this post was submitted on 08 Aug 2024
143 points (96.7% liked)
Firefox
17941 readers
14 users here now
A place to discuss the news and latest developments on the open-source browser Firefox
founded 4 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
It isn't anonymous, it's slightly obscured.
They use ohttp ( a proxy ) run buy a "partner" they control to do the obscuring.
That should be part of people's informed threat modeling. Having a tattle tale in the browser reporting web activity to a third party is a big deal.
From what I've seen PPA doesn't depend on OHTTP to do the obscuring. This page mentioned Distributed Aggregation Protocol and differential privacy, that are meant to ensure that it is literally impossible for any one party to see your data. Not just "obscured", but impossible to access.
But be sure to let us know what data about us a partner could theoretically view, and how, if you disagree.
https://datatracker.ietf.org/doc/html/draft-ietf-ppm-dap#name-security-considerations
https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-vdaf-08#name-security-considerations
Clearly not impossible even according to the standards authors.
I see only two data leak risks mentioned:
The first doesn't need PPA. As for the second, Firefox can already conspire to compromise your privacy, if you're using it.
I'm still looking for some concise documentation about exactly what Firefox sends, and if I could, I would love to intercept that data so that I can send it myself at a later time, with extra details
There's a bit in the technical explainer here. But there's really no way for you to add details; the whole point is to share nothing about you specifically.