From ffd342acf8dd24ab0ed4dbd5e20a2d36ff376d72 Mon Sep 17 00:00:00 2001 From: Rohan Kumar Date: Sat, 25 Jun 2022 15:25:14 -0700 Subject: [PATCH] New article: "two types of privacy" --- assets/p/xkcd_1105.jxl | Bin 0 -> 6376 bytes assets/p/xkcd_1105.png | Bin 0 -> 10567 bytes assets/p/xkcd_1105_dark.avif | Bin 0 -> 7317 bytes assets/p/xkcd_1105_dark.png | Bin 0 -> 10325 bytes content/posts/two-types-of-privacy.gmi | 199 ++++++++++++++++++ content/posts/two-types-of-privacy.md | 270 +++++++++++++++++++++++++ linter-configs/vnu_filter.jq | 2 +- 7 files changed, 470 insertions(+), 1 deletion(-) create mode 100644 assets/p/xkcd_1105.jxl create mode 100644 assets/p/xkcd_1105.png create mode 100644 assets/p/xkcd_1105_dark.avif create mode 100644 assets/p/xkcd_1105_dark.png create mode 100644 content/posts/two-types-of-privacy.gmi create mode 100644 content/posts/two-types-of-privacy.md diff --git a/assets/p/xkcd_1105.jxl b/assets/p/xkcd_1105.jxl new file mode 100644 index 0000000000000000000000000000000000000000..f42e8398dd205f8b2f926e4d5a8ddf28947e6c7b GIT binary patch literal 6376 zcmVc9pL&lopazoQgV%bJ`l6O}*EIHXKnXRHHk0(}AXq)o&XIXiYP{0yjK zDs%$#5Z{aHo)=&K5F%uQitM>KY&Msuj1`@fNZ1bqP17_@qG>USrfHfcMxoe< z7=~4ZF^q_YV$C)(W--H%VKk#~bVLjtGc$f%OmZ_moj^o%C>RwRO$$WCFyf2?5iyJ* zPKz*xF^mqw(b0?o5z(=YGZ`;t3|5cfdPqkY!x)MJLR3r~9UT=f#$YTh8WF>Y8ATYw z=%}LrET1kA1OUJ(5C8xI00_8vVZ+d^$n7z~(+-nHvZy8=E%!O8MzR28k{8dloiz!o zxh*OAO^!pD8lH)w3M6&a#&`Z&C@PVy97NwR9i#tAhIM|bDuv<>4F12qXe-JrDJGq_ z$ZhdS<_nhlaAjHB^~=JMvYv_ZR|O)n+unv8D^r>AXnTSJDC4C!hHPS}-sm`oP0~+| zunm6C1NHJcjSL{vbU^rC1A`hbH%<-SuKt9vSb`>zQ9mIV?s60+D#TeIMOq1HUm8A) zHC5>Y{+bt58)8$@bgZUi6Gh z`_RdoxQOQ7ov|4VFg9jK&tR_evvTTCR`=ZtC@7y%|Gs*%WUk8_?f5^YhCS&=ssp6@ zZacPyH7|98Hw|to`Zhr4onp2%Df20T$f$c0qPmGTujl&GD8~fPuUvTI-me?pb(dkw z=CO#6)k~#Q`R1+Fc6j|nuou>l6FNR9C|7r89jm!c3dSqDZjz!!ezPd@q3X;lSH(O9 zg!teMW7UmwnpKleKuwwpky)!1cq(eGg>IjwkfMpikE9Qmhb<~-!XAbH4!%8?dlwRu zzb@uQ&9RsS!up{N+|mkQV&&}>i1U9F8wnb~%4Q&s1bA`COykRI<578akOe)JbqD;? zZ$VOUBNYv`B}|hu7%?D5nCLaM#>|mE`87uDzJ3UiU0V^FC_{fMhkgwn+RBjFX(C*Y z0T-lbYou~Mvcei*PKOr7qu}R96T*qlVZ6-~!dB@0@zBA$FJy7V=BK~fN0u7z=Ju57 zA*q>jq2p7$l{pieBJK;RzLUuA`mkEYe)Z%Jn2CLZ7E zEMe>ISLZ9Cok)BSF~k9SOp-?lpK}MwSnN$wALV8XRf2q4-Ut>Y1l;Y548v0yXY6gC z4QQ6N^=wJ|%-tf{y+M6EqH+N_hT1paV4W@JWc*P!fxou#a1&S)`yY*26pW=tU2l3) zYHK%`z14~=v!67%G$>dXE2&2n9by&6#L6Q2eck>Oo*HnHPMhyTEzlq{OJYkHh0~35 zAOdaQEiQgO!@c|TtD$6g9im%Hq2ol~TJ(4290w`YtoMr@%>)IJn zZnxsOuLLYQ*XB1TpaTAvtfR&)LmF%goG(q)K3VWbv^_PBpX{{VoN!h*W>}(gyVDA+ z1XehOnX$PElK8qSbMh|N_9*IBIF+~SU8!mG zc|z@O4Fp=X^8rQ5NVtYWAt@pVxlarU1lo5rx-qEb7( z{chu$f$zmP3|xrZ4QIJeyxL9Wd23us&YqCa`+`7L=U*{JAHPI-fGcK1gNB-tGMxU3 z@e>ltfOB1&`Z?3n32*1<8ak1WOxLtf9nQs@ria6R#6;i`A&?mW&@Mz4qN&V20Z%t8 z6sHlHOOSxrJ6n8!jFX_r?z=EH#E=oCTv2Vx*kZM%S6AQCzdS((ACw*7*^0r28e_(m z^oKoGZjRXPI`I=Pn9H~8A)r$}g-YL$hK4p1ACMu~pR~|N$@sY!)Vdnf-V8tjlyyT>wov?SRT7D-jAh4^SKI zfydWgTH~6isqd{J)T~Tegp{>V0JIlF;vyb1oQ|ZSFV0rRljMO!U!L~)Id-1$2PyqYkKYBc3)2YoK<601XnKEKmu&a$7P zg-uWQ$?z$-mVmBuw<+`0<#*Qf8e8r2SAr9bK~b5p`FLg>)-`)*H1&D4ur-xzKmY}Y z^N=HpV&N0@wajzj2Cw!Q?SC$|z%PinRtW|UL4Ev040;VuAUzOjcYtq+@wRg%5Fs=T z9_^V-sv@FwU>EZK)ir)TaGxiIpq&F&^SHlYdc@FER#;yd_xsmEk$xPhl7DFI;{%-+ z$6?Z3KE}AS55}0CAJNU15dTZI!@A?wbN#cYE3aZ)Ak3~a6}TN4vW7mjhx6FH_2w-a zPnY@k-UhuYnMihfqtgga9$83U?@I-$)YG=BeREefq(UnLv%WIgGyf!m^}gCm+%Snq z6CJm&tE8J#SW$@dBM+#$Fr^w3j>$(EIrxy@k@!yAe`%j5axw0#accm%a&^ml7739h zI=tdZdp`=;p9e)Qc&e4n0KGWub+zOUvdoL=z@TL%9kD2FP!m z*J0;>wiz?z>|fadE_NJoq7^XDNA>S?SNc(yCS7$09&&)7;H?8?P~H`3&d)KKO6!#q zmLVJ~Z}-^zvJ4#6$UWQf3(&YaHY=VHI;Mh#xfICEun5}oAb83R-L=M(6PTzpCp-kd z1BMVZpjX=rulbVi4rganemJ3qVb^(N)O|~~MwI z$=8-tw!S{8&oZ&$4JZ|llktE8>6GP~`>u#_-L7SOHn&H}`KDseL<>vX4k0adbT((6Ii(rr4(?Pp;)8k zHIKOt>QzIacceB3hKVCMvr6_3e3~WDPoF6wu)C8Mu)u@$@4fk1lJl4X1x3PhEaN++ z+AM1xOrR9=J1!nIEq(Q1x;bc)OhP6^n3s*KR_$(|Jzq^(EfmQ3B{FzRd;_P@9MXIA zfvo(eq}z93q2UXs@qg8Hus$dF46JJs(cDA!