Comments (4)
We're initially focusing on third parties as we see that as having the most impact. If first-parties start engaging in this kind of behavior, there are other web privacy efforts such as requiring the use of Fenced Frames and Navigation Tracking Mitigations that should help mitigate the ability for first parties to freely share information with embedded parties. We will continue to monitor the ecosystem to determine whether these kinds of mitigations will be suitable to avoid this kind of problem and will continue to evolve our approach to prevent scaled abuse.
from ip-protection.
@dvorak42 Thank you for your answer!
I'm guessing that IP Protection, like DIPS (the bounce tracking blocking system in Chromium), will use an eTLD+1 scope to determine if a traffic destination is or is not considered tracking?
If so, will these systems eventually also (or might already) have CNAME cloaking detection in place to prevent tracking traffic from being considered as "first party"?
Thanks a lot in advance for your clarifications!
from ip-protection.
The exact scope will be dependent on the shape of the tracker list we end up using, but something like DIPS/eTLD+1 is probably a good starting point for what we'd likely want to do.
Regarding CNAME cloaking, we are investigating potential defenses such as the HTTP Proxy-Status Parameter for Next-Hop Alias proposal.
from ip-protection.
@dvorak42 Thank you for the clarifications! I'm closing this issue for now.
from ip-protection.
Related Issues (20)
- Is Privacy Proxy source code open source? HOT 4
- Is the goal to only stop user cross-site identification?
- How will whitelists be handled?
- We need 100% clarification on what traffic will go through the proxy HOT 2
- I never asked for this. Nobody asked for this. HOT 1
- Log level/retention HOT 3
- User choices HOT 5
- WHOIS information alternative HOT 3
- Sure, I'll route my traffic through the servers of the largest advertising monopoly!
- Do we have a timeframe for when this is being implemented? HOT 1
- Do we have a timeline of when this will be implemented? Will we have enterprise control over this setting? Will it be turned on by default with an opt out? HOT 1
- Conflicting with our firewall policies - Some users cannot access Google Workspace mail HOT 7
- Made Live today by mistake? HOT 6
- Confirmation on first party real ip address HOT 2
- What we will see on the server side? HOT 4
- list-based approach HOT 2
- Can the first proxy see the IP address assigned to the user by the second proxy? HOT 1
- The begin ? Google proxy DOS / DOSS one of my customer website HOT 3
- Clarification on first and third party definitions HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ip-protection.