[HN Gopher] Private Browsing 2.0
___________________________________________________________________
Private Browsing 2.0
Author : frizlab
Score : 150 points
Date : 2024-07-16 16:23 UTC (6 hours ago)
(HTM) web link (webkit.org)
(TXT) w3m dump (webkit.org)
| ranger_danger wrote:
| > Safari also brings a version of Web AdAttributionKit to Private
| Browsing
|
| This is like a bad dream.
| doublerabbit wrote:
| And this is like an executives wet dream.
| 12_throw_away wrote:
| Yeah that part stuck out to me too. Sigh. What if my browser
| just did _nothing at all_ to help advertisers, because it 's
| _my_ browser running on _my_ hardware? Even if it _is_ totally
| privacy-preserving and completely transparent, why would my
| browser spend _my_ processor cycles, network bandwidth, and
| electricity for the benefit of someone else 's for-profit
| business?
|
| Really, just ... what if the software on my computer tried its
| best to do exactly what I asked it to do, and was not concerned
| with anyone else's problems?
|
| Anyway, here are the AdAtributionKit docs:
|
| - Technical / API:
| https://developer.apple.com/documentation/adattributionkit
|
| - High-level: https://developer.apple.com/app-store/ad-
| attribution/
| dingnuts wrote:
| > What if my browser just did nothing at all to help
| advertisers, because it's my browser running on my hardware?
|
| then you'd likely need to pay a license fee so that the
| browser isn't getting its money from ads, or the browser
| isn't yours at all. Free browsers literally belong to the
| advertisers because they are paying the bills, so it
| shouldn't be surprising that the real owners use them for
| that purpose
|
| THAT IS THEIR MAIN PURPOSE
|
| everything else is bait to get you to use the browser,
| including the price tag!
|
| Kagi has recognized the problem -- their browser is the first
| one that may not suffer this problem, since you have to pay
| to use Kagi it's possible this might realign incentives to
| solve the problem
|
| But you should not be shocked to discover this problem in the
| rest of the browsers.
|
| Showing you ads is the entire reason they exist.
| yjftsjthsd-h wrote:
| > then you'd likely need to pay a license fee so that the
| browser isn't getting its money from ads, or the browser
| isn't yours at all.
|
| It's Safari. You pay a _lot_ of money for a machine and its
| bundled software, which includes this.
| bangaladore wrote:
| Then sell me the hardware at cost. They won't ever do that.
| Let's not kid ourselves.
| tomjen3 wrote:
| I buy Apple products. Believe me, I pay the full cost of
| those - but even if I didn't there are free browsers like
| Firefox and they are also playing with this.
| drdaeman wrote:
| > because it's my browser running on my hardware?
|
| It's Apple's browser on Apple's hardware (physical ownership
| doesn't mean anything nowadays, since you don't have any
| control anyway, unless legislative brings it back).
|
| When they say "your {iPhone,device,computer,music,...}" it's
| an outright marketing lie.
| lostlogin wrote:
| You might be correct soon, but not quite yet. There are
| some positive things going on and the recent news about the
| EU, Apple and virtualisation is one example.
| dash2 wrote:
| > why would my browser spend my processor cycles, network
| bandwidth, and electricity for the benefit of someone else's
| for-profit business?
|
| I think a reasonable answer is that you are using their
| website for your own purposes; that running a website has
| costs; and that many businesses choose to fund those costs by
| advertising. If you don't want to be advertised to, I would
| suggest paying a fee to use ad-free services.
| throwawa14223 wrote:
| I wonder if it'd be possible to poison. If I have to send
| clicks I need to also send enough clicks to make it not
| worthwhile.
| klauserc wrote:
| They present this like a smart solution for some sort of
| fundamental problem. It's really not a fundamental problem.
| Advertisement has worked and still works perfectly fine without
| attribution in TV, in magazines, on billboards.
|
| Adtech gaslights everyone into accepting that just because it
| is technically possible to perfectly track and personalize ads
| in digital media, that they have some sort of moral right to do
| it.
| nashashmi wrote:
| > Block known trackers
|
| Is this a cat and mouse game?
|
| > Fingerprinting
|
| Does this prevent Google's cookieless tracking technology?
| sumtechguy wrote:
| > Is this a cat and mouse game?
