Security quotes of the week
Just putting "privacy" in the name of a feature doesn't make it less creepy. Considering today's branding trends it might even go the other way. "Your privacy is important to us" is the new "your call is important to us." If you dig into the literature behind PPA [Privacy-preserving attribution], you will find some mathematical claims about how it prevents tracking of individuals. This is interesting math if you like that kind of thing. But in practice the real-world privacy risks are generally based on group discrimination, so it's not really accurate to call a system "privacy-preserving" just because it limits individual tracking. Even if the math is neato.— Don Marti
Posted Jul 18, 2024 21:04 UTC (Thu)
by flussence (guest, #85566)
[Link]
A *really* long time: it's well established internet culture that characters who go out of their way to announce how much of a PGP user they are at every opportunity tend to be completely insufferable. Most privacy wonks and their pet projects come across like this to normal people, which is partly why everyone on earth uses the same three exploitative websites nowadays. This all sounds unrelated, but it isn't.
The venture-capitalist/online-advertising corporation in question here is doing a whole lot of telling, to try and divert attention away from everything it's been showing, and failing miserably at it. They found a temple, drove the original occupants out, and are now smashing a wrecking ball through it, trying in increasing desperation to unearth the solid gold bricks and buried treasure they are absolutely convinced of the existence of — it is beyond their imagination that someone could build anything public, let alone of this size, without a motive of pure greed. They want the money. They are going to extract the money at any cost.
They *know* they can do this and get away with it, until nothing but dust remains, because realistically who are those tens of millions of users going to turn to once the brand's been strip mined to death - like AOL did to Netscape, and later had done to itself? A bunch of maladjusted shower-dodgers with inscrutable machine code alongside their names? The other browser, the one the family member who set up their computer told them never to use? Servo's not going to be a viable replacement in time. I don't know where we go from here, but it's a dark place.
Posted Jul 22, 2024 11:35 UTC (Mon)
by CChittleborough (subscriber, #60775)
[Link]
People are actively writing standards (and lots of Rust code!)
for a large-scale Differential Privacy facility. There are two IETF Drafts in progress, both quite complicated:
For whatever it's worth, 4 authors of the VDAF spec are from Google and Cisco as well as ISRG and Cloudflare.
So this is not just Mozilla and Meta: a bunch of smart people are putting a big effort into supporting user privacy, including partial randomization of the data that advertisers would get.
My conclusions
(1) Some heavyweight players in Web technologies are investing significant resources
in a new approach to web advertising.
(2) This approach is intended to compete with Google's
"Privacy Sandbox" efforts.
(3) Glibly dismissing this effort does nobody any good.
(4) This is, as a famous guy once said, a Big Fucking Deal.
Not "might", undeniably
I too dug into this topic. I did not find the connection to Meta, but I did find some major Web players that I do not regard as evil working on the underlying technologies: the Internet Security Research Group (see
DivviUp.org) and Cloudflare.
I dug deeper in another direction