That's the whole point. That treadmill is purely for selfish personal satisfaction. This thread was about the ability to quit jobs over ethics. Those people absolutely can get off it and cut their expenditures, without their life being ruined for several years for any reasonable definition of "ruined".
A lot of people voted for someone who was known to be an evil crook. It was very clear that he got into politics for praising his own ego. They voted against 'the good' in the hope for their own benefit and against that of the world. If they did not 'expect' the current state of affairs then they just refused to listen to their own heart.
When I go to https://noscriptfingerprint.com/ all I see is a blank page. My browser is pretty locked down in other ways which probably helps, but I'm still taking that as a good sign.
Should not, true, but in the case of many websites the reality is that allowing JS means you lost your privacy. Just like one cannot allow webgl and canvas by default any longer.
Thanks to all the web devs who helped creating this web dystopia.
Yes, my point is that this does not mean it is an "opt in checkbox". I appreciate that it allows people to be nasty, it just isn't a "please be nasty" toggle.
The person I have responded wrote the "should have" construction without giving any proofs why is it so. Maybe in the world of pink ponies everyone should have a free bread on the breakfast, but some things might be unintuitive in the our one.
You can't go out in public naked and just ask everyone to look away. If you want someone you don't trust to run unvetted general purpose code on your machine you have to accept that you are trading away some privacy. You can sandbox them (wear cloths) but that doesn't give you strict privacy.
I do wear clothes (all JS code runs in a sandbox).
This is a bit like saying "you should lock the door to your house" and therefore refusing to prosecute someone who steals from a house with a broken window frame. I did lock my door, and it's still a crime regardless!
I did not mean to excuse Firefox leaking this identifier or suggest we shouldn't strive to be as secure as possible. I just took issue with the blanket statement "should not have to choose". As well as making the Browser as secure as possible we also have to chose to limit functionality.
100% we should ensure that Browser's restrict fingerprinting as much as posible. I certainly set my Firefox to have many inconviniencies to reduce the fingerprint. I am just saying this is an engineering compromise and the tradeoff will be different for different people. Wishing we can have our cake and eat it dosn't help; you do have to choose between privacy and functionality.
I mean just distributing the regular compiled x86_64 binary and then running it as a normal executable on the client side but just using that syscall shim so it is safe.
If you think about the fundamentals involved here, what you actually need is for the OS to refuse to implement any syscalls, and not share an address space.
A process is already a hermetically sealed sandbox. Running untrusted code in a process is safe. But then the kernel comes along and pokes holes in your sandbox without your permission.
On Linux you should be able to turn off the holes by using seccomp.
seccomp is a very coarse filter and a very limited action set. think what you could do if you could see the payload of the syscall or change the output of a read syscall depending on agent identity.
reply