- From: Brian Smith <brian@briansmith.org>
- Date: Mon, 10 Nov 2014 17:26:08 -0800
- To: Brad Hill <hillbrad@gmail.com>
- Cc: "public-webappsec@w3.org" <public-webappsec@w3.org>
On Mon, Nov 10, 2014 at 3:53 PM, Brad Hill <hillbrad@gmail.com> wrote: > I guess that is a (likely unintended) consequence of the feature. I also assume that if it is a consequence, it is unintended. > Adversarial blocking tools like this are always going to lead to an > arms race / cat-and-mouse / pick your metaphor for neverending > game-theoretic churn. Once there's enough money at stake, the > decision to take the risk will probably be made, with or without good > mitigation technologies available. Do we want to sacrifice the ability > to more easily partition applications in to securable components for a > position in that battle that will surely be overrun anyway? I think it is good to recognize the issue, and ask for feedback from people on the pro-tracking-protection side. I forwarded part of the thread to the relevant people at Mozilla. It may be the case that there is a way to avoid the negative unintended consequence without sacrificing the security benefits. At least, I think that should be a goal. Cheers, Brian
Received on Tuesday, 11 November 2014 01:26:34 UTC