Comment on I made a Firefox fork with Fediverse integration
lambalicious@lemmy.sdf.org 6 hours agoSending the current URL and directly from your own IP too is quite the privacy hurdle already. I’ve already posted on what kind of things could be done to improve this, but first, a notice.
Your README says in the Privacy section:
Does not track your browsing
On the current implementation, this should be changed to:
Enables unverified third parties to track your browsing data
As that honesty is quite important.
As for measures that could be taken to improve on this issue, I have three suggestions (I might Issue Tracker them to the codeberg later, if I can find my credentials XD)
- Set up a uBO-stye control pane that allows to set this on or off per-domain or per-site. Bonus points if it allows for per-site specific on which lemmy instances to use the same way as uBO’s “3p” Custom Rules does. This already prevents a number of undesirable use cases, such as automatically sending LAN / non-DNS names to third parties when they can’t really be searched for anyways.
- Anonimyzing assist: Allow for sending only the global context of the visited site (eg.: only the domain) instead of the full URL.
- Anonimyzing assist: Allow to cache requests to send them later / send them in batches, to avoid clock-based / timezone-based tracking attacks.
- Anonimyzing assist: Allow for the browser-specific request being sent through a proxy or relay, so that IP origin information is not leaked. (I think this only really makes sense for users not logged-in?)
rozodru@lemmy.world 5 hours ago
Thanks, when I have the time I’ll look into implementing this.
woelkchen@lemmy.world 1 hour ago
I don’t think the ideas of Lambalicious work with Lemmy. What would sending the domain name only achieve? I assume it uses the same logic as Lemmy uses to find crossposts? Obviously it needs the whole address then.
Maybe instead of crawling automatically, the users need to click a button to look up discussions? (I have yet to install your extension, so I have yet to experience the workflow myself, sorry.)
Maybe link to the privacy terms of the default instances? In general, I think your approach is good. You don’t collect any data, the feature is 100% opt-in. A central relay/proxy is even worse than your current approach. People are obviously free to set up their own Lemmy/Mastodon server if they want a relay.
NikkiDimes@lemmy.world 17 minutes ago
I’m guessing the idea could be to fetch a batch of recent discussions based on pages within a domain, then filter the results locally. This could even work very well with local caching.