• 15 Posts
  • 2.2K Comments
Joined 1 year ago
cake
Cake day: November 8th, 2023

help-circle




  • After reading the article and the spec, it looks like GPC is another header (like DNT) and a JavaScript variable the client would set. I don’t see why this couldn’t be used for tracking too.

    For HTTP:

    A user agent MUST generate a Sec-GPC header… if… gpcAtNavigation is true.

    For JavaScript:

    The globalPrivacyControl property is available on the navigator object

    GPC also looks like a watered down version of DNT. DNT was “do not track,” and GPC is "do not sell:

    GPC is also not intended to limit a first party’s use of personal information within the first-party context (such as a publisher targeting ads to a user on its website based on that user’s previous activity on that same site).

    Emphasis mine


  • I think the article made a typo that claims GPC is the same as DNT.

    When you enable the feature, the GPC sends a signal… This signal is sent via a special HTTP header called DNT: 1 (Do Not Track)

    But the GPC spec does say it sends a new signal: Another header (like DNT) and a JavaScript variable the client would set. I don’t see why this couldn’t be used for tracking too.

    A user agent MUST generate a Sec-GPC header

    So if it generates a header, it can still be used for fingerprinting, but this header is actually less restrictive for what the receiver must do.

    DNT was “do not track,” and GPC is "do not sell:

    GPC is also not intended to limit a first party’s use of personal information within the first-party context (such as a publisher targeting ads to a user on its website based on that user’s previous activity on that same site).






  • LWD@lemm.eetoFirefox@lemmy.mlRediretor Help
    link
    fedilink
    arrow-up
    2
    arrow-down
    1
    ·
    4 days ago

    I see the problem: [anything] after the website domain is redirected to profile/[anything]. Imagine running that redirect repeatedly. It will keep on adding “profile” to the beginning. To stop it, you have to make sure the URL after the domain doesn’t start with “profile”, otherwise you’re in danger of a loop.




  • LWD@lemm.eetoThe Signal messenger and protocol.@lemmy.mlMobilecoin
    link
    fedilink
    English
    arrow-up
    2
    arrow-down
    1
    ·
    5 days ago

    imagine if talking to the people around you required you calling a central phone depot first before being connected to the person next to you

    Meanwhile, our Lemmy conversation is just like that, except instead of one central telephone provider, there are at least two (yours and mine). The risk surface has doubled!






  • LWD@lemm.eetoThe Signal messenger and protocol.@lemmy.mlMobilecoin
    link
    fedilink
    English
    arrow-up
    2
    arrow-down
    1
    ·
    edit-2
    5 days ago

    The real question is to shortwavesurfer: Is it actually a Monero fork, or are they just saying the word “Monero” because it’s always on their mind?

    Because I’ve seen zero evidence of the former (after wasting my time looking), but plenty of the latter. Thus, not worth taking seriously.