qoijjj
commented
2 months ago Is there a reason Vanadium doesn't do this too? We should cut issues to both projects for issues that are in scope for both so both projects can benefit
Closed RKNF404 closed 1 month ago
qoijjj
commented
2 months ago Is there a reason Vanadium doesn't do this too? We should cut issues to both projects for issues that are in scope for both so both projects can benefit
RKNF404
commented
2 months ago Vanadium always gave me the impression of less risky with new features, more wait and see proof. Again, best to ask maybe?
qoijjj
commented
2 months ago @RKNF404 We should take a similar approach about that. But it depends on how much risk the feature actually poses. We can do a risk analysis on a case by case basis.
RKNF404
commented
2 months ago @qoijjj I agree, it would be unwise to enable and disable willy nilly. For now at least we can afford to be a little risky. Especially with this particular issue, since this is just simply a bypass for a privacy feature. Would be best to do a code check of course. But I highly doubt these features pose security or privacy risk, at worst I think they do nothing.
qoijjj
commented
2 months ago @RKNF404 It's that and also that the more patches we add, the more maintenance burden there is.
For now at least we can afford to be a little risky.
I think we should start with good habits now so this can be ready to go out to secureblue soon.
RKNF404
commented
2 months ago Did some research around these. It appears they do have an effect when enabled (or exist because they are enabled by default). TpcdMetadataGrants appears to be a predefined list of sites that can bypass cookie blocking. Some examples: this function, though it appears unused. This appears to be related to cookies instantiation. And lastly this which leads to this which leads to this which appears to gate whether a cookie can be subject to a metadata grant (i.e. it will not be if the feature is disabled and can be considered if enabled). Seems reasonable to disable. TpcdHeuristicsGrants is, well, heuristic. It appears websites have some freedom to just enable it it seems? Like when the user interacts with an iframe. This appears to bypass DIPS (bounce tracking protection) in certain cases. And lastly it grants full cookie access here potentially, thought this might be ignored due to this. I will submit an issue about this to Vanadium, see what they think but I am still inclined to disable these either way. Even if they do nothing now, which may be likely in some cases (not all) since 3PCD hasn't been 100% rolled out it, it gets ahead of this potential issue when it does. I wrote a patch already.
RKNF404
commented
2 months ago Vanadium, I think, intends to disable these precautionarily in the next releases, would be best to do the same. I'll PR it soon.
qoijjj
commented
2 months ago Thanks for investigating this
RKNF404
commented
1 month ago They might end up ditching TPCD entirely? The wording is vague but look here: https://privacysandbox.com/intl/en_us/news/privacy-sandbox-update/ Replacing it with "a new experience in Chrome that lets people make an informed choice that applies across their web browsing, and they’d be able to adjust that choice at any time"? No idea what this means, but it might mean that the features that were just disabled may get removed. Vanadium initially posted this in their own issue, I just reposted it here for tracking purposes.
qoijjj
commented
1 month ago please reopen if upstream changes things, like you mentioned
TpcdMetadataGrantsandTpcdHeuristicsGrants. Basically the same feature.