|
| In many ways it is. When I first started blocking using pac
| files. It was painfully obvious that samesite advertising is
| the harder thing to block. Luckily for the blockers most
| companies have been lazy about adverts and put them in known
| locations. Which works just as well for whole site blocking
| (known trackers). However, once the adverts are blended into
| the real data it becomes much harder. Such as what youtube is
| experimenting with (putting adverts right in the same data
| stream remuxed). As long as the adverts follow known patterns
| blocking works fairly easily. The next 'arms' race will be AI
| detection and block. It will only be a matter of time until
| someone comes up with a plugin that does exactly that.
|
| > Does this prevent Google's cookieless tracking technology?
|
| To a point. But you do not need much data to fingerprint. Think
| it is something like 12-13 bits plus your IP even with a VPN.
| timeon wrote:
| > Think it is something like 12-13 bits plus your IP even
| with a VPN.
|
| Is that legal under GDPR?
| SSLy wrote:
| No, but the enforcement has been fairly toothless.
| Hopefully same team that designed DMA will make a stronger
| variant of GDPR.
| ezfe wrote:
| Google's cookie less tracking stuff is mostly in Chrome
| yupyupyups wrote:
| > Proxying unencrypted HTTP. Any unencrypted HTTP resources
| loaded in Private Browsing will use the same multi-hop proxy
| network used to hide IP addresses from trackers. This ensures
| that attackers in the local network cannot see or modify the
| content of Private Browsing traffic.
|
| No thanks, Apple!
|
| I trust my ISP more than you. Multi-hop wont matter if all nodes
| are managed by you.
| piperswe wrote:
| iCloud Private Relay uses one hop through Apple infrastructure,
| and one hop through third-party infrastructure. So, one node is
| managed by Apple and the other is managed by
| Cloudflare/Akamai/Fastly. The Apple node knows where the
| request comes from but not the contents, while the
| CF/Akamai/Fastly node knows the contents but not the source.
| yupyupyups wrote:
| This works as long as there is no one combining the
| information together, like Apple together with Cloudflare, or
| the US government. This is a concern, since both are under
| the same jurestiction and are bussiness partners.
|
| Contrast this model with Tor where you have 3 hops that are
| selected in such a way that there is a lower probability that
| logs from the node operators will be combined. If two nodes,
| let's say node 1 and 3 are coorporating, then the best that
| they can do is a correlation attack or other probabalistic
| methods.
|
| If two nodes (all of them) in WebKit are adverserial, then
| the content is linked back to your IP address with 100%
| probability.
| Arnavion wrote:
| To be clear, the only advantage of Tor wrt correlation is
| that it uses more hops, not anything related to how those
| hops are selected, right?
| fragmede wrote:
| How paranoid are you? If I were the US government and
| wanted a leg up on Internet meta data of people looking
| to avoid surveillance, I'd run a shitton of Tor exit
| nodes and log IP information on the off chance something
| useful comes of it.
| bangaladore wrote:
| Afaik, all that gives you is the person running the exit
| node (and where the request is going) and nothing about
| the person who initiated the request N-hops ago.
| radicaldreamer wrote:
| A large set of exit and relay nodes are being run out of
| Germany, presumably by some state actor, so it's likely
| at least a subset of traffic is being unmasked by a state
| actor.
|
| I'm sure some of this info has been passed on and then
| parallel construction used to obfuscate the initial
| source of the data.
| devmor wrote:
| Isn't that exactly what they do?
| chatmasta wrote:
| Tor and Private Relay are both vulnerable to traffic
| analysis by a global adversary, which is what OP is
| complaining about here (if Apple and Cloudflare collude
| or are compelled to share data). Basically, if you can
| see the traffic going in/out of all the nodes (even just
| the amount of it), then you can deanonymize individual
| streams of data. Tor explicitly does not defend against
| this threat.
| Arnavion wrote:
| Yes I know. My point was that yupyupyups said:
|
| >Contrast this model with Tor where you have 3 hops that
| are selected in such a way that there is a lower
| probability that logs from the node operators will be
| combined
|
| "selected in such a way" sounded like there is something
| in Tor that actively works against a situation where the
| hops are owned by the same operator, but AFAIK there
| isn't such a thing. Hence my request for confirmation
| that the only thing Tor does better than the
| Apple+Cloudflare situation here is that it has more than
| two hops so that it increases the number of colluders
| needed for correlation.
| chatmasta wrote:
| Yeah, all true. In fact Tor explicitly forgoes any
| mitigation against a global passive adversary - it's
| designed to accept that risk.
|
| Another thing Tor does better is that it creates circuits
| with nodes spanning multiple jurisdictions, whereas
| Private Relay circuits are confined to one jurisdiction
| (and worse, to your current one).
|
| > actively works against a situation where the hops are
| owned by the same operator, but AFAIK there isn't such a
| thing
|
| Right, there is nothing Tor can do to _guarantee_ this,
| but it does take some best-effort measures like
| maximizing diversity of AS providers (you won't get a
| circuit of three nodes with the same AS number). Of
| course this is meaningless in a world where anyone can
| purchase servers from anywhere. There is a lot of
| research on this attack vector against Tor (and p2p
| networks in general) - the relevant search term is "Sybil
| resistance."
|
| Btw - just to add some detail to the discussion, this
| blog post from Cloudflare is a good introduction to
| Private Relay: https://blog.cloudflare.com/icloud-
| private-relay
| radicaldreamer wrote:
| How is this less secure than just using your ISP with no
| hops though? How do you evaluate "trust" in this situation?
|
| What if your ISP is working with the local cops or US
| government directly?
| kvdveer wrote:
| You are assuming a US ISP. That's only true for a
| minority of internet users.
|
| Trusting local parties of US parties is not a strange
| thought, especially since I can influence their
| supervision with my vote. Also, it seems plausible that
| the US is headed into dictatorship or civil war in the
| near future. Nether scenario helps me trust the US
| jurisdiction.
| radicaldreamer wrote:
| If you're outside the US, I'd be even more concerned
| about the US completely compromising your networks. It's
| well known the NSA is tapping backbones, DNS, and
| exchanges around the world
| Asooka wrote:
| > This works as long as there is no one combining the
| information together, like Apple together with Cloudflare,
| or the US government.
|
| If that is your threat model, you need something a lot
| stronger than Private Browsing, whose purpose begins and
| ends with "I do not want other people to know what porn
| sites I visit". Tor is a good start.
| chatmasta wrote:
| Tor is vulnerable to the same threat of a global passive
| observer. But at least you can mitigate against it by
| ensuring the nodes are in separate jurisdictions.
| Aachen wrote:
| > If that is your threat model, you need something a lot
| stronger than Private Browsing
|
| You mean like an ISP that isn't in (and doesn't
| unnecessarily route through) the USA?
| yupyupyups wrote:
| @radicaldreamer, I don't live in the US, same goes with a
| large number of Apple's customers.
|
| A user's residential IP address is in many cases almost
| static, and doesn't change that often. If you use the same
| residential IP for other services from Apple, or sites that
| are protected by Cloudflare's MITM DDOS protection, the
| content of the HTTP site can be linked back to you with a
| high probability through your IP address, and possibly in
| combination with other metadata such as the user-agent, or
| other headers.
| avianlyric wrote:
| So how exactly is using unencrypted HTTP better? Which
| was your original claim.
| yupyupyups wrote:
| The probability that a user's identity would be linked up
| with browsing HTTP sites and an attempt to use that in an
| adverserial manner is higher when it's Apple than when
| using my ISP.
|
| Of course, you may think differently regarding your ISP,
| but that's for each one of us to decide about our own
| service providers.
| radicaldreamer wrote:
| I don't understand, why is using 10 sites with a
| cloudflare layer linking directly to your static home IP
| less likely to identify you across those sites than a
| double hop via apple's servers where the sites (and
| cloudflare) don't know which sites are being visited by
| which end user static ip?
| yupyupyups wrote:
| Browsing an HTTP site that would otherwise have nothing
| to do with Cloudflare could end up becoming associated
| with you. That can happen if the data that CF has is
| matched with the data at Apple, either by Apple and CF
| themselves or the US government.
|
| The sites that already are MITM'd by Cloudflare are a
| different story. Cloudflare is going to know what IP
| address visited them at what time, and if you login with
| your personal email address, or if your personal phone
| number is shown in your account settings, then your
| identity is linked with some probability to that IP
| address+time.
|
| If you then browse a non-CF HTTP site, using Apple's
| proposed proxy, there would be the risk that your
| identity+IP address that CF knows become associated with
| using the HTTP site as well.
|
| If you don't use Apple's proxy at all, you connecting to
| a non-CF HTTP site would only be known by your ISP.
| avianlyric wrote:
| Apple own the browser, if they want to link up your
| identity with your browsing habits, they can just have
| Safari phone home all the data.
|
| There's no need for this ridiculous game of charades with
| private relay. Why on earth would Apple bother spending
| so much money setting up this infrastructure to spy on a
| browser they own, running on an OS they also own. It
| would be like arguing that your bank is secretly in
| cahoots with shops to spy on your transaction history,
| because of some reason they can't do the obvious thing of
| just spying on your transaction history, which they
| already have by virtue of being your bank.
|
| Your claim is ridiculous and doesn't stand up to even a
| modicum of scrutiny. Unless you know of reason for
| believing that Apple is secretly spy on their customers,
| but only doing in the most convoluted way possible?
| yupyupyups wrote:
| >Your claim is ridiculous and doesn't stand up to even a
| modicum of scrutiny. Unless you know of reason for
| believing that Apple is secretly spy on their customers,
| but only doing in the most convoluted way possible?
|
| Even if it doesn't happen today, there is a realistic,
| technical possibility that the data flow could be
| exploited tomorrow. If the infrastructure is already
| there, and future incentives are found, what prevents the
| infrastructure from being exploited in the backend?
|
| It is an easely exploitable system, and that's worth
| discussing and be conserned about.
|
| But still, you bring up a good point. This is relatively
| convoluted to other ways Apple could harvest data if they
| wanted to. In fact, they already are harvesting much more
| data than unencrypted HTTP content by pushing iCloud onto
| its users.
|
| Even if this was an attampt by Apple to gain good will,
| it has serious flaws, and Apple isn't generally a
| trustworthy company, and the jurestiction it operates
| under is not trustworthy either.
|
| This feature is being sold as a strong privacy tool, and
| it's beneficial to discuss its flaws in isolation.
| avianlyric wrote:
| Apple only control half the nodes, the other half is controlled
| by cloudflare.
|
| Every request goes via an Apple node first, then is sent to a
| 3rd party node for final routing. That way neither Apple nor
| the 3rd party have a complete picture of where a request came
| from, or where it went.
|
| Not entirely sure why you would trust a random ISP, and
| everyone else involved in routing that connection, more than
| Apple. Last I checked most ISP don't have the tightest privacy
| policies, or even the best data handling practices. Apple
| stands to loose millions if they slip up on their privacy
| promises. Most ISP wouldn't even bother telling you if they
| accidentally misplaced your personal details.
|
| https://blog.cloudflare.com/icloud-private-relay/
| afavour wrote:
| Congratulations on trusting your ISP, you are in the minority.
| yupyupyups wrote:
| I wouldn't say that I trust my ISP. I'm saying that to me,
| they are more trustworthy than Apple.
| afavour wrote:
| Pretty sure my statement still applies there too!
| lostlogin wrote:
| You must have a good ISP.
|
| I've got one too, it's taken me 25 years to find.
|
| https://voyager.nz/
| yupyupyups wrote:
| They're pretty okay actually, they are not trigger happy
| when dealing with copyright infringment claims.
|
| And no NAT!
| jbverschoor wrote:
| Really... in Europe, all ISPs and phone companies were
| required to keep a log of traffic and location (for example
| email addresses source/dest up). This was until 2015 but
| I'm sure some still do
| yupyupyups wrote:
| My ISP is required to save logs as far as I'm aware, and
| I think that's bad, don't get me wrong. I still trust
| Apple and Cloudflare less, because I believe that data in
| their hands is more likely to end up being used in an
| adverserial manner. This is my opinion.
| Aachen wrote:
| s/the minority/a different country/
|
| See also Mozilla turning on routing DNS traffic to Cloudflare
| by default because that's the level of trust this American
| organisation has in their ISPs, but after concerns raised in
| other countries they decided to turn it off by default at
| least where I'm from in western Europe (not sure about the
| rest of the world)
| kylehotchkiss wrote:
| This is one of iCloud's best features. I'm almost always
| protected by something like a VPN but that Cloudflare has been
| programmed to trust so I don't see recaptchas all day. AT&T
| just helpfully leaked their call records database which serves
| as a data point against trusting ISP more than Apple &
| Cloudflare. If anything, I want Private Relay running for every
| application on my phone
| lapcat wrote:
| Advanced tracking and fingerprinting protection breaks Safari
| extensions: https://lapcatsoftware.com/articles/2024/6/5.html
| eproxus wrote:
| It's very odd that Safari treats extension scripts as third-
| party, especially when they have been given permission to
| access all websites and data (sound like a bug almost?).
