- From: Tab Atkins Jr. <jackalmage@gmail.com>
- Date: Mon, 31 Aug 2009 18:14:35 -0500
On Mon, Aug 31, 2009 at 6:08 PM, Aryeh Gregor<Simetrical+w3c at gmail.com> wrote: > On Mon, Aug 31, 2009 at 2:36 PM, Tab Atkins Jr.<jackalmage at gmail.com> wrote: >> Outlawing persistent storage in HTML5 as a privacy mechanism does >> *nothing* for privacy. ?There are numerous methods, Flash LocalStorage >> in particular, that can and will be used to achieve what we developers >> want. ?These methods will be *harder* for the end-user to monitor and >> control, and result in privacy violations being *easier*. >> >> What you see as a reasonable step to protect privacy, we see as an >> admonition that we'd better get used to Flash, because it's here to >> stay. > > I don't think that the ones using Flash LocalStorage to track users > will ever switch to a standards-based solution. ?Anything implemented > by the browser vendors will allow users to easily clear it, which > defeats their goal. ?What HTML 5 needs to do is supplant Flash's > *site-critical* functions. ?If Flash is relegated to only things like > tracking methods, it would be feasible for it to just not be > installed, and users wouldn't care. ?Do site-critical Flash apps > (i.e., ones where the user would say the site is broken if they didn't > work) often rely heavily on localStorage persistence? Sure, the ones using it for tracking that care *that much* will use other solutions anyway. But people who just want some persistent storage as part of their app, because it's useful to their users, will use the browser-native solution if it works. If LocalStorage is explicitly supposed to be as ephemeral of cookies, though, that will push people towards stuff like Flash LocalStorage instead. I think a lot of people weren't that aware of Flash LocalStorage, but more will be now that we're talking about it. ~TJ
Received on Monday, 31 August 2009 16:14:35 UTC