this post was submitted on 21 Jul 2023
2338 points (99.3% liked)
Privacy
32120 readers
353 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Non-goals [...] Enforce or interfere with browser functionality, including plugins and extensions. [...]
But guys they gave their pinky promise it's totally fine
let's just allow them to irreversibly make this change so that there is nothing preventing them from applying this totally Non-Goals in the future what could happen
Also
Challenges and threats to address
[...] Tracking users’ browser history User agents will not provide any browsing information to attesters when requesting a token. We are researching an issuer-attester split that prevents the attester from tracking users at scale, while allowing for a limited number of attestations to be inspected for debugging—with transparency reporting and auditability [...]
Cross-site tracking
While attestation tokens will not include information to identify unique users, the attestation tokens themselves could enable cross-site tracking if they are re-used between sites. For example, two colluding sites could work out that the same user visited their sites if a token contains any unique cryptographic keys and was shared between their sites.
Good to see where your priorities lie in terms of user protection when deciding to launch this into conversation. Dude idk we'll fix it later don't worry bro
Perhaps most tellingly:
If that’s the level of seriousness they treat user privacy with, these engineers deserve to be lambasted.
This is a conscious abrogation of engineering ethics, and as a software engineer myself, it offends me immensely. It makes me and my entire profession look bad.
Edit: leaving less pressing design concerns as a
TODO
is fine. My issue is that user privacy is implicitly being declared as a secondary concern by the simple fact that it’s left as aTODO
. The engineers should not have even considered releasing this, even in draft form, until they had something coherent and meaningful to address user privacy with. It should have been treated as a core design element.That doesn't represent disinterest by the developers. In fact, that's a big red circled F on a report card to them, and including that comment is intentionally bringing attention to a glaring deficiency. It's very likely that they have a plugin implemented in their IDE which surfaces TODO items vividly, and their associated Jira task or epic can't be closed out until all of the remaining work is complete.
I'd be more worried if the code presented a clear danger to privacy and DIDN'T directly address concerns in one form or another. You should be praising this dev for raising awareness to his peers and making sure this gets done, not the opposite.
I’m a software engineer. I know what a
TODO
is.My point is that privacy should have been a core design consideration, not something you factor in and handle later as a secondary concern. Put another way: the initial problem thesis that they wrote a proposal to solve should have included the idea of user privacy as a core element.
It’s a matter of incorrectly prioritized design goals that yield something which has very obvious potential to be actively harmful to users.
Lol. Just like Google used to say "Don't be evil."
Wonder when this text will receive a similar strikethrough.