Deanonymizing yourself just to appease cloudflare is not a valid solution. Any website should work in any browser out of the box. If they don't, the website is broken.
"The blind signing procedure ensures that passes that are redeemed in the future are not feasibly linkable to those that are signed. We use a privacy-preserving cryptographic protocol based on ‘Verifiable, Oblivious Pseudorandom Functions’ (VOPRFs) built from elliptic curves to enforce unlinkability. The protocol is exceptionally fast and guarantees privacy for the user. As such, Privacy Pass is safe to use for those with strict anonymity restrictions."
> You have to trust a whole lot of companies to get onto and use the Internet.
Obviously, I wouldn't dream of asserting otherwise. My point is that for the vast majority of the population, a paragraph of technogibberish about cryptography doesn't fundamentally change anything, you're still reliant on trust. To most people, that paragraph is worth about as much as a basic promise. The worth of that statement is derived from whatever trust is had in the corporation and the ability of academics and regulators to stay on the ball and keep corporations in check.
If somebody who isn't a cryptographer has decided not to trust Cloudflare and not to trust the rest of society to keep a company like Cloudflare in check, then that whole explanation isn't worth much. It's boils down to saying "Just trust me" in response to somebody who just said "I don't trust you."
It's worth a bit, but it doesn't assuage all my concerns. Even with trust in the EFF to be both well informed and earnest, I think there is still reason for doubt. I've read it claimed many times that cryptography is easy to fuck up in subtle ways, and that these fuckups can go unnoticed for years. Furthermore, subtle flaws can be deliberately engineered into cryptographic schemes and probably concealed from notice for many years. The more novel a cryptographic scheme seems, the more reason there is to doubt that it's been inspected and verified from all angles. I've never heard of VOPRFs before today, they don't seem to have a wikipedia page and the articles I've found about them with a web search are all very recent.
Furthermore, there is the matter of Cloudflare itself, specifically it's size and scope. Concentrations of data are magnets for intelligence agencies. The more data a company has access to, the less I trust them to keep it safe.
> When it's the default state of things, what use is pointing it out going to bring?
I believe that appeals to math can obscure the role of trust. This is demonstrated by the formation of an industry of scammers exploiting the phenomena. Millions of people don't understand cryptocurrencies but buy in anyway, confidence bolstered by their lionization (but not comprehension) of math.
I think it's an illusion worth drawing attention to.
Sorry, can I get a layman's translation? What prevents websites from using Privacy Pass to track user behavior? (Beyond determining who is and is not a bot.)
Basically, you fill a captcha once, and that gives 30 anonymous one-time-use tokens which are stored on the browser. The cryptography used ensures that there's no way to associate the one-time tokens between each other or back to the original captcha. Redeeming the token proves that you've already filled a captcha, and will bypass the captcha for that session.
Cloudflare is the one putting up the captcha-wall and deciding whether to forward your request to the destination site. Your browser sends Cloudflare a token, then if Cloudflare accepts the token, it forwards your request. The destination site does not see the token and so cannot use it to track you.
Since Cloudflare does see the token, it's reasonable to consider whether Cloudflare could deanonymize you across different sites. Privacy Pass uses cryptography that claims to prevent that.
The Internet is a network with social effects. Whether "this didn't work" means "the website is broken" or "the browser is broken" has always been more about end-user experience and the wisdom of crowds than a more concrete definition.
A website broken only on Firefox works for 96.5% of users. I have personally had to make the hard judgment call (as a fan of Firefox!) to not spend 25% of our engineering debugging time on a problem only 3.5% of users encounter.
It seems as though capitalism has little room for craftsmanship as a virtue. The only value becomes the dollar value, people see no shame in shoddy workmanship so long as it's profitable.
The way I see it, Firefox's reputation for craftsmanship is unearned. The only time it crosses my desk as a site developer is people filing browser-specific bug reports for it. Its engine does not, in general, benchmark as performant as either Chrome's or Safari's on our site. It's certainly not beating them by enough percentage points for me to suggest people switch to it for performance.
Mozilla has had more time to work on this problem space than their competitors, and they don't have the technical advantage to show for it. They may have been the technologically better choice in the Browser Wars era of Internet Explorer, but nowadays? They're falling down on the technical merits, not just the network effects.
It's free and it's widely available. If they were better than the alternatives more people would switch to them but they're not.
But that's the issue. It's not my problem. My problem is maximizing the user experience for most of my users, and that involves squashing usability bugs common to all browsers and adding features that have been requested, not keeping up with the Gecko quirks-du-jour.
(Speaking of "quirks-du-jour", the problem eventually "solved itself." The next major iteration of Firefox fixed a rendering regression and resolved the bug. We "solved" the problem spending zero eng-hours on it; you can't beat that for efficiency. But that's the challenge Mozilla faces as an also-ran: burden's on them to keep up with the competition and make their rendering agent on-par with other agents for both performance and strangeness, because they lack the market clout to make developers bend to their flaws and oddities. No matter who the front runner is, there are always flaws and oddities.)
See it is your problem to offer something to the general public then serve only the defacto monopolist instead of web standards. Because with each small compromise we each contribute to the problem until it reaches a breaking point. All the while those on the margins suffer, some with no real alternative.
For ex in poorer areas where they cannot afford a computer that runs Chrome (which has no LTS/ESR).
Some people simply have no sense of community or civic duty. Everything is all about them, all the time. If they stand to profit from antisocial behavior, they won't hesitate.
the disconnect, as I see it, is the assertion that supporting Firefox is supporting "community" or "civic duty."
Most of the Firefox alternatives are standards-compliant also (specifically, the two big ones definitely are). And I don't see as many rendering regressions with them as I do with Firefox. So who truly benefits if I devote my team's engineering resources to chasing down Mozilla's bugs?
There might be some benefits to an engine multiculture; with so many engines derived from Chromium or Webkit, one could make a technical argument that maintaining Gecko as third choice has merit. I find that argument to be weak. Gecko has been around for longer than the other two and it isn't remarkably better (and seems to fall on its face quite often relative to alternatives). What if it's just a tech stack whose time has come and gone? How many resources are we wasting propping up an old stack that could be used to build, perhaps, a fourth option? Or solve existing problems in the other two? There's this vague hand-wavy assumption that Firefox represents "the open way of doing things" (odd when it's also maintained by a corporation, like the alternatives), but I don't see it as particularly more open than the other options.
I don't think I'm doing a disservice to the community by refraining from using jQuery and I don't think I'm doing a disservice to the community by refraining from going out of our way to support Firefox.
>Deanonymizing yourself just to appease cloudflare is not a valid solution. Any website should work in any browser out of the box. If they don't, the website is broken.
I totally agree with you. I think maybe an upper limit per ip (maybe a bit higher for tor ips) would be need to prevent DoS type attacks.
1. https://privacypass.github.io/
> Deanonymizing yourself just to appease cloudflare is not a valid solution
I'm not claiming it is a valid solution, I'm just sharing a possible workaround.