Git-Mirrors/privacyguides.org
1
0
Fork 0
mirror of https://github.com/privacyguides/privacyguides.org.git synced 2025-08-06 13:34:14 -04:00
Code Issues Projects Releases Packages Wiki Activity

fix link

Browse source
This commit is contained in:
fria 2025-03-28 12:08:02 -05:00 committed by GitHub
parent 0f2bd51396
commit 63de140ca3
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 16 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

18
blog/posts/privacy-pass.md
View file

@ -18,7 +18,7 @@ Services that require authentication can correlate your activity on that service
## History ## History
The story of privacy pass begins with a pahttps://dl.acm.org/doi/pdf/10.1145/4372.4373per by David Chaum from 1985, in which he laments the ever-increasing data collection by companies and government agencies. The story of privacy pass begins with a [paper](https://dl.acm.org/doi/pdf/10.1145/4372.4373) by David Chaum from 1985, in which he laments the ever-increasing data collection by companies and government agencies.
It's funny that all the way back in 1985 he talks about the same issues we deal with today: persistent identifiers tied to our real identity for transactions, government ID's, etc. It's funny that all the way back in 1985 he talks about the same issues we deal with today: persistent identifiers tied to our real identity for transactions, government ID's, etc.
@ -70,6 +70,8 @@ Later, when you're presented with a request to authenticate as an active subscri
<small aria-hidden="true">Illustration: David Chaum</small> <small aria-hidden="true">Illustration: David Chaum</small>
This system relies on the same strong cryptography that tried and true systems use, with the difference being the unlinkability between the credential issuer and the credential receiver.
## Problems ## Problems
Services that don't require an account or payment to use are great; you can use them with Tor, clear your browser history, whatever you need to do to keep your activity private. Services that don't require an account or payment to use are great; you can use them with Tor, clear your browser history, whatever you need to do to keep your activity private.
@ -94,4 +96,16 @@ Bots are a rampant problem for online services, leading them to sometimes block
When VPN and Tor users aren't blocked, they often have to deal with annoying CAPTCHAs that take up your precious time and use invasive fingerprinting. When VPN and Tor users aren't blocked, they often have to deal with annoying CAPTCHAs that take up your precious time and use invasive fingerprinting.
CAPTCHAs aren't even particularly good at detecting bots. With advances in AI, bots can solve CAPTCHAs better than humans can. CAPTCHAs aren't even particularly good at detecting bots. With advances in AI, bots can solve CAPTCHAs better than humans can.
## Solutions
Several blind signature-based solutions are in various states, some being implemented but not widely used, some being proposed browser APIs, and some being IETF standards.
The landscape is very confusing right now so I'll try to illucidate what I've found.
### Privacy Pass
[Privacy Pass](https://privacypass.github.io) started out as an attempt at a priveacy-preserving way to bypass CAPTCHAs.
CAPTCHAs