{md0XRz8pYzG4?I5s($5G;VNqh%}Y! zL!f{Z$>z=?3L_X+AG=i3z!VD$SugRvWBj1>QB7el@Sf3=tMi}%n@PfMjV0PZtg;5; zHKzDuj7brKJ1XAivzbx8bZ}JFks+NN6RY1}dcecX1uQhe)0@J~yN_9G|gBmIGb zUu?Rn>(&pr&)FC-+~7bM!U&J!s-vnDM-#XnrS?5+9NY`EQSaRaMMSslPoIX={lbKp zzgXSR@BEG8z2|7P_zUabo2t!(#Y;y8fAI)$ppFN@zYv`o-pp55{a5T7!{Xl#PZ>86 z+83zkp$PQdQ5!ILcfbdw3&Wew?*!13b^Mofj-ah?B}FawWxTQ2W~0m8m4Yw~KWqq! z*-+lWw@bfcu4L#F1S8bv&*l1*@X9$!J2)>vBs49im$Mjf$GmcIHT>6bWOrfx)Gt8u z4&6-aBOn^9`kz!V{-aPu1F;fqTN$xAUcPy~Q$NRj)K4Azdar!mw+=qw1@!8Tk5Jxi zl-Hqed#H;UPttGxfLzY-F+jz;rb!o;&b@*N6~lvH`L;SK`)+ZOW1VjF*}-)e-)%9; z{m~{$Gq}GdGo2{hpcKcymoXflrE&AbKdY^ME0H>~6Yz<}@)sxQII;weXTFWW0u%FR zhLk9)Zx^`XM3vCfo>0z}>pE%x%j^3R?vNqzA?ShAH;}emrD4F&T@jZI&yU@Z9(MniQ1VCgjKA~N$b0PtvPkB+78tNcBUo9c z5k;8I{JkBm$_vQ{n2GK&wzn$>=M9ZfQVI$~za=-nucN4yj9PYI@t5M1$(O9q6!RqH zUf8$dS(F=%$JBjn3W;xQ7iKZY#UmtUfI*Xhttsx|C#U_P4_FqV-0z{Qk>_9#!}L z`ZJ-4W5QnbIMG*&eVI6YZ)bDfV-LU}zJ;FHffo|ViRD)nd(DI#rdwectbCSsE=rbE1o5r@$Q;|E%I9;DE}6p1WEK@64LMx|4Rmx3wb zIQEzH@5n#{!37u4oH(WPfBHh{7768A3GI_AFnfDkUOT(9*tPzvWJ-G|wtq#T;7+zG z3?>fd#-#*}0jv1I2i`Nf(eTj=Gocw1p>_+R!GNGG5aX}}=%6@Wa+0uU-^0Vl39@l#1W`%>;7E= z*?n!?qpEUzW{!0GzlIRD?6eQ+Tu0ni*35G1(Zvaqx^7*BJ>^@#(W%eK#`|nP^VTOo>4F+%9VocQg+qN*6!Ysfrm!Q3W>JrELS@J9k0PpG7+@G@^9_U_bOK#0q;&@~J1vbl z4*5n)tKj Y_#YC9ie@xY4*HP&q=~LTYEf0+L(!Nhux^b{S#^0cv%2sa)fWz&nhi zID1~=+*W6&0H^3{yXyHpNt@UcFbmt(IX|tL(U&q(=iDOB34D25W!Xo%_=pi&oGfsO z;lhF_&yM|JoL#BTZ*MDpnbP`&EcWK`r=qk*)5f3S9rqF)%EpfZae2;D83hI;k)9d` zc6-B~KUW%DJj3rbZCM0(L>G5`J=#QPu0GI{P@XO_*xMf_JV2-pA?1aIbHme-iEpA{ zBONoSY&W;|3zE>>i0X=SSYSA>w?YR4Vqh}n1-3{WUQhfWMs(5JTMu3I@GAclBF~JO zqaoO{Xgkfxfuol7;oH`0Xb7A_V4?ujt`C{mM*yG@9wX}YeFCi($aVrK1-PNvHH4nB zJlSRz2pta6N zcu4eie*0`^ESm=BZh1R3Zu#8WtrE%)S=dd;XBO{)L@ESun>;q zSXrIg?=-nrO{){vXYctsQ2iN4047MU^uYZB?y2(tO9?=PIh5Ky*|LmE40Sdr?eFF2rTmNKCtIMU66Vc2FWX{z! zlag4Cf8vpF-Vw!>T}78j6I4?ex(0Z7*o8`duHt_^Bn9Wkqg+02yMjE}k zpy9dloSVcstNmy4X$*+KqtC&Qe_pY==v-A&TPW?P^L9OJecxCBf-*0czTND2@fNSv z?lyU8zTVmbV$rXzYB}B(Dl&W%!IrpF_$kc~>_e>eTrcfM^px)vaTspvj5a5+DlykqSTqzsw~QBgsH1Yr^QT5`iEpc}yVN5X25%kr{kzx| zR)*uP+2cJJO&BvlO_@o-l(GY*9e`xIAi;TTY)(8bYU?b{sA)C0h3r1JEJmhOiEAfx zjr)~3bk>>Pa)t)iE92f-NnK@6kW+2N&YS%vqIMrM4oR}Ancz?8V`6B`R)Cf1_*b$M z^uS;$nF>Vd79nC~C!=4sO3yY65PjF-(0A@%iKY&ZlWkrhoPOjsn9<%C1!+WUo|9$@ zb0pCOfn8KMEaeMLQ+qj3fH>McIC-%6&x{3q1zLq5^@C)Ip@Zk1J!l~JQc)2!5es^A z2Z2qtW4}L!xUp8Hu9$Rd+ewtSNu&)-{N0G1E9R>LFQ*g+PsO%{*q9z_15r9!5nfGL zT2cI6QN+hqIkYQjsAKOTJcOjSn_B3En$K=^U=^D1UYBfXvioMN8{krIhpBQ9Jy=!X z8p41mB}7QUo~t6&_$>&CQcxp_z2=g<<^H5pCJAZGZ8J(fU1-Bo&V*VY<)kpRdV-?% qxsDQGHLFD~A+oTF`ZE{s1pC!7$S4ZoIV-K*W;Suxt^cAc;j$aXsX2`R literal 0 HcmV?d00001 diff --git a/assets/p/xkcd_1105.png b/assets/p/xkcd_1105.png new file mode 100644 index 0000000000000000000000000000000000000000..0e9aad221a89b1e5546d52ef278bc231837ae1b6 GIT binary patch literal 10567 zcmV-NDY({&P)Y!sf8F{0mzQ<18!kapoq;(6o zh%=OrwPPlsnpn;Sz`NT!*{-sHdp8;S3fm>nD0lBTd#~Jy}AbW z4iA4-eysA?qr=0)FAVGvjm(c#E-+J$@0ZNSE`RO&B?rP8=Ntsi$1Quy?1W4V?(=Mn zk5_i(tIKX(vpD8S%#T^dbFQ`fqUyxQE(gci?u_-QETS!9c5HjS8ak7!)w5wmh(NnhuJxWOSaQYoLw# z7ks=c+N@5Yq@z^iP9w43F=-?9J(DY5k4$ecjP&F3W0sZJFS>+d7Jmz)Z8-;$OHK7l zI0yd~%97c=d>J{f_v*ypi{Q%kWiNVG-;#)r{f(BS9XXlkl8^=i1u1RiAP4(^aY#-9 zsMuQ%!#U2$agGcO(vTrcL$Y1D^2*-_n>rVF{;22Z-Zl2>_9fut{y5Dtka#mX`XVa%4HeL3T0gCEDYezbyr=UsN`UGTQ7H;E`PzIzByp0?}n$;%#3j)8(c z|MtKt`D?8;7L*8;iQf8a7HhJyU{o_^Y26e`qdJR0`<}*z> z;oqdqg6=V|v!I5*u7(RnF$JDuERSU{n)1ISgcum;?b;){24tIZU@k@HrMYmZriO7#2XZ=kSs2`-v5j$T6ZMiy}IklvDw0o;xG{G&Z zSMrq6re}aVaL`hwHo00^n`DFaGEcoCOYF9G)?4Jm*9TT1Sg&@Ppwf?5GvphxABQ?; zEccT9yhF2bnoTpO$w2`9RY@q*mx${{&Y14^E%)1Ir|Hs=RVZVO-sCwYZ@=HY;zhi~ zZPkp1xA(ZuyaB?