|
| I use and love StopTheMadness Pro. Do you know if it breaks the
| whole extension or only some parts of it? If so, which ones? (I
| don't use the copy URL shortcut for example).
| lapcat wrote:
| > sound like a bug almost?
|
| Yes, I assume it's a bug.
|
| > I use and love StopTheMadness Pro.
|
| Thanks!
|
| > Do you know if it breaks the whole extension or only some
| parts of it? If so, which ones?
|
| Not the whole extension, no, only the parts that depend
| specifically on the URL query.
| gigatexal wrote:
| How does the YouTube ads skip feature work? How does it
| know?
| Vinnl wrote:
| Pretty off-topic, but:
|
| > When we invented Private Browsing back in 2005, our aim was to
| provide users with an easy way to keep their browsing private
| from anyone who shared the same device.
|
| I wonder if anyone actually involved 19 years ago was also
| involved in writing this piece, or if it just sounded reasonable
| to whoever drafted it up.
| nequo wrote:
| I gather this sentence sounds unreasonable to you. Why? Were
| they not the first to ship private browsing mode?
| Vinnl wrote:
| Oh no, I didn't mean at all to say it was unreasonable. I
| meant that the paragraph claims to know what the aim was when
| introducing the feature, so I wondered if they actually knew
| that, or just guessed that that was the aim (because it
| sounds reasonable that it was).
| nequo wrote:
| Clearly I misunderstood you. Thanks for clarifying it!
| callalex wrote:
| Apple has a corporate writing/speech style guide that they
| adhere to religiously. Anything done by anyone in the company
| present or past is always "we". Notice how all their keynotes
| and product press releases almost always include the sentence
| "we think you're gonna love it"?
| Vinnl wrote:
| Sorry, I was mostly referring to the fact that they claim to
| know what the aim was when introducing the feature, even
| though they might not have been there. Pure curiosity.
| javawizard wrote:
| It's stylistically typical in English for someone writing
| on behalf of an organization to use "we" to refer to the
| organization in its entirety, not to the individual or
| individuals doing the writing - so in something such as
| this, "we" is indeed appropriate as Apple the company
| definitely was there when they released Private Browsing
| back in 2005.
| pests wrote:
| Which was the question the original comment was about -
| even though they used "we" to refer to Apple, were the
| actual writer(s) around back then?
|
| It's an interesting question to me because their tone is
| speaking from experience but is it the authors experience
| or Apple?
|
| I care a lot more if it's the actual author, a human,
| over Apple, a brainless corporation.
| Vinnl wrote:
| And _if_ it 's Apple's experience, how did the writer
| know? Does Apple have that strong of an institutional
| memory, or were they just assuming?
| Aachen wrote:
| I wasn't involved in the internal discussion 19 years ago, but
| definitely remember the feature being considered to be for the
| purpose you cited. I also remember telling classmates that you
| can use it for logging in to two accounts at the same time on
| the site we were developing to have an easier time demoing it
| to the teachers, and getting jokes about "gee you're awfully
| familiar with the private browsing feature", from which I'd say
| it was (1) news to people that it also worked the other way
| around (website doesn't recognise you) because it was worth
| bringing up, and (2) people demonstrated knowing it's for not
| leaving the browser history full of NSFW content--and buying
| gifts for your partner or parent, of course
| JumpCrisscross wrote:
| My most-wanted feature in Safari (and Orion) is first-party
| website-data whitelisting. I have a limited number of sites whom
| I trust to store data. Everyone else should be a _tabula rasa_
| each visit.
| horeszko wrote:
| I use the Cookie AutoDelete browser extension for this purpose,
| which besides the name handles more than just cookie data.
|
| https://addons.mozilla.org/en-US/firefox/addon/cookie-autode...
| JumpCrisscross wrote:
| Firefox has first-party whitelisting. Block all website data
| and then whitelist.
| horeszko wrote:
| Thanks for the tip! I didn't know it's built-in, I'll check
| it out.
