July 28th, 2020

Replying to a tweet from @slightlylate

You should be a politician.

It’s a “yes” or “no” question.

Are they lying?

51° N , 0° E

Also on Twitter

Reply Retweet Favourite

Responses

Alex Russell

Sir, you accused me of misrepresenting others, of dealing in conspiracy theories, and of claiming that others are lying when in fact all I have done is to accurately note down what they have written in published policy documents. You might sit with that for a moment.

Jeremy Keith

So you’re not accusing them of lying? You claim that they do not wish to expand the web platform. What they have written published in policy documents is that they have privacy concerns. Is what they are saying true? adactio.com/notes/17203

Jeremy Keith

Nowhere in published policy documents do Apple or Mozilla say that they do not wish to expand the web platform. You wrote a blog post stating that Apple and Mozilla do not wish to expand the web platform. adactio.com/notes/17204

Alex Russell

What they have written down is a list of APIs they do not wish to implement, then stated that the reason is privacy without any attendant analysis or, as far as anyone can tell, any proposals to improve or mitigate whatever the analysed flaws may be. Make of it what you will.

Alex Russell

(I will note that many APIs include persistent re-identification risk; e.g., a chance that if you grant something to the same site/party across cache clearing, they can join back up your identity. This is something we’re working to tackle & welcome proposals around.)

Alex Russell

Those risks are identical and symmetric in both new and old APIs. The ways they’ll be solved are (and will be) portable across those surfaces. It’s hard to claim anything more nefarious here than a lack of time to look closely at the problem…which is itself a scandal.

Alex Russell

It’s particularly scandalous given that better staffed and motivated teams are not being allowed to either extend better protections to iOS users nor chart better paths to enhanced (and existing) capability mediation.

Jeremy Keith

I’m trying to make of it what you will, but you won’t tell me. 🙂 They claim one motive (privacy). You claim another (not wishing to expand the web platform). Which one is true and which one is false? adactio.com/notes/17205

Jeremy Keith

I concur that impact is more important than motive. That’s why I was surprised that you ascribed motive in your blog post (a motive that contradicts Apple’s stated motive). adactio.com/notes/17206

Kushal Dave

To take one example, here’s what happens to 1st-party state on iOS. Why aren’t apps forced to dump state if you open them from Twitter to prevent reidentification? A secure web that keeps logging you out will lose to apps unless competition forces tradeoff to evolve faster

Have you published a response to this? :