Pinned toot

I forgot this convention when I first setup my instances (though I'm also not sure of the reach on a single user instance).

I develop privacy features for Cliqz and Ghostery browser extensions and Apps, and helped to build the transparency tool.

I'm also interested in the p2p web, specifically DAT, where I'm pushing for dat:// protocol support in Firefox via the dat-fox and dat-webext browser extensions!

I've removed google tracking from my website.

Firefox 69.0 :firefox: available:

– Enhanced Tracking Protection will be turned on by default; default standard setting for this feature now blocks third-party tracking cookies and cryptominers
– support for the Web Authentication HmacSecret extension via Windows Hello
– various security fixes

#firefox #mozilla #firefox69 #tracking #etp #webauthn #infosec #security #cybersecurity

Fixed the sandboxing issues that dat-webext had on Mac and Linux. Now it works everywhere :). Looking forward to pushing dat support out to a larger audience soon!

Just tested to see if I can put a dat:// URL into my Firefox RSS Feed reader extension. It works!

"You’ve to enable third-party cookies in your browser for Scroll to do its thing." from @da

Interestingly, Scroll contacted us at Ghostery during their beta phase as our cookie blocking was preventing the subscription detection. I suggested a few ways they could implement the service without having to track all non-scroll users too, including a per-site login button, but unfortunately they didn't take up the offer...

First, [Google]’s continuing to argue that third-party cookies are actually fine, and companies like Apple and Mozilla who would restrict trackers’ access to user data will end up harming user privacy. This argument is absurd. But unfortunately, as long as Chrome remains the most popular browser in the world, Google will be able to single-handedly dictate whether cookies remain a viable option for tracking most users.

The less time I have to follow hourly updates of things, the more I appreciate newsletters and RSS.

My colleague chrmod's fixes to tab and webNavigation extension APIs for GeckoView now landed in nightly! That means a load more extension use-cases will now be possible in GeckoView :)

A very nice writeup and retrospective from Feross about his open source project maintainer funding experiment. (The one with ads the in cli that caused a big stink.) For anyone involved in building, maintaining, or using open source projects it's worth a read.

I reimplemented the libdweb TCPSocket API moving the actual networking to the parent process.
This should fix the issues with Linux and Mac process sandboxes blocking socket creation. Now to do UDPSocket too!

WIP branch:
Sandbox issue:

Seems some of the issues dat-webext has with connecting to peers may be due to a lack of UTP. It is apparently the source of hole-punching magic in discovery-swarm and the new hyperswarm:

Oh god...

All Chrome extensions can execute remote code in their own context:

Included in the bug report is a proof-of-concept web extension by gorhill, author of uBlock Origin.

I added apk download links to the Cliqz Concept Browser readme. Get yourself an android browser that can load dat:// URLs.

Chrome are planning to neuter the WebRequest API in their upcoming Manifest V3 changes. They claim this is for privacy and security reasons.

I had a look at the privacy case for these changes, and found that the changes actually do nothing for user privacy, and by breaking several privacy extensions, they will actually worsen the situation:

Google is doing their best to get even more people to ditch Chrome and switch to better and faster browsers such as Firefox and Brave

ahhh #dtn was so good. very much my people <3

i held a 15 minute talk on cabal that i think was recorded, and should be up some time the next month or so

Show more
Mastodon is one server in the network