| Dylan16807 wrote:
| Does that let cookies exist temporarily? If so, when do
| they get purged?
| ajot wrote:
| There's an option for "delete cookies and site data when
| Firefox is closed", and you can allow sites to have
| persistent cookies. Also to block them from even use
| cookies, if that's your cup of tea, but I've found it
| works great this way: sites work but I don't keep logged
| in at every site all the time - after I close the browser
| window it's an instant log out for every site.
| rsolva wrote:
| If you're willing to switch browsers, Firefox has this option
| built in. It flushes all cookies on exit, except from domains
| in the whitelist. Been using it for years!
| kccqzy wrote:
| > Staying with the 2005 definition of private mode as only being
| ephemeral, such as Chrome's Incognito Mode, simply doesn't cut it
| anymore.
|
| Yes I cannot agree more. Personally this shift in people's
| expectations of Private Browsing or Incognito Browsing came in a
| way that felt sudden. The recent lawsuit about Google tracking
| you in Incognito mode was absolutely dumbfounding to me: of
| course websites can still track you! If only people still
| remembered the origins of this feature in 2005 (or 2008 in
| Chrome's case). But even on HN the opinion was pretty split. It
| is indeed clear that it is now time to change what private
| browsing means.
|
| However, I don't think this is going to stay this way for long.
| The word "private" when it comes to computing has many varied
| definitions and it all depends on who the information is made
| private to. In the extreme case, if your threat model is privacy
| from eavesdroppers on the network or the ISP, then a browser can
| easily claim any HTTPS connection is private enough; the majority
| of browsing is already private browsing. If it is privacy from
| others using the same machine, then this older private browsing
| already works. But I cannot help but feel that a few years down
| the road people are going to consciously or subconsciously
| substitute yet another definition of privacy.
| lcnPylGDnU4H9OF wrote:
| > substitute yet another definition
|
| I'm not entirely surprised they got this "wrong" given that the
| question was, "What should we call it?" Naming things
| (correctly, "future-proof"-ly) is hard.
| Aachen wrote:
| It's also not as if smart lamps have brains, as if "we use
| cookies" is about cookies (it's about agreeing to 178 privacy
| policies using localStorage and canvas fingerprinting
| unapologetically), as if cloud computing runs in the sky
| (ironically, in said clouds, you often can't use those
| services properly), as if a home button have something to do
| with your house, and so on and so forth. But, surprise:
| private navigation mode doesn't give you a free VPN or joins
| you to an onion routing dark web or something! Why would any
| consumer expects a computer term to be _literally_ what it
| says, rather than being _like_ the real-world thing they 're
| named after
|
| Naming things may be hard, but in addition, this isn't even a
| bad name. The popular colloquial name at the time (porn
| hiding button, or maybe that was only because I was a student
| when it was introduced) could hardly be seriously used, of
| course it is called something related to not leaving traces
| on the computer you're using
| wild_pointer wrote:
| That's good progress. How do these features compare to Brave,
| which has Brave Shields and [copy clean
| link](https://github.com/brave/brave-browser/wiki/Copy-clean-
| link)?
| dash2 wrote:
| My impression is:
|
| * These guys are truly working very hard at guaranteeing privacy;
|
| * That will probably break some websites (I'm trying out the
| advanced tracking protection in normal mode, we'll see).
|
| * It will also put them on collision with Google, which is
| essentially an advertising shop with a free browser frontend.
| lern_too_spel wrote:
| From the article:
|
| > Alongside the new suite of enhanced privacy protections in
| Private Browsing, Safari also brings a version of Web
| AdAttributionKit to Private Browsing.
|
| This is worse for privacy. No other browser does this. No other
| browser even lets you opt in for this because it's so
| nonsensical.
| nerdjon wrote:
| > This is worse for privacy.
|
| That seems like an exaggeration? How could another solution
| possibly be worse for privacy than the open season it was
| previously...
|
| The worst it could be is the same.
|
| > No other browser even lets you opt in for this because it's
| so nonsensical.
|
| That also does not seem true
|
| Google has their topics API:
| https://developer.chrome.com/blog/new-in-
| chrome-115/#topics-...
|
| and according to another poster here, Firefox added something
| similar.
|
| Don't get me wrong, I hate that they had to make these
| concessions, but what was their choice? If they did not give
| something (while giving users the ability to opt out) we
| would have seen browsers being blocked (and no way Google was
| going to not do something given their entire business is ads,
| so they could just keep saying use Chrome).
| lern_too_spel wrote:
| > How could another solution possibly be worse for privacy
| than the open season it was previously...
|
| Previously, there was no ad tracking at all in private
| mode.
|
| > That also does not seem true
|
| No other browser enables any such tracking in private mode
| or incognito mode. https://developers.google.com/privacy-
| sandbox/relevance/attr....
|
| The Topics API you mentioned returns empty topics in
| incognito mode. https://clearcode.cc/blog/google-chrome-
| topics-explained/#:~....
|
| > but what was their choice?
|
| Do what other browsers do. Don't enable ad tracking in
| private mode.
| akersten wrote:
| > We also expanded Web AdAttributionKit (formerly Private Click
| Measurement) as a replacement for tracking parameters in URL to
| help developers understand the performance of their marketing
| campaigns even under Private Browsing.
|
| Without fail, the knee bends. This also just got quietly enabled
| by default in Firefox 128, go check and turn it off if you are so
| inclined.
| SkyMarshal wrote:
| What's the key in Firefox about:config to turn this off?
| akersten wrote:
| It's not hidden in about:config thankfully. It's a checkbox
| in about:preferences labelled "Allow websites to perform
| privacy-preserving ad measurement"
| mappu wrote:
| Alternative take on the same news: ""Safari already contains ad
| tracking technology, and they're now adding it to Safari's
| Private Browsing mode, too"" -
|
| https://www.osnews.com/story/140252/safari-already-contains-...
| ku1ik wrote:
| You know what's also cool about this announcement? How clean,
| lightweight and unobtrusive that blog page is.
| Aachen wrote:
| TL;DR:
|
| - Blocking requests to known trackers
|
| - Remove utm_ and other such parameters from URLs
|
| - Fingerprinting resistance
|
| - Extension disabling
|
| - Cap third-party cookie lifetimes
|
| - Partitioning for sessionStorage and blob URLs
|
| - Proxying encrypted-to-the-resolver DNS traffic
|
| - Proxying HTTP, but only when it's unencrypted
|
| With a subscription, you also get per-tab sessions and a VPN
|
| ---
|
| The fingerprinting resistance is interesting as it claims to
| remove user behaviour characteristics like typing speed and how
| you move the cursor. Does it fire keyboard events with randomised
| delays and adds random offsets to mouse locations or how could
| this work? Games would be unplayable with mouse offsets and
| random input lag, but if that's not it, then the website gets the
| data so this has to be it right? For canvas specifically, they
| say there'll be small but probably visible artifacts from noise
| injections. So no web-based photo editing in private navigation?
| Curious how this'll work out in practice
|
| Also cool is that they offer an open platform (Mastodon) as a
| place where you can respond to the author!
| lapcat wrote:
| > - Remove utm_ and other such parameters from URLs
|
| Incorrect. Safari does not remove utm_ parameters. See:
| https://lapcatsoftware.com/articles/2023/6/2.html
| yencabulator wrote:
| > to implement ad attribution and click measurement in a privacy-
| preserving way
|
| What an oxymoron.
| flumpcakes wrote:
| I moved from Android to Apple for only two reasons:
|
| 1. They started using USB Type C.
|
| 2. They are the only _major_ manufacturer that appears to
| actually take privacy seriously. Even their AI endeavours look
| the _most_ privacy focused that exists.
|
| I'm sure I could go buy some no-name brick and flash my own
| security focused OS and run my own relays and ... I don't want to
| do that. I want to buy something that everyone else uses and for
| it to respect me.
|
| So as much hate as Apple gets, they have my trust in good faith,
| for now.
| lern_too_spel wrote:
| Apple is the only major manufacturer that makes phones that
| can't get their location or install an application without
| phoning home. The only appearance of privacy is in their
| marketing. Consider that Google did on-device voice-to-text
| long before Apple did, that Android lets you use a fully-
| offline app as your default maps app while iOS does not, and
| that Android lets you use real Firefox with real uBlock Origin.
| All out of the box on any Android phone from a reputable
| vendor. No flashing required.
|
| Apple's deceptive marketing has made me lose all trust in the
| company. It will take a lot more than USB-C for me to consider
| Apple for computing devices.
___________________________________________________________________
(page generated 2024-07-16 23:02 UTC)