Thus spake Joe Btfsplk (joebtfsplk@xxxxxxx): > A few months ago, someone raised the question of TBB or any included > addon not blocking web beacons / trackers and perhaps something like > Ghostery should be included in TBB (I think). I asked about beacons > (web bugs) compromising anonymity (not to mention privacy). Can't > find the post, but I believe either Mike or Roger replied that it > shouldn't be an issue because web beacons, like Google Analytics, > can't track from site to site. Hope I've got the essence of the > reply correct. Yes, that is correct. We consider the ability to link user activity across different url bar domains a violation of our design requirements (https://www.torproject.org/projects/torbrowser/design/#privacy), and any ability to do so is a major bug. Unfortunately, there are a couple such bugs we're already currently aware of: https://trac.torproject.org/projects/tor/query?keywords=~tbb-linkability We'll fix them, eventually. Help is always appreciated, though. > There are other independent articles I've read about ability of web > beacons to track across sites. Here from the horse's mouth, * seems > * to be verifying in a matter of fact, ho - hum way, they can & do > track across completely separate domains. Unless I've completely > misread it. > > I don't know what this means to Tor users, but as a Firefox user, I > don't want them - & always suspected they were capable of doing more > than gathering data ONLY on the site where they were 1st loaded. > BTW, have many read the new Google "unified" privacy policy? Yes, you are absolutely right. Normal web browsers do not consider the ability to link your accounts and activity across multiple url domains to be a problem. Actually, most of the major browsers see it as a totally awesome feature.... As a result, we have all sorts of stupid crazy conflict between policy people arguing for bullshit like "Do Not Track"; crazy lawsuits against Facebook and other companies who are simply using the tracking technology provided to them by browser makers; and weird filter addons like Request Policy and Ghostery to try to filter "bad actors" (who can simply reappear under new domains on a moment's notice anyway). Almost no one wants to solve the real technical problem, it seems. Sick sad world. -- Mike Perry
Attachment:
signature.asc
Description: Digital signature
_______________________________________________ tor-talk mailing list tor-talk@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk