1. 1

    I guess the purpose of this is to stop employers who use TLS mitm systems or who have access to data-at-rest on employee devices from de-anonymizing users. To understand whether this is effective, I’d like to know:

    1. Does Blind use a different encryption key for each user? If not, this system is futile as an employer can just get the global key by signing up themselves.
    2. Does Blind send keys every page-load, or just once to be stored locally? If the key is stored, then it’s accessible to employers with data-at-rest access. An employer with TLS decryption can save the key from when it is first distributed or last sent.
    3. If Blind uses localStorage, does it use the key to encrypt this.
    1. 5

      Never heard the term page builder before. Does this just mean CMS?

      1. 3

        Maybe tools like FrontPage? But I thought that was depreciated a long time ago…

        1. 3
          1. 2

            The article mentions “ I am referring to the WordPress and Shopify ecosystems here”. So CMS-ish.

            1. 2

              Think Google Sites, Squarespace or Wix. These are WYSIWYG interfaces where you drag and drop text boxes, images, forms and so on to create pages. They are technically CMSes, but a lot less sophisticated and but more easily made to show a custom page than a true CMS like drupal.

            1. 4

              This article looks at two markets - the labor market and what I’ll call the “cost of living market”. The author clearly believes the labor market is unfair - otherwise they’d advocate paying whatever the market rate is (ie the minimum they can). However the article turns around and says you shouldn’t factor in cost of living because high cost of living in some places because the price and your choice to live there means it’s worth that amount. I don’t see how you can think workers should ignore market rate salaries but accept market rate living costs.

              If you want to reject market rate salaries, why not really aim for “fairness” and shoot for a set quality of life?

              Of course it’s all moot — any reasonably developed for-profit business is going to pay the least they can for what they want. Market rate it is.

              1. 1

                Exactly. If your remote workers will work for less money, that’s because they are willing to accept the work for less money. They are accepting pay in the form of their remote lifestyle.

                1. 6

                  A fascinating read, particularly the section about Sign in with Apple.

                  As much as I dislike Apple’s app monopoly, the fact that they have been leveraging this to give a little bit of power to their users is promising.

                  Leaves me conflicted though; I don’t know whether to be pleased with the move or not.

                  1. 1

                    I’m glad to have a challenger to Facebook and Google in this space. That said I wish it had been a distributed/open solution.

                    1. 1

                      They had to be just closed enough to ensure a consistent experience.

                      1. 1

                        Undoubtedly from our perspectives an open solution would have been better. But open solutions have been attempted and failed in the past.

                        As you say, by being closed, the experience is consistent. And for better or worse, people trust Apple. I think the most important thing is that Google and Facebook’s hold is being fragmented.

                  1. 6

                    Firefox Monitor uses haveibeenpwned.com as it’s source and seems to provide exactly the same functionality. It’s not clear to me what the value-add is?

                    1. 15

                      There are a couple value adds:

                      1. Trust via brand recognition. I’ve asked my parents to check haveibeenpwned.com before and it took me 10 minutes to convince them it was safe to visit. I love the service, but the domain name alone makes it unsuitable for the vast majority of internet users.

                      2. Discoverability. Only a tiny minority has ever heard of haveibeenpwned and word of mouth won’t reach nearly as many people as a Firefox can.


                      There’s also the possibility of future integrations with e.g Firefox Lockwise.

                      1. 8

                        Haveibeenpwned is English only. Monitor is available in dozens of languages.

                        The audience is non-technical. Being affected by a breach causes a lot of uncertainty and fear in a people. Monitor helps them understand what they need to do (basic password hygiene) in their own language. Tldr: localization, simplification, emails for new breaches.

                        1. 5

                          I guess the only difference is that Mozilla gets to collect your email address and (per their privacy policy) basically send you things and share it with salesforce and amazon:

                          If you sign up, we (and our email providers SalesForce and Amazon) receive your email address to contact you in connection with the Firefox Monitor Service, which includes Full Reports, Breach Alerts, and Safety Tips. You can unsubscribe at any time.

                          1. 2

                            @ahal put it very well.

                            Aaaand people use their emails to sign up for really shady services, which outsource their email to one of these Amazon/Sendgrid/Mailchimp companies anyway. The GDPR (allegedly, at least) helps a bit, but I think the bigger damage has been done a priori.

                            Mozilla’s business is not in mail delivery, though in this case it sounds like they could, and maybe should, take care of it themselves.

                            I’m taking this as a sign of them seeing outsourcing as a lesser evil and risk than hiring someone to maintain Postfix and in-house tooling.

                          2. 1

                            In Troy Hunt’s announcement from last year, he mentions that only 0.06% of pwned email addresses are signed up to the notification service.

                          1. 2

                            It’s worth checking against the entire list. Checking against the top passwords provides a degree of brute force prevention, but the real reason to check against a leaked password list is to prevent credential stuffing. That is – if a user re-uses their password on another site that gets leaked, the exact user/password combo is out there and attacks can try it on various sites to see if there is a match. This applies even if it is a unique password at the tail of that 550 million!

                            1. 1

                              There’s a tradeoff to be made between the false positive rate, the number of passwords checked, and the amount of disk/network bandwidth used.

                              The full list is ~11gb compressed, and the smallest bloom filter that’ll get an acceptable false positive rate on the full list is ~1gb. This gem is 32mb.