|
|
|
|
|
|
by arp242
1992 days ago
|
|
|
Anyone can do all sorts of things. I can punch anyone I see on the street in the face. Doesn't mean they're actually doing it. Now, I have a vested interest in this as I work on one of those tracking tools, but it actually collects less data than those Apache access_logs that people have been keeping for 25 years. Plus, the JS is unminified and easily examinable if you want (as is the HTTP request), so you also have more insight in what is being collected exactly. "It's using JavaScript" and "it can do [..]" are massive red herrings; browsers are actually fairly sandboxed and there are millions upon millions of lines of code on your computer that can do much more than JavaScript inside a webpage. |
|
|
Yes, and then you would be charged with assault. It is great that you work on a tool that respects peoples privacy. I suppose I failed to put an emphasis on trust. With server side logs, less trust is required because there is less that can be done. Paired with VPN, I can have reasonable belief that server side logging is not logging anything unreasonable and it does not require trust that they are not fingerprinting me. As you say, just because someone can do something doesn't mean they will - but trust is required, especially if there are no repercussions if that trust is violated.