I forgot this convention when I first setup my instances (though I'm also not sure of the reach on a single user instance).
I develop privacy features for Cliqz and Ghostery browser extensions and Apps, and helped to build the whotracks.me transparency tool.
I'm also interested in the p2p web, specifically DAT, where I'm pushing for dat:// protocol support in Firefox via the dat-fox and dat-webext browser extensions!
Typescript annotations for hypercore and hyperdrive: https://github.com/sammacbeth/types
New post: Running webextensions on Android with Geckoview
Firefox 69.0 available:
– Enhanced Tracking Protection will be turned on by default; default standard setting for this feature now blocks third-party tracking cookies and cryptominers
– support for the Web Authentication HmacSecret extension via Windows Hello
– various security fixes
"You’ve to enable third-party cookies in your browser for Scroll to do its thing." https://www.ctrl.blog/entry/scroll.com-first-impressions.html from @da
Interestingly, Scroll contacted us at Ghostery during their beta phase as our cookie blocking was preventing the subscription detection. I suggested a few ways they could implement the service without having to track all non-scroll users too, including a per-site login button, but unfortunately they didn't take up the offer...
First, [Google]’s continuing to argue that third-party cookies are actually fine, and companies like Apple and Mozilla who would restrict trackers’ access to user data will end up harming user privacy. This argument is absurd. But unfortunately, as long as Chrome remains the most popular browser in the world, Google will be able to single-handedly dictate whether cookies remain a viable option for tracking most users.
A very nice writeup and retrospective from Feross about his open source project maintainer funding experiment. (The one with ads the in cli that caused a big stink.) For anyone involved in building, maintaining, or using open source projects it's worth a read.
I reimplemented the libdweb TCPSocket API moving the actual networking to the parent process.
This should fix the issues with Linux and Mac process sandboxes blocking socket creation. Now to do UDPSocket too!
WIP branch: https://github.com/sammacbeth/libdweb/tree/tcp-parent
Sandbox issue: https://github.com/cliqz-oss/dat-webext/issues/11
Seems some of the issues dat-webext has with connecting to peers may be due to a lack of UTP. It is apparently the source of hole-punching magic in discovery-swarm and the new hyperswarm: https://github.com/hyperswarm/network/issues/16#issuecomment-522869321
All Chrome extensions can execute remote code in their own context:
Included in the bug report is a proof-of-concept web extension by gorhill, author of uBlock Origin.
I added apk download links to the Cliqz Concept Browser readme. Get yourself an android browser that can load dat:// URLs.
Chrome are planning to neuter the WebRequest API in their upcoming Manifest V3 changes. They claim this is for privacy and security reasons.
I had a look at the privacy case for these changes, and found that the changes actually do nothing for user privacy, and by breaking several privacy extensions, they will actually worsen the situation:
New post on how to automate Dat publishing with CI/CD systems: https://sammacbeth.eu/blog/2019/05/26/automated-dat-publishing.html
Google is doing their best to get even more people to ditch Chrome and switch to better and faster browsers such as Firefox and Brave https://9to5google.com/2019/05/29/chrome-ad-blocking-enterprise-manifest-v3/
ahhh #dtn was so good. very much my people <3
i held a 15 minute talk on cabal that i think was recorded, and should be up some time the next month or so