unskilled5117

Thank you for the detailed response! Yes, the what data and how to not create conflicts has been troubling me the most.

I think I might first narrow it down with test VMs first, to skip the transfer part, before I actually use it “in production“.

why would any corporation choose to sideline their current advertisement model by creating an extra solution that doesn't even tap 3% of the market

In its current form, I concur, you might be correct. But:

The current implementation of PPA in Firefox is a prototype, designed to validate the concept and inform ongoing standards work at the World Wide Web Consortium (W3C).Source

So the point is to create a system that other browsers could adopt. The other thing that could drive this, is the GDPR compliance. PPA is compliant, while a lot of the other technologies aren’t, and businesses are feeling more pressure. There is a reason that Meta participated in parts of the development.

All I can say is: Dont let perfect be the enemy of good. This is so far only a test.

Edit: I found the time to look at your source article, I had actually read it before when it was posted a month back. I will comment on their views, some right, others which can be debated, and on other details were they are just wrong. In general privacyguides is a great resource but I find this particular opinion piece to be lacking.

Advertisement is not free. It's a trick that looks free if you ignore the entire way it functions.

It doesn't take an expert understanding of economics to see that any belief that advertisement allows for a free Internet is smoke and mirrors. The money comes from somewhere, notably from you.

I think thats kind of obvious that the money has to be coming from somewhere. The ads are what funds large parts of the internet. Someone is paying for it, either the people buying stuff because of the ads or the businesses buying the ads.

Whichever way it is, maybe both, it has the side effect of distributing the cost of the Internet. The alternative without ads would be everyone paying for every little thing on the internet, does anyone think, that that scenario is realistic? That would also mean the cost is solely on the people and nothing coming from corporations.

Companies get extra data through Firefox

You mean extra data compared to them using any other advertising model, like google advertising? Do you have a source for that?

Because that is what PPA has to be compared to, and not to no ad measurement at all. It‘s meant to be replacing other advertising measurement techniques.

The comparison chart looks like it‘s copied from somewhere, would you mind sharing? I wouldn‘t mind a deeper dive into the topic.

I will say it again: The way i read it, it sounds like the companies will get some general data if their ads work, without a profile about you being created. I am fine with that.

Just imagine what a boon it would be for the “normal“ less tech savvy, if advertisers switched to a more privacy respecting technology like this.

If more privacy focused people don't like it, they can simply disable it by ticking one box, without negative consequences (unlike content blockers and similar techniques where a website can penalize you, turned off PPA is not detectable).

It has no downsides as far as I am concerned. It doesn’t give advertisers additional data that they wouldn’t already be able to get, it just creates the option of measuring their ads in a privacy respecting way.

Does anyone know why they switched to this new packaging format, especially since they, as far as i can tell, were using flatpak before? I cant find any explanation on it in blog posts or release notes. In general i find the information they provide on implementations (atomic updates etc.) rather minimal.

Passkeys have been available in Bitwardens mobile apps for some time: https://bitwarden.com/help/storing-passkeys/

Some SATA and NVMe devices support hardware encryption (TCG OPAL2 standard) and with the latest cryptsetup LUKS devices can be configured to use hardware encryption to encrypt the data either by itself or together with the existing dm-crypt software encryption. Support for this feature was added in the latest cryptsetup upstream release and we’d like to provide an option for users to use this feature when installing Fedora with disk encryption.

As this is an expert option, it will be available only through the kickstart interface. […] There will be two new options to select either hardware encryption only or hardware encryption in combination with software encryption (analogous to the --hw-opal-only and --hw-opal options used when configuring hardware encryption with cryptsetup).

I personally am fine with making it opt-out, but I think it should be handled differently. This technology requires users trust, to have any chance of being successful. Enabling it without informing the user is not the way to gain it.

I would have put a little pop up explaining that they are trying to create a privacy preserving technology to measure ads with the goal of replacing privacy invasive technology. If the user doesn’t like it, it can be disabled in the settings afterwards.

I haven’t looked into the technicals much further than the support page.

The way i read it, it sounds like the companies will get some general data if their ads work without a profile about you being created. I would be fine with that. What I don’t like is the lack of communication to users about it being enabled.

PPA does not involve websites tracking you. Instead, your browser is in control. This means strong privacy safeguards, including the option to not participate.

Privacy-preserving attribution works as follows:

1. Websites that show you ads can ask Firefox to remember these ads. When this happens, Firefox stores an “impression” which contains a little bit of information about the ad, including a destination website.
2. If you visit the destination website and do something that the website considers to be important enough to count (a “conversion”), that website can ask Firefox to generate a report. The destination website specifies what ads it is interested in.
3. Firefox creates a report based on what the website asks, but does not give the result to the website. Instead, Firefox encrypts the report and anonymously submits it using the Distributed Aggregation Protocol (DAP) to an “aggregation service”.
4. Your results are combined with many similar reports by the aggregation service. The destination website periodically receives a summary of the reports. The summary includes noise that provides differential privacy.

This approach has a lot of advantages over legacy attribution methods, which involve many companies learning a lot about what you do online.

PPA does not involve sending information about your browsing activities to anyone. This includes Mozilla and our DAP partner (ISRG). Advertisers only receive aggregate information that answers basic questions about the effectiveness of their advertising.

This all gets very technical, but we have additional reading for anyone interested in the details about how this works, like our announcement from February 2022 and this technical explainer.

It‘s not only about using the tpm to unlock the FDE, you should be able to do that on every distro with systemd-cryptenroll. The part that is new, is the the measuring of the systems integrity. It’s a way to ensure that the firmware has not been tampered with, the boot loader is the one that was installed and has not been replaced, that the kernel is exactly the one that comes from the distribution, that the kernel command line is the one that we expect, and that the initrd that is used does not contain any extra binary that we do not control.

It has been asked on the forum. Idk if they will consider implementing some type of notification for critical issues on the OS itself. Edit: they are working on a solution