Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I completely agree. The amount of FUD Mozilla spread about Web MIDI was truly distasteful. People say that Google is the enemy, and perhaps they are. But at least Google does not write off entire groups of users (like musicians) because of a swivel-eyed security paranoia.

If I wanted a paternalistic entity telling me what I can and can’t do with my device, I’d use an iPad.



> The amount of FUD Mozilla spread about Web MIDI was truly distasteful.

As in: everything they said is true, and the moment they launched it they found it's used for fingerprinting (and Google doesn't even hide it behind a permission prompt)


Anything can be used for fingerprinting. Your GPU can be used for fingerprinting. Your fonts can be used for fingerprinting. MIDI is so far down the list of fingerprinting threats.

If Mozilla are really serious about fingerprinting then they need to remove <canvas> right now and make every website render in Times New Roman.

Fingerprinting cannot be solved by disabling browser features in a standard browser. It can be mitigated by using content blockers such that the fingerprinting code never runs, or by using a specialist browser like the Tor browser.


Pretty sure canvas is blocked by setting resistFingerprinting to true.


> Anything can be used for fingerprinting.

Yes and that's a major issue

> If Mozilla are really serious about fingerprinting then they need to remove <canvas> right now

Ad absurdum is not as great an argument as you think it is

> Fingerprinting cannot be solved by disabling browser features in a standard browser.

It also shouldn't be facilitated by just blindly turning them on without propert mitigation. And proper mitigation is complex

> It can be mitigated by using content blockers

So now you're shifting the responsibility onto the user. Even though it's been shown time and again that users can't really understand all the complexities of modern systems, their capabilities and the far-reaching results of what these systems can and do.


But putting capabilities behind permission isn't what Apple or Moz considered.

> Finally, if we find that features and web APIs increase fingerprintability and offer no safe way to protect our users, we will not implement them

https://webkit.org/tracking-prevention/ https://www.infoq.com/news/2020/07/apple-fingerprinting-priv...

Strangling the web platform to keep users safe, forcing them onto much less secure much more invasive apps is not justified nor reasonable. Watching Mozilla adopt the same condescending paternalistic platform murdering "protect the children" absolutist authoritarianism with no possible consideration or affordances was a sad sad sad week. It's extremely reckless & hostile behavior, at deep deep deep injury to making so many great futures possible.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: