[Mageia-dev] Talk of Browsers

Tux99 tux99-mga at uridium.org
Fri Oct 1 07:43:11 CEST 2010

On Thu, 30 Sep 2010, Pascal Terjan wrote:

> Well the complexity of the protocol is to allow firefox to download
> only needed part of the blacklist, without sending the url to google
> and without downloading a huge list periodically.
> All the information passed by firefox to google is which chunk of the
> list it wants do download, this being determined by the beginning of
> the hash of the url.
> It would indeed be simpler to send the url.

Can you state as a fact that Google has no way to reproduce the url or 
at least the domain name of the site the user is visiting based on the 
information passed on by this Firefox feature to Google?
I don't think this can be said with certainty, thanks to the complexity 
of the protocol.

In any case, regardless what data gets passed on, I think we should 
follow the principle of making sure that apps only interact with remote 
services when the user is aware of it, i.e. INFORMED CONSENT, like I 
mentioned in the previous mail.

Therefore any features that interact automatically with remote services 
without the informed consent of the user should be disabled by default.
(the user is still free to enable them at any time, so we are not 
limiting the user in any way)

The following article makes it very clear why this is always a good 
practice to follow:

More information about the Mageia-dev mailing list