019-04-13T09:09:17.027287Z
       
       0 likes, 0 repeats
       
       @kellerfuchs The protection of firefox is done in completely a different way tho.And yeah, webkit does that from time to time but check Mozilla blog and you get litterally the same thing.The only time I see Mozilla actually mentionning another browser is either to pull them down (“more performance than chrome”) or because of a join mouvement (for example: when removing the fallbacks to TLSv1.1 and lower).
       
 (DIR) Post #9hlChbddItZNxUrLN2 by kellerfuchs@vulpine.club
       2019-04-13T09:17:51Z
       
       0 likes, 0 repeats
       
       @lanodan Yeah, of course, but “no other browser offers similar protection” crosses the line from unsubtle-communication to outright lies.I guess part of why I found it so irksome is because I really would like to see FPI adopted by all major browsers, because it&#39;s simple-ish (much more so than detecting bounce trackers) and addresses privacy issues in much more systematically.(You can tweak a tracker until “Intelligent Tracking Protection” classifies it as not-a-tracker; you can&#39;t bypass FPI in that sense, because it applies to all ressources.)And it&#39;s kind of a pity &#39;cause the rest of the article is pretty interesting and informative.Also, yay for more privacy by default, regardless of vendor or implementation  :3
       
 (DIR) Post #9hlChbqkW83scAzooa by lanodan@queer.hacktivis.me
       2019-04-13T09:26:35.676030Z
       
       0 likes, 0 repeats
       
       @kellerfuchs Well, their Intelligent Tracking Protection thing from what I remember mainly works like Privacy Badger, which is only an addon on Firefox/Chromium and is something that works much better than a list (like disconnect.me being built into firefox).And yeah it is not perfect, the way I do it in Badwolf (my webkitgtk browser) is that each “new tab” does a new branch that is independant from the rest but if you open a link in a tab it is related and ITP is then the stuff there to protect against tracking (content-blocking coming soon).The only thing where WebKit should actually praise themselves here is with Content-Blocking that is built into the engine so you just have to give it a JSON policy, which also means that it will likely not be removed and will be tested and stable, something you cannot really get with Firefox/Chrome as they are extensions.
       
 (DIR) Post #9hlEAdtk541PJrnu40 by kellerfuchs@vulpine.club
       2019-04-13T09:39:50Z
       
       0 likes, 0 repeats
       
       @lanodan Yeah, I&#39;ve been seriously considering extending a bit the CSP API in Firefox so extensions could use it for efficient (and safer) content blocking.
       
 (DIR) Post #9hlEAeJGYAREb1kHqa by lanodan@queer.hacktivis.me
       2019-04-13T09:43:02.336901Z
       
       0 likes, 0 repeats
       
       @kellerfuchs Well, this could be a way but CSP doesn’t block much, it can get a bit of stuff away but for example you can’t filter by URLs.