[Cryptography] Comey: targeted ads => plaintext access

Florian Weimer fw at deneb.enyo.de
Mon Sep 21 03:00:39 EDT 2015

* Bill Frantz:

> On 9/18/15 at 10:37 PM, hbaker1 at pipeline.com (Henry Baker) wrote:
>>However, why should the user trust Google's f(x) not to simply
>>send every w back to Google in the clear?
> Systems like SES <https://code.google.com/p/google-caja/wiki/SES>
> allow building confined environments to run code. If these
> environments do not have access to send network packets, then the
> confined code can not send data to Google (or anyone else).

But in an advertising context, these environments have to be leaky,
otherwise you could not redirect users to other sites when they click
the ads, or bill for showing specific ads or clicking on them.

More information about the cryptography mailing list