I would even consider them harmful because of their misleading nature. They just operate on cookies and don't contain anything besides cookies. This is also why I consider those "privacy containers" broken by design. Cookie management alone is just a fallacy and gives a false feeling of control over privacy. To prevent tracking, you need to have a full control over information you send to the internet, including browser request headers, IP address, behavior patterns of web browser, and so on. They have it, from analytics, fonts, reCaptcha and all other means of their creep. They're just obscuring it to not freak people out too much the way like Facebook does. In my experience, Google seems to have a better track record in terms of respecting cookies (or lack thereof) as the main carrier of online privacy management. Not to mention that JavaScript (if enabled) provides additional and extremely detailed fingerprinting capabilities. Facebook associated my two browsing personas without cookies, most likely using a combination of my browser's request headers and IP address. Few hours later I switched to another browser profile, used exclusively for Facebook, and I got an ad on my timeline from said online shop, for the exact product I was looking for earlier in another browser profile. Simple example: I once visited an online shop from browser profile in which I never logged into Facebook. Removing cookies will not prevent anyone from tracking. >to prevent tracking I mostly use CookieAutoDelete This would also break under complete tab isolation, and I don't think there's any good replacement in this case. The point here is to federate proofs-of-identity by allowing many different (whitelisted) agencies to vouch for your identity, so that the government doesn't need to issue you some centralized proof-of-identity. This actually isn't SSO at all-there are more identity providers than there are services. SAML and its "using your bank as an SSO provider to prove your identity to government services" use-cases. ![]() ![]() ![]() There's also even-more-enterprise SSO, i.e. But enterprises would need to move first, before complete tab isolation could be workable for them.) (Mind you, Google themselves are working to move enterprises away from this model, with their effort avoiding the "Intranet as a bunch of services on separate internal domains" model, in favor of a "Intranet as a bunch of services all living under smart proxies that make them look like one domain and handle IAM for you" model. ![]() Per-tab cookie isolation would break pretty much every bigcorp's Intranet, because they're composed of a bunch of different services that all rely on a centralized IAM provider. So whenever I want to do financial stuff, it just connects over an autossh tunnel to my home, so it will never trigger any any stupid re-authentications when I'm connecting from a cellphone or work. So, now gets its own empty sandbox.Īnd because you're using your filesystem to store a browser profile, you can have specific extensions or settings for each profile. I also couldn't order food from unless I allowed a script on their site to connect to. My script also fixes paths in profile folders so that the roboforms extension will still work, because it is the only password manager that I have found that is able to completely automate my logins, despite the best efforts of UX designers. The thing that really prompted me was peeking at what financial websites were doing, trying to connect to data mining sites like ru4.com and refusing to load if they couldn't connect to and. I wrote something that launches a new instance of the Firefox engine for specific profiles.īut I never got around to polishing it and making it more accessible.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |