Email or username:

Password:

Forgot your password?
Ridley @ WATCH LYCORECO's posts Post Back to profile
Top-level
Pierre Bourdon

@rcombs this isn't really the appropriate format to try and summarize 3 years of learning about this in the field, working with probably some of the foremost experts in the field. I also likely will get into NDA things pretty quickly with more details.

Those experts are people I recognize in the list of authors of the proposal. They're people that have spent their whole career working on protecting users from data theft / impersonation. I personally trust that they have done their homework.

19 Jul 2023 at 20:21 | Wall-to-wall | Open on mastodon.delroth.net
3 comments
Pierre Bourdon

@rcombs another angle: do you think those people don't know how bad such a proposal looks, especially coming from Google? Look at the list of non-goals, the number of counter-measures they propose to avoid this being too abusable, etc. They clearly understand your viewpoint as well, to some extent.

And yet they still thought it would be a good move to publish this proposal. Do you think they would have done so if "this ain't gonna solve that case" (or rather: "help", you can't "solve" abuse)?

19 Jul 2023 at 20:23 | Open on mastodon.delroth.net
Glitch
@delroth @rcombs tbh I think the problem with this is that the road to hell starts with good intentions.

No matter how good Google will try to be about this, bad actors on both ends will find ways to loophole and abuse it. The bots will just extract the data they need to from a chrome binary/fake their JS engine to mimic a real browser anyways. Ad networks will use these techniques to further fingerprint and identify browser users.

That's without getting into the perverse incentive problem where Google is also the world's biggest (and if you believe the EUs antitrust, only meaningful) ad network, so any solution they'll come up with will not be as perfect as it should be, *specifically* so they can make a loophole for profiling users.
@delroth @rcombs tbh I think the problem with this is that the road to hell starts with good intentions.

No matter how good Google will try to be about this, bad actors on both ends will find ways to loophole and abuse it. The bots will just extract the data they need to from a chrome binary/fake their JS engine to mimic a real browser anyways. Ad networks will use these techniques to further fingerprint...
19 Jul 2023 at 20:30 | Open on pl.glitch.pm
Rich Felker

@delroth @rcombs Spending your whole career looking at things from that angle turns you into a BOFH monster who thinks "cop in your pocket" is a legitimate concept.

19 Jul 2023 at 20:26 | Open on hachyderm.io
Go Up