}&{o<5lf{EHWNdcIQ>}6s~_74n_j%d&cVT}{Y#jYg3 z-c) z4l84~Sll&8Lp?-d&;ApU8TqZfBmK@fIVqX71sUEu^&#c7Sf6XkdtS*?iNYZamg1sz zCMUO=!1h?4l(+u`Gjc-obgmXg+N?@~SL1=a$nZ%KNpv^mAp?*wb&O-c_+-Bg*~xDC z)gPGR9B^KS@`2B<1t=J*Ay=uB#~?x-?_iRu38W~H@;ALNYePpl{^X|?%d};9`}=(P z?vUsi{>F-asR)K5`#{BuPFj3g{LsKYAtDYK)#n$BZD}X*+hU)H&z$F;Q1(KZL)t{p zkdGebi~%GmVECKgmq`X4R2j9oHy-njtCO<+@VA%ZJHD;(gxnz+dwqL6H5vV;5Q{eS z%G~R|Rb$A}E4F-c!&m#vq4#Ay1)1i|b<{|_A$Q()UD5*fX)C1d-Dm_?@sDU@|Ml3H*De8CCDRVd?&2Z+z1ph_bg>s4l^&+^A+P&(t zx*=DnHRLJ^+&ZO(Of}t6jVsDDm`m$K`;At)2uL8*2}APvkm#oH(%lKlRIwRnW}t(Na8bTar~Qm zdTbO_)sPcdm3}MheQr+IK5+5hZmm6~Fv^AM&bFf}7j zFe(IRgelCI)o-yq<`xHzi_R#`nf)kS(-k4>uSN8W{*6vzrAe8;{i#RA(!{IIc&E`K z>wOGPp$ZW{nOF&9@~sEZ;?@W1WGD15iTK3{+{s5m8QyvHWyieL07sQ;u;Ya){2Y<%WD>>d>xO$%F;vi4P-V>fT`elP^>H${kJ_ zaPc?9s5AO2+ZgSMvHe(nx#gV@9d|DsGoN>wat_WhECUHl6Q*B)zi*MpnbrTyl~>={ zvuBlvQWP6PnLyk}jnRg1K8VpN3&QgD-*D*e+nzDgc2iDi5=CM8&Rcq5D@r`+Tu?&% z^-J%|({NS`C&yV{*b6|7i*NHs-xW^|e|>1>WK&*p%UW?=fhBfvUEfg=ErhbkLD=a%5lUAV>DeGmSEWxG3;eHErhuS1FDZCSu@7fYcdJds{@`(Zm z{rxNJ(~#$|%ot_&;an&a(;a9-aWECEzdc*IVJBmhO>aouXZh=f|HAS%HRbI~ZsLfn zQf84XF^H0$tWwiUelo^*uyja~F=@!9yX;8Dl{94CIPVm4X@9M(12slTX3KR5W%~Sx zTTVjoFif;>Fb5}J^=l=GNI}=}c z1m4vVc5f@Y(HZ%kPkb?6!fVV~Csn9E1|_2*ABq)LM=BkNj!-W1HiaRFKjNv#=W_tO zB?*2&%PI6DZ~??)s`=wI{1>5IqQG}H+LJvoaK$=AN7?P0k+ZSn!JT*`*VvUk@j}C* zlzGkao|`C`{YxK1n4x^>&O1B7{7G6@N#9Y=QlN0HO&{P6)LC3A*I}Gco=8?OjkoWiQzY8*^tXMpccf;e3g7k-Oo1Dw`a@RXqm5doQnhxa}h6c z#9^1Nwz={#owfI#e{z=g(EWE!Ss zomI^&+5gBg%*apk`pkNL*;?f(cpLa?AAdj1`#B#@ZmAvF1JYaUGPoi_viL6|%8^54*EuaZAh5dni@m?ykdG+l9vjEy&SPtxk|mdWe=*1S$R-T{75OOjzgXVhO+0%7imfDZ%5YFH0THPOZow1sv-?2TtUuV{<-ZhUu4(blPU3b76Kt(#QzoM z$ajxeX+udWF*jO_1=d6v1IkzV^zJcl5ZuVBt|gsoR1*mjfgD`HL!#E?U@56+9_^;A9l-sdoTBVM?j*^xCZ9gs|M=Zb3U8#xUgpGS z%b3iRy0r6`pkHKIGJZf_aG21!7I|i7LbO%Z76pHkl_aa}(&0rv9cjoYz0_Q_(YlPB z1)kQoOvdoys=FvQh{ZjTPCIQ-sKjPu!kI%^%MZ%F-M~qRP4OhDz^?!9vio0Z$heWE zNmIxL=rCu5Qh-cwjb7Y4Ge%GE&hmx4S zQ_uSMv*bOwe`(%0O^a-NP<|Gw)z@{5wC-}03@j)cG-YKJjZqsnraCGy*C22JC25r% z%wT;rMJRuk#>~{{sTj3ZImJwwP(B1@Rc0IM$|^?)ob&ChOncl;5D&yMp}A=7R~D_nvFWha>)@N_2}D-?{mL%kO$si!2FjZPKd@lELy= zHn^R;?1s!D|ATU}!khQg!LEoO(bM@y^1LP@?a5Ooe{P@d9j+x!JdTIE8^aZd)DWniZty57G&*l=p26UZtxGN|@sUKoTa$-GU_D(7jH zH>CnQrK9e1>euBeCve6nk#*XY7p_$vQH~3|I@NnR&DOcLOIozY@D;)d!jpT56@v>>-8u18~JznfGi2~Gi>;WT8GwZUGf-$R=}|yXy^XdgAxq^6UErp&YE$>ofVw$g_Sg$C=r; zg?t*@ly5zCn^^W--um zpWGWynd$^hnN?eEe_`3T8giyZ_MO=eGgrJGSiuJAuQ>Ww@PZIqIwOPLGc&TDM`o^U zVQx(s-uv>#bu2pZ+#K1Sy>ygLYzu7v4%>6QKHe0O!Qf64KP^9$tj)lzr&3Khuwc=m z#>V8gJ6z7T$ia-9YVv+ZV0))5-}Z#rcYm2+i-n)C^B+d0FJZV(r@Z~Yv=?nbBK;h9 zI~{e#=a zK%BBG5hDFgIPkKAzd;co~L`AD*o&B48=R@-GV zf$cS9w|TT1vbyh*Y(1@aLZ0n-a?HL!^=k#LN+y(XY07Tlu7+F)Y$c1R8vc87*^gd& zZktbQ6UubrHe^MHtCbC!)k3*cNZSP(vgh>4N{yf?>lQh<`53j6>rp>$7Esk5hU?9rNS5OJQA6R+o{Jvwt{0d%JdCUb^dM$yx9yqwo$iNUl7y zcNsa`)~E5c$|{skSPe2o0lBa&=a(}Oj@GuUWtB2@Jef2V2Zsx=pzJ#f&FtH4%YPp@ z8Opd{{RZWfdgo}gpslNyTX$i4a3L8jOy0m125;kv#kqnu7nB2gA=#zbl!R%DF%^L< zy!8nDt41H2kqyYfd4S1W4p5K03^?=1<4ndDmXnuuka~}>Z~lXAbRQc#I>MoIhzMF7 zw}!+Zp=@69#(8reFg?Yeiox{C)^8NRt6>+{|;GB-)Snx+p;vCdB+}dLDVAMb`1RN9De1 z(O%*d<88?)0P24q+zx)1F!g$>W+tW05`}6ZFfYF+dAddRZFXH}xu>l~jwfUraySh2 zY;gO1=tQqcFO{1QX0=)1NdIg7PACWS$f*`t{ia;A!&Vt%m*f4c*|P1K|G6F5gz{Hz zi^6o!ltm<~tt@GAI7%qbch?)Oa^f26bVE+=a@>)Qg|F?@ted@>7PkWgX1SN*ilZ6d zPO;nD5u1^nE6Uw{cE$D%Wez)Ij4do1vmPYXBcE%?8sDrelcSC*cuoq#+c_jd*}I~w zWw9Zv=Sqj|jv2$Q4qU-cEI^*_4%JPG*Y?m8M)dyxC-I zL0Ox#exsBP*8Wn`w@*JcwEB}vq&l*dr@mtOJM|)?Ay42kC*3M*igwYe)YOiiCq}j{ z_}tc3lYD>XwIUuwV#R1u{I*nSlcKQwZ5)&h`DsebDX>~(#eo$&yP`F}D;fxcW?rk@ z`Y+3bGoNL}Fr=-i!TdRxJP(sO$?LpLL*6Iz%*nS~WbZ3+VWv&kJ*Wrdg6nhmFAIb- z!