Hi,
sajolida wrote (07 May 2015 14:15:30 GMT) :
> intrigeri:
>> Also, I've no idea what "floodfill performance" is in
>> this context.
> The context being I2P, it seems to be a core concept of the way I2P
> maintains the database describing its network:
> https://geti2p.net/en/docs/how/network-database
> That's jargon to me but I guess that I2P freaks might find that relevant
> or at least as relevant as mentioning a version number without any
> additional information.
OK... this concept seems to live at the same technical level as
concepts like "bridge descriptors" or "introduction points" are for
Tor, which I'm pretty sure we would not want to expose to users.
But I'm not insisting: indeed telling a bit about what's new in that
version is good, and we probably lack the I2P skills to translate this
concept correctly into something that would be more appropriate for
our audience.
>> I find the example provided for "Tor isolates better the connections
>> to **third-party content**" unconvincing:
> That was my interpretation of the Tor Browser 4.5 release notes (Privacy
> Improvements section).
>>> - Tor isolates better the connections to **third-party content**
>>> included on the websites that you visit. For example, the connection
>>> made through a *like* button from Facebook, Twitter, or Google+ is
>>> now going through the same circuit as the connections made to the
>>> website. This prevents third-party websites from correlating your
>>> visits to different websites.
>>
>> The fact that 3rd-party resource fetches go through the same circuit
>> as the originally requested page, in itself, doesn't prevent any
>> correlation.
> Why?
Let's try a few different explanations, hopefully one will work:
a) Because this, in itself, doesn't isolate navigation on website1
from navigation on website2.
b) The fact that I'm on the same train as you doesn't imply anything,
in itself, about whether you are on the same train as Alan.
Neither that you probably are, nor that you probably aren't. (Yay,
I know, such metaphors generally don't work, but it's worth a try.)
>> It only becomes the case once *combined* with the fact
>> that different tabs won't use the same circuit.
>>
>> So, introducing it
>> with "For example" seems incorrect to me. Now, clearly that's a pretty
>> tough one to phrase => good luck.
> I experience something different here. [...]
Yes, you're correct. I shouldn't have written "tabs" above, but rather
"URL bar origin".
> Did I misunderstood something?
No, I think you understood pretty well the updated Tor Browser design
in this area. So at least we agree on the expected behaviour, and the
only remaining problem is the "For example" phrasing that I've
pointed out.
Cheers!
--
intrigeri
