Re: a bug in default .mozconfig

[Giuseppe Scrivano]

Mike Hommey <address@hidden> writes:

> Actually, the question is more about if the privacy features address
> enough. The fact is the sites *I* know don't use the technique they
> address, but another one (to be specific, using window.status to display
> the final link, and having a link to a redirector on the site). So sites
> are not working around the privacy features but already using techniques
> that are not addressed. I'm pretty sure there are other techniques used.
> Now the problem with such half-working privacy features is that it gives
> a false sense of security to users, and I'm not sure that's a good idea.
Of course it is not possible to cover all techniques in a shoot but
there were sites that used (probably still they do) the technique I
described before, it is a beginning.

> BTW, what is so awful about "spying" clicks ? It's not like your clicks
> are not already spied on within the same site... and you can't do much
> about that, except removing the referers, which might break sites
> relying on it for various reasons.
Yes, they are spied on the same site but it is not possible to spy
clicks to another site without such tricks.

> Note that a privacy feature that I've seen requested a lot is to have
> referers not sent when the domain name is different.
I think it is an interesting idea to solve another privacy problem and
could be implemented too.

> Anyways, on the implementation side, the small patch required in the
> event handling to be able to observe the event should be cleaned-up and
> sent to mozilla.
I think the same, in this way we will not need any low-level hack and
implement our features as an extension.

> Now, for the others iceweasel changes:
>
> On Wed, Aug 15, 2007 at 11:45:49AM +0200, Giuseppe Scrivano <address@hidden> 
> wrote:
>> 2) If on a page is present a link to a zero sized image on another
>>    site then the hosting image site is blocked to store cookies.  This
>>    is for the same reason, to don't allow another site to "spy" user
>>    habits and don't get notified on every request to other sites.
>>    This mechanism was noticed and if I remember correctly, reported on
>>    this ML long time ago.
>
> *I*'ve seen the zero-sized image technique used *nowhere*. I don't doubt
> it exists, I just think it's marginal. So marginal that it makes the
> feature pretty useless. There are so many techniques used and useable to
> do the same thing that it's almost impossible to track. The best thing
> that could be done would be to not send cookies when a page on site X
> wants to get (not even display) anything from site Y, where X and Y
> don't share the same domain name (it might be impractical otherwise)
>
We had the same idea at beginning before think of zero-sized images,
but our doubt was: how many things will break this feature?  
We should not break anything with our changes, this is valid for the
referer feature too, IMHO better don't cover all cases and allow web
sites to work as they normally do.
At least with zero-sized image we can say for sure there is not really
need for it but only track user habits.

Giuseppe