And since you won’t be able to modify web pages, it will also mean the end of customization, either for looks (ie. DarkReader, Stylus), conveniance (ie. Tampermonkey) or accessibility.

The community feedback is… interesting to say the least.

  • BudgieMania@kbin.social
    50·
    1 year ago

    Non-goals [...] Enforce or interfere with browser functionality, including plugins and extensions. [...]

    But guys they gave their pinky promise it’s totally fine

    let’s just allow them to irreversibly make this change so that there is nothing preventing them from applying this totally Non-Goals in the future what could happen

    • BudgieMania@kbin.social
      32·
      1 year ago

      Also

      Challenges and threats to address
      [...] Tracking users’ browser history User agents will not provide any browsing information to attesters when requesting a token. We are researching an issuer-attester split that prevents the attester from tracking users at scale, while allowing for a limited number of attestations to be inspected for debugging—with transparency reporting and auditability [...]

      Cross-site tracking
      While attestation tokens will not include information to identify unique users, the attestation tokens themselves could enable cross-site tracking if they are re-used between sites. For example, two colluding sites could work out that the same user visited their sites if a token contains any unique cryptographic keys and was shared between their sites.

      Good to see where your priorities lie in terms of user protection when deciding to launch this into conversation. Dude idk we’ll fix it later don’t worry bro

      • gravitas_deficiency@sh.itjust.worksEnglish
        18·
        1 year ago

        Perhaps most tellingly:

        <i>Todo</i>

## Privacy considerations ## {#privacy}

<i>Todo</i>

        If that’s the level of seriousness they treat user privacy with, these engineers deserve to be lambasted.

        This is a conscious abrogation of engineering ethics, and as a software engineer myself, it offends me immensely. It makes me and my entire profession look bad.

        Edit: leaving less pressing design concerns as a TODO is fine. My issue is that user privacy is implicitly being declared as a secondary concern by the simple fact that it’s left as a TODO. The engineers should not have even considered releasing this, even in draft form, until they had something coherent and meaningful to address user privacy with. It should have been treated as a core design element.

        • sLLiK@lemmy.mlEnglish
          1·
          1 year ago

          That doesn’t represent disinterest by the developers. In fact, that’s a big red circled F on a report card to them, and including that comment is intentionally bringing attention to a glaring deficiency. It’s very likely that they have a plugin implemented in their IDE which surfaces TODO items vividly, and their associated Jira task or epic can’t be closed out until all of the remaining work is complete.

          I’d be more worried if the code presented a clear danger to privacy and DIDN’T directly address concerns in one form or another. You should be praising this dev for raising awareness to his peers and making sure this gets done, not the opposite.

          • gravitas_deficiency@sh.itjust.worksEnglish
            3·
            1 year ago

            I’m a software engineer. I know what a TODO is.

            My point is that privacy should have been a core design consideration, not something you factor in and handle later as a secondary concern. Put another way: the initial problem thesis that they wrote a proposal to solve should have included the idea of user privacy as a core element.

            It’s a matter of incorrectly prioritized design goals that yield something which has very obvious potential to be actively harmful to users.