* >The user agent string does not provide as much information as people seem to believe.*
How much information do people seem to believe that it provides?
> Whitelists aren’t usable, and don’t work at scale.
I don't need it to "work at scale". I need to be able to turn blocking off occasionally. Also, "at scale" and "usable" are vague to the point of meaninglessness. Why aren't they usable? What scale does a whitelist need to work at that makes you say that it can't?
> Every study and survey has found that users value their privacy, but have been told (by advertisers and I assume you) that privacy is dead, or that they cannot have the internet without it. It is absolutely not something that just “power users” care about. It’s just power users are the only ones who currently get any.
That's my point exactly, because privacy isn't the browser vendors' top priority, nor are they generally doing "everything they can" to improve it. The standards don't even allow it.
> Finally, the attribution isn’t attributing to a specific user - the entropy is heavily limited, the reporting is time delayed by a random amount, and is made with a stateless session so there isn’t any way to directly tie it to a single specific user leaving just the IP address, which is now typically shared, and frequently changes.
"It's not so bad, really, for most users" is not the same thing as "browsers are doing everything they can to prevent user abuse."
Add, I don't know, User-Agent and Referer to the mix to more reliably track different sessions on the same address. My address doesn't change frequently. I'm on a temporary lease but when it expires I get the same IP again or at least have since I started my account. This is not uncommon for a broadband connection in my whole country.
If you consider tracking individual users' behavior for ads user abuse, let me remind you that one of the largest perpetrators of that are working on their own browser and regularly get a say in how the web works.
You said browsers in plural, though.
* >The user agent string does not provide as much information as people seem to believe.*
How much information do people seem to believe that it provides?
> Whitelists aren’t usable, and don’t work at scale.
I don't need it to "work at scale". I need to be able to turn blocking off occasionally. Also, "at scale" and "usable" are vague to the point of meaninglessness. Why aren't they usable? What scale does a whitelist need to work at that makes you say that it can't?
> Every study and survey has found that users value their privacy, but have been told (by advertisers and I assume you) that privacy is dead, or that they cannot have the internet without it. It is absolutely not something that just “power users” care about. It’s just power users are the only ones who currently get any.
That's my point exactly, because privacy isn't the browser vendors' top priority, nor are they generally doing "everything they can" to improve it. The standards don't even allow it.
> Finally, the attribution isn’t attributing to a specific user - the entropy is heavily limited, the reporting is time delayed by a random amount, and is made with a stateless session so there isn’t any way to directly tie it to a single specific user leaving just the IP address, which is now typically shared, and frequently changes.
"It's not so bad, really, for most users" is not the same thing as "browsers are doing everything they can to prevent user abuse."
Add, I don't know, User-Agent and Referer to the mix to more reliably track different sessions on the same address. My address doesn't change frequently. I'm on a temporary lease but when it expires I get the same IP again or at least have since I started my account. This is not uncommon for a broadband connection in my whole country.
If you consider tracking individual users' behavior for ads user abuse, let me remind you that one of the largest perpetrators of that are working on their own browser and regularly get a say in how the web works.