Google's reCAPTCHA makes it impossible to use large portions of the web once you take reasonable measures to protect your privacy. The challenge will continuously fail, despite you spending time to carefully solve it. This cruel behavior is described in a patent [1] by Kyle Adams of Juniper Networks.
I'm logged in on a Chrome browser with a residential IP and get a reCAPTCHA 1-3 times a day when programming. It's the kind that I don't need to solve puzzles but still need JS enabled to click the button. So after the first few (SEO optimized) pages I either get fingerprinted or temp banned. Ugh this is getting ridiculous.
Cloudflare must be mentioned when talking about recaptcha and cancer. They are the ones locking people out from whole websites and forcing you to fill out these recaptchas. They are also the ones who have almost destroyed browsing the internet using TOR due to these recaptchas.
While I agree with you -- I'd also like to point out that >90% of malicious traffic to the websites I administer comes through the Tor network.
It shouldn't be the case, and I don't want to block people who have a legitimate reason to use Tor. Unfortunately there isn't a "block Tor traffic from assholes" option, so all I can really do to reduce the malicious traffic is block exit nodes.
This has nothing to do with Tor. Cloudflare frequently blacklists entire countries/counties worth of people (and rarely reverts those blacklists). There is a good chance, that you have missed a lot Indian/Vietnamese/Russian/Chinese visitors, because Cloudflare concluded, that forwarding their traffic to your site isn't financially viable for them.
> Unfortunately there isn't a "block Tor traffic from assholes" option
What exactly is "Tor traffic from assholes"? Bulk DDoS attacks? E-mail spam? SSH login attempts? Please share your valuable experience with everyone here, so that all of us could stay safe by learning from your example.
And for companies that don't do business with those countries - this is not a loss.
Most "asshole" traffic I see falls into one of two categories - attempts to exploit vulnerabilities (../../../etc/passwd stuff) and account takeover attacks.
The first I can forgive, I don't frankly care where that traffic comes from and the responsibility is entirely mine as website admin to prevent these types of attacks through good coding practices, WAF, etc.
The second I have less control over because customers / the general public sucks at security. They re-use passwords they've had for 10 years and won't opt-in to 2fa. And as a merchant, my company generally eats the cost of fraud that these attacks generally result in.
If no or little legitimate traffic is coming from Tor, and a significant percentage of malicious traffic is coming from Tor - at great cost to me / my company - why the hell would I allow it to continue?
One simple solution I can think of is to restrict POST requests from Tor exit nodes while still allowing GET requests. Cloudflare will give you a impossible-to-solve captcha even if you just try to visit site.com/index.html and I see no reason for this.
Is the issue Tor traffic, or that you know what traffic is Tor?
There are many types of "abuse" (not just trolling) - mass downloading/scanning. (Ex: several types of port scanning can't be done via Tor since it doesn't support UDP)
I see that your heart is in the right place, but I think as web developers we should take a blood oath that we will always optimize for standard compliance, instead. And for a standard that is not a moving target, while we're at it.
But when do we move on? When most browsers implement something the same way, or when all do? What about polyfills? What do you do when you need a new API to better support a user's device with a new form factor, interaction model, wide colour gamut, resolution, background threads, etc.? Tell them to not upgrade? Stop the world? It seems impractical to suggest "target a standard: job done, go home..."
If we target standards, then the standards are driving. The browser gets supported when it builds to the standards. Perhaps the issue will then be getting standards in place quickly around new capabilities?
Then maybe the standards process needs disruption. But if we don't build to standards then we are building roads that only certain cars can drive.
This is unfortunately not true - browsers are driving. Especially when entity everyone uses (Google) also owns the most popular browser. They can, and did, implement non-standard features that only worked in Chrome. Super cool tech demos, you have to see it, just install this browsers from an advertising company. What could go wrong?
Well considering that Google already specifically blocks Chromium based Edge from its current YouTube version may be Recaptcha will not work in it soon too.
Google is not blocking edge, or at least we have no proof of that. In this instance I think it's safe to assume an oversight based on naive user agent whitelisting.
And before I get accused of shilling, I hate chrome and despise Google with a passion.
Do you know of any good alternatives? I would love to get rid off recaptcha but it is a very convenient and quick to set up way to stop most spam bots.
Remember that reCAPTCHA v1 used to be noble: reading books and converting them to text.
Now you're just training many Google machine learning algorithms by classifying data. In which they get more useful for the consumer, thus more powerful.
I hate them as much as you do, but you're wrong. Those storefront and traffic sign captchas are not useful for training ML models. If they were to be useful, they would be much more varied, like the original ones (used for OCR).
>Those storefront and traffic sign captchas are not useful for training ML models.
Not to get all tin-foil-hat, but this is going to sound like it, but if you have a car that has 9+ cameras upon it that drives in areas full of these, then maybe there would be some use for it for Google.
Bear in mind that I'm not saying that they are doing this but to dismiss it unequivocally as something that can't or wouldn't be done entirely ignores the premise that it could prove useful to other areas of their business, which might have a vested interest in such use (say, for example, if Google or it's parent company were trying to break into the self-driving car area[0]).
I would love to see some evidence (a link or something) of this. I see captchas that look like pretty good edge-detection discriminators- street lights in tree limbs, bicycles against brick, and so on.
Since they introduced the square-selecting captchas I have always assumed that they use it for identifying the user. I bet that depending on how you solve the captchas they can identify who you are if their system already has a theory of who you might be.
They're implemented this particular way to provide training data for image segmentation systems, they move the image around inside the frame which allows them to use a few people doing the challenge to create a boundary representation that can be used to train things like YOLO style ML systems
They are able to verify that the user selection is correct. It is possible only if they already have the right answer. If they already have the right answer, what are they training for.
They have some known right answers and some they don't know. They check that you get the ones they know correct, and then they take the other info you provide and add some confidence that they are correct. This bootstraps the system.
The audio CAPTCHA always works first try for me. The image CAPTCHA can go eff itself, it would always take me five tries while the images loaded super slowly.
Yes, the audio CAPTCHA is easier to solve, but the audio challenge is blocked [1] if you are not in a good network neighbourhood or they can't collect enough tracking data to classify your visit.
Can confirm, it's rare for me to be able to get at the audio captcha. Occasionally I'll find that tabbing onto the the button allows it load when clicking directly on it won't. I assume if Google is observing behavior that makes them think you're sighted, they'll block access.
I kind of wonder if it would be possible to force the issue legally as an accessibility problem, but other people than me would need to do it, and in any case it feels a kind of dirty to me to use blind accessibility as a tool in the fight for privacy.
On the other hand, it also feels dirty to me that being blind would mean you're not allowed to do as much on the web to protect your privacy. Blind people should be able to use Tor.
> Can confirm, it's rare for me to be able to get at the audio captcha. Occasionally I'll find that tabbing onto the the button allows it load when clicking directly on it won't. I assume if Google is observing behavior that makes them think you're sighted, they'll block access.
That'd be very cruel to ignore those with vision, but who don't have anything close to perfect vision or correctable vision through glasses. It would also ignore those who have poorer vision as well as have difficulties in recognizing patterns. There's a whole spectrum of accessibility issues, and trying to "fail people" who seem to have enough vision to click on an audio button would be the definition of being evil.
> I kind of wonder if it would be possible to force the issue legally as an accessibility problem, but other people than me would need to do it, and in any case it feels a kind of dirty to me to use blind accessibility as a tool in the fight for privacy.
Even if this is not possible legally in all jurisdictions, enough publicity and outrage could help. There should certainly be some journalists from major publications/site reading HN (or HN readers with journalist contacts) who can investigate and write about this.
I dislike Google reCAPTCHA, however, it brought down contact form and comment spam to almost zero. (With the price of an unknown number of false positives and some frustrated users.)
“A lot of the scripts that are run to enable tracking delay webpage load times while all these tracking scripts fire and run in the background,” said Peter Dolanjski, Firefox Product Lead.
Over at Google they are trying to sell fingerprinting as a feature.
Modern captchas are designed to be anti-human and use as for free training of their AI algorithms. We're slaves for free while Google benefits from this, both technologically and financially.
Next captcha from google will be even more aggressive, you're not logged to Google = you're a bot, you can't access that content.
Its very difficult to block an extremely motivated and targeted attack. With things like this, you aren't trying to necessarily block a highly targeted attack. You mostly need to just ward off the majority of low effort bot spam and random internet trolls. Having extremely tight security can be expensive and/or difficult for most organizations.
This is exactly why something like reCAPTCHA exists and is used prevalently.
To me, it sounds like your system is just security by obscurity. It wouldn't scale, if it did become used prevalently then it would be very easy for bots to circumvent.
I normally agree with concerns about security through obscurity, but I disagree here: this isn’t a security feature. It is spam protection. Everything that creates more work for any attacker here helps reducing spam, on top of that Google itself uses code obsfucation (”Security through obscurity”) in their Captcha for precisely that reason.
It won’t scale, because it mustn’t scale. It is a dead simple solution to a complicated problem and works as long as it works, without selling your user data and brainpower toone of the biggest tech companies there is.
If it should happen that the spam bots overcome it or your site becomes big enough to be targeted you just change it for something stricter, stronger or more sophisticated.
Why do you assume they aren't automating it. The obvious thing if I'm a spammer is to hire humans to solve the problem, collect their output and feed it into my ML training. I now have the same dataset that google is using, for my ML.
Actually I'm not sure I need to go to full ML: after a few rounds I can probably just use image compare (not ML) and just feed humans images that I haven't seen before.
Of course round two of the above is to expand on the above. Doing ML for image recognition isn't hard (other than CPU cost). I can also collect statistics, images humans take longer on I will take longer on as well (I can potentially collect eye movement so I have better data than google here - this can feed into ML). Images that humans are unsure of I will fake unsure of by sometimes clicking sometimes not at similar rates to humans.
I don't know what ML google has that isn't public, but we also don't know what scammers have. Ultimately google needs to expose enough data to scammers (who see more captchas than anyone else by nature of their operations) that their ML algorithms have a large training set. Once a scammer realizes the types of data good is looking for it isn't hard to collect other samples for your private training set. Go outside in any city and you will find stoplights and street signs... you now have a training set of data that isn't googles to test on - you need a few cities and seasons worth of course, but that is an implementation detail.
Which is why spammers will have humans in the backroom for the foreseeable future. If google tries something different they go to humans to figure it out, it google keeps doing it they automate it.
The game is more expensive for google because google needs expensive people to create the scheme, they can hire cheap people to figure it out. (if cheap people can't figure it out google has failed) They only need expensive people only if/when they decide to automate the scheme.
The revolt against surveillance capitalism seems to just be starting in earnest. I think a lot of smart people are finally realizing they have wasted their considerable talents on advertising tech while pretending it was something else and are now very angry.
The irony is they tried diversifying their income. But people don't want their browser to ask for donations (that's nagging). They don't want their new tab page pre-populated with websites on a new install (even if their browsing overwrites them). They don't want "fun" additions to advertise TV shows (even if they're opt-in).
But they're happy to pay via google's search and tracking. Mozilla doesn't have a lot of options open to them.
Firefox has ~250M users as of about 9 months ago and $562M revenue for 2017.
I'd honestly pay $2 per month (12 times "my share") for a Firefox that completely disavows the ad model and produces a truly user-centric experience sans ads, fingerprinting, etc. However, given that over 95% of their revenue comes from Royalties, I don't see that turning around any time soon.
I would too, but clearly most people wouldn't, otherwise advertisement wouldn't be such a popular way to monetize apps and websites (and Google wouldn't be the behemoth that it is today). Actually I would also gladly pay for a decent search engine but even DuckDuckGo decided to monetize using ads, which IMO means that sooner or later if they're successful enough they'll become just as bad as the rest.
Besides paying for a product doesn't mean that it becomes privacy-friendly, look at how Spotify still tracks your every actions even when you're a paying customer for instance.
You're right but I can't shake the feeling that if they ever become really popular the temptation to change that model will be huge. Maybe the DDG of today is principled enough not to do that (and it's also probably in their best interest at the moment since their most obvious feature compared to other big search engines is its privacy) but what about 10 years from now? Or 20 years? What happens if their growth starts stalling and the shareholders ask for more? Will they take the side of their freeloading users over the paying advertisers and investors? Principles tend to be soluble in a high-enough concentration of dollar bills.
After all there was a time where most of us trusted Google and their "Do No Evil" motto. And then eventually in morphed into "Do More Profit" and we have the corporation that we know today.
If I had the ability to know what a tech company was going to do 10 or 20 years in the future I wouldn't have sold off my Apple stock in the late 90s.
DDG may change how they do things, but I expect that if they do there will be someone else that shows up to make money by providing a value-added anonymizing wrapper on top of search performed by a larger company - and it may not even be on top of the duopoly as it exists right now (are there actual search providers in the US not wrapping Google or Bing?). This may particularly happen if a new company grows in India or China then its able to start spreading coverage to other parts of the world.
I’ve recently switched to startpage.com - they use Google for high quality search results, but anonymize all search requests and show non-personalized, non-tracking ads solely based on my current search term. Also, they’re based in Europe/Netherlands.
In my experience, when Google searches are better than DDG (which is not always), it's because the results are customized to your Google account and search history. StartPage generally gives me worse results than DDG, despite using Google as a backend.
Although the Foundation wholly owns the Corporation (we call them MoFo and MoCo internally), money donated to MoFo does not go towards paying MoCo employee salaries as far as I am aware.
Is that not because Firefox currently pays for itself (via Google search revenue)? If the idea is to change that equation, there's surely no reason why money couldn't flow the other way?
i wonder why mozilla hasn't tried a premium pricing model? the premium version of firefox could have a yearly subscription of, say, $24. it would have all privacy features turned on, the best privacy addons installed, and all analytics/telemetry turned off, by default.
The brand risk of having firefox associated with the free version would be horrendous.
To have a premium product, you need to have a non-premium product, and given that most users would use the non-premium product, firefox would quickly become associated with a browser that has the actually desirable features turned off...
Which would probably be even worse than their low market take up at the moment (and I am typing this on firefox).
I agree. Maybe they could differentiate the two versions with a badge or some adornment in the UI which appears grayed out in the “free” edition. I guess it’s the same as asking for donations but maybe not as blatant. Also not sure why they stopped selling merch. I would buy some right now.
Because if they suggest anything to remove the whales then their paymasters will veto it?
The people who would pay for a subscription are surely some of the most valuable for advertising to, and FF in its current form exists because of advertising.
There is nothing about how charities work under US Federal tax law that would produce this result.
Tax-exempt charities (which must by definition be non-profit, but not all non-profits are charities, and not all charities are tax exempt!) must spend money in a way that's aligned with their mission, and there are rules on how much they can spend outside that. (The really big no-no has to do with political lobbying and the endorsement of candidates for public office -- a relic of a more civilized age when apparently we thought that should be left up to individuals. But I digress.)
The Mozilla Foundation is a California corporation with tax-exempt status under US Internal Revenue Code 501(c)(3), which covers "public charities, private foundations or private operating foundations". There are slightly different rules for each category.
I'm not sure what category Mozilla Foundation is; my suspicion is they are either a public charity or a private operating foundation. In either case, there's nothing that would prohibit them from funding software development, as long as it doesn't unfairly benefit someone involved in the organization's governance.
Their 2016 financial statements (I couldn't find anything newer) are available:
tl;dr: In 2016 they spent over $250k on software development as a line-item, out of about $500k in revenue total. It's by far their biggest budget item.
> tl;dr: In 2016 they spent over $250k on software development as a line-item, out of about $500k in revenue total. It's by far their biggest budget item.
The numbers are actually $250 million and $500 million. All the tables this report (as well as a newer one I have to search the link for) list the figures in thousands.
I'm told that this is incorrect and that the FSF has been doing it for 34 years, the EFF does it, the ACLU has done it and others have even paid for proprietary software development (their apps etc).
i worked for mozilla, your donations pretty much do not go to coding firefox. there are side effects where it will affect code, or someone that gets employed by foundation that will now have money and free time to code for firefox for free, but its not like "your dollars go to hiring a sw engineer".
the donations are still useful though because if there were none mozilla foundation would die, and in turn, mozilla corporation would also die or be sold as its fully owned by the foundation
I don't think it's for those reasons, but the outcome is the same -- money donated to the Mozilla Foundation will not be spent on software development on Firefox, which is done by Mozilla Corporation. (I'm pretty sure it will fund Mozilla Foundation software developers, though, as well as all of the initiatives they list on the home page.)
250M users, you would not have a problem with $2 a month. Don't expect the rest of these users to follow. Donations are voluntary, people are unaware, but most importantly: that $2 of yours is of different value elsewhere in the world. All the people who live in poverty (according to my standards) should not feel obligated to pay American price for software. Which is a small quibble I have with proprietary software.
How would that be different from what you can already configure Firefox to do by enabling resist fingerprinting options, turning off Pocket's sponsored articles, turning off telemetry, etc.? It seems like you'd be paying $2/month for keeping a set of preferences up to date.
A subscription model of some sort would probably make sense, but I don't think you'd want to gate those kinds of features on it.
I think there's not much pressure to get at it when they have hundreds of millions in the bank and have been funded externally their whole life.
I believe those backfired since all their marketing has been propped on morality. When they claim ads and tracking are evil, it bit them whenever they ventured anywhere near that stuff. Give many startups here an initial audience of 200M+ engaged users and they'll figure a way!
Are they that cash strapped? IIRC moz://a had an agreement with yahoo which they terminated just so they can sign with Google.
The real irony imo of FF being considered the alternative browser, but not actually competing against Chrome where it could have a serious edge only entrenches the pro commercial anti user status quo.
What’s wrong with using the resources of evil (freely given, oddly enough) to destroy evil?
If someone you hate offers you a billion dollars, you should take it—because in doing so you’ve made someone you hate a billion dollars poorer! It’s like stealing the money from them, with less work!
Imagine, analogously: a lottery whose proceeds go to a charity supporting statistics education.
If someone you hate gives you $1 million though, and says "I'll pay you again next year if you do well for me, you might even get more" then you're going to find that if you take the money in a few years all your decisions are centred around the happiness of the person you once hated.
If you keep taking their money you're morally complicit in their actions too.
> all your decisions are centred around the happiness of the person you once hated
You’re essentially talking about the https://en.wikipedia.org/wiki/Cobra_effect. (The government sets a bounty on snakes? Bounty hunters realize that the cheapest way to get snakes to turn in to the government, is by breeding them themselves. Now you’ve got more live snakes, not fewer.) When greed or need-for-money is an incentive (such as in a for-profit corporation), you’ll be driven to do whatever perpetuates the income stream; and, if someone is paying you to do something, it’s cheaper to just do that thing because you get to continue working with them in the future (so your marketing costs for finding new work are zero.)
But, importantly, the Cobra effect doesn’t apply if your goal (as a person, or as an organization) isn’t to make money, but rather to use up money (i.e. to bankrupt your ‘patron.’) If you’re not a bounty hunter, but simply someone who hates snakes, you won’t ever bother to breed them. You’re not in it for the money. You’re in it for there being fewer cobras.
There are, of course, organizations which are not for-profit corporations. Mozilla itself is a non-profit, despite there also existing a Mozilla Corporation.
As well, even with a for-profit corporation, the income of such an organization can be completely divorced from how it deals with an arbitrary stream of money. Banks, for example, despite being for-profit corporations, do not spend the money you deposit with them. Your money is not an asset on their balance sheet; in fact, it’s a liability.
Mozilla Corporation could, for example, just donate all the money it receives from unsavoury sources over to Mozilla-the-nonprofit, and keep none for itself. This would remove its profit motive vis. this income source.
Analogies:
Police confiscate stuff from criminals, and then sell that stuff at auction. They aren’t driven to confiscate as much stuff as possible, because they don’t directly see the proceeds from those auctions (it goes into the city budget, which does eventually fund them back, but in some inscrutable, non-motivating way.) Instead, the police department usually just has a mandate to take the stuff and sell it. (There is a broken incentive around police confiscation of drugs and cash, because these are so hard to trace that police can and do directly profit from these confiscations. But money wired between corporations as a result of an invoice is not untraceable like cash, so the confiscation of cash isn’t really analogous. A closer analogy is the confiscation of pimped-out cars—the police do not, and cannot, make personal use of these. So they don’t really care how many they find.)
Oil-and-gas engineers aren’t driven to flare as much natural gas out of oil fields as possible, because there’s no useful purpose to flaring natural gas (for now); they’re just trying to use it up and get it out of the way of the stuff they do want.
Building renovation contractors aren’t driven to collect as much asbestos as possible. They only collect and remove it because they can’t certify the building until it’s all gone. (Imagine an alternative world where you could turn in asbestos to the government for a reward. We’d get a Cobra effect so fast.)
In all these cases, you’re not driven by your need to collect the thing; and there’s no element of greed driving you to collect the thing; it’s just part of your job to collect the thing. As you diminish the number of illegal weapons out there, or amount of natural gas in the oil field, or the amount of asbestos left in buildings... you can simply do less sequestering. Nobody is put out when criminals run out of guns, not even the police. The oil-and-gas engineers who did the burn-offs are done their work at that oil field, sure, but they just move on to another oil field. The renovators have plenty of other jobs to do, and the people who specifically handle asbestos removal will just retrain to remove the next thing people want gone from buildings, toxic mould or what-have-you.
——
What we’re essentially talking about, here, is a ‘parasitic’ nonprofit—the organizational equivalent of a mosquito, something that wanders around sucking its ‘hosts’ dry, but which doesn’t expect (or attempt) to subsist indefinitely on a single ‘host’. It expects to either kill its host; be killed by its host; or be “swatted away” by its host, at which point it can find a new host.
And, because a parasitic organization serves no useful purpose to its host—it offers no attempt at symbiosis—the host will eventually become aware of its nature, though how fast this happens can vary dramatically, depending on how bureaucratic the host is, and the time-scale of the deal the host and parasite originally made. (Imagine how long it would take the US government to figure out that a weapons subcontractor is a foreign-government led operation with the aim of “siphoning money out of the US defense budget while avoiding actually satisfying the demand for a given weapon”, purely through the regular business-side interactions between the government and the contractor, without the assistance of the government’s background-checking process. Unlike governments, private companies do not generally do background checks on their contractors’ employees, so an IBM, or a GE, is not safe from this attack.)
Of course, unlike in the animal realm where every animal at some point deals with a parasite from a state of complete ignorance, parasitic organizations can get reputations that precede them everywhere. This is what I’d call the host “killing” the parasite nonprofit.
But, well, the same people can form as many organizations as they want... and perhaps even use successive organizational vehicles to drain the same host companies repeatedly, if they just ensure to put a different face (different figurehead CEOs, etc.) on the parasite each time.
These are the same proven strategies that “fake” charities use every day to line their own pockets! Just turned to a purpose other than selfishness.
And? I used to work for a defense contractor, using the military complex money to instead pay for civil projects that actually benefit normal people. You can take money that comes from "I don't like this thing", and then spend it on "this benefits everyone".
If that's truly your rationale then you're deluding yourself: you can take money, for sure, but as soon as you act to aid the source of the money then you're complicit in whatever that source is doing.
You might consider the positive aspects of your use of the money out with the negative aspects of your aiding murder, say, but that's not quite what you outlined.
And that's why everyone who works for Google or Facebook should quit, too, but in the real world there are an insane amount of jobs that ultimately do really bad things, and we need work. So find somewhere that your particular skillset makes a net positive contribution instead of going homeless because almost every single big company is responsible for suffering in the world. The defense contract I worked for also has a strong civil presence and makes things like turn stiles, card readers, and emergency alert systems, and those directly benefit people rather than help murder folks. The idea that "my work directly benefits the part of the company that murders people", given how budgets actually work in large companies, is arguably far more delusional here.
Does the defense contractor rag on the military afterwards? You can take money from something, use it for good, but it's kinda funny when you start to claim the hands that feeds you is evil and bad.
Well, we could change that. I've subscribed for a monthly donation to Mozilla after learning about that.
I've also been giving through Flattr as an alternative to ads for micro-funding on the Web - anyone knows why their plugin/extension/addon isn't listed on addons.mozilla.org anymore ? (You can still install it from their official website.)
Might it be due to a conflict of interest between Google and Eyeo ?
Not as much as risk. More of not wanting to be seen as a monopoly. Giving up 1% of the browser market share and a few pennies is worth it to not be seen as the virtual dictator of the Web.
I worked in the ad industry. Every web-browser including brave, tor,safari is uniquely identifiable even on same hardware.
All the public computer researchers and browser vendors are years behind the techniques to fingerprint devices (probably 5+).
Canvas, WebGl etc are techniques of the past. There are much more advanced ones, than can identify devices with completely uniquely (on both desktop and mobile)
Also we know when users fake their fingerprints, and the algorithm respects the decision even though we know who the user is despite faking with all state of the art methods.
Latest methods dont even use JavaScript. Just CSS is enough to identify every device uniquely but you'd need JS to send the data back.
Every public researcher I've seen are given honeypot techniques that they consider state of the art even thought the industry is way ahead of the researchers.
Not to be picky, because to be honest I completely believe that what you say is plausible, but that's a lot of outrageous claims with very little in the way of examples or evidence.
In order to believe what you're claiming here, we have to believe that
1. There is magic css/js that can not only tell different browsers and devices apart, but can tell two phones from the same manufacturing run with the same software apart.
2. Despite the fact that this magic code would have to run in the client browser where its content, execution, and the data it sends back are all plainly visible to anyone who can hit ctrl-shift-j, no "public researcher or browser vendor" knows anything about it.
3. This technology is not used to combat ad fraud because of some weird conspiracy at Google.
It could be true, I suppose, but I don't see why anyone would believe this based on the evidence so far.
Large companies have fixed ad spend budgets. If they dont spend they lose. Doesn't matter if its lost to fraud.
Google, Facebook advertiser have more specific budgets, especially Facebook which has a large number of small advertisers.
Large adnetworks however get large advertisers with advertising budgets in tens of millions on average.
There is a larger pressure on Google and Facebook to be competitive then say smaller ad networks.
Also the techniques that I mention of are not in use in wild after the POC on millions of devices few months ago. They're a backup plan. Also not every adtech company has them. Maybe 2 or 3 at the most are at the cutting edge of tracking.
Google knows this very well. You really think Google couldn't counter fraud? Its a fake and manufactured outrage. No one wants to give away their "secret sauce" just yet.
Also right now many adtech companies are going bankrupt. Many larger one are waiting for smaller ones to be gone after which the landscape changes.
> Also right now many adtech companies are going bankrupt.
As someone currently working in IT for an adtech company, I can at least provide one data point in that the company I work for is slowly (but surely) dying.
Just today I decided to switch to FF and try noscript experience. Works good enough so far. Funny that crippled experience is even better in some weird ways. I used to scroll reddit forums, now I can read just few first posts and that is good. I used to expand a lot of comments, now I can't expand them, but it saves time. Sure, self-control would be better, but that is good too :) It's good to know that without JavaScript I'll send less data to that anti-human industry.
Wait for the new CSS version over which our team had a watch. Wont require JS after it comes out. ;D
Also we know many exploits to bypass noscript if we wanted to (yes I know there are bounties for this, but we were paid much higher then any public bounty for this stuff)
As far as I understand the only way that it can work without without js is either by using @supports or similar feature/media queries (which would be the same for all users on the same hardware and browser) or by requiring user interaction (like a :hover state or clicking a link).
Why would I want to give out that part completely? Upcoming spec change has two important thing required that will allow it to work without JS or user interaction with the page. Obviously I'm not going to give it away before the spec is implemented and once it gains enough usage on the web that going back is impossible.
So basically you have no proof, no discernible connections to anything you are talking about (no real user/comment history) and are posting pretty outrageous claims about tracking.
Why would I believe you over all the public research available? If you really were working on this why would you be stupid enough to post about it here?
No, not this is some amateur work. State of the art techniques css fingerprinting can uniquely identify 1 device from billions.
Also this is nothing but getting dimension of screen and other browser attributes which are useless now. The current state of the art cannot be mitigated unless you put a 95% penalty on performance on the CSS engine AFAIK.
All the links you provided describe techniques that would only work on mobile devices with access to the sensors. On my desktop PC there's no GPS, no gyrometer, no webcam and no browser access to my microphone.
Firefox is playing its trump, the privacy, very well lately. This is very smart as the competition has no good answer. Equalizing on privacy level would go against their business model so they won't ever do it wholeheartedly.
> Equalizing on privacy level would go against their business model...
More importantly it would go against the mission statement.
Mozilla isn't around to make money, it's around to make progress toward a mission.
(Search revenue helps fund that, but revenue is not the end goal for Mozilla).
It seems that almost weekly, I am reminded why I love Firefox because of some new thing Mozilla is doing. A lot of good decisions have been coming from them lately.
I finally made the switch from Brave today and I'm never going back. Firefox is just as privacy-conscious, supports built-in tracker blocking, fingerprinting, and has full sync that Brave hasn't implemented yet.
Just as privacy conscious is a misleading statement. Choosing to migrate their default search to Google was a money grab by Firefox and that money is, in turn, 100% dependent upon tracking. I think this is why what limited privacy options Firefox does offer are entirely opt-in, and often hidden behind menus that your average user will probably never visit.
By contrast Brave has had things such as blocking of fingerprinting for months (years?), and also natively supports OPT-OUT ad blocking, script blocking, third party cookie blocking (which FireFox does also but once again in a less direct fashion), single click native TOR access + ID swapping anywhere, and more. And I think the biggest difference is that this is all directly exposed to the user. If a user clicks the big iconic Lion icon in the top right they get a popup that shows nothing but:
So even users that know absolutely nothing and don't bother to navigate through menu options will almost definitely immediately be exposed to all of these privacy options, though again given the opt-out nature of much of it - even if they weren't, it would be less of an issue.
Note that Brave does not develop its own engine, piggybacking on Chromium instead. It's easy to play the righteous game when you're piggybacking on other people's work. DuckDuckGo and all alternative search engines are in the same boat.
It can be argued that Brave has a harder dependency on Google than Mozilla does. Because Mozilla has not outsourced their core competencies.
Just to give an example, with Manifest V3, Google is deprecating extensions like uBlock Origin or Privacy Badger. What will Brave do? Maintain their own fork? Well that can get expensive fast. So if it was a business-driven decision to piggyback on Chromium, I don't see why they wouldn't adopt Manifest V3 as well. Manivest V3 will offer mediocre means to block ads too and the average user will not know the difference.
When Brave implements its own engine, or maintains an actual fork of Chromium, or when DuckDuckGo implements a web crawler and stops leaking data to Microsoft, that's when they can play the righteous game.
> often hidden behind menus that your average user will probably never visit
The average user will not install Brave either so this point is moot.
Brave is already substantially modifying Chromium to remove undesirable 'features' on top of adding the slew of Brave features. Manifest V3 is just another 'feature' that will be removed. The more significant issue there is that there might end up being conflicts between some Brave and Chrome extensions following this change.
I do not agree that writing a renderer from scratch is a wise idea. I mean in theory it's a great idea, but in practice? The Chrome renderer is very well done but, much more importantly, is also going to be what what 100% of web devs will test their sites with. Even browsers with quite large userbases, including FireFox/Safari/etc, tend to get B-tier treatment, if that. Of course standards alone should mean all sites ought render/behave the same with any compliant browser but... again, that whole theory vs practice thing.
There are also a couple of other major issues. Google can use their clout to rapidly change standards that third party projects must play keep-up on. But perhaps the biggest issue is Google using their monopoly in other fields, such as with YouTube, to change their products in ways that 'coincidentally' end up rendering poorly or slowly on third party renderers, as they have done multiple times. This [1] being one particularly stark example of such behavior.
The future of web usage is always difficult to predict. We've gone through numerous phases of seemingly unbreakable web domination from Netscape to Internet Explorer to Chrome. In my opinion Manifest V3 could finally be the tipping point of Chrome, but that may idealistic - we'll have to just wait and see.
I can't say that I could agree Firefox's privacy options are hidden/behind menus. I downloaded a fresh copy of Firefox today and the privacy features were quite encouraged and are even the main focus of the Security / Privacy tab.
Brave is an excellent browser but it is only a matter of time until the remaining features are brought over to Firefox. Not to mention some feel they aren't "out of the grasp" of Google until they're fully away from Chromium.
I installed FF on a new Win10 instance recently (March IIRC) and had to go through and disable fingerprinting features and install adblocking.
In contrast I installed Brave, and it appears to have all adblocking and anti-fingerprinting as default settings, easily accessible if you wanted to change them.
The OP reads to me as a PR piece to keep geeks onboard, knowing that regular users won't ever change default settings.
I mean FF have the telemetry they know exactly how many users disable defaults.
We (Mozilla) are planning to enable tracking protection by default. It's a relatively slow process, developed and rolled out incrementally, since we have a larger user base than Brave and need to make sure not to break the Web.
> Choosing to migrate their default search to Google was a money grab by Firefox and that money is, in turn, 100% dependent upon tracking
Well it was not a bad decision to make since most of their users would set Google as their default anyway (no matter how privacy concerned you are, you still can't do without Google search unless you really really try hard, which most people don't).
FF is my primary browser, yet people I know that work in security laugh at me as they claim FF is always the first browser to fail in the hacker games. I don't know enough about why, but I'd love for that to not be a thing. Taking into account my threat profile (types of sites I visit, JS blocking, etc), I feel the hacking risk is still a worth while trade off for the lack of tracking.
"People I know that work in security" is vague and non descriptive.
To be fair, you did follow it up:
> as they claim FF is always the first browser to fail in the hacker games
What are their sources? I also "know such people" and I am unaware of such claims. If one uses Kali Linux, it has Mozilla Firefox as default browser. The same for Debian (on which Kali is based upon).
The thing is, you can harden your browser after installation. The first thing I do with a browser is installing uBlock Origin and uMatrix.
There are more vulnerabilities in FF, or so I've heard. But most people I know in security love firefox, especially because of how easy it is to setup with tools like Burp Suite.
Can someone paste their results (or at least bits of fingerprinting entropy) from https://panopticlick.eff.org with the latest Firefox?
With the fancy new anti-fingerprinting Safari on macOS Mojave I get just over 14.5 bits of entropy with the most entropic source being my canvas fingerprint (1 in 600).
With Safari on iOS I get 11.71 bits of entropy, with the most entropic value being my screen size and color depth.
I think it's funny that panopticlick gives me a little red X for not allowing trackers from companies that have "promised" not to track me. I have no incentive to do so, as I do not get any sort of compensation if they are found to be in violation of those terms.
Just sticking this comment here since I think most people would like to see how the site works. People are interpreting the numbers incorrectly, as I also did at first even though it says at the top exactly how they're measuring these numbers.
Your entropy is determined exclusively based upon the people that have used the site in the past 45 days. For now that number is about 204k. So for instance if you see something has an etropy of 9.08 (as my user agent does) you'd also see that it says 1 in 542.15 browsers have this value. 2^9.08 ~= 542.15. The ~ there only because the thousandths and onward digits are not showing. My exact entropy would be about 9.08254825596. All that means is that of the ~204k people that have used the site in the past 45 days, 377 had the same user agent.
The problem with this is that the people using this site are going to be a heavily biased sample. And so by tuning to reduce your entropy, you are not actually reducing your trackability but instead making yourself look more like the subset of people that are actively using this site. And this becomes an even bigger problem since I do imagine this site is actively shared on more technically orientated sites, such as this one. But the settings of technically orientated users are often going to vary somewhat significantly from the settings of the other 99% of users.
The point of this is that by working to reduce your entropy on this site you may, ironically, end up making yourself more trackable. So the numbers should be taken not as a measurement of trackability, but rather as an interesting insight of your browser/setting differences/similarities of other users with the site.
---
Also, 100% agreed on the silliness of them marking you down for not allowing cookies marked Do Not Track friendly. Until such things are enforced, in code and ubiquitously, they're meaningless unenforceable promises that rely on tracking and advertising corporations never lying.
17.62 bits on firefox, 11.0 on Tor, 17.63 on chrome.
On firefox, the big contributors are HTTP headers (my native language is announced), hash of WebGl fingerprint and time zone.
On Tor big contributors are hash of webGL fingerprint, screen size.
On chrome, they are system fonts, hash of canvas fingerprint, user agent, and time zone.
I am not too concerned about the fingerprinting in firefox since I have strict blocking on, ublock origin, and separate containers for facebook and google. Based on the small amount of data facebook has on me, all the blocking is working pretty well.
Similar results for me. Does anyone know if it's possible to turn off WebGL, and if so, how? AFAIK I never use it for anything and I'd rather have increased anonymity. (Assuming disabling it prevents it from being used for fingerprinting.)
Edit: Answering my own question. In `about:config`, change the `webgl.disabled` preference from `false` to `true`. This reduced the "bits of identifying information" from WebGL from 11.26 to 2.56.
CanvasBlocker actually increases your track-ability because the consistent factor is now that you have a changing canvas fingerprint (which almost no one does).
This is why Safari tries to give a universal canvas fingerprint so you can "blend in" with other users.
I agree that a universal canvas fingerprint is better in principle, but practically who is going to write a script to search for all visitors who only differ by their canvas fingerprint and then identify them as one browser because the fingerprints are non-standard?
Practically, it requires little more work than creating a canvas fingerprint framework itself! If someone puts in the effort to write a framework that tracks you via canvas fingerprints, it’s little more work to add to the script with another one that performs a simple diff to find people trying to evade it.
Panopticlick's numbers are extremely confusing and borderline useless.
On my initial run, I got an overall entropy of 17.63. My two biggest identifiers were screen resolution (1000x595x24 which was approx 1/22000 browsers) and webgl hash (approx 1/3800 browsers). I fixed screen resolution to 1000x600x24 (approx 1/85 browsers) and disabled webgl hashing (approx 1/6 browsers) and the overall entropy did not change one iota, despite also closing browser, flushing cache and cookies, etc. I gave it another run with a deliberately weird resolution (1420x701 which was something like 1/105000 browsers) and once again, the overall entropy was exactly 17.63. So based on my experiment, it seems that screen resolution and webgl hash have no effect whatsoever on [Panopticlick's] overall entropy score.
An update on last night's experiment, if anyone cares. The next largest identifier was system fonts (approx 1/1300 browsers). I set `browser.display.use_document_fonts=0` which hid the system fonts (now the same as approx 1/10 browsers) and my overall entropy dropped to just below 11 bits. At this point, none of the metrics were less common than 1/10 browsers, so I figured I wouldn't be able to do better than that.
As a side note, I ended up re-enabling system fonts because disabling them broke a large percentage of web sites' CSS.
The numbers don't make much sense to me. On FF I get 14.05 with NoScript active. Curiously the headers increase from 1.68 bits to 3.47 when NoScript is running.
I'm curious about the difference between things like NoScript and native Brave script blocking.
In particular I was going to make a snarky comment that the site seems to, appropriately, not work when script blocking is enabled on Brave. I do get the site to do the refresh business a couple of times, but no results are ever displayed.
> On Tor big contributors are hash of webGL fingerprint, screen size.
Doesn't tor randomise the window size on startup? Though I guess it chooses some sensible size for your screen which is then leaking info about your screen size (in a pretty indirect way).
Not quite correct. It automatically picks the browser window size based on the monitor its being displayed on, in some multiple of 200x100. There is no randomization on every run.
I wonder if these fingerprint checks look for the more stealthy and sinister approaches, like localhost port scanning [1] and specific CSS selector behavior...?
True, in the current situation, we can only "limit" fingerprinting. This is the result of the characteristics of the sandbox we use for the Web. Remove Javascript, and most of these problems go away.
This is why I stay attached to making simple HTTP apps that don't require JS, but this is clearly not the direction the web is going at this time.
Please note: the fingerprinting protection in this blog post is different from the resistFingerprinting about:config pref which would affect your entropy bits on panopticlick.
Interestingly enough, uBlock Origin actually stops that site from working, seems to break the fingerprinting step. If i disable uBlock, I get 16.63 bits of identifying information. Likewise the canvas fingerprint is the biggest, in my case 1 in 101154.
You can draw with different fonts and background colors, then grab the raw pixel values and hash them. The hash will be different depending on the versions of fonts installed, the OS, the GPU, the browser's text rendering algorithms, and the subpixel order/orientation of the display.
They should have standardized the font rendering for canvas. For those rare graphs using canvas i can live without Cleartype and only use normal anti aliasing, and with modern high DPI displays you hardly even need that in the first place anyway.
I mean, one of the major reasons for using canvas over DOM is to get pixel perfect placement of things, like text connecting to an arrow. If your fonts suddenly change size that won't work anymore. SVG has the same problem, on some computers with slightly larger letter spacing a line might become too long so it wraps and become two lines, totally spoiling the desired diagram.
There are many legitimate uses. Vendors have experimented with making canvas readback opt-in (with a popup) but I don't know if it'll ever ship because it simply breaks too many websites. Sometimes it's used at page load to generate variants of a single image to reduce file sizes, or used by games to prepare image assets before they start up.
Longer: this is actually a viable way to do many types of fingerprinting, not just canvas. I'll give an example. In a graphics class I took our professor gave us output images to compare to. Two people with the same model computer, same specs, would frequently have a pixel or two different from one another. Change the specs and you're easily a dozen off. Worse than that, the pixels that are off from the original image can be different pixels. This comes down to the silicon lottery. So if you can think of anything that you can access where you can get the user's computer to do some sort of floating point calculation, you can probably get a fingerprint out of that.
So to fix this problem, you'd have to figure out how not just to make pixel perfect images, but for two CPUs of different types (which even same type doesn't currently) to always calculate the save answer to the same precision, every time. There's tricks that can be done like rounding, but it gets hairy really fast and becomes unpractical. But if you do know how to solve the problem, I'm sure people would really appreciate the answer.
Random, probably uninformed thought: I wonder if the solution could be LESS determinism rather than more. If you could make it so the same hardware rendered pixels in a slightly different (random) way each time, it would no longer be possible to determine if you were looking at the same machine.
That's an interesting idea. It might be a good way to circumnavigate this problem. But there are some drawbacks. Maybe there's a lot of things we could get away with actually needing FP16 accuracy (like iterative methods can sometimes do this, especially in ML) but call FP32 but there's plenty of times where FP32 matters. So I guess it is highly dependent upon those issues and where you can get away with them. But further, how do you enforce that? I think it is interesting though.
Firefox deploys two different forms of fingerprint protection:
1) blocking known fingerprinting scripts.
2) blocking underlying techniques.
The second is the one people here are talking about, and it can be enabled by going to your settings and turning on resistFingerprinting. Keep in mind it will do things like normalize your time zone and decrease timer precision.
Nope. The linked mozilla blog post clearly talks about the fingerprinting settings, and the comment I replied to did not specify anything related to "blocking underlying techniques".
This entire thread is filled with people comparing browser results on a site that breaks down underlying fingerprint techniques, while asking questions like, "is there a way for me to disable WebGL?", and "I wonder if they block localhost port scanning?".
I understand what the original posted link is talking about, but the specific thread you're currently on is very clearly talking about more than whether or not Panoptoclick's tracking script is blocked. They're talking about how well different browsers can resist the techniques it uses[0]. Why else would anyone be comparing their results to Tor?
If the thing in the OP doesn't do what a bunch of the comments here are discussing -- it is indeed important to point that out.
I had assumed it did, cause why else would we be discussing it here, and neither the OP post nor the FF setting are very clear about what it does. So I would have been thinking it was protecting me.
Likewise. It makes no difference whether I enable or disable the Fingerprinters checkbox.
Maybe due to the "uBlock Origin stops it from working" mentioned elsewhere, or some other glitch. Disabling uBlock Origin on panopticlick.eff.org didn't make a difference.
>With the fancy new anti-fingerprinting Safari on macOS Mojave I get just over 14.5 bits of entropy with the most entropic source being my canvas fingerprint (1 in 600).
That's actually pretty good, considering tor browser (which has resistfingerprinting enabled) with default window size (1000x1000) has 14.82 bits of entropy.
Firefox with uBlock Origin and JavaScript disabled: 9.81 bits, one in 900.21 browsers.
Google Chrome with uBlock Origin: at least 17.68 bits, unique among the 209,744.
iPhone 8, Safari, some adblocker: the same (unique). Probably I should update OS, I'm using pretty old version.
Following this advice, I discovered an extension that automatically spoofs the user agent and does some other things. Haven't tested yet, but it seems to be actively maintained.
Since I'm on the topic, other two lesser known extension I have are CanvasBlocker (fakes canvas fingerprinting (or disables it)) and Privacy Badger (heuristically detects and disables trackers; complements ublock).
You have to stick with known popular user agents. To mitigate tracking by UA you need a randomized user agent that changes periodically. Panopticlick won't be able to account for that in its stats. It's not a good idea to switch UA on every request since it will be hard to diagnose breakage caused by a site that rejects particular UAs.
"Periodically changing user agent" sounds pretty unique if you ask me. Especially if the extension isn't super-clever and changes the user agent for accesses that happen on the same page.
And the fingerprinter could be super clever and look for features that your purported browser isn't supposed to support... And if your browser does support them, that's a strong identifier.
Unless you use some obscure browser, it is better to use your real user agent. If you keep your browser and operating system up to date, chances are it will be one of the most popular ones.
Your UA will correlate with other means of fingerprinting you making you more common. Being clever can make things worse.
For example, the most common UA is from an iPhone, but the most common screen width is 1920 pixel. If you decide to make your UA an iPhone with a 1920 pixel screen, then you will be easily identified.
Panopticlick says I have "strong protection against Web tracking" but amiunique.org says I'm unique. Though amiunique also claims my TOR is fingerprint is one of six.
I get very different results from each. Some don't quite make sense to me. For example, amiunique says Timezone 3.37%. Panopticlick says 1 in 16, so half as bad. But how the hell is that timezone so identifying? I live on the west coast, how is that timezone so identifying?
I've been really impressed with Firefox Quantum for the steps they've taken towards privacy and transparency.
This definitely seems like the edge that Mozilla will have when trying to stand out against Chromium-based browsers going forward (especially now that everyone else seems to base their browser off of Chromium).
I'm a big user of Firefox since I switched from Chrome 1 year ago for these reasons, but I wonder why don't they base their underlying engine on Chromium then build all their safety, privacy and other niceness on top of that?
I know Mozilla has been working hard on the engine (rewrite with Rust?) and new versions like Firefox Focus on mobile is blazing fast, but keeping a separate renderer (and developer tools!), with its own issues and discrepancies, seems like a lot of sweat and pain when the Chromium project seems decently sound OSS. I know being able to put in practice your own interpretation of standards is a great exercise in freedom and web diversity, which seems to reinforce their mission, but still... the end result is probably millions in economic impact worldwide to keep website codebases aligned with browser standards, even if the differences are apparently minimal and 99% of the time it just works.
Is being a fully independent browser Mozilla's main raison d'être?
As much as I hate more legislation I think the only way to solve this is to make it very onerous to own and compile this data and to level heavy fines (as in criminal charges and/or force the company into bankruptcy via 90% revenue fines) in cases when the database is breached.
Everything else will just turn into an arms race between those who don't wanna be tracked and those who wanna track.
If the US did something like the GDPR but in our constitution I wouldn't be surprised if a cottage industry opened up overnight in secure data-warehousing. I get that it would complicate things for small companies but we brought this on ourselves.
These companies then lobby the government, asking to be relieved of the fines, because if they go down, so many workers will be out of jobs, and that they will comply (pinky promise), so the fines should be lifted to help these innocent people...
> Keep in mind that blocking fingerprinting may cause some sites to break.
This represents the sad state of Internet we are all living through. I have noticed that when I turn on privacy settings on Firefox, some major websites are broken and rendered unusable. It seems that the Internet is rampant with tracking and privacy violation, and we consumers are passively accepting it, by and large.
> I have noticed that when I turn on privacy settings on Firefox, some major websites are broken
In some cases it is because Firefox's tracking protection is based off of a curated list of websites [1]. This breaks a site I built called reVddit [2].
In my uneducated opinion, this list is weird. I had some discussion about this with Mozilla devs [3]. In that message chain, devs acknowledged reVddit is not doing anything wrong, rather it is reddit who could infringe users' privacy. Yet it is the non-infringing site that is rendered broken.
Further, the devs' suggestions for remedy are not workable. They propose moving requests to the server so that reVddit.com makes the requests to reddit.com. There are multiple problems with this,
* It would hide more code from users
* Reddit rate-limits requests coming from a single source
* Infrastructure becomes expensive on what is supposed to be a low cost website
My conversation with devs was good but needs more. I don't understand their point and they do not seem to understand mine.
I haven't had an issue, but I avoid "major websites" like the plague, as they are the modern equivalent (though measles is making a comeback). If a site breaks with good privacy settings, it's a decent indicator you're better off not visiting. If a breaking site shows up on my radar too much, I add the domain to an add-on I made to hide links to it on any page. My HN/reddit/search results/etc views usually have a few blank lines, they're links to domains I have determined I never want to visit ever again. My RSS reader gets a variation of the filter, so they don't show up there either. It feels really good to have the power to remove an entire site from my personal internet.
I published it [1], but only because I had to in order to use it without adding and approving it every time I started Firefox :/ I originally thought I had made the source available but eventually realized the code repo on Mozilla was only available to me (not sure what the point of that is). You just inspired me to get it up on github [2].
It's a pain to configure but the example JSON in the "Preferences" section of the add-on should be enough to get started. Just paste it into the textarea, save, then visit HN or Reddit, you'll probably see a few blank lines where links should be.
Right now, the top post on HN is a WSJ link. I don't want to see their links because I don't ever want to click them just to hit a paywall I already know I'll never accept. So my HN page looks like this [3].
The tool uses regular expressions on text and element attribute values. Anything that matches gets a given CSS style applied. I think it would be great if uBlock Origin could do this but it doesn't allow the level of granularity needed to accomplish the end result.
Serious question. Suppose we have this. I suppose my expectation is that instead of seeing the same ad over and over again, now I'm seeing effectively a random one.
Why is this necessarily better? I guess personally, I've always thought that regulating the content of the ads, rather than the usage of sufficiently anonymized data for ad targeting.
Getting a targeted advertising that is likely relevant to you is probably one of the few positives of tracking.
