Connect with us

Technology

Google has second thoughts about cutting cookies, so serves up CHIPs • The Register

Published

on

Last week, third-party cookies received a stay of execution from Google that will allow them to survive until late 2023 – almost two years beyond their previously declared decommission date. But the search-ads-and-apps biz is already planning a resurrection of sorts because third-party cookies are just too useful.

The Chocolate Factory envisions a lesser form of third-party cookie, one that in theory won’t be used for tracking but will be able to support other more acceptable use cases. Google software engineer Dylan Cutler and engineering manager Kaustubha Govind call their confection “partitioned cookies” in a Web Platform Incubator Community Group proposal called “CHIPs.”

Cookies are files that web applications can set in web browsers to store data. They have legitimate uses, like storing data related to the state of the application (e.g. whether you’re logged in), and they can also be used for tracking people across websites.

Third-party cookies – set by scripts that interact with third-party servers – track people by storing a value on one website and then reading that value on another website that implements a similar third-party script. The third-party service in this case then knows all the websites running their script that were visited by the tracked individual.

That’s the sort of privacy-invading behavior that led browser makers like Apple, Brave, Mozilla, and others to block third-party cookies by default. But doing so has created problems by interfering with applications that rely on third-party cookies to deliver services across domain contexts.

The browser security model is based on the distinction between first-party and third-party contexts. When an individual visits a specific web domain, that domain operates in a first party context; services available at other domains are considered third-party and face various limitations on what they can do.

Google’s CHIPs proposal – Cookies Having Independent Partitioned State – calls for cookies that can be set by third-party service but only read within the context of the first-party site where they were initially set, as opposed to other sites also running the setter’s third-party script.

For example, Cutler and Govind describe a scenario where the site retail.com wants to work with a third-party service support.chat.com to embed a support chat box on its site.

“Without the ability to set a cross-site cookie, support.chat.com could instead rely on retail.com passing along their first-party state (or some derived value of it),” the Googlers explain in their proposal. “However, if the users have not yet created an account and the support widget is helping them sign up, then retail.com would have no notion of identity to forward to support.chat.com.”

There are other plausible uses too, like third-party content delivery networks that use cookies to serve access-controlled content, front-end frameworks that rely on remote hosting and remote procedure calls to interact with services, and embedded code designed to support software-as-a-service apps.

Firefox and Safari have each taken steps toward implementing their own versions of partitioned cookies, so Google’s approach has conceptual support from other browser makers even if the implementations currently differ.

Hold on a minute

But privacy advocates have taken issue with Google’s approach – declaring intent to prototype the technology without much consultation.

“The tech has been talked about for awhile, it works when combined with other techniques to slightly reduce the harm from third-party cookies, but it’s not the same as deprecating third-party cookies,” said Zach Edwards, co-founder of web analytics biz Victory Medium, in a message to The Register.

“Google is proposing this shift without even acknowledging how it fits into larger plans, and thus making people guess and try to work out the calendar for upcoming Chrome additions and deprecations,” he said. “It’s an outrageously impossible task if the company making those decisions doesn’t keep a running list of changes that impact global businesses, and also flippantly suggests new additions on non-Google websites and via a regularly rotating group of largely unknown Google developers, who when challenged about proposals often fall back on, ‘All opinions are my own.'”

Such concern is widespread among those involved in ad tech and marketing because Google is in the midst of changing the rules by which online advertisers operate. The effort to phase out the third-party cookie is part of the company’s ongoing Privacy Sandbox initiative, which aims to implement multiple technical specifications that change how online advertising works in the browser. And no one – not Google, its allies, its competitors, regulators, or internet users – is certain how these works-in-progress will eventually work and interoperate.

In January, the UK’s Competition and Markets Authority (CMA) began poking around in Google’s Privacy Sandbox to see whether the contemplated changes would disadvantage competitors. In response, Google made a set of commitments to be more forthcoming about its technologies and the viability of competing alternatives.

“The CMA seemingly told Google that they need to change their process and communicate more clearly how data supply changes are being made in Chrome and in Google’s advertising systems,” said Edwards.

“But if this new proposal is how Google perceives the CMA-mandate, then the folks in the UK should schedule a bit more tea time because they are spinning their wheels during office hours on demands that are being ignored.”

Even seemingly minor proposals like CHIPs can be complicated because they don’t exist in isolation. They have to be considered in the context of all the other technologies they may touch in deployment.

For example, Google has a proposal called First-Party Sets that would make different domains (e.g. apple.com and icloud.com) owned by the same company function as a single first-party domain for the purpose of cookies. Privacy researcher Lukasz Olejnik has expressed concern about how CHIPs might expand the tracking possibilities when used in conjunction with First-Party Sets.

What’s more, the proposal itself acknowledges that partitioned cookies cannot currently be defended against Chrome extensions.

“Extensions’ background contexts can query and store cookies across partitions, meaning they could store a cross-site identifier across partitions,” explain Cutler and Govind. “Unfortunately, this type of attack is unavoidable due to the nature of extensions.”

“Even if we block partitioned cookies (or even all cookies) from extensions’ background contexts, an extension could still use content scripts to write cross-site identifiers to the DOM which the site’s own script could copy to the site’s partitioned cookie jar.”

And there are other potential problems that need to be ironed out, like the risk of making sites more prone to cross-site scripting (XSS) attacks and increasing the risk of denial-of-service attacks through cookie proliferation that exceeds Chrome’s 180-cookie-per-domain limit.

None of these issues are insurmountable. But perhaps Google’s decision to treat the technical foundations of web advertising – a business upon which it and so many companies depend – as a set of experiments needs to be reconsidered in light of the company’s market power. Moving fast and breaking things may work well for a nimble startup but when giants do so there’s collateral damage. ®



Source link

Technology

SSD belonging to Euro-cloud Scaleway was stolen from back of a truck, then turned up on YouTube • The Register

Published

on

In brief Deepmind and the European Bioinformatics Institute released a database of more than 350,000 3D protein structures predicted by the biz’s AI model AlphaFold.

That data covers the 20,000 or so proteins made in the human body, and is available for anyone to study. The proteomes of 20 other organisms, from Zebrafish to E.coli bacteria, are also in there, too, and hundreds of millions of more structures will be added over time, we’re told.

“In the hands of scientists around the world, this new protein almanac will enable and accelerate research that will advance our understanding of these building blocks of life,” said DeepMind’s CEO Demis Hassabis. He hopes that it will be a valuable resource that will be used in the discovery of new drugs and our understanding of diseases.

Source link

Continue Reading

Technology

Reid Hoffman to join board of electric air-taxi start-up Joby

Published

on

Reid Hoffman. Image: ReidHoffman.org

LinkedIn co-founder Reid Hoffman is helping to take Joby, which is being billed as ‘Tesla meets Uber in the air’, public through a SPAC deal.

Electric air-taxi start-up Joby Aviation will add Silicon Valley figure Reid Hoffman to its board as the company prepares to go public via a merger with a blank-cheque firm.

LinkedIn co-founder Hoffman, who is now a partner at venture capital firm Greylock, has a key connection to the 12-year-old start-up. Earlier this year, it was announced that Joby is going public through a $6.6bn reverse merger deal with Reinvent Technology Partners, the special purpose acquisition company (SPAC) Hoffman set up with Zynga founder Mark Pincus and investor Michael Thompson.

The deal is expected to close in this summer. Joby is the first aerial vehicle start-up to go public via the SPAC route, and the deal will provide the company with $1.6bn in cash.

SPACs have been growing in popularity this year as they can provide a quicker way of bringing a company public rather than the traditional route of an initial public offering.

Support Silicon Republic

Hoffman will be added by the Joby board once the deal is complete, alongside Google general counsel Halimah DeLaine Prado and former Southwest Airlines CFO Laura Wright.

Toyota Motor Corporation board member and operating officer James Kuffner and Zoox CEO Aicha Evans have already been added to the board in recent months.

“We are incredibly humbled to have been able to assemble such a remarkable and diverse group of world-class leaders to guide and support Joby as we plan to enter the public market,” said JoeBen Bevirt, Joby CEO and founder.

Joby acquired Uber’s Elevate flying car business at the end of December and now plans to begin a commercial passenger ‘air taxi’ service in 2024. Hoffman described the venture as “Tesla meets Uber in the air” in a recent interview.

The company will work with Toyota from its California-based manufacturing facility to build its electric vertical takeoff and landing (eVTOL) aircraft. Toyota led the company’s $620m Series C funding round last year, with other investors including Intel Capital and JetBlue Technology Ventures.

Source link

Continue Reading

Technology

Virtual contact worse than no contact for over-60s in lockdown, says study | Coronavirus

Published

on

Virtual contact during the pandemic made many over-60s feel lonelier and more depressed than no contact at all, new research has found.

Many older people stayed in touch with family and friends during lockdown using the phone, video calls, and other forms of virtual contact. Zoom choirs, online book clubs and virtual bedtime stories with grandchildren helped many stave off isolation.

But the study, among the first to comparatively assess social interactions across households and mental wellbeing during the pandemic, found many older people experienced a greater increase in loneliness and long-term mental health disorders as a result of the switch to online socialising than those who spent the pandemic on their own.

“We were surprised by the finding that an older person who had only virtual contact during lockdown experienced greater loneliness and negative mental health impacts than an older person who had no contact with other people at all,” said Dr Yang Hu of Lancaster University, who co-wrote the report, published on Monday in Frontiers in Sociology.

“We were expecting that a virtual contact was better than total isolation but that doesn’t seem to have been the case for older people,” he added.

The problem, said Hu, was that older people unfamiliar with technology found it stressful to learn how to use it. But even those who were familiar with technology often found the extensive use of the medium over lockdown so stressful that it was more damaging to their mental health than simply coping with isolation and loneliness.

“Extensive exposure to digital means of communication can also cause burnout. The results are very consistent,” said Hu, who collected data from 5,148 people aged 60 or over in the UK and 1,391 in the US – both before and during the pandemic.

“It’s not only loneliness that was made worse by virtual contact, but general mental health: these people were more depressed, more isolated and felt more unhappy as a direct result of their use of virtual contact,” he said.

The report, Covid-19, Inter-household Contact and Mental Wellbeing Among Older Adults in the US and the UK, analysed national data from the UK’s Economic and Social Research Council-funded Understanding Society Covid-19 survey and the US Health and Retirement Study.

Hu said more emphasis needed to be placed on safe ways to have face-to-face contact in future emergencies. There must also, he added, be a drive to bolster the digital capacity of the older age groups.

“We need to have disaster preparedness,” he said. “We need to equip older people with the digital capacity to be able to use technology for the next time a disaster like this comes around.”

The findings outlined the limitations of a digital-only future and the promise of a digitally enhanced future in response to population ageing in the longer term, added Hu.

“Policymakers and practitioners need to take measures to pre-empt and mitigate the potential unintended implications of household-centred pandemic responses for mental wellbeing,” he said.

Caroline Abrahams, charity director at Age UK, welcomed the report. “We know the virtual environment can exacerbate those feelings of not actually being there with loved ones in person,” she said.

“It’s essential therefore that government makes preventing and tackling loneliness a top policy priority, backed up with adequate funding.

“It’s not over the top to point out that in the worst cases, loneliness can kill in the sense that it undermines resilience to health threats of many kinds, as well as leading to older people in the twilight of their lives losing all hope, so they lack a reason to carry on.”

Patrick Vernon, associate director at the Centre for Ageing Better, said he saw many examples of older people using technology to stay connected in “really positive ways”.

But he was also doubtful: “We know that even for those who are online, lack of skills and confidence can prevent people from using the internet in the ways that they’d like to.”

Previous research by the Centre for Ageing Better found that since the pandemic, there had been significant increases in the use of digital technology among those aged 50-70 years who were already online.

But there are still 3 million people across the UK who are offline, with a significant digital divide affecting low-income households. Twenty-seven per cent of people aged 50-70 with an annual household income under £25,000 were offline before the pandemic.

Vernon said: “Our research has found that some people who were offline found it difficult to connect with family, friends and neighbours during the pandemic – and even those who were online said technology didn’t compensate for missing out on physical social interactions.”

Source link

Continue Reading

Trending

Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates 
directly on your inbox.

You have Successfully Subscribed!