InformAction Forums

NoScripters and WebSec nerds of all lands, unite!
https://forums.informaction.com/

Mozilla is now working with Facebook/Meta to make new adtech API

https://forums.informaction.com/viewtopic.php?t=26532

Page 1 of 1

Mozilla is now working with Facebook/Meta to make new adtech API

Posted: Sat Feb 12, 2022 6:04 pm
by barbaz
https://www.ghacks.net/2022/02/12/mozil ... -tech-ipa/

Image
Wow. The optics of this could kill Firefox dead, no matter what Mozilla's intent is or even if this is actually beneficial.

Is this really as bad as it looks? I tried to read the design document but wasn't able to get my head around it :cry:

If this is a real thing at this point, how to not only disable it, but actually completely remove it from Firefox code at build time?

Re: Mozilla is now working with Facebook/Meta to make new adtech API

Posted: Mon Feb 14, 2022 3:55 pm
by therube
Our bad isn't as bad as their bad, so our bad is better.

(There's probably some "word" for all of that.)


Oh, morons.
Maybe Google, now that they've eaten them alive, have decided to cut off the till, so they're looking for someone else to pay their salaries.

Re: Mozilla is now working with Facebook/Meta to make new adtech API

Posted: Mon Feb 21, 2022 4:17 pm
by barbaz
Just saw this presentation, which was much easier to understand - https://docs.google.com/presentation/d/ ... -P-TY/edit

This entire system seems to rely on trusting adtech servers with users' privacy: IIUC it leaves it entirely up to adtech servers to A) actually apply the data-scrambling measures outlined in the presentation, B) do a good enough job at it that the data really can't be unscrambled, C) not go back on (A) and (B) later, and D) not get hacked (or planted) by malvertisers trying to subvert the system.

Am I reading it right that the only privacy implemented on the user's device(s) is that websites can't enumerate existing match keys?

This has me scared to update to Firefox 98+ and not completely sure I should even be trusting the 97.0.1 I'm using now. Is there any indication of when/if Mozilla is going to implement IPA in Firefox? And if they are what options people building FF from source would have?

Re: Mozilla is now working with Facebook/Meta to make new adtech API

Posted: Sun Sep 18, 2022 8:31 pm
by barbaz
Hadn't heard anything about this in a while, so did some digging and found that the latest spec is moved to https://github.com/patcg-individual-drafts/ipa

I wasn't able to read all of that, but read enough of it to gather that they're aware of the concern I raised in the previous post about malvertising server, and they're trying to design the protocol so that won't be an issue.

And to answer part of my earlier questions: looks like this is not currently implemented in Firefox.
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited