waxwing on Nostr: https://httptoolkit.com/blog/apple-private-access-tokens-attestation/ Found via ...
https://httptoolkit.com/blog/apple-private-access-tokens-attestation/
Found via stacker news, credit to : https://stacker.news/items/243154
This is a fascinating and obvious-in-hindsight development.
Think: while Tor has taken the radical step of going down the PoW route, a whole "vertical stack" like Apple's, unsurprisingly, can take a much "cleaner" but at the same time much more disturbing approach: lock out unpermissioned usage (including spam of course!), while still being able to claim that they are preserving privacy by not identifying users. Chaumian tokens (as seen previously in privacypass) are the obvious way to do this.
The real bomb will drop when Google does this for any of their services (as discussed in the article, chromium/chrome).
Be interested to hear people's thoughts about it. Privacy from (cryptography + centralization) is super powerful, we're just starting to see how it can manifest.
Found via stacker news, credit to : https://stacker.news/items/243154
This is a fascinating and obvious-in-hindsight development.
Think: while Tor has taken the radical step of going down the PoW route, a whole "vertical stack" like Apple's, unsurprisingly, can take a much "cleaner" but at the same time much more disturbing approach: lock out unpermissioned usage (including spam of course!), while still being able to claim that they are preserving privacy by not identifying users. Chaumian tokens (as seen previously in privacypass) are the obvious way to do this.
The real bomb will drop when Google does this for any of their services (as discussed in the article, chromium/chrome).
Be interested to hear people's thoughts about it. Privacy from (cryptography + centralization) is super powerful, we're just starting to see how it can manifest.