REAL-ID Phone Access Coming Soon

Cathal Garvey cathalgarvey at cathalgarvey.me
Tue Mar 3 03:50:07 PST 2015


 > Hold on there. These are two different beasts. DNT is "please don't
 > track me" and of course it won't work.

In fact, it's worse. DNT, if set either way, is another pure bit of 
browser entropy; it actually *assists* certain forms of tracking, 
because it can be expected to remain invariant between visits of a given 
browser/user.

This is just one of the things making me think the "web" needs a total 
re-boot to redesign for security from the boots-up. Servers shouldn't 
require user-agents to know how to treat visitors. Scripting is useful 
for a rich experience but should be more sand-boxable (ideally, scripts 
can be sandboxed to their position in the DOM tree!) and tightly 
permission'd. Canvas and other elements should behave deterministically; 
this should be part of browser test-suites. Browsers should be allowed 
cache fonts but not disclose to the server whether they have a font in 
their cache or not.

DNT was another nail in the coffin. Either a browser can be tracked by 
design, or it can't.

On 03/03/15 10:19, rysiek wrote:
> Dnia wtorek, 24 lutego 2015 21:23:29 grarpamp pisze:
>> After all, adblock isn't going to stop the ads. DNT isn't going to
>> stop the cookies.
>
> Hold on there. These are two different beasts. DNT is "please don't track me"
> and of course it won't work. Adblock is "I am not letting this through, deal
> with it" and has much more merit and chances of actually stopping stuff from
> getting to you.

-- 
Scientific Director, IndieBio Irish Programme
  Got a biology-inspired business idea that $50,000 -
  & 3 months in a well equipped lab could accelerate?
  Apply for the Summer programme in Ireland:
  http://indie.bio/apply-to-ireland
Twitter:  @onetruecathal
Phone: +353876363185
miniLock: JjmYYngs7akLZUjkvFkuYdsZ3PyPHSZRBKNm6qTYKZfAM
peerio.com: cathalgarvey



More information about the cypherpunks mailing list