Mozilla has a petition asking Facebook to stop tracking people's browsing off the site unless they opt in to it. Frankly I think the solution is to remove the ability to track people across sites from the web entirely, but I signed the petition anyway. Facebook has taken a huge hit to their reputation, so now is a good time to be putting pressure on them to change their ways.
@mindnmotion Eh I don't know about that; they already get a huge amount of data from their users voluntarily and have expressed concern internally about the "creep factor" even if they are often naive about what people will find creepy.
@mindnmotion And even if they don't do it, having an organization like Mozilla and a bunch of signatories ask them to do it is still great propaganda. It will encourage more people to #DeleteFacebook and might get us some much needed privacy regulation here in the US.
@seanl I failed to consider the press value of Mozilla's actions.
@seanl @mindnmotion
our privacy has long been a delusion and a chimera. the fact that personal life and status are known in all instances.
@mindnmotion @seanl
I have not been in the herd-sharing principle for quite some time, but now I've been aware of the size of the tracking. from the cameras in town to facebook. your life is known to other people without even having any alternative or choice. you just say that ... and you if you need it, and even if you do not have one like that.
@seanl @maiki If you killed javascript. Sanitized browser headers. Made browsers reject all content served from different domain address than the html your looking at, and somehow rewired DNS so that domain names had to resolve to a single IP address; you could squash a lot of it.
Though I suspect bad actors would still collude server side to track their users.
@seanl @satchmoz I wanna put this out there: we need more browsers. A lot more. I've heard the arguments against, including those frightening numbers about how many human hours went into the existing web engines, but who cares? The web is about creating documents that can be viewed in different ways. Anything else is reducing the actual benefit of HTML, and that means we need new, weird, beautiful and *many* web browsers.
Because then stat-mongers will have to adjust to new agent strings...
@Shamar @maiki @satchmoz We only have a few browsers because the web is so complex, and the web is so complex because people all gravitated toward a really small number of browsers. In fact there's an evolutionary bottleneck a decade long that goes through Internet Explorer. I blame Apple for sucking so bad for so long that they gave Microsoft a virtual monopoly over computing. Well, and Microsoft's anti-competitive practices but they didn't need to try that hard because their competitors sucked
@Shamar @maiki @satchmoz I think WASM is going to really shake things up, but I have no idea how yet. My main prediction is that it's going to impact a lot more than web browsers. In particular it could become the main application distribution mechanism and push everything toward being like ChromeOS (which will dump NativeClient in favor of WASM).
You might be right, but this is not a good things.
That's just complexity over complexity over complexity, just to enable more complexity over complexity over complexity... ad libitum.
That's not just stupid.
That's evil.
Probably even worse than blockchain based cryptocurrencies.
@seanl @satchmoz I've considered why I feel okay using the web, but others have trouble. And I think it is because I am so traumatized, so banged up from my childhood, I approached the web like everything else: don't trust anyone, until they gain your trust, and then expect them to mess up and measure risk.
I was this way in the 90s and my friends told me I read too much 2600. While that was probably true, it also means I've been practicing since then.
@satchmoz @seanl I don't think we can fork the web. I just think we can create better browsers.
If you want to despair, look at how fast everyone jumped on Accelerated Mobile Pages. We don't want to fork the web, we want to keep folks that live in Google or Facebook to not damage the rest of us. Users are complicit in enabling those companies to take more resources than it produces.
@maiki @seanl Monocultures aren't healthy biodiversity is where it is at, both in the biological world and in the technological world.
In both cases the vast majority of the hosts can be dangerously impacted by just a few bugs/diseases because their shared ancestry makes them all vulnerable to the same sorts of things.
@maiki @seanl Do we seriously think Mozilla would have caved to DRM in the web standard if there were more diversity of voices from a large community of browser vendors?
Do we think webkit or blink bugs would be so dangerous on mobile if the mobile browsing market were more diverse and they had less shares of the pie?
@seanl Technically, how could this capability be removed?
@woozle So far it's been primarily through tools like Privacy Badger and Multi-Account Containers. Privacy Badger at least should come with the browser and be on by default. It's essentially what Apple's now building in to Safari (the Privacy Badger functionality at least).
Tracking needs to be opt-in. Europe's "We use cookies, opt in or fuck off" is utterly worthless. We need laws against non-opt-in tracking, not laws forcing web sites to tell people meaningless things.
@seanl So, basically kluges -- not really a rigorous limitation?
@woozle In terms of the technical capabilities that exist right now, yes, it's basically kludges. Unless you're going to start turning off first-party cookies by default. Browsers could gradually force publishers toward a web where using cookies or other client-side state for things that break functionality for non-logged-in people drives enough people away that they decide it's not worth it. That doesn't stop IP tracking, but NAT and IPv6 privacy extensions make that at best a heuristic.
@woozle It would help a LOT if the #1 browser weren't developed by a company whose entire business is violating people's privacy. Chrome needs to be liberated from Google or destroyed.
@woozle If you mean in terms changes to web standards, I guess it would have to involve dramatic reduction in the functionality of third party content requests. Maybe make all third party content "click to load". Doesn't stop tracking from the backend, but it makes it more expensive. And you don't have to make it that much more expensive before it's just not worth it anymore.
> We need laws against non-opt-in tracking
This gets tricky, and could easily penalize operators of small sites. E.g. it's almost impossible to have a login system without cookies, but how do you legally distinguish between cookies and tracking? If it's "using cookies from another site via iframes", then how do you distinguish between that and 3rd-party auth frames?
Large operators have legal teams to keep things clear...
@woozle Ah I should have said cross-site tracking, and the laws should explicitly allow collecting and storing such information for login and abuse prevention. For on-site tracking, laws could just limit what the information can be used for and how long it can be retained.
@seanl let's say it is successful, nobody stops them from re-introducing it (or something similar) at any point.
@seanl It's laudable but an effort in vain. Asking Facebook to stop tracking users is like asking Tiffany's to stop selling diamonds.