On 25/07/14 10:48, Rubén Martín wrote: > As far as I know currently Firefox checks a local downloaded list, not > directly. Am I wrong?
As I understand it, if Firefox hits a positive on the downloaded list of URL hash prefixes, it asks Google for the full hash so it can do a proper comparison. However, we ask for four other random hashes at the same time so it's not clear what exact site you visited. > I remember a similar discussion about this year ago and how we should > protect users privacy not pinging third-party servers. We are already talking to Google's servers to do safebrowsing (to download the lists and expand the hashes), although the cookie is separate. (I'm channeling a recent discussion about this but I can't for the life of me remember where I read it.) Gerv _______________________________________________ governance mailing list [email protected] https://lists.mozilla.org/listinfo/governance
