- From: "Mike O'Neill" <
>
- To: "'Brian Behlendorf'" <
>
- Cc: "'ProjectVRM list'" <
>
- Subject: RE: [projectvrm] adblock sells out
- Date: Tue, 6 Oct 2015 19:55:25 +0100
I am saying PETs like PB are important, and definitely worth supporting but
they are not the end of the story. We need a multi-faceted approach.
-----Original Message-----
From: Brian Behlendorf
[mailto:
]
Sent: 06 October 2015 19:21
To: Mike O'Neill
<
>
Cc: 'ProjectVRM list'
<
>
Subject: RE: [projectvrm] adblock sells out
On Tue, 6 Oct 2015, Mike O'Neill wrote:
>
Per-origin UIDs can easily be correlated, by using the IP address as you
>
say. The IP address (further qualified by other headers such as the UA
>
string) only has to remain constant for a few hours while the subject is
>
linked using the set of collected UIDs. A database of UIDs is assembled
(all
>
of which are globally unique with a multi-year expiry). It is trivial to
>
correlate them, with a low probability of fuzziness from NAT IP sharing,
and
>
must happen on a massive scale.
>
>
Also, there are other ways to stop this kind of tracking, without the
>
wholesale deletion of cookies.
Defeating cookies is the first front in a long path towards a less
trackable web, this is true. At the end of the day we get to onion
routing and distributed CDNs and things like IPFS. I do think browser
makers should consider reducing the entropy in their user-agent strings.
But it sounds like you're arguing that Privacy Badger is pointless because
we don't yet have a perfectly untrackable web, and that's the perfect
being the enemy of the good (and the better-than-alternatives).
Brian
>
>
>
>
-----Original Message-----
>
From: Brian Behlendorf
>
[mailto:
]
>
Sent: 06 October 2015 17:23
>
To: Mike O'Neill
>
<
>
>
Cc: 'ProjectVRM list'
>
<
>
>
Subject: RE: [projectvrm] adblock sells out
>
>
On Tue, 6 Oct 2015, Mike O'Neill wrote:
>
> This means that people maybe unaware when tracking behaviour is
>
> undetected. Already Privacy Badger by design does not detect tracking
>
> that uses first-party cookies, and these are just as capable in
>
> communicating people's web activities to third-parties.
>
>
But those first-party cookies can't be correlated across sites, which is
>
the day trade of the third-party trackers and where the leaks come from.
>
That is, NYTimes might share its first-party-cookie-based clickstream logs
>
with a third party, but that third party could not correlate that person
>
at another location (aside from IP address), and could not be used to
>
tailor ads on a third-party site to a "NYTimes reader". That makes the
>
third party data mavens much less valuable.
>
>
You won't be able to ban first-party tracking unless you turned off
>
cookies (and thus authenticated sessions) entirely and prevented sites
>
from keeping their own access logs. Good luck with that.
>
>
Brian
>
- RE: [projectvrm] adblock sells out, (continued)
- RE: [projectvrm] adblock sells out, Mike O'Neill, 10/06/2015
- Re: [projectvrm] adblock sells out, Don Marti, 10/06/2015
- RE: [projectvrm] adblock sells out, Mike O'Neill, 10/06/2015
- Re: [projectvrm] adblock sells out, 'Don Marti', 10/06/2015
- Re: [projectvrm] adblock sells out, Doc Searls, 10/06/2015
- Re: [projectvrm] adblock sells out, Kevin Cox, 10/06/2015
- Re: [projectvrm] adblock sells out, Doc Searls, 10/06/2015
- RE: [projectvrm] adblock sells out, Brian Behlendorf, 10/06/2015
- RE: [projectvrm] adblock sells out, Mike O'Neill, 10/06/2015
- RE: [projectvrm] adblock sells out, Brian Behlendorf, 10/06/2015
- RE: [projectvrm] adblock sells out, Mike O'Neill, 10/06/2015
Re: [projectvrm] adblock sells out, StJ, 10/04/2015
Archive powered by MHonArc 2.6.19.