Hacker News new | past | comments | ask | show | jobs | submit login

I think the interesting thing about decoupling the incentive structure isn't so much how the blacklist operator would react (more liberal blacklists), but how the browser maker would react.

Since the browser maker will no longer control the blacklist, they will now have users telling them that sites are broken (because they've been blacklisted), and they won't be able to do anything about it on the blacklist side. So, what they will be incentivized to do, is to make whitelisting a blacklisted site (especially those that only get loaded through invisible iframes etc.) have a much simpler/easier/clearer UX, so that their complaints go down. This is good for everyone, but it's not something they'll do when they still have the option "just remove X from the blacklist."




But the sites aren't really _broken_. There will be a warning displayed to the user, but the user can always say, "give me the site anyway". And users do hate it when they hit a web site which trashes their machine with malware. So they might be in favor of more stringent blacklists as well.

It might be a bad assumption that users will demand a more liberal blacklist. That's certainly not how e-mail blacklists have worked out. Sometimes the people most in favor of the blacklists that hit all sorts of innocent mail senders are the users sick and tired of spam.


Have you seen the "warning" lately? It's a pretty dire message. The only button visible is "Go Back." You have to click a tiny "advanced" text link to even see that there's an option to go to the site anyway. Try for yourself in Chrome:

malware.testing.google.test/testing/malware/




Applications are open for YC Summer 2020

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: