God, I hate posting a Reddit comment, but this is huge. Every claim is sourced (I have not verified personally).
Edit: Well, Reddit does what reddit does, it’s been removed. Here is a github link: https://github.com/upper-up/meta-lobbying-and-other-findings
cross-posted from: https://lemmy.bestiver.se/post/985257
Yes, and the OS communicates this to the app stores.
That is incorrect, the OS communicates the data to any “app” running on the system that asks for it. The text of the bill (the CA bill specifically is the one I have read) states that any developer of any app must ask for the age bracket from either the OS or the App Store, so the OS will have to have the API open to any “app” running on the device, not just the “app store”. Also, they define “app store” as any website or software that people can download and install software from, which is VERY broad.
deleted by creator
App stores and anything else that makes a call to that API.
Your browser would have to allow that.
You mean the browsers all based on code from Google and Apple, who also want that info, and will be pressured to use that API to “protect the children” from adult websites?
No, I do not.
That question was rhetorical. Apple and Google account for 95% of the browser market.
I know what you meant, but I guess you’ve never heard of this little thing called a fork. Or Firefox.
You honestly believe that the general public is going to suddenly rush to chromium or Firefox forks?
Didn’t say they would.
Hi, I am here to tell you that it is not particularly trivial to make the kind of changes required to make the websites keep working while also preventing stuff similar to JS fingerprinting.
Some extensions do a decent job in certain cases, but the only ones that completely fix the problem are the ones that simply turn off JS. I checked out what Librewolf’s changes do, using amiunique.org and in some tests it even ends up increasing the uniqueness.
You will essentially require identifying different parts of the JS engine that expose said vulnerabilities and then creating mitigations for each of them, with either the “blend in” or “randomise” strategy and will also require to make sure they are not detected over any domain (due to partial overlap of either change).
This kind of change for a single person will require properly understanding the JS engine codebase and then making and maintaining all required patches over the course of the fork as the main project goes forward. This is pretty much a full time job.
Even if multiple people are working on it, one would still require a good understanding of the codebase.
I suggest recruiting one of the retired/laid-off Firefox engineers, if you have the funds.
…why are we talking about JS and fingerprinting?
And everything else, including via the little Facebook button on various pages.
No.
You’ve convinced me with such a compelling
argumentstatement of fact.It’s not an argument, it’s a statement of fact.