The issue people have with tracking is not 'what ad am I getting on a given website'. To get a targeted ad they need to maintain a database of privacy infringing information. 3rd parties having this data, and what they might do it with it (or who they might lose the data to) is what many people have an issue with.
Being served a targetted ad is just a strong signal that someone out there has this private data on you.
For example, chances are that google has a pretty rich database of your location history. If not you specifically, they do for most people. You can probably imagine a few different scenarios where someone else obtaining that data could be bad for someone. You're trusting google with it, but is that trust warranted?
Serious follow-up: I've always been fairly apathetic towards companies tracking me because I don't see too many plausible situations that would end up truly affecting me negatively. Do you have any examples (preferably that have happened in the past, but hypothetical are okay too) of what can go wrong if the tracking information falls in the wrong hands? Sure, street addresses, SSN's, credit card numbers would be bad, but why should I care if someone finds out that I'm a male aged 24 interested in backpacking, Apple products, and programming?
I think you have to break it down a little. There is potential harm to you individually, further broken down by "legitimate" parties with access to the information, and then problems where that big pile of data tempts hackers to steal it. For the latter, think of the time and location history of your children gleaned from photo location data (or the location data of their cell phones). Or just patterns that indicate when you're on vacation.
For the former, I agree it's a little hard to find realistic examples that don't involve having something to hide (but if you do, those are easy: porn history, extramarital affairs, time spent goofing off on various websites, surprise gifts, pregnancy, financial problems, stalkers, ...) Still, do you close the door when you take a shower? Do you sing in public? Do you disclose your salary in casual conversation? Those might seem silly, since the discomfort there mostly hinges on fully public disclosure, but the data are getting shared so widely now that it's getting easier and easier for the data to escape to places where they can be pulled up by someone who is bothered by your NextDoor post.
The other main category is the problems with massive numbers of other people's data being available to these companies. Those are more societal effects, like segmenting the population, radicalizing us, and setting us against each other. Outrage culture. Hyperpartisanship. Phishing. Vulnerability to external trolls/griefers/fake news publishers. Functionality being lost because it's overloaded by targeted spam. Harassment of minority groups (heck, you only need preferred language for some of that, though purchase history would reveal a lot more.)
Hypothetical: individual pricing based on how likely you are to pay more for an item, or how badly they think you need it. Sharing of data across domains could place you in a "bubble" where you see the same price no matter where you look.
That's exactly what a lot of airline websites do. If you're an active user of one try firing up a clean instance of different browser and it's very likely you'll see a different price.
For products that can benefit from information asymmetry[1] fingerprints are an amazing tool.
You like Apple products and therefore you are a premium category customer. Dynamic pricing shown to you on websites will reflect that. Depending on the A/B rules in place you are paying a decent premium over someone with cheapo Android phone and looking for jobs in custodian services.
If you think that is fair then I have a lovely Harbour Bridge in Sydney that I think I get you a great deal on.
I'll give the example I usually give in this debate:
In Netherlands, prior to World War 2, they made a "comprehensive population registration system for administrative and statistical purposes", which included the ethnicity. As a result, the Netherlands had one of the highest death rates among Jews. (I can't find a good source for this though, unfortunately)
I would like to see legislation that prevents storing data in a way that identifying information could be derived from a legitimate hacker. I think this is far more practical than a blanket hammer banning all forms of tracking, as we're stuck with advertising for better or worse. Might as well actually make things saner.
I would classify that as "not sufficiently anonymized." I'm asking a serious question and don't really subscribe to dogma as being particularly convincing.
Thanks for the facetious argument and hand-waving though.
This is literally why the data is being collected. Granted, i do not work at Google, but i have experience in exactly this area.
Apps and websites want to sell you things. Well many of them. They then need to know for how much. If they know, they can extract more profit. Which is why they try to find out.
Really.
No dogma.
What do you think I do with your fingerprint as you engage with my sales website?
"Improve my service?"
I hope you never buy a used car.
I'm trying to suggest that there is a middle ground between outright banning all tracking, and the current state of affairs. Not that the situation I described is where we are today.
Ads that are not targeted don't have such huge impact on you as the targeted ones and therefor they don't trick you to buy something you don't need as easily which is good for you and the environment.
In addition to the many privacy problems, advertising is rarely about passing timely information on things you need. Ads are mostly used to fabricate desires for things you don't need. While being good at critical media literacy helps, none of us are immune to this kind of manipulation and even less so when the ads are carefully targeted.
I've had some issues maintaining reVddit.com while keeping Firefox's tracking protection in mind. I'd love some help if there is anyone who can provide insight.
Basically, you can't load reVddit pages on Firefox because reVddit accesses reddit's API, and reddit is listed on Firefox's list of websites that are considered trackers [1].
In my uneducated opinion, this list is weird. I had some discussion about this with Mozilla devs [2]. In that message chain, devs acknowledged reVddit is not doing anything wrong, rather it is reddit who could infringe users' privacy. Yet it is the non-infringing site that breaks.
Further, the devs' suggestions for remedy are not workable. They propose moving requests to the server so that reVddit.com makes the requests to reddit.com. There are multiple problems with this,
* It would hide more code from users
* Reddit rate-limits requests coming from a single source
* Infrastructure becomes expensive on what is supposed to be a low cost website
My conversation with devs was good but needs more. Is there any solution here, or do we just go our separate ways?
My general impression is that tracking protection is low-priority for Mozilla and anyone who actually cares is using uBlock Origin / uMatrix or similar extensions since those use filter lists that are actually updated.
Because it may cause some websites to break and they're aiming to provide a good user-experience for the majority of the population. If they turn this on by default without users knowing the risks of sites not working correctly, they'll unfairly blame Firefox, bad mouth it, and switch to Chrome/Edge/Safari/etc.
I don't think you've turned on very strict anti-tracking in a browser if you think that's a weak reason. The setting can really break websites, making them unusable or whole blocks of content don't load. Before this update I used to use Privacy Badger and it also broke websites all the time.
I don't believe Safari has anything like what Firefox or Privacy Badger offers built in. So you wouldn't be able to use your default experience with Safari as a comparison.
Safari has been leading on the privacy front for more than a decade. They were first to block third-party cookies by default (which led to the FTC collecting a scalp from Google when they bypassed it), blocking trackers with ITP by default, and blocking fingerprinting by default [1].
Firefox anti fingerprinting breaks a lot of legitimate web features because they can be used for fingerprinting. Most notably every timestamp on the internet no longer shows the date in your timezone and every single website thinks you are a bot and blocks you or captcha spams you.
You can disable it on a per website basis. That's what I do. It protects me from random websites and websites I don't trust. I also find that it speeds up page load because it's loading less ad tech.
>> Because it may cause some websites to break and they're aiming to provide a good user-experience for the majority of the population. If they turn this on by default without users knowing the risks of sites not working correctly, they'll unfairly blame Firefox, bad mouth it, and switch to Chrome/Edge/Safari/etc.
> That's the stated reason but it's pretty weak to me. Safari hasn't had to make similar compromises.
Safari's the only browser engine available on iPhones, and its users can't easily switch to another. That means more websites test compatibility with it, and its users are locked in even if they don't.
Apple more market power than Mozilla, so it doesn't need to compromise as much (and get get away with being a bit of a bully). Firefox is forced to tread lightly in comparison.
When I switched to Firefox, I tried enabling uMatrix and strictly blocking as much as possible.
My guess is that about half of sites had issues of one sort or another. So many load javascript from 3rd parties, or other domains under their control, that strict blocking quickly breaks the browser experience.
Decentraleyes gives you a local cache of 3rd party scripts that you need to keep activated. Otherwise, their content probably isn't worth viewing anyway if they're so bloated that they need to pull in 20+ scripts from across the net.
No, this really is the reason. Anti-fraud systems embedded in checkout pages use fingerprinting, for example, and break if blocked. Site breakage very quickly drives users to other browsers.
Because there's no user choice possible on iOS, if you don't like Safari, you just have the choice of another Safari-skinned browser doing exactly the same as the original.
I’ve used PrivacyBadger as an extension providing a similar service and it frequently breaks as it mis-identifies important third party scripts as trackers.
All of this is fantastic. I just hope the day comes, when Google is no longer the default search engine in Firefox. Safari is my default browser, but I use Firefox heavily for “social” media accounts. I love the extensions.
Yes, that is true. But the hypocrisy is how Firefox criticises Google (either directly or indirectly), but is paid by Google to have them as the default search engine. The emphasis is on the word default, not that you can't change it. The same thing goes for Apple with Safari. They disabled 3rd party cookies and promote privacy, but Google is still the default browser, for which Google pays a very large amount of money each year.
They (implicitly) critisize some of Google's behavior, while taking Google's money, yes. What makes that hypocrisy? It would be hypocrisy if they were doing what they are critisizing; it's not clear to me it's hypocrisy to take money from someone who is... while still critisizing them! not critisizing them because you are getting money from them might be hypocrisy...
Left of the URL on the URL bar is an information icon. Click that and click "custom" next to Content Blocking, or just go into the options at Security & Privacy.
No, this is different. This feature is a block list of known fingerprinting and cryptomining scripts. The privacy.resistFingerprinting flag changes Firefox settings that scripts use to fingerprint users, such as User-Agent string, window dimensions, and time zone (as you mentioned). The flag is enabled in Tor but not Firefox because the setting changes can break some websites or hurt performance.
I am posting this again, because I still didn't get opinions about it and I think it is important.
How much of Firefox success depends on donations?
I have seen successful crowd-funding projects where the budget is always transparent and communicated to the public. I am certain this motivates the masses to donate.
Wouldn't it be better for Mozilla to make their funding fully transparent to attract the masses?
I'm not sure how transparent they are about their finances, but most of Mozilla funding comes from search engines deals to make them default in certain regions (Yahoo, Google, Yandex and Baidu).
I find it really interesting that when a company is making moves in a direction that benefits privacy of consumers, everyone takes the opportunity to shit on them for past mistakes or how it isn't good enough or why isn't it on by default or any other thing they can find to shit on.
Yes, every single company has made mistakes. FireFox is no exception. Some of them were pretty egregious. Mistakes are - hopefully - an opportunity to learn and adjust, move forward, and continue progress towards something we all want: privacy.
We should absolutely call out companies when they make mistakes or ill-advised choices. I'm not saying we shouldn't. However, we should also _applaud_ efforts that are in-line with bringing privacy to consumers. Not just spend all of our time looking for something negative to be outraged at.
This always-negative/outrage attitude just erodes any sort of meaningful discussion.
It also reduces incentives to actually make moves that benefit privacy. Because if the people who say they care about privacy aren't going to support you, why bother?
Nah, the people who care are happy. The problem is the guys who like to talk. It's the same with security. There's like an army of people who've learned about it from internet commentary exclusively and they bluster a lot as a substitute for competence.
Tell me about it! The security people. yum update every 3 hours, reboot every 6 hours, hyperthreading off for some theoretical reason, what else! There's security as in keeping your iOS device on auto updates when you have it connected to WiFi, and then there's internet forum security...
I applaud this move by Mozilla towards privacy and security, and I have hope that they'll be increasing their focus on this.
The criticisms like "why isn't this the default", "why didn't you do this when you had patches years ago", "why did you play along with standardization of these mechanisms in the first place", and "what about all these other things you're doing" might reflect a knowledge of technology and history. And frustration, since, now, with Firefox's diminished market share, and having already given up privacy&security ground, Mozilla probably has to tiptoe.
A possible alternative to tiptoeing... With Google handing Mozilla a huge freebie right now, with the anti-adblocking move, there might be a new opening for Mozilla to "go rogue", from the perspective of many dotcom abusers, reclaim some lost ground, and start actually making the abusers angry. For that to work, Mozilla needs users who, when an abusing site says "Firefox broke this; switch to Chrome", will yell at the abusing site, and leave the site. They'll also need to live up to the expectations of those dedicated users, not do data-grabbing/leaking dotcom behavior themselves, which will require some internal rethinking. If they piss off some funding sources, they'll need to find some minimal level of funding, to pay for the jobs that simply can't be done by volunteers, and for expenses for things actually essential to the core mission. (And to get all their hardware&connectivity infrastructure donated by companies that would like the goodwill, and who will sign legal commitments to not use incidental data, with severe penalty clauses.)
Mozilla has a conflict of interest. It pays its developers indirectly from internet ad revenue through deals with companies that sell ads. More importantly it seeks to compete with a browser controlled by ad sales company.
Giving the users commenting negatively the privacy they want would mean that Firefox would not implement the "features" that its developers believe are necessary for a "good browser".1
What "good browser" really means to these developers is a browser that does what the "competing" browser does first and foremost, not the ideal browser some vocal group of ad-loathing, privacy-conscious users want. That is how Mozilla defines "good". "Good" to them means "competitive". To the users who comment on Firefox flaws, "good" means something else. It does not necessarily mean one that "competes" with Chrome.
The honest response from Mozilla to negative comments would be to acknowledge they do not exist primarily for all users. They exist primarily for the developers who work there, as part of a project to be "competitive" with commercially-driven browsers.
Cutting ties to the revenue stream of internet advertising and the browsers that it finances is not an option for Mozilla. It is not volunteer-driven like many open source projects. It has to pay developers a competitive salary.
The idea of "something we all want: privacy" is at odds with developers who are being paid to support the internet ad business. The pervasive advertising found on the internet would not be possible without the cooperation of browser authors.
1 "Without the Yahoo ad deal, or "the ability to inject code remotely in your browser" i.e. automatic updates, or reliable telemetry from the majority of Firefox users, it would have been impossible to build a good browser." - Mozilla employee
Mozilla doesn't exist for its developers. Most of its developers could make a lot more money working elsewhere.
The reality is that if Firefox isn't competitive in performance, security, and Web compatibility, very few people will use it, in which case why even bother?
There's more at stake here than just privacy, too. An open platform that isn't controlled by a single vendor, that doesn't have gatekeepers, that has lots of content AND lots of clients is really important. The standards-based Web is the only candidate at this point. Mozilla cares a lot about that, and they need a competitive browser with significant marketshare or they have no leverage.
What is an easier solution to improving browsing experience, performance and security than blocking ads? Don't you think a simple extension like ublock demonstrates a whole paradigm shift in browsing experience? One that moz://a should be striving for?
I think you fundamentally misunderstand my message.
The point I was trying to get across is this:
Companies do bad things, sometimes intentionally, sometimes by accident, and sometimes because they were misguided. Companies also do good things, sometimes intentionally, sometimes by accident. How are we, as users, able to communicate our thoughts with the company in question in these cases?
One method is by calling out the negatives and applying pressure so that, hopefully, the company feels some obligation to act or risk user exodus. This is an example of what you are doing - and it is a valid way of communicating displeasure with a company when they have made a decision the users don't agree with. Negative reinforcement absolutely has its place.
However, an often forgotten method of communication is positive reinforcement. This is how we can tell a company "Hey, good job on this specific thing. It's in a direction we would like to see you keep moving in.". This signals to the company that they are on the right track and, hopefully, encourages them to continue developing that way.
In the specific context of Mozilla, this means that I try to encourage them when they do positive things (blocking fingerprinting) while still expressing my displeasure over the certificate fiasco and other issues.
However, my original post was not meant to be read only in the context of Mozilla, nor was it meant to be read in a way that makes you think that you cannot also raise your concerns. There is a time and place for both positive reinforcement and negative reinforcement. It just seems like people forget about the positive one.
Irrelevant. Conflicts of interest aren't a problem in and of themselves. Most people and companies have conflicts of interest all over the place—if you're prepared to look hard enough. It could be as simple as the conflict between retaining good employees and turning a profit. Conflicts are everywhere.
The question is whether the conflict is causing the company to make decisions which you think are bad—and whether you can convince others to agree with you that they're bad.
The remainder of your post is an equivocation fallacy between the ability to deeply track individual people and the ability to run advertisements at all. You don't need deep tracking in order for advertising to work well. (...unless perhaps you're relying on a fully automated algorithm to do all the work...)
> The honest response from Mozilla to negative comments would be to acknowledge they do not exist primarily for all users. They exist primarily for the developers who work there, as part of a project to be "competitive" with commercially-driven browsers.
I don’t understand- how is trying to offer a competitive, viable product not “for all users”? Are you suggesting that if they focus on a non-competitive product that’s better for “all users”?
That's a meaningful insight. I think Web is in a place now where anyone with technical insight is frustrated. Yes, frustration is the right word. And confused. And it's this mix of confusion and frustration that has people going around bad mouthing all browsers, or at least I think so. Mozilla Firefox is the only significant browser that has the economic incentives to take care of privacy (there's no debate about that right? well there could be Safari, but it's closed source). I'm pretty close to chanting "the end is nigh". If you compare the resources available to the privacy-invading businesses, and the privacy-preserving businesses, how does it look? Or maybe regulative action will be taken? 100x more restrictive and better thought through than GDPR should be enough. Somehow I don't see that happening. Someone with a lighter outlook, chime in.
If you compare the resources available to the
privacy-invading businesses, and the
privacy-preserving businesses, how does it look?
I think this highlights an underlying problem: invading privacy has proven to be extremely profitable, which gives the companies that do it disproportionate resources when it comes to controlling the privacy discussion.
Vote with your dollars and your eyeballs, and retreat from the parts of the Web that are abusing you and everyone else. You lived fine before Facebook and Instagram, you can live fine without them now.
Sure there is. Mozilla depends heavily on revenue from Google whereas Apple doesn't. For Mozilla it's life or death and for Apple it's not (to be the default search engine).
There isn't a single tech company where the business incentives are more aligned with privacy than Apple.
If you think of "privacy-preserving" for a company as a costly virtue, then the standard advice is to appear virtuous without actually bearing all the cost of truly being virtious.
Since they are closed source and secretive, there is a significant information asymmetry and we will never know how honest they are being.
Firefox, on the other hand, has an incentive to honestly preserve privacy, as their attempts to test the water on privacy-reducing features have a high probability of becoming public.
I'd be glad to forget Mozilla's past if they'd show that they have learned from them. The problem is that they haven't. In some cases, they've doubled down on them.
I say this as someone who uses firefox on every device he can.
Projecting political views onto browser users by default is a big one (new tab). Another is the limiting of user control by not allowing them to install third-party extensions. They also enable telemetry by default, and that not all telemetry can be disabled without going into about:config (i.e the settings in the preference page do not disable telemetry about telemetry itself; the browser can and will still send some telemetry even when telemetry is set as disabled).
I (and many others) use Firefox because we need a trustworthy browser, but issues like these take away from that trustworthiness.
> This always-negative/outrage attitude just erodes any sort of meaningful discussion.
They destroyed some of my bookmarks when they dropped RSS support. That isn't privacy-eroding, it's data destruction, and they didn't even let me opt out.
I know they probably had a lot of conversation about it, but when the conversation ends with "And then we destroy the data of random people without letting them say no", you need to back up a few steps and look closely at what went wrong in your process.
This is what I mean by an attitude that doesn't contribute anything to the discussion at hand. They announced this change in October, and implemented it in December.[1] I don't understand why you were unable to make alternate arrangements in that time. It feels like you're going out of your way to find something to be angry about.
In addition:
>Firefox will tell you when support for Live Bookmarks has ended and will do the following:
>Automatically export all existing Live Bookmarks to an OPML file on your desktop named Firefox feeds backup.opml which you can import into another feed reader.
>Live Bookmarks will be turned into regular static bookmarks if Firefox can identify the URL. If the URL doesn't exist, the original Live Bookmark is removed.
>ESR version 60 will support the built-in feed reader and live bookmarks features. Support for these features will be removed in October 2019, when ESR 60 is no longer supported.[2]
So, what would suggest instead of (or in addition to) providing months of warning, automatic export, and extended support that will continue for another 4-5 months?
The funny thing is, no matter how I reply to your comment I lose by default. If I say I have - you say I'm lying. If I say I haven't, your point is proven. What option do I have?
Perhaps you'd like to chime in on the discussion at hand rather than speculating on my personal life.
Kiro does have a point. Not you personally, but in general the popular opinion is that Google is morally bad, while Mozilla is good. I think it would currently be very unpopular to say that Google just made some bad decisions, as in it's not actually "bad", because it would muddy the one-dimensional good-bad discourse to which most of these mainstream problems descend to. Note I'm not actually passing judgements, just talking about group think.
I concede that this is a valid outlook (which I did not gather from Kiro's comment, so thanks for clarifying).
I tried to word my comment in a way that made it clear that I believe this mentality should apply to _all_ companies, including Google, when a company makes a move in the direction of benefiting consumer privacy. I perhaps could have made that more clear in my original comment.
You may not remember this, but Google used to be cool.
"Don't be evil", and all that. There was a lot of hope - when Microsoft was still the bad guys. Working at Google was the dream - they made movies about that.
Nowadays we all feel stupid, obviously.
Right up to deleting "Don't be evil". Literally taking it out. The nerve.
Alphabet is Google's parent company and did not exist when "Don't be evil" was put at the top of Googles preamble.
Functionally, they took it out. Both by not using it in the new parent company, and deleting it out of the preamble of Google itself.
Yeah okay it still occurs somewhere.
But "Do the right thing" as substitute to "Don't be evil" has clear implications except if you are terribly naive.
Good reputations are hard to gain and easily lost, we shouldn't forget how we got to the sorry current state of the web and Mozillas mistakes are a large part of how that happened. Had mozilla not pissed away market share while they rewrote things in rust, broke extensions, built a horrible UI, etc, then they would have had enough weight to do things look push back against DRM.
Obviously having a spyware company like google control the web is a bad thing, but that doesn't make mozilla good, they've been poor stewards for a long time and we should be looking toward others, the pale moon fork to name one example.
The thing is there is disparity between the value they promote - privacy - and Mozilla actions.
If privacy first was truly the Mozilla mission, we won't have Google Analytics on extension internal pages, the Mr Robot Ad, the Yahoo ad deal, and the ability to inject code remotely in your browser. Privacy seems to be a Mozilla concern but it's not a primary one.
Mozilla will gladly protect you from other entities, but they are not user freedom respecting enough to realize that they should also not require you to submit yourself to them. My argument is that allowing users to "opt out" from tracking is insufficient, and I will argue against it whenever possible.. You should be asked and informed before ANY DATA IS SENT to them, not just informed that it is already happening and then asked if you want to keep it on.
You're right - the user should be asked and informed before any data is sent. But the situation is more complex than that.
- For better or worse, most people aren't scared of the Internet, so they don't want a detailed, itemised list of risks and mitigations to allay their fears, they just want to get down to business. How do you ask and inform a user who refuses to answer or read?
- People want to use the web-browser that works best with the sites they visit, and the connectivity they have available. While every person's situation is different, the Pareto principle says an awful lot of people will be in a very similar situation, so any browser vendor willing to accurately measure people's situations and optimize for them would become tremendously more attractive for most people. Refusing to implement telemetry, or leaving it as opt-in, means voluntarily giving up the mass market to less scrupulous browser vendors.
> People want to use the web-browser that works best with the sites they visit, and the connectivity they have available.
Firefox has fought this uphill battle before and they didn't need telemetry to do it. When chrome first came out it had improved the UI and it didn't need telemetry to do it.
Since firefox added telemetry their market share has declined and their UI has got worse, the idea that telemetry improves products needs to die.
Without the Yahoo ad deal, or "the ability to inject code remotely in your browser" i.e. automatic updates, or reliable telemetry from the majority of Firefox users, it would have been impossible to build a good browser.
I wonder is there is the possibility (or if someone came across) of saving (and loading) all the data of a fingerprint state, or to be able to craft one, modify it, or share it. That is, all the metadata (cookies, history, etc.) that supposedly identifies a user-type.
It could be interesting to have a drop-down in the browser to select a "who I want to be today" profile and be able to see the world from that perspective.
which is basically impossible of you're a non-profit or donation based insitution versus a multi-billion dollar company. It's why Evernote is still unreplaced and dropbox has the best filesync. Anyy,way.. I've heard good stuff about matrix so will try to setup this over the weekend.
Are they are biting the hand that feeds them? Interesting relationship with Google - they get revenue from them, but are a competitor with conflicting ideals.
I'd like to see Firefox premium services (like a dropbox clone etc.) to provide independent revenue, so they can be aggressive for privacy.
How does this work? Does it just block domains known to host fingerprinting scripts? If no, how does it hide addons and settings that interfere with the website? And how does it prevent leaking information by itself that can assist fingerprinting?
There are likely some blacklists for known fingerprinting libraries. But, there's nothing that can tell you for sure, because it is also possible to fingerprint entirely server-side using the information your browser voluntarily transmits or contextual information about your connection.
Damned if you disclose your responsible stewardship of user data, damned if you don't.
> Less than one percent of users in Germany installing Firefox from our main download page will receive a version of Firefox with Cliqz recommendations enabled out of the box.
> Cliqz does not build browsing profiles for individual users and discards the user’s IP address once the data is collected.
> One of Mozilla’s core privacy principles is No Surprises: we will use and share data in ways that are transparent and benefit our users. That is why we are telling you about this today. We
> We hope that users will appreciate the improved experience, but if users want to turn it off, they can always disable data collection or remove the Cliqz add-on entirely.
Cliqz has an interesting privacy stance, and a decent privacy policy. I don’t know if they are trustworthy or not, but I think the bad press against them has been unfair.
Excerpt:
To gain your trust we have open-sourced all of our front-end code (and hence everything that sends something from your computer). We know very few people will ever look into the code, but: you or everyone else could every time check that we’re honest. And hence we cannot hide anything.
Excerpt:
History and bookmarks are always processed only locally and never sent to us
With Chrome I do not expect privacy. With FF every time I trust them the fk me over.
So - with Chrome I know what I am getting and I treat it as such. With FF I only wanted a Browser. I never aigned up for their (internal and external) advertising, Pocket stuff and other st like this.
So no - because FF brands itself as a privacy option, I hold them to a different and much higher standard - and the fail every time.
> "PSA: Huber Burda Media, the majority owner of Cliqz, which owns many media and digital brands, owns the computer magazine "Chip", its online platform offers "secure installers" which are used to distribute malware (adware)."
and
> "One interesting thing I've found on the Cliqz about page, is that they call themselves a "small startup". This is a lie since they're a sub division of Burda Media which is one of the biggest media companies in Europe. How can you trust a company if they even lie on their about page?"
> "I skimmed the source code of the Cliqz extension back during the scandal and as far as I could tell it sent back enough information for it to be possible to identify and create profiles for quite many of the users. Now it is perfectly possible that Cliqz were honest and handled the sensitive data carefully (e.g. by throwing away IPs), but we have no way of knowing that."
Even if Cliqz do "throw away IPs" that's not enough for it to no longer be personally identifying. It says nothing about Cliqz throwing away the data. How long before Cliqz realizes they're sitting on a trove of "valuable" data and changes their policy so they do retrospectively build profiles of users, or sell out to Facebook?
That's not responsible stewardship of data, and disclosing it on a blog page nobody read, just saying "it might happen to you, quietly and opt-out" is not responsible disclosure.
The choice is so easy. Mozilla's main problem is manufactured outrage over some risky/mediocre product management, some bugs (never shipped a bug before?). Google's main problem is trying to remake the entire internet in their image, end-to-end, from optic nerve to server silicon. I'll choose the lesser of two evils, please.
I very much doubt that you know all the parties to whom you are constantly being sold by Google. You do realize that Google does not benefit from keeping your info to themselves, right?
>You do realize that Google does not benefit from keeping your info to themselves, right?
Of course they do. That's literally their business model, to use that data to serve more relevant ads. If they gave it to third parties then they would lose their biggest competitive advantage.
>We do not sell your personal information to anyone.
That's a technically true and practically meaningless statement. No lying required.
Google's business model relies on giving advertisers a way to target you based on that data and to track you to other activities down the line. Advertisers might never see the data itself, but all that means is Google is selling the product that lets advertisers do the things they were going to do if they actually did have the data, just without being able to see your specific info.
Whether you consider that equivalent to selling your data is a separate question. You'll find a lot of disagreement here about it.
> Whether you consider that equivalent to selling your data is a separate question. You'll find a lot of disagreement here about it.
I can't remember previously seeing an argument that this is equivalent. Sharing one quality (in this case the ability to target users on Google's platform based on data Google has collected) does not make two things equivalent. Data passing between hands is obviously different than one entity providing an interface for another entity to utilise data without having it themselves, as in the former case you are now trusting both entities to safely store it which increases the chance of public disclosure (or private exposure that results in negative personal effects such as embarrassment and/or blackmail).
Who gives a shit about Pocket? Fucking hell it;s just a bookmarking program. Don't like it? You don't have to use it! It doesn't do anything at all unless you use it.
Wow. Such a good argument. I want a browser. Not something that tries to use my data to "recommend" (read advertise" news content to me (as Pocket does with it's mails). I am not sure who pays what for these recommendations, but when I sign up for a browser, I do not want a content delivery scheme being shoved down my throat.
Esp. from a company that tries to brainwash me with this "we care for your privacy" shit. While still using my data.
If they cared for my privacy, they would provide a browser that does not tell FF/Mozilla anything about me other then that I did download it via their original dl-link.
All else the talk about respecting my privacy, my data and stuff like this is nothing more. Just talk. And I do not like being bullshitted.
And that is the difference to Chrome: I know - because Google tells me - My data is being used. I know what I am in for. This is honesty - even if the end result is that I am the product. At least I am it knowingly.
AdNauseam is an extension that clicks ads at random in the background, thus polluting your user data. It was useful enough to get banned from the Chrome web store.
It’s probably wise not to encourage interstate advertising fraud that the FBI might decide to investigate and arrest you for knowingly participating in.
They arrested people for making money by generating fake clicks on their own site. AdNauseam isn't ad fraud any more than running a web crawler bot is ad fraud.
I’m sure you’ll be fine, eventually - but that’s not guaranteed to stop them initially, or without a digital search of your entire computer, for example.
I am neither a lawyer nor do I work for any criminal justice entity, apologies. You’ll need to discuss this with a lawyer if you’re materially concerned about this line of reasoning coming to pass.
I, personally, think you're full of it, but I'm offering you the opportunity to present evidence for your claim that using AdNauseam is "interstate ad fraud" that leads to arrests of its users. If I were the dev I'd consider those claims potentially libelous.
[1] https://patents.google.com/patent/US9407661