|
|
|
|
|
|
by matheusmoreira
1845 days ago
|
|
|
> I think this would be seen as an excuse to view Firefox as hostile I think this is fine. We are hostile. Maybe we should just embrace it. We literally don't want sites profiting off of our attention or personal information. We don't want to enter into a comprimise. That would allow them to continue. We want them to stop. We couldn't care less how much money they lose. > And it's trivial to actually detect a browser with a different JS and DOM rendering engine. Right now, yes. I expect this situation to improve though. Curbing fingerprinting for the sake of privacy will necessarily entail normalizing all browsers to the point they can no longer be used as identifying bits of information. That will destroy the ability to detect which browser the user is running. > Progress is often best achieved through measured steps, not extreme changes. That's true but there's nothing wrong with a revolution. We have a huge advantage in the form of control over our computers and what software they run. There is no need to compromise. |
|
|
Once you're seen as hostile, you'll see countermeasures applied that target you. You don't get to act with impunity, and since Firefox is not coming from a place of power (their market share isn't enough to force the issue), Firefox will take a lot of damage. Possibly enough to kill it as a choice for most people.
> expect this situation to improve though. Curbing fingerprinting for the sake of privacy will necessarily entail normalizing all browsers to the point they can no longer be used as identifying bits of information.
It's impossible to do so while not making browsers the exact same. The browser you are running, possible even the version of the browser you are running, will almost always be trivially accessible as long as there are actually different browsers to choose from with actual different implementations.
Think about it, even if the actual API space is identical in usage and result, there will still be differences in how the underlying code run, with differing performance and timing characteristics. We live in an age where it's best practice to do security operations in constant time operations just so things like a password auth can't be used to determine someone's real password by how quickly it fails and many attempts. Without throwing away all performance criteria for everything and relying on other browsers to as well (it does no good to hire yourself as the only one acting this way), you can never rely on the browser you're using being anonymous if you want any JS usage at all, my guess is something similar applies to DOM and CSS as well, even if somewhat harder to capitalize on.
> We have a huge advantage in the form of control over our computers and what software they run.
That advantage is worth nothing in the larger scheme of things. Facebook doesn't care what you do. But they do care about Firefox affecting ~7% of people visiting, and if Facebook and a few other high profile sites both ban Firefox and start up with their own rhetoric and narrative about Firefox, Firefox is dead. Other sites will use that as an excuse to do the same. At a minimum people that want access to these sites will install a separate browser, but most will likely just switch browsers, either initially or eventually.
Then we're left with the best current choice for privacy dead, and everything has been set back years because not only have people switched to less protective browsers, but there's been a clear showing of power and others are going to be less likely to push against that for fear of the same outcome (and let's be honest, Chrome has at best mixed incentives).
> That's true but there's nothing wrong with a revolution.
A revolution you can't win is a disaster for all those except those in power, who now have convenient targets to go after.