Twitter | Search | |
BrendanEich
Co-founder & CEO Software () and (). Co-founded Mozilla & Firefox. Created JavaScript.
83,518
Tweets
1,025
Following
113,138
Followers
Tweets
BrendanEich 59m
Anyway, we are still investigating to rule out iOS bug on our side. Allow-listing is possible but not decided. Independent of that process, I hope I have convinced you that trust-but-verify cannot be a universal in the Web. Not yet anyway. New systems (maidsafe, urbit) needed.
Reply Retweet Like
BrendanEich 1h
It seems to me the block list edits that blocked many 1p piwik instances were ill-motivated or at best confused.
Reply Retweet Like
BrendanEich 2h
There are myriad ways to fingerprint. Your false requirement that anyone audit and verify other sites and apps JS (never mind server side code or CSS fingerprinting) means blocking all JS and parts of CSS. We would die quickly if we did that.
Reply Retweet Like
BrendanEich 2h
You can doubt DDG but auditability & verifiably (which we work on for our own code) cannot be required of all web content. Are you willing to be denied service for blocking canvas based CAPTCHAs? Are you suggesting, as there is no way for us or anyone to audit, we block all such?
Reply Retweet Like
BrendanEich 2h
Reply Retweet Like
BrendanEich retweeted
Nikhil Thorat 8h
Our TensorFlow.js paper was accepted at SysML and is now on arxiv!
Reply Retweet Like
BrendanEich 2h
“hardcode”
Reply Retweet Like
BrendanEich 2h
there is no feasible ideal case. To verify a canvas-based CAPTCHA was not being used for fingerprinting is a problem we do not know how to solve in general. But we do know we can trust DDG more than random sites. So we may (not decided) hardcore allow-list pending better tech. /3
Reply Retweet Like
BrendanEich 2h
while we work on crawl-trained M/L or other exception management automation, hand coding is useful and needed even in 3p cases. Your “distrust until verified” begs how to verify question which has no general answer without Secure Remote Attestation. We are pragmatists, esp when/2
Reply Retweet Like
BrendanEich 2h
This is nothing like “Acceptable Ads” - no pay to play. First, our defaults do not result in a false + (pls correct me if I am wrong) but even 3p-only fingerprinting protection can misfire. When it does, we analyze and take steps: allow-list, develop crawl-trained M/L, etc. So /1
Reply Retweet Like
BrendanEich 3h
We can remove upon misbehavior — we also have DDG as a valued partner whom we trust.
Reply Retweet Like
BrendanEich 4h
We're aware and already have to do things within 1st party context. While 3p vs 1p is insufficient, it is necessary and fruitful still for many sites, because economics always favors not inlining into 1st party.
Reply Retweet Like
BrendanEich retweeted
ashkan soltani Jan 16
NBD, just 773M email address with a combined total of 1.16B username/passwords combinations just released on the Internet
Reply Retweet Like
BrendanEich retweeted
Paul Vixie Jan 16
TANSTAAFL. if a C++ compiler had options to turn off most of C++, i'd happily use a C++ subset that was a C superset. especially, no pointer arithmetic! until then, i'm missing Modula-3 and learning GoLang. hereis:
Reply Retweet Like
BrendanEich retweeted
Robert O'Callahan Jan 16
Removed last dependencies on openssl. Hopefully I'll never again have to deal with openssl breakage.
Reply Retweet Like
BrendanEich retweeted
Luke Mulks 14h
Want a look into the Ads Developer Channel Preview? Jennie does an excellent job providing a closer look in this new video from the Stay tuned, 2019 is just getting started. Exciting year ahead for Brave &
Reply Retweet Like
BrendanEich retweeted
James Bovard Jan 16
Atty. Gen. nominee William Barr championed giving immunity to an FBI sniper who gunned down innocent people without warning. Will Barr exempt FBI from all laws?
Reply Retweet Like
BrendanEich retweeted
Tim Sweeney 24h
Unity made a solid move by undoing the recently-introduced Terms of Service restrictions on cloud services, SDKs, and stores. Developers are again free to mix and match everyone’s tools and services. Props to !
Reply Retweet Like
BrendanEich retweeted
Robert O'Callahan 23h
Replying to @rocallahan
This is a serious problem because it makes me a bad maintainer by leaving PRs languishing after contributors have force-pushed to address my review comments.
Reply Retweet Like
BrendanEich 23h
Replying to @shortblockstack
70%.
Reply Retweet Like