ants_are_everywhere

@sugar_in_your_tea @felsiq

I like the idea of GNU Taler a lot. I honestly didn't realize it was still around. I'll have to explore its source code sometime.

> But honestly, I also don’t care what the currency is, I just want a way to pay a website without seeing ads and without making an account.

This is what I would like too. I think there are a few reasons it will be hard to switch to this model. Perhaps the main one is that the advertising model allows sites to charge more and more attention for the same (or degraded) service, and that's harder to do if people see their money being spent. Another is that sites want to be able to charge more for popular content. That's easy with advertising, but with real payments as the price increases demand will slow down. So it will be harder for sites to get massive views. Finally, I think most sites overvalue their content and direct payment may increase the amount of spam.

> Mozilla probably wouldn’t be able to convince Google to join, but it could probably be an extension, and they could maybe convince Apple to join.

I don't think Mozilla is interested in this sort of solution. Meta needs Mozilla and the Anonym ad tracking tech to fight the attacks from Google and Apple made in the name of privacy. Meta has tons of money to make that happen. Previously Google needed Mozilla to prove it wasn't a browser monopoly. Now that source of cash is gone and Meta's executives are inside Mozilla. Remember when Facebook made a bunch of people sad just to see if they could? Or when they spied on teens' phone usage through a VPN app? The people who made those decisions are now making decisions for Mozilla.

@felsiq

> that gets people jailed for visiting lgtbq+ sites or some shit when their payment providers are controlled by fascist governments

If that's your threat model, then there may be an additional threat of timing analysis on the blockchain.

If your threat actor has the resources of a nation state and is able to tap your ISP, the site's ISP, and your VPN's ISP, then you probably also don't want a permanent pseudonymous record of your activity in the form of a blockchain.

This is just an initial thought; I don't have any concrete reason to believe that blockchain forensics + timing analysis is any stronger than just one of those on its own.

@tetris11 @GnuLinuxDude

Netscape exited to AOL in 1998. The Netscape founder Marc Andreessen has since then been a successful venture capitalist who loves cryptocurrencies and Donald Trump.

@tetris11 @GnuLinuxDude

Mozilla Corporation -- which makes Firefox -- is a wholly owned subsidiary of Mozilla Foundation. The foundation is a nonprofit.

A nonprofit can't generate a lot of business income unrelated to its mission. Firefox used to generate a lot of income, so it had to be spun off into a taxable entity called Mozilla Corporation.

The corporation doesn't have investors in the usual sense.

@felsiq

Good point thanks for catching that. The receipt itself can name any anonymous identifier like a crypto address. I was just intending to note that the blockchain is essentially a wasteful timestamp server that doesn't seem needed for this application.

As a practical matter, the website has your IP, when you visited, what you looked at etc. So you already have to trust them with your privacy. And there's a question of whether public policy would allow web traffic to be untraceable by default. But certainly the payment processor doesn't need to know things like which websites you visit.

@felsiq @sugar_in_your_tea

IMO a solution that doesn't use a blockchain is better. The premise of a blockchain is that either (1) everybody keeps a copy of every website everyone visits, or (2) there's a trusted party (or parties) somewhere that compresses the database.

We already have trusted parties on the web, and recording that much duplicate data is bad both for resources (bandwidth, energy consumption, disk usage) and for privacy.

There's a whole field of blockchain forensics and it will get even more interesting as quantum computers with more qubits start spinning up.

Really sites and visitors just have to agree on a signed bill/receipt and hand the transaction over to any existing payment processor.

@d0ntpan1c

Again you're misrepresenting the state of ad tech.

Anonym has trackers. They're called "private measurement" on their site.

Google and Apple already do what Anonym wants to do. Measurement is privacy preserving, using tools like differential privacy, and the algos are run in Trusted Execution Environments.

It looks to me that Anonym is a copycat solution that has no differentiator over what mainstream browsers are using.

Is there any single reason to prefer them and #Mozilla other than that #Meta doesn't want to be left behind?

@d0ntpan1c

So by your silence, do you concede that Anonym provides no privacy not already provided by Chrome and Safari? Why are you comparing it to Facebook pixels?

> Anonym isnt built into firefox, so idk why you’d think any of this has to do with other browsers.

Google ads is not built into Chrome either. And yet for some reason Chrome takes more and more control away from the user.

The only reason people use Firefox currently is that people used to trust Mozilla. If Mozilla decides to throw away that trust the obvious decision is for people to switch from #Mozilla #Firefox to a more mainstream browser like Chrome or Safari.

Since you can't name any reason Anonym is more private than Google Ads, people might as well go with a company that has vastly more expertise in cryptography and security.

> Web platform security isn’t about having an army of people.

Google physically secures data centers across the globe. Both they and Apple have world class expertise in cryptography and hardware, including discovering the family of speculative execution bugs that plague processors. They thoroughly understand the limitations of SGX and related technologies and have designed custom ways to mitigate them. They have world class cryptographers working at the edge of what's possible with things like homomorphic encryption and MPC.

Let's be realistic, Anonym is going to run on AWS, Azure, or Google Cloud. The security will be backed by one of the tech monopolies, and Anonym/Mozilla are now the weak point in the chain.

If I'm choosing between two implementations of the same ad spyware, why would I go with the upstart with less experience and who just did a 180 on their mission?

@d0ntpan1c @JubilantJaguar

what, concretely, do you believe they are offering that is less evil? Their proposed ad tech is no more private than Google's or Apple's.

And they can't afford the army Google and Apple employ to prevent data leaks.

What concrete parts of the Mozilla proposal do you believe is an improvement over Chrome and Safari?