Re: [webappsec] Rechartering: Sub-Origins

On Mon, Nov 10, 2014 at 3:53 PM, Brad Hill <> wrote:
> I guess that is a (likely unintended) consequence of the feature.

I also assume that if it is a consequence, it is unintended.

> Adversarial blocking tools like this are always going to lead to an
> arms race / cat-and-mouse / pick your metaphor for neverending
> game-theoretic churn.  Once there's enough money at stake, the
> decision to take the risk will probably be made, with or without good
> mitigation technologies available. Do we want to sacrifice the ability
> to more easily partition applications in to securable components for a
> position in that battle that will surely be overrun anyway?

I think it is good to recognize the issue, and ask for feedback from
people on the pro-tracking-protection side. I forwarded part of the
thread to the relevant people at Mozilla. It may be the case that
there is a way to avoid the negative unintended consequence without
sacrificing the security benefits. At least, I think that should be a


Received on Tuesday, 11 November 2014 01:26:34 UTC