Hacker News new | past | comments | ask | show | jobs | submit login

github does not reveal the part of their code that is hosted on Eyeo's servers. While i certainly can't prove that they do, you also can't use their repo to determine what else they do in the background, leaving it up to "trust" again, as usual. Also, i couldn't care less about some headline. I would like a discussion, not e-pride



It's really, really simple here dude:

Either they're keylogging, which has to be done client side, or they're not. Which is it?

I linked you to the client source code. Tell me where in that source code you see a keylogger, and I will personally guarantee your name will be on the front page of this website tomorrow as uncovering what is almost certainly one of the largest keylogging networks in history.

Your "server side" handwaving is bullshit and constitutes evidence that you know nothing at all about how the technology actually works.

If AdBlock were making connections to some server to send back keylogging info, that would be headline news, but requires evidence to be taken seriously.

Right now, you cannot be taken seriously. You can only be taken as a spewer of Fear, Uncertainty and Doubt.


Some secret code hosted on Eyeo's server cannot magically collect keystrokes made on a user's web browser. There has to be a client side JavaScript code or a plugin on the web browser that collects this data and sends it to the server, and therefore, one would be able to point to the plugin or the piece of code that runs on the web browser that does sends the keystrokes related data back to the server.

At the very least, one would be able to see the data (or suspicious data, if it is obfuscated) being sent from the web browser to the server in the 'Network' tab of the web browser's inspector/developer-tools. Do you see any such suspicious data being sent from the web browser to the server? Can you post a screenshot if you do?


By that reasoning, I shouldn't use the internet because it does not describe a web of trust system that would meet secure-by design properties that you demand (Phil Zimmerman, the creator of PGP describes this in theory though)

More fundamentally, your claim is not falsifiable https://en.wikipedia.org/wiki/Falsifiability

i.e. you can't claim something true on the basis of the other person not being able to reasonably have a way of disproving it!

edit: upvoted you because you probably are on smoking something and these people are picking on you for it


The request is for you or t0pz to point to the ABP code that allows for keylogging.

N.B. At the time of this comment, the time-stamp of the above comment is 9hrs ago and the account is 13hrs old.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: