On Tue, Apr 26, 2022 at 9:22 PM Vivek Sekhar <[email protected]> wrote: >> This particular technique has been discussed before, but there's a >> flaw which wasn't mentioned in this email. The idea assumes that all >> end users can access the same websites and also that all end users >> visit similar websites. Neither of those is a given and as such end >> users that for one reason or another only end up visiting one or two >> websites that use a "pervasive payload" could be vulnerable to attack.
I may be misunderstanding your point, but the idea of the "pervasive payloads" is that they are so widely used that you learn nothing useful about the user from knowing they have downloaded them. To provide a concrete example, suppose by probing the cache you discover that the user has the JavaScript for embedded tweets. This doesn't tell you which of the thousands of sites that embed tweets that they went to. On Wed, 27 Apr 2022 at 17:46, Yoav Weiss <[email protected]> wrote: > > > On Wed, Apr 27, 2022 at 8:50 AM Anne van Kesteren <[email protected]> > wrote: > >> On Tue, Apr 26, 2022 at 9:22 PM Vivek Sekhar <[email protected]> wrote: >> >> This particular technique has been discussed before, but there's a >> >> flaw which wasn't mentioned in this email. The idea assumes that all >> >> end users can access the same websites and also that all end users >> >> visit similar websites. Neither of those is a given and as such end >> >> users that for one reason or another only end up visiting one or two >> >> websites that use a "pervasive payload" could be vulnerable to attack. >> > >> > Thanks for raising this. When you say "can access," are you referring >> to e.g. national governments or ISPs blocking access to large numbers of >> otherwise-popular sites? If so, would geography-specific lists of pervasive >> payloads mitigate this concern? If not, can you provide more details on the >> scenario you have in mind? >> >> That is part of the concern, but end users can be segmented in more >> ways than that. If an end user minority in a region doesn't visit the >> websites the end user majority visits, but a website they do visit >> uses a "pervasive payload", you have the same risk. The last time we >> discussed this in depth I don't think anyone came up with a solution >> that would solve this other than with variations on bundling >> "pervasive payloads". I'm rather surprised it's coming up again >> without accounting for these issues. >> > > Hey Anne! :) > > I agree that the concerns you raise are definitely something we'd need to > resolve before shipping this. > At the same time, this intent is for a short-lived experiment, aiming to > quantify the benefits of the feature, before investing efforts in resolving > those hard problems. > > >> >> -- >> You received this message because you are subscribed to the Google Groups >> "blink-dev" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> To view this discussion on the web visit >> https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CADnb78hs2WXzFR4OJYCB9G_a724PZMZtxRpLBdy_QZRYE9zJtg%40mail.gmail.com >> . >> > -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAC_ixdyVypeZzzafMN6U4MN6vrMO7cGv%3D%3DUfsOFaiGMemY2DMg%40mail.gmail.com.
