An update on Mozilla’s PPA experiment and how it protects user privacy while testing cutting edge technologies to improve the open web.

  • Vincent@feddit.nlOP
    link
    fedilink
    arrow-up
    3
    ·
    edit-2
    2 months ago

    In particular, these claims never get accompanied by examples of what extra data these companies get. Presumably, because there is none.

    • LWD@lemm.ee
      link
      fedilink
      arrow-up
      2
      arrow-down
      1
      ·
      2 months ago

      You know what they say about people who assume, especially when it’s about a company that had to sneak their changes into the browser in a way that would make even Google executives blush.

      • Vincent@feddit.nlOP
        link
        fedilink
        arrow-up
        1
        ·
        2 months ago

        …except when you assume that data gets leaked despite literally nobody having been able to point to anything that indicates that it’s happening?

        • LWD@lemm.ee
          link
          fedilink
          arrow-up
          1
          ·
          2 months ago

          It is Mozilla’s job to show us what data is shared. Mozilla failed on that front.

          If you want to be the Mozilla evangelist, then show us all on Mozilla’s behalf exactly what data gets sent over, so that we can replicate it.

          • Vincent@feddit.nlOP
            link
            fedilink
            arrow-up
            1
            ·
            2 months ago

            Here:

            When a user interacts with an ad or advertiser, an event is logged in the browser in the form of a value. That value is then split into partial, indecipherable pieces and then encrypted. Each piece is addressed to a different entity — one to Divvi Up at ISRG and one to Mozilla — so that no single entity is ever in possession of both pieces. (…) As an additional protection, the pieces are submitted to Divvi Up and Mozilla using an Oblivious HTTP relay operated by a third organisation (Fastly). This ensures that Divvi Up and Mozilla do not even learn the IP address of the indecipherable piece they receive.