Hacker News new | past | comments | ask | show | jobs | submit login

[flagged]



Whoa, crossing into personal attack like this will get you banned here. Please don't post in the flamewar style generally.

If you wouldn't mind reviewing https://news.ycombinator.com/newsguidelines.html and taking the intended spirit of the site more to heart, we'd be grateful.


> How is client core count contributing to this in any way?

I maintain an open source encryption/decryption library[1] for E2EE privacy request fulfillment at my current employer. We use navigator.hardwareConcurrency to distribute decryption jobs across multiple CPU cores so that you can get your E2EE files downloaded in a timely manner.

> It's not really blowing my mind that you are an disingenuous douchebag

If it can be done, it will be done. Real progress lies in the social norms that we perpetuate through the standards and policies of the applications that we use. Try to be the force that makes changes for a world that you want to live in.

1. https://github.com/transcend-io/penumbra/


[flagged]


> Sorry, but what is that even supposed to mean?

I usually frame it as: if something is within reach of our technological capabilities and there's a way to make money on it, someone will eventually do it, no matter how evil that thing is.

Technology is mostly a ratchet - once something becomes possible, it usually never stops being. So if you want to stop or prevent some wrong behavior, you have to address the economics of it: make it not profitable to pursue.

In this particular case: adtech scoundrels find it profitable to know your core count. Explicit API for this information doesn't change much for them, as it's easy to reliably infer that information with a bit of clever code. That clever code, however, will tax your CPU and battery. They don't care, because they're not paying for your electricity. The solution to this problem isn't to oppose the API (that, beyond saving you battery life, has many beneficial applications). It's to make fingerprinting unprofitable.

To make fingerprinting unprofitable, you can make it harder to perform (removing this API doesn't achieve that). But that's pretty much impossible without completely lobotomizing the browser, or without technologies that don't exist yet. So the best avenue of attack is changing (widely understood) social norms to make adtech fingerprinting unprofitable. In case of as widespread practice as this, pretty much the only effective way is regulatory - try to get your government to make this stuff illegal.


Nice analysis, but you left out another possible solution, by Google: monitor resource consumption of web pages and penalize wasteful ones by giving them worse SE positions. Not sure if this is in G's interest though.


> Why do you think you need my core count when that number is useless for any sort of performance indication?

You're clearly being disingenuous, but I will answer your question in more detail. I already answered it above, but you don't seem to have the time to review the linked open source project.

If I use every core on your device for a decryption job that uses 100% of the resources that you provide it, your decryption job will undoubtedly finish sooner if you provide more resources. It doesn't matter how fast or slow your cores are, or if your computer runs on a big.LITTLE architecture or not.


So, why do you need to know how many cores my platform will provide if you can not judge the performance of the cores anyway?


I answered that question in the comment that you are replying to.


And it is up to the client to manage all this. You do not gain anything by knowing the clients thread count. Which is what I have been complaining about all along.


What do you mean “you do not gain anything”? It seems you are confusing GHz with parallelism. The thread count matters, regardless of cpu speed




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: