[Cryptography] Comey: targeted ads => plaintext access
Bill Frantz
frantz at pwpconsult.com
Mon Sep 21 17:45:11 EDT 2015
On 9/21/15 at 12:00 AM, fw at deneb.enyo.de (Florian Weimer) wrote:
>* Bill Frantz:
>
>>On 9/18/15 at 10:37 PM, hbaker1 at pipeline.com (Henry Baker) wrote:
>>
>>>However, why should the user trust Google's f(x) not to simply
>>>send every w back to Google in the clear?
>>
>>Systems like SES <https://code.google.com/p/google-caja/wiki/SES>
>>allow building confined environments to run code. If these
>>environments do not have access to send network packets, then the
>>confined code can not send data to Google (or anyone else).
>
>But in an advertising context, these environments have to be leaky,
>otherwise you could not redirect users to other sites when they click
>the ads, or bill for showing specific ads or clicking on them.
We can give the advertising code the ability to either navigate
this tab to another URL or open another tab with a URL. While
the act of visiting a web page leaks data, it is obvious that
one has popped up.
Cheers - Bill
--------------------------------------------------------------
Bill Frantz | There are now so many exceptions to the
408-356-8506 | Fourth Amendment that it operates only by
www.pwpconsult.com | accident. - William Hugh Murray
More information about the cryptography
mailing list