- cross-posted to:
- opensource@lemmy.ml
- privacy@lemmy.ml
- cross-posted to:
- opensource@lemmy.ml
- privacy@lemmy.ml
Before you get really upset about this thread, you should read this other one: https://federate.social/@jik/112779924411100427
I’m not thrilled about this by any means, but what Firefox is doing is not what chrome is doing (which is what the op posted thread is claiming). Conflating them serves no one.
Can we please stop linking mastodon threads? Mozilla literally has an explainer article. https://support.mozilla.org/en-US/kb/privacy-preserving-attribution
People pissed at Firefox might not be as receptive of an article straight from Mozilla. Know your audience.
Would you rather get second hand information or would you rather get the technical specifications from the horse’s mouth?
I’d rather have both, and ideally a third by someone who has actually looked at the code to verify claims.
You completely ignored the point of the person you’re replying to
It’s pretty painful how quickly wrong information spreads. I’m sure it’s not intentional, but that doesn’t really make it better…
Even in this actual thread, under the comment you replied to, someone stills thinks that Mozilla is placing ads.
Interesting thread. But I don’t understand why the data needs to be collected and correlated by a third party, can’t the ads themselves detect views and clicks? (that’s what they need right?)
Or am I missing something about the process?
The advertiser’s don’t place the ads themselves. They say where and when they are placed, but the actual placing/integration is done by the likes of Google, Facebook, and, in this case, Mozilla.
That’s the “third party” that’s doing the tracking.
That’s not accurate. Mozilla isn’t placing the ads. Mozilla is storing impressions and then collating a privacy protecting report so that advertisers see that their ads are working, but not revealing information about the users to the advertisers. https://support.mozilla.org/en-US/kb/privacy-preserving-attribution
I can say confidently that even if you don’t conflate the two; the Mozilla implementation can be broken and abused just as easily as the Google one can be.
But it says “without sending information about you”
And none of the outraged people has actually described how information about you would actually be known to advertisers, so I don’t see why people assume it will be.
Right riiight
That doesn’t sound bad at all!
Yup, it’s basically what I’ve been pushing for and what I hoped Brave would do when they launched. We’re always going to have ads, and browsers are in a position to make those as privacy-friendly as possible. Give advertisers only as much as they need (total views and clicks, and related, aggregated data), not what they want (individual tracking, “engagement” metrics like mouse movements, etc).
I’ll always hate ads, but I might be willing to disable my ad blocker if the ads respect my privacy and the content on the page is good.
I’m gonna start my own browser, with blackjack, and hookers
Is there a way to disable it on mobile? I have not seen anything yet.
It’s not on mobile yet, it’s only on specific websites, and as I understand it, it doesn’t even do anything unless you click an ad.
Which is completely different from Chrome’s system, which sends information about you to websites regardless - and they haven’t even fenced off third-party cookies yet!
I’m wondering the same thing
I’m probably going to be downvoted for saying this, but since the ad supported internet is here to stay, wouldn’t you rather see ads that at least somewhat match your interests, if they use a technique that moves some of the attribution logic that used to run on third-party servers to instead be done in your web browser?
There’s a few models that have worked well online:
- You pay for the content/service directly
- Paid users subsidise the free users (“freemium” services)
- Someone else covers the cost (which is how a lot of Lemmy servers operate for example)
- You don’t pay anything and it’s ad-supported
The last is very common. People expect to get high quality content and services, but don’t want to pay anything for it (or can’t afford it), which is why the ad supported model is so prevalent. It’s not going away any time soon, and advertisers are already tracking you. Wouldn’t you want to use a system that involves less tracking?
I’d rather not have ads at all and just pay $5 a month and have all the websites I visit get a portion of that $5. Some people tried this years ago, but the payment infrastructure wasn’t ready for it. Nostr can do it now though, their users “zapped” (tipped) nearly 1M USD (950k) over the past two months alone to content creators on their platform (twitter clone). And there’s a feature to automatically split a set donation among all the posts you’ve liked. No reason that can’t be done for the entire web. All instant, all with incredibly low fees, all payments made directly from you to the site you visited, no middlemen having to manage custody risk.
Browser extension tracks what sites I visit and then at the end of the month send them all tips. Sites could detect such an extension and automatically not show ads if you have it installed.
I like the idea. I used Flattr for a while maybe 10 years ago, which was a similar concept.
Having said that, for many sites, a portion of $5/month wouldn’t be enough to cover all their expenses, and in some cases they’d make more money via advertising.
Wait, so you want a browser extension that tracks you… so you can avoid Mozilla not tracking you??
I understand wanting the micropayments thing. I want that as well. But you’re literally advocating tracking here.
The difference is that such an extension isn’t reporting my traffic to a “trusted third party”. My browser is doing the tracking locally and sending micropayments to sites I visit.
You said browser extension. And how do you think those payments go through? Mozilla isn’t a payment provider. And even payment providers use downstream companies to actually move the money around. So either you trust Mozilla to choose a trusted third party……orrrr you trust a third party extension to choose another trusted third party, and that one is now handling your payment information.
There’s lots of ways this could be done quickly, easily, and privately. A previous attempt at this (flattr) was promising but before its time. Making Bitcoin micropayments via lightning comes to mind as a way to do this. In the past two months alone, Nostr users (decentralized twitter clone similar to mastodon) have tipped each other around a million dollars for their posts. There have been nearly three million tips in the last two months. Sending funds via lightning takes under a second for pennies or less in fees. No intermediary to report your browsing history to, no need to trust an intermediary to handle payments, no burdensome need for Mozilla to run payment infrastructure, and it all works in every country right out of the box. And there’s plenty of room for this to scale since it’s not limited by blockchain space.
Nostr already has a feature to automatically split up your tips according to which posts you reacted to. You can say “I want to tip $5 a month, split it up among posts I react with a heart to”. This could easily be extended to which websites you visited, all websites would need to do is put their lightning url in the page source, DNS record, etc.
Nostr stats: https://stats.nostr.band/
can’t afford it
Here’s a thicket of weeds: Why would you want to show ads to someone who can’t afford your product?
wouldn’t you rather see ads that at least somewhat match your interests
No, that means they’re tracking me.
if they use a technique that moves some of the attribution logic that used to run on third-party servers to instead be done in your web browser?
The more of my data that stays on my system, the better. I’m not against ads or necessarily relevant ads, I’m against tracking.
Wouldn’t you want to use a system that involves less tracking?
Yes. I’m willing to disable my ad blocker if they don’t track me. If the browser places the ads and the only data that leaves my machine is deanonymized and can’t reasonably be used to identify me, that’s enough.
However, I’d much prefer to just pay whatever the revenue from the ads I see is. Unfortunately, most services are either $5-10/month to remove ads, and there’s no way they make that much from me (it’s probably <$1/month, if not per year). I wish Firefox would do something like GNU Taler where I can load up a fund and websites take a faction of a cent for each page view or something.
Exactly this. I know a very good local tech website (Tweakers.net) which offers antonymous ads but they are still relevant because they’re tech related being on a tech related web site. That’s a way I could support!
It’s not on for me…
I already turned it off without asking Firefox
I can already see how Advertisers AND Websites will collude and break this one.
- Specifically placed ads; targeted at specific website pages which a majority of their target grouping will visit.
- Generate an ad that will specifically reside on a page deep inside of the site; think 4+ clicks deep; which is intensely personalized to their target. 1
- Ad will trigger; register “Impression” and be boxed up into Differential Privacy set by the DAP.
- Since that’s the only ad targeted for that specific page, any impression is an answer of 1 or ‘True’.
- Through microtargeting of these deep pages they can learn a lot about what people do online and could potentially break Differential Privacy.
1 - In this example the URI being targeted could be something like
https://www.example.com/zhuli/do/the/*
in such a way that when you visithttps://example.com/zhuli/do/the/thing/order.php
is always recorded.https://datatracker.ietf.org/doc/html/draft-ietf-ppm-dap#name-security-considerations
In theory this could be defeated easily if a fork of Firefox wanted to send lots of noise or someone decided to emulate many Firefox clients with false information.
What’s the deal with Firefox mobile (Android)? Couldn’t see the setting.
LibreWolf is the answer to your troubles.