Open Kuldran opened 8 months ago
DavidSchinazi
commented
8 months ago This feature will require users to be logged in, and we will use blinded tokens to only allow access to such users (without making user identifiers visible to the proxy).
Kuldran
commented
8 months ago With due respect @DavidSchinazi, I don't think this project has been well thought out regarding abuse potential. I would expect a more concrete answer, Google Staff is expecting us to get on board with this I agree that privacy is something we all strive for. That said an answer to a serious question to the tune of "don't worry about it" or "we will fake it till we make it" is not something I expected some a dev of especially your experience.
The issue at hand revolves around people who have a skill set which allows them to make an income manipulating a browser in such a fashion distinguishing their action from a typical user and non-user is near impossible. Adding credential requirements means little to nothing to them. In most cases, it's 1 to 3 extra methods maybe. This is assuming that we are not talking about vectors where a malicious plugin abuses a person's browser, and/or steals tokens.
The threat of session stealing/ hijacking also becomes an issue saying "we expire tokens" does not change the fact bad actors can still have a window of abuse. Depending on the attack vector Chrome / Google's only recourse would be to term accounts.
Chrome has been used to mimic legitimate user traffic with the uses of plugins will this type of traffic be opted out when using automation tools and/or plugins to limit abuse on the proxy network? Or would a header be sent to inform the destination this particular request should be handled with care?