#={M=dM+E$Ru;}oEABV$nQ#8Q13%=^(B0aKd5=60x+oLk=y9m{6TxcDcM< zZt(F7F@$;f`A0uBunBO68u9bMH>?=|Rj>wokr$ zW!d?FygF|ak*UhUEiSz>TC0L|vKGWqA|EHq=i95x_ejGmXcmzwJ2^Crs)0{e1}Wn4 zV)@4!`FymutS0-_I8Cl1gO1<_F|F1QjfyBmys=n*Ui0@vdkv(xdk?w3X=17JGk*6$ zc~k}E8^1b=;bWmJoF+pPqKhUc7Rz#xpa4K_sPc>M#?ypWdF2PzzMsUUi{;8~`aGlE z(4r;>Bso5cCMu2puE;-iuP}-u$GkG~>G5y<;`>xtF56tUbE?BzAWOeQP}FHnkt(Oh zFFtk$xn*?nO2ZXb2Z=t1;$PSmc0Gv_>`3cH$P0$U@;=WD*w6q*nQ-_>Gy|4*^)b2zHQTA_wjCeMu(WV}I@w>O8MkvfEB zr+t|S6j>5cnv3KI_E>oRW=ujmCM?OZwww!FBAftIkNl81w6Qv2CK~>J&eaHn7ZM0-R0`AdJ$FqQB z&1xnJ$0^ePvS0R=$n8B)OqUWxV42?&2J@-AQ`+;S;SfFabka ztq}%))A4DIJmvF1e^-8t(JwDsF{-)DH?UYPYI%oy6G?EN|>3r|u#dd_78s=iglRzv$mUG%!)eZ>Tc2+1j&)#oj`h zJF`h#md}xY$s5R2qOpE;H+^Oil5WuJz(M?Ud4jimyWIdeI2nV&~$1E+{5 zcTm*SXn~AlgQMy=S5(Jt^-~H|>docM;&f`~>uEB<*Yg%j@0A&HWVviTjozaas5qF* zrN(u49)dqF*D#Y4zE5VzZpob5SKqWr27tSj0_8_@8U9g(Hrf#qtyz4%o9eu|TqtK` zb!83WHXXnZNo9h2m*qtJMGBM?#lZ(GaBn9*C&ofKQRR$ijW%{R34kR($(4iC zKE2TyX|l|H0G+q@9RBbZX`?MCdRxB#D*L4GBCh3oMgYQfEm$N2$JgDFFUw?ttIrgz zNQp?7WT|xCcbDmFKup2>%#&Q8Up{;m$o)VICAlJtYlqm7t1Ma6mSaLI{w|-A1%$j- zodrs=7RdSGUlYg)dKk6kf^6Pa2}tpYmse75hZLa+r(E|9V8k+jT+8qxdBMkYJ87RdUWFZ*&LqBpv2 zIpg<+kRx3WG+&a}TxIFGl*pRP71@Q}FX#Ft*MBi@Go?1Wypxn8e&a_B-)&?;ha4pf z%wwd@<@}H>s9!EGzvSE()4D2elg-mvktw%*rzNjF-0mcxPjfkYyo1>7m!I^GdyWv! z5V>-OnS2T)M@DaS+j4d25$YxWu(fg~-{v5-0bCGU*f}oA?x)Vb=^_aIOeD)1pL{9u zIt9Mn$mOAj(Q6>ZDSGr(weX?aj)uAWiefl<^_E`{5lOO+o$DTy4M46W6aWZ4MNYp- zgKxFuhg(EX0?yntc^TFB7CyP;`ZNo7oVnwQSKF-=R@}+U zwBjb;KPJgIM!{XEOj-U+LPSp|rz59ij|@(>!Q|EXQ_R^NNWAGt_MBf1p0buc%t0QF zi#KeDXNNETn3;J$^lt!!b$@0){n5&4g+IItr7WMOPa$uIqK1Z+z=J{%Kdn zCW){9u5*LG^}buM5=|geD7bs@iplWn1B1Pw*Y6h z-ZgpoT`Z4qg#w&h9gq~A{u#bk10kDSS}4K1sW3%RXMl=RJ{!C{LM(Ljgf@TRu4Rsukw$epADy74^xqx|~RI;UKO1^knHu>7WCpwbRI>ilRQ5UrdAj$<;8|Iu4ocaUjgs81T=9#DkwnX6r!B8JDCyb& zfOQg*?5c9H=5*!xi&HFZbJ&(aGx>`>;5uh2PrgW&g;`u<^~hK9?MC~ReFxR9>_3&D zMrk*4W#)&?uADuYuNfotmdL);+vGsdqaA=AsdXFFlEw4#ry4!-*KdJ1ldR(z|l{1KbhjKIL@NhM;S#Q$!EnSR!ZcxKHMe_zh(4-m)OKEoU|= zIy@kv#|KN>JnhO!#4?aM`;zalP|{%{(vG30(8_X%PQ=k@e)ST$lH}~ICZBsA($Q1y zu8dInoGZ&Y8MXX6a=LPC$#N1vjSz9PqFhRHMfyzkH_9Qp5t@?hr5@B6Aqfs7 z<20cp^OF!!kL(+=EM@P!fUGJPvMeYlECc;98n@-t%cZ-i1teK2duKCr?-IUSU8<5ml0_#K3kRijKzY{FF>!dx zGePRL7Kr-j{ui}a+C6gVXyj=Pb>whWIS%}qV%f`eP5@Poqsmldud^j- zIwCQa$jh33s;mLJEEjf`Ws*@}0(zLZ4}kJO(<2d)j=JOpvjH zj2(dG(vF7_aN4Ixk%a-ovMh`qnJ0Zh8>`5e%axfEUA9g%j7FidNb-<+cM)Rky zQ$$!Ihmd5U!KdA@M^km}MH0yJ2y%@1I&2e#`;_4m%g%VDERvkJEF1i0RTk!M<==?+ zD<}NBe!e@>$DM<-%w?I!IEEYs|Br-**taZvdijk{aR3;)EIYHmWI2hHB;;WTwP>F* zNB#}Fve8)q3%ij`bPBgHIn83O-+RjbB3TSgWsw9*mO0hc!d+S1mb1X}HjjGb>>F&L z8pv`IG~ZZaMJ?Q=-I}N2LFDxNXYwJdBUdKN{2_8jk@>=d%OA65vfVAS2Ft7zwz~Cf zhG4o()_UaRVV*pvYgg()RmzhST1Z7cE6lEb2;GN zZ$*rjsV|YM9yxVUnn>3pbz{JJd#*84uScF9SdIe-4e6#V+hCvN2x{SGl0SfP0NDrN zN0}@aHupKpam2mfBS$OAW=F1c0ExSOye+dKjJeE}THOrsKrENbu3VS^auYj!Kgp_t z<#0X*O+1bBWHs69$f+YH&v+R{=&4T_f#s?4cE;wHilx2XmBY9356noxSsco;ykwXx zyGvybSr)_rWn;kE!}7SkxGf8-l@h|-w_FkpPT;g8Gsz#|9FM8mvdV6z!9nDlF5mjK zt*smT<BzFqviaXAhtV!^63=sT46W6{@*1hJdZz#-uSWqE_r$Uzmo@(#j%MMBb)3yHfhgTS*HERe*pQY V4CIu22KoR1002ovPDHLkV1n(J?g0P* literal 0 HcmV?d00001 diff --git a/assets/p/xkcd_1105_dark.avif b/assets/p/xkcd_1105_dark.avif new file mode 100644 index 0000000000000000000000000000000000000000..b3655512724c38cacf435fe550a1bd85527dc28b GIT binary patch literal 7317 zcmXwcV{{$f({*gyYHT}=(b%?~+t_yFq_J)5#zT98%$_}a&CIv6 z4j331k)^8_z{K6g670+Viw-uHYz{Ui|K&Fh7Op1$@n1%3ZEo-U{~;I{z{bq=|L}j& z-p2I*TA%=ITpj*b1OM_QHug?t|78+jVBlZpKMw|u1qMbK^o40{Y#jeL_kR_Fufzi4 zKk=8w#GRE*+{xbQe z`eKC`78KLqZ{Pvj$b9rnRW6rk*&6f!k!~XC^`VRiBQc zW*KMc+~%4G0aQ6Qtd6A7^dxGs%WZ#V&h!Y z;b+gTneAdn@?Y+yeRZ%`!VIW(J6P`I;!nNBBl;Prr+(_FHg*P<$BkLagtfiJ<~(%_ zGiVB}ut5oJkpi?hiy|ZGaU-Vdru6O#@=Olm8NgrbM7G~-3H*A5qVffJUoIW$BXX_I zyO^O|YLgOWQ-B^_9+BzkiK8?kJ)f(GT;r3D2)vr4SWy_Ve`&Z#JuKx%NmT#L(10_U zXWVG2O)}y;->rHjQrfxM6wnFEB>r+%If^q19Pu}#jbpA8dN12>3AaLy7Vz;CGz$zF z*aS*Q@q&ckOxNtrO*g92mPX_k0;^Y$SCHq zOKM1GFREtyo@<&ZtSG1{t79VyV4b(6R`4Cgd>a$4g`NjTQPROIuArMjKP7z}+0@K( z=zAB8?mr)es=mct`Ut4%md32KS^AiUY8YK7ssw_wz4bs$2s%2m-s}qWYuARMxcy!R z;I}`|g1n=(a`!K>I{BQmqN)?HU)@&WRh*-b*1d8Ob44M?&5q7$oY)}kI(i6mS$l&W zp2OFHJ*Ch&s5Y=L+h8xxMisu>S2!uVbpl{7bT#QoBTHnDo0TT4QKs*}Gg)q(yb+yyNDb3!ij4SfBj2s*l%k#gfh8RDXuU{AWPlrFCy{#2Q`Yi`Ck zQwDnx4JDIxLpNaP?_-UL$1%rd4QyuHi`O}UvgS2N)!1|>()CBIu=aymnB>8US*e9WXa+|=>xF+6n&I9)e_nW(m={NBd zMfBQQGICnUQSd`Qq=^O{3*emMm!%eo78jNylSlLO{qyIV>c>{V^1_Y(rQjGQ#2t+ zUk*N&#H5B@&i?%)%nkZDSH;nNNeK?Xc7+RhH#6qJy_O@Wsf`F4s2cw5q}-oBRbjt1 zlMpHMSyChsC6~k}yQadQ4f9j|?Fes_bd?h;%S;({Qo(7D-qZRYwSPH;&&Sxq;YO@> ztCUxyj83#ifsi8?9%RuY5<0kiZ>H~E8x&@R5?_BABCRb~!-igEN_~JA56+Luhy`W& zMk=~@QS4%t?rr@JFX;%oW2VI1o%R{SS!4xyFYqd@a!8jFpbEm&E*Wcoh?*$sr54Z{z2|$ByAgqMGAurwVBr^>)l< zXz+^4{9=_x4$Z2>3e=yXWNJ}&D)O`^;q@$QD9Bqv3*0|+6YLh1nkoqrB)92^SKcI3 z=d&mdxPcTK5M$~V+Ich&?)Yyt<`8H<|90yv`WD8A@iU=OO@hLkPu*!rYH(K};cF#5 zjT$o8HWT9|x#_t}$EX3~8Nv%b2l1~k(`Dgg4lSb;>CnYs=o$5wGJH7h)g?qG!Y<$M z8#Uaag8Pt8YQ}gLdDH5&dhv)LL?UDMXXYg1&=*rTxoC(Bc~=oAxG2ojA&eT?ker@H zKPi}2kJ6h-4%CdboPhCf(603r5$dVSmO+HE%zpQ(AJar{mb~=$)i3 zE+wdf6#?aX-V2Je3Bc6W_4rrZ2WYg@f80$abH^4mTxlzkjUvW#zt%*Q^2&xes; zy_MNjr#T%Lu0j{tVwd)jG5X9`q%XH zoyeSatS}#SNLK5~PTkWaOX}L8A&v4cX0HtGu=ygj%&y(Ga;aE=Id4!-+Qx&UXWr}l z&Ua1AH-T?mn2eDL)y_UhGc==!NflbpOuj73f;c(BBJ5fOCzI{$-SU6<8I41>wgf)0 z4CimBr zX|_ijg~f0ID!-790}OJQ;c@??`Ujhr4<`DhMC4!k{Dlz#&?71IpfOy*~}vMAL6%#eHw5fzcjg*>Sba z@F7R<`BA^ez(eof&|5lVOCJgcW4QyN6Jg6R3{% zUW}dVWao8G7M0|l5SYY^+fDa#UWv~0-=Qb4lPsG$S_aGQy^fBf1&c+(lt~oY1(&&9 zqnN9@^U_hCMiezAvM71T>nGp?^0 zfqp5<4NdkQk(c|#nVe)#tq9C*29cG+2y>C%c{KbWTt8Tz6%7K9LiZ%z+L_q$l%}G$ z$1N7hYxoj>Tay^-6peu1TB0V@4aX2y4ppzrvj=$XxuY|I)P)T>;)T-}7=kIs$ zbL-SR9222NqN}vhg!AV`NB!72RNpoyZBZ6rvozuPu1+0exUs3(DE#lEb}dI({4eGb zH>&g{0{LFzYf-@n;V3Vt8g@3;xL3R!9NA6JktJ{J_Es37qYgWhE%)?*QxIEqmO%rL zymay9gVBuv-@~K?Otb7TfDXgkEs{tfJl}lKaG}l81-3vE@^yA~-+>tKZl5XN9V?&m zrF=YN&Iaz+BNP^0lUFCU7~vI`g5-Kf6Mfw&n%PB?NPJ*O3YnM>O{H1%dzOaCSYQn7 zKVcu8pInFtD_rp5;+CaTJKfvb{5oT_hnBj2@F@Iwr5Hlrw?IQ%CoU{=wdPt-=yb1F zt2sJ#K{iv0_IF4Yx32r8d3(OoS5K;~cZiqzi~W+XAxow*z6cKrPb9e_RjsE+{ovL# zq(xXLv_Ehizf;l&qUcgh*ckVAc=`RJmc$UUJO>=RsWmiBUGRpWE`wQVPPZ(Kqow>e zCxWr39fQv@ae^97y|?y$ro5v8F`6UUpKoFpCFcEi^n!P8p7*7PS+-T^T&F2Npu)#NKXQWy9Em|6y##Gz;|Ld4Smplv>Qd4? zi@20sm}4p%tV+FZDklTpa&S+gJA90v%g~kqQ$PlryfI8ONY*Omksav`bh(i^jbM}? zS86FC*bGNA*&vE+=Ka`55OhpfiOY@1&l3sDjcPNZ8HUX(dU+m9+cJCGrD;_cDs%MyAMea3AQT zC8s^%L{y+J=+WRDc;;PnJ>#P{)4R&eXHEQfQcRE6s$3D<1=7FBMw71r_r#zFB;O>7 z1-4}#aIOERs;IX*?9nr9!ke=>Pox(wr45FbHRyE-s*+O`XMj-!*vy1jr2c!{nNw1z zCx*1%+RSThzM&pO)(|BjiL;bWTpD>t*amo1n!|)!LTsiHM;pA*7g@hqt84xGUTgeUsyA`-4gch2dy3#X(V>%F2edMgp_$~ zGS#y?&rb>8a9>w8x!Sv=vu9%EPXcMiZ_o2a1$$t=$`t3*zuoFxH7=>W2W5q66Z(a70Q!o`EQLM)(|XFJ#v& z@2pQI|G_c`Wd74Q2RP!;N|A9VHd$4I9==J?X>HI@r6Ul)w7$Y7(aG+ZE$ay#CCr8f=i}hCLzq<30))Rbh5Y z9re1VZYpG~r6+zysGRurBEtpgw(p(2AIYPDPp9*UoWkmC2|KukYXP7E*<6dpg82y5 z6MqW}SQX5KHd{8UP|i>yV)KbnkIdpCeqg~%6C-IHOeab_;=jL}HAo4IjGcQXW;Xge z&e^wfw9am5v%d z*F#u8_Ht&WDONV3+O-L?JqZbU9btFw#WbY?reQ+8D`=$?fSIyulTI8C3pU821xJR3 z>liMv&TP)14Y!BVZt?r6lB1N=hVBY_I1{1qen=jYHR{J?)!3CPUWtlwDX)BZB(AQj z3I#h_Hr`wM7UNoY&y8+`_=X9~yXlKBgzyWzF6Cq^7)g#m$Hs%78vE;|HL_N3GngRq zc*7x|Er6#fEOM@k$W%A7kd_6vM+1E+By+&4uxey_x1aa1KN;Z3RI{emN61eS#qm&C zlvQ&j8q@STprz;Lqb?p2csZvc#C&2W%$9&|Q_K~TWoM`%&`fGeO1?=F`|FLSFWi9R z=@ZlxxGe`qhzT=!owgAA{SZBqg)BQNh*f-DpDHuSXH(Qqj;L>j4u)XB9n*{Byl5SZ zWbsB7s{CE9l99~pQ64LMFGt7qH7U>*dmWvB8mC*ub|=fR^lm|7h}6ezhoUWVZT^m4 zL~lTUrO#5wP%@AQgGyy9YLNf)L>UH!ale0rz> zszYy*<@MJCQaXhkZ1RZ7Bq&__Tzo~LN_$Gx4x3(zb8YL`Z!@e;C#r;Wh2Gb?k;$8g zVP2n-q z_Zqs^B@fQ_^>UTFW1>fZ1&1{1eT4iB$WX8Krzj_9F@ShbX7{s)N>=Lhfc7PYT1)S2 z#D{tvBcSuoI-_~Xjs$;q4k^5cHf4B%*gX39Vf|QoB%ZyEs;YltDa}pgfYMNjw@mJ+ zFT%MgS3MW=4ysVwxT+v-2JJt*Z}UM{Si9>eL6A-hydL#BP1u2B`;{MJ9>^CwWlXd; zPJxCC(I_7Z_&Eu(Qh2l8e7S;_)Qi>R2RekO!keuT?Wqg5R^7VHYX|2Wk6^UBi(dj@^EE1dM57%PPwG|e!fo4D&VIi)qFyc6MKO;iBnfP(sCOYkA z#lI6y)rzgQSSGp-LauOWAa8^QBguj!AZwOCTrH%QE72ir7Z!9zFw8m7`NC!=c z>gtsTZYA*z^daA;4}q!yT^i79W{gbV$nz1sn;XNrN4fV#A?B~hSy$xxDwJWG3xDtY zO0Er5D74--c(CO1`vx;`aPub@gBt!=Mn}%j57FdjM6UX&3$}#jgL7TyQFm=M%_+Ao zU12L8_<>_`i=cC`LJfp7J=k((rvhXi8CR;!Vxw?A4kX(;ig$baUMHbA8?#0EjH<8< z+N_qa=y1j}QfA>VCS|n-XO?8cdO_*6ei#pf8UvxW+2H{wu>4n2qXm>gx?b~{P@KA` zm)cgqOic^}Tv2fnId#D8aOs>PSBF4(eX}@+J^!;%51NSd;ic0Ktl1B#O$}X&@vO|` z)EU|(8^5WOoKRF zn^*Cd9Q2=uPiKvtLqNLE31?kN!wIFOI{HglBb)1!g=cd2!mY3j2v){6!!L+WK$3Hg z8xca>bP($8=2?mkwO}0TIX-zbeGXJ3tx$Yb+xb$=UN3w5_K~{yBNG9Rf|8eJLBncK z`2Mvp#r|CB!R_nMV!2JwKafeBT3FaZ3-5JnCHOaM({s(+0^K5WgXLUI@ItX9PY2Tb zyVU$t%O~hx>;m+xvL!pvaED!9GPj#iFz}AHra9h!=LHa2Vx!YyS!VmNfFId^S`#{R z8)1s6(9h{F^I6qjwXWk&C}ec%7YCUYyFIouF!MPu9gn92JbJt z&-sm8P~~pYc$pnbfLZGue{z}3){V3UUTD;WL*ViiNysq!>ik|=3z`R8vU{#BBEyNM zT3!~qNbk#9DPKEuSGq+#{iA`b`TCxvG!YdLA|FzBLdv{7Y9ywEt#x=2*-W&@ssRPg zQBL(AnN#&<9!xSvIj8lkp#+)9RRWK%-JO+~)`B8f>Mz{zYA=|vTK zQmJZfF7WMD&rR2#Nl)i*`a|XoS(taufzpY-i{aEpuOBxOU**7JGIx)t*Hha!rfNCwQRthDBDDw z-hjzxK;?|Yr8pgBTO$d~+)${au*Wv6c%<9B@LvH&h}M_#G8En>A85Fnt)%`9xNta8 z8|ylLFwm0x)DynU8$hxzUkuXj|ePl$v2xXtsyoq%|tReVT-qRdIg9x@cQ z(D?9dQ+$Qjg_MW<2v8(X&G^>eRE>BF<+;6CsrMWDX*L6$l!`~!tc8o(?URz|Cut~m zBhLHZwd5(O$J!V;Q!?7&-duIM>*toq!n+b1bIxg%xv~k9_2w*VARygJ)GT}Eqf0`Q zGByIYZ4ISnW4eyDGWYRmWw4uMub;=^T5y7T@&;h@;YDK4u$92x627r*PgiW1}cw zhIarO+3~2o=}lt}FxOx{kVh<9{Yhl(G^6?a3rB&!;wB?bCH;-N!jfcAKC2Qk80hjB z&9QAo>r0WC(k~d_2vYw&>J<#OPLU=I4i*L;UpUh!30s)T5afoApa{6zyg>jVdZ$fR z77#9KYq%aXuAGF_Eyv&Cj@+XiTYg!9cMY&EPwZKL-`G%cMj&KCn!B+hh<%sM6r_Ei zi`~e2zmaxH_(8n$%y-2fOYCC#8!nsL;_K_lz2$4y;A4RAR>fy}2Czb5CTIU0p@HqL zl%vZjSOW{_3`AEZ9d%vx-BC)dw-_e~Q8vyg@8NyjHUmclOgXvz+a<^^+HWtcb<$b* z<7VEPxP3i$_$vuiLNml9o9JLkVs~=27<{xHg09a*W_P^R8gnL-~eXPs-nWs)u=9uy8WdQQzPzF z3S~Q{Ce+EC*{Py#Rw{SBN>AuJC-(2ppY?rS$vQaK|4#OJC5tofeMZ&vbh;Hbs6}hGcWz%8ysp0WNSx#1E)3KCOk+;tO5?+CPEay5{5%q8a8&+iV0rK(w4Lv#B z;6IS##uj3P(j;he>@Wz&GAHG2>%WRuWOwoxYryJKe{IGFFQ2X)6Mo7gqhG2l9Eug$ zI!1!oPNFRPmY9@tThGoMXRTHALAJ_6F%saZvi#gJUwU}FWZ9=^E-K3*ouuFIx5}~< z{-k{3OQsVuH_M9LGHk_Y2G2-?MY|vJ@vHJRno5xwuUXL&028_@vtw@`i?uC&WB68+ zx7(Wq!jV+vmWNf4P+N?w_jlCDLMtXl!BbVa)o-fKe98?v0ddL|8Xz2n4#3=h0EB+# zp@5bifW59WC8w4a`Tgp>?mGIFtJ`$6EE~b3oKAgsjL?@QSvP~xdy6$Yzw`{5z5Nr~ z!oDrrn@=;2MQf(S9=DGX_v^;v(tX73&U?fdNNw5ML#}m$>-zLvy$Jb@RsUGoQURL#<2mF8i`0u47^6y|FdD`ED%c72#_y9N@Vk z#&FlE%%i*4^_S%*KY%3nnS%k46H91YqGa!P8#yICQ**9#XEe&Zap35LjuMFgBfTXo zD8^X@Q1p%AFg7xPI5&EaAoVuSbbtaoh_$I%(1=`W;EbdyZvu#W>W4Nqp$HUN?#Ox4 z+2c&gqK9Hg%9nRDARZT+ehb9XS0Cycw2|&0Mb>KRO8>LB3fG5%x{2eiln=hVaU@W`QNQax~l95-X3ipA(o4>+EUku&a-OvyXk+j}>--iUt<2&2!`m-4uBd-BKiQ{S`~fw*)6n5DchyhKyT-Icoa!9})tAyO?iTmaiPDaIZvbig`E{8ujp+Qr z%wWE6QZ9C%WmPC19XGs}4y;_#yL73~f3R!_^OH z>^aBN1+ypWy6>I;2&E3wPcjyW8}I$l`iUK0TUF*}q80g2S(Za-;c>%bR`hF!mjt_d z^8x+Dp7+f8_np~Wl?(D)SmeQP?p8lCwqPMYilK!sL5h`W;%qolP~T!VYUnTn38j;? z21a1$<=PrhK~-M0*PWD`U$_Iq_3=;s+`Z0Se(=4n?`Aapw7Q5CA?Ii?w|kg zGiPPxlm$syo`ofxv+~HGoskbFQA57bN3z?v)gs9i8SPEV9neYRRpbIO!fhb6$}N9b z+(OvG#?W0AIgD*Oimv0?uC$~qJ9s2o4IL)I@hqO{U{SC7vhoROSvYYgw_qnI&pe6* zE6iwFZZ38ucg{K|8|$@22YXIyPX!l{J0k=am2+j88)yyeLhGIMn3))1j3KWgTOxf{ z7U_cebLt}%*(XPW#X3Zctgzq6%+W(!5q#F!RS3PG%-DA>bALGT`@I1Y z!t!(=oYW&u!FX8QfyL+bjs0c$M4%qqrRM8h-jNH)#z!wxxd>B5nO<~C?xe+CLc8m` z-ml~*`F)@4dUV*mVJQ{a=z(QRdx#qgS-H>MH$TXG10=ZO(|>Yr9y5ZuOS~Fcln6j} z>@ad89$dp)49}+K|_lVnD69N<_j6q zc{7?M^W2`fG7IE2SO^$=1JM$yTlf|f?hr%k`eFA1*G1m-12;9)onPs$K9Kxb(3Ns^ zgQsMa3-sLF>1UM@aHD(BO=EQlCk$Aa4w#!3X{Eae9lvhTEvqxD1c?*AeYtX8zVlf) zET4bhItWYCv8VnssQWe{X~urtN;l!76p20Q_I~usDEngV!RrBA9So98$&wqi&8ssB zcJEAhsKesO)@-{6FQ1GrHi^wcCG6+t2MHjA@%=0oS3JI*mQ`7H>*m`A)!}^i)~~et z&*Gf0Kn#wOL+DgcW8XPb&aUV z%QxQczGvxa+Wxe;Dl=}CfBr3=S(TMoKYOBR+?x-%YiK+3?x6J@ zJ5RekRoUYh6xBU_1v1jj*eP!Ge=a_MyZvhFe(D8JKd`ws6U7{P|DcW=9=1;^!tNZC9;j7=s zKl|pL^Gd$Dz9R2ld?!!QMWXUdl~CHC3!BCFWQmwJk4a(`x&0|;=cv?GSrYHO%(xB< zNYX-~n79D22#4+H%1O6{M3)YSNB!qk^G-&369Xr9)0wAkFh>u z<8~~y!8t~|+LDzdycd>8?5CV#Z9AIFvT&3|OWzd-ugivkFeBt*i7><_zDE(fi>xFbY)eVW!*}gj28TZHTD6!i!Dl$N4^|Qgvzz8aG#|np|K&U|V(Oni`hvvi#Jf943r!mu0FlITfHDG=c=h zm<=T5S=l}-(+#;c#Y>kDiBV!LZ{y~QY?ozgx@>3^hK>=h$hNV|4~K~jm^XnZhiYU^ zpv?W-Ptyl^~L&Nx~vDM@5QVwGTlaGn=L%l547^BrWP#HG(#=q8yTxT)dIi-mjXy?_zPFUZ$BZts@)Gwz5nyCN?h79w9CHtRJE=IeHOU){&Kd zvLfeV#{5M?J~p%XWxBmV*|>dS_nd1i}t zw;N2qcW-Ln4+3H`L-F$di_4t=!l^HtK|Q%`^>#1dH<6)ImRylObqkgtT(bmoK3vISjx+eHs6vvNVEbFJwbIyN5jE0&=2QJI#9iWetUw zC>xp(mpO?}ETv~VRsup|`Q483uJh%%Pfc47FYzIM5qV%{S?S|Wdl6f5d0@vtty!VNA)whg2}59J!cm z20)`SUad?I5U!QSVVBqiF_>F>we3Xcmn{1VRhGr1Z2Hv7BJcL0ZZ>X)BEl8A(+KEq z+S@~3kjALl!<-i@59RNjoY}#20Bf3Tp1DiYrKAi~MBVdkKNh;vT$b-07wflZj}RA@ zbwfXArN<{{HZLF}9Eh2=@k4UhJkfuw^$xYz`xVB$*XgxfUL*TVHPDbOK{!mxLIbm= z%ccW462^yhff!!%$nm{fw(0@Y(CyAz-8Wt4oLs1#e1drzj?xqWdQx^OvN<&~RkT+2 ziJRB^1&YG4k1u|@ry_HQzhb>#BYRBss>+{ho3a?*tXo^%4eqjinI+DMM@J}Im1}24 zUqCh;M%?Rj1#)I!{c`=utG4PK@_{>ZUY;4`B2Zv`=qBWmwo_TLL_g8{h(lkAj?3p( zWYbalYK`#48q-(RXIo8|jQ}Iyv-_`aE-+vOR?+w~TZ0^-eRni_?X_}_sp3FfY)(M9 zt3zZtF5at^7Ct1>RAiZM^;#W5S=k-RhCD=Yo~+CAfVkey;Z@{^D{`3CR@$yFFB*lU z>|hsHT)iQX`@i^sLEhj`%Azz+Q`3cIPizWR2b9+Pg??PK=FXDc#5eOc+s^H+AriM#p==0bj6k=L5FG8Ak6_Jq6W^b#ljmXma| zCu3v;iDwhcb~BC1LY*08*_h96!{f5O?qEUO!Bb9I-XqfCS~*_xTQ&0NqMr^q$K9Jm zH_K1o{XMWr5_@iVW?4>?mFuP%S*m#fP1A!BN_>!xpu`;BM2=cHRwEb9MVQXfM{hE2 zGS?qmuZ6a;DIyz_d7)JAVq7aHYTjW5b5X%`3gRYtQr)eW2c|C1TnrkJ>(roJG=c)R zv?sch-WoIoM}tv{{(nQZYu=*;vH9r~1#a$Z?>6*PD|>ER_MtSz{`RVTX@hc9bAdW* zKXdAnFAw1J|Nzjt;)$6rl^&hf|e}Wymz8R^uckUG+;7EoGRAH zR?T_YNvF`1_!ChCXdnVtMs-z=HzaqZz0^TpZgRUBaWiJXif$FOxxF*UrbC^o@~aw> zM`Mm!(bx6?I(d_Wa9I9f<;R|;P$NsK89@Vbp&{9e_;Op%XBPta2uEx-whY9=)XuD^ zrgQ`H0Ou7xPZmCR?c8?z@{cnmZ!#AZYvdYG^0LVeE7xq>aQAR#Quf6{u{jpAW|A$c zl}OaQi2e?AR%O2t**q)joUewT1$^)iUgvK9b8Hs1vN1*20ODEja3S9VzzacJzDHa_ zY-TxfA$e_I&QlT)K5V#l;S0+TC9Hp!gXu3bnYl{%VzV~aq<#X=>~-&5l_{yVdNLRK zw!I_M%JSipvxr?-jsw_g)O3uy0~HuMxH^+5nG1Z3u_;+JCVRrOayc~&2nW{Q z@Gx6{&}}idMmC-4t7qKkHXSwO7=hvXJN}lSB9Ay#8K)7MqkFwsg`9EU#Df)i_sB`M z>a#Kzmc0rudQ3-_m)g+Ar5;JdwLZp^UUPNk#^lt}oTOyVcY8Rq`T)lw9lTM;EMhgX zaHg;P10rKO*41hAt`Vm-qixJ<9n@%lRmKMx4}b_DGzfr_ywG)BcOu*+{mdnT2@$TU zmHp|n`=)!)No8`TdqWV~*Jq!)ry@5e&dHDOU3#y^bU(HKz*u_kvb-n$K0Y96s0+%5 z283hmzSil|Mf0x1TIpkUTSbm_O_NtHHBNijV#&VDn%TFWe&~$r_PivSs;sEU>d6&O zg1G4@EeTb>?S%YmRrbIyh*9X^1WI=~v*`L;2i{APJt|p~vK71E=^$2?yO5KzOc=LR z<$9+-!7P;YeMycu)RhfgPZs`*k*&#@>GvhGC;l_pbQ+dlWd@^V zdEyTw24wVfcMPYlYzB4Y+AU0!>dD~xBni1`<`8n<|6EE=>gNRIN2O0*XTAR(sM7<19oe$I7sy|nV3N?OnZ}A zlk#nOPi&^k8!ZSwN!*H=-pq2LMm8Mw+~|bf;BVC`qw9X#Rnx1==EA2D`L#Z)32l73 zh#%+4y|c%HnYW=_jjSHm8$aX7n71cTTf7Ej)2Yf=UzY{UvYc`=ap4yjagQ%$QZ_Ft z%aQjumpN)QcOsDNqLNupuI|28i@T7DoLoifu29@`a`dYwvsKv$IInc=%*&2CsX+ZU zb|Pq_y}q2D_9C&LIJgi5h8NmQYart)$T47ywpC@NFD46}azcSRnK&No!m2NO)BdGh zFc*T-GOgz86KCZV1w3PyTHsY=$@zITGNhc8Ba_yv7kPA1$q4Gm);W2i-w4`9Q!6$s z*J}25Mz8jbUEFsr8;aAA2TokvveWEv;TH2q#8`N>^|j%kT^B{t_}*2+yhxpCLh?y%XLHC?anS!Fr^iK^U*Hx6TiqLi2mO%V_!m@~PP z4C-di%W!IB#-c2K#8D+bUZ2hyEy8w?I zx$*%1mnyoAW=G>Ad5>AUISy$VbWEfqdXi>ZyQ_c$Gu~T;iFC|7a);Rq_JYHlsbdUB z?c)y}X7()f+3xpsS5>R0Z6E)a?f&%JDm~S!(tv)StLGV0vUcaxt+byj=+A!f>7sU{ zZ-`z}`vCCZ8Si@cEtgiMZ{Ue&*_1`)-TG{K(ypDiK7YpznCQCX*Y1C|zd}NZXlN&< zjLJodfqk-R9xg)!H_w*;bs`^=&~u3{LyJqxSZE?srk}v(j=Xxq%I;~@zio!hCT}c) z^zH-5{xX0tHsu$5315p9ySBdYdvXy2%$Cc^$OEF2XC#yw(B=DUaw7qFxhcQr!8naa z@5q04?Vpo)+-%v7CMQXU_L9mO@`W3iL}UP9XVbDsyr*nOmTc+m@BHcW%-Yr$PhPh@ z8YNPyPnET!hgV=XWXk{QY(FOWTdFL1$-12$x$jKbl@sHLZ^&P#$&Y{seX%E5>XB17Kcg!aL%b=$1s^Bk7D$6Q8QY4gx4 z9I998UpT^YJ>x!Wt+dZyjsYC%{LFCxz*`;3F*p~U<7a6lTxcvG^c1U4h)s$-XC<+7 z9#1h}#>-4utoH7&?GIS4)Q^d}Q?_FMXFf~TX2_6RBC3@M5qs{Pq;18*s8jY>wr9$h zViGabWRK3cR4RMlEu!@u)vvWy*e$yi%SpGauOC}lh*eC+APH?9oyQ;Ak52rKBl` zG)i(V*(qnr6-E&SR|Ly$v-%96B`U_dn^1Pjx1H;$3aeQ%e}3}FBrH4BKK1?}I>9pT z9?P4myjozU+`T8!_tVNF!}1YoU-h1aJd6u)#&UmBU_Cg=Iag0#&XJYEWf|1;ucM+% zX3Ha51}?~^WOW^AFkh|>xk-sA5954>yzoxC5y0~X=jxIoohvKl!}7`tDBZ}N6NM>@ zoV!#HfF1jtvc(0P%$EZg@@cF~5ZAUcExfphUQ+>ZD_`oe-lK}yay(1k18=xwUZkWyhh30Fdq zy-Imt9O={&VTrKrl>G{TAQ-YYJ}HQ5hRjzKxmmA#ZVBP6(mP1blARcUo0xLT8=nq2 zVVURFE~e_W1Itt@_sx^>iwrFHu6}`>DGQRkF;!$f z2v=RQowLlNb=B+bnO+W-M^iAPw$b)JN+b&qQwEPxZBG(Pt|FG%32O69+|(G=w#R34bj!zx(#DhopCvhBa~a`MNZBo*(Ea+D>9e%bBC*xtA}spuCa`!Mr$lgM91T?obWDbrtF%s zOGFuPZwBD&j010~$U$$LYNKj;?;Ou|(D1#VDTh?(vO{!|mc>U1K%pPu{Frn{r5$ZqrTxQR>TtQz)`Uw4vVQ8p=}a+qqK$g5+$uX>(l;Xonuj zUZl6Rpi*S_`n%O~c~%987dbo)Sx|b}Ub%P4KRDV7wTUU;_z@b(j>IU8l2l|Th7#}Q z3b?FrQa=BY6tp3lxKpMRL%>SfOqYF<*dpo;fK80!v zRCmeZkqz}e?G`JB+@=7|o|Juv0^`^u5f-W(CR$zpR0KCeFp`6%dUSk7mu#0v_wRuD)Yl&C#Fnptjglrhr}>wxkY2y`MDB))Gb$UI{(*G2xH6^<-D2DsEJry?cklfk#A3n%u*}$KD8$z>ultw|!c|UrV9N)5-S$BURoSLx{NT;gazo32ox+sgxg!@7*?UCM?$Yjwwe?TEqdy#;`8bYI zv?7PY;k_>cPP-Am`V^0Q<&j2};nBwZKQtvHpj0BvO*wccMNQ7~y=yDp6AEk--GnU~aM8MU<@s>9_|NgQ1hmX5AR&ZtCep!W=v~QI=^4ESF0CC&-ZgK0= zby;i`7r-hsd4XKojWp#!@LO3w8;$w$-~Y|;bAP13E-ilVo#&mnU-ZK#k9__g0rb6U z8Q*{5U7`r?iC2HkNjnZ}e9zfGmw1N_eOr@Wp zO$H;`SziCR^DFsfpOk>OzBno*g!t?uB!E7??=}FJTf6f8!RbC@81nBGZZV>aCYZy? z7J1B*fV&XY@3zM+CgOA^38I%YZOa$+%} z#pW-<$6VQ0Wn5dqq9@k?ii@BojHYDX4Qa8C^Uh%LpmI~erXQ<;3(L)^pDJj@6ItZm z!{ce$dp2KgbH3baa$D}o5ztgA^cZsCJt3c#-N*B1PQ$6^$c-usDk12nDu5oA!HlQK z_(Qi!re)`c`Hm!TqIq(q$R3pdJ-ftZ^w17jJH>X&;ji#S+yXW|l8DkROvNd6 z+3%3i*FL>}`OO8t_q;B{RKj?!>|>y}qS>;o$sQ#m`88B^T((eUCkktrS%eQxI7hZL z*`^E@rR}q<9y;V)mz@Y^1_P2vj+cBJb#CR=iKyS<>YTjw~ZwrM;Xn zTU97E8B?-XDsnMLrdpF10R+UUjmtWbDg#MJPZ10voFjX*tjPg@kT{XiFf`c*`W-z* zXVa2U>F_cEv7r7#DY8xKb zFu4UmGFL`OB*C&5`4}Y|7;+0Fx;)h~e4g?B%Gjc4ELYsA+Q7WXg822dC{k zxi#b_y_Mzu=F~|tjC6U>@n%TmfM}@n4<>V?I)3ADh@?Mto^uS@hn|H07E%ufmc{C$ z&)oCF6@Vl$I^gIpmPL-~g*#{2@8N(l$Nk}wWup&yu`cWDEAI+cfJOPAkwq_`dQ)QQ zvbk{E1=sBTv7^tE2OYBW%ki#UO!XnV7|E=_t#mnN8T*k}y5wJp0sA^#4kQnh<(R8Z zFaOES9~?#w|GWTf<43}Lc!n}?AH*aWN_DzixfzAnRj@c282mN&5oc#l(MMtrHueO<06b%y?7 zGUy(}$3q3U&@>wL|t|mU*(FTmRsT! zU9zjmb8 https://globalprivacycontrol.org/ Global Privacy Control + +### Attack surface + +I mentioned content-blocking, which typically happens through browser extensions and/or third-party filter lists. These can add attack surface; be mindful of the trade-off. Even trusted extensions like uBlock Origin are no exception: +=> https://portswigger.net/research/ublock-i-exfiltrate-exploiting-ad-blockers-with-css uBlock, I exfiltrate: exploiting ad blockers with CSS + +Exercise restraint when adding third-party filter lists. + +I covered this topic a bit more in a previous post: +=> /posts/2022/06/layered-content-blocking/ A layered approach to content blocking + +Safe yet limited approaches to content filtering should lay a foundation, topped off by risky yet powerful approaches that users selectively enable. + +## Tracking evasion (TE) + +TE prevents an adversary from collecting meaningful information tied to one’s identity. Unlike “opting-out” and blocking known well-known third-party trackers, tracking evasion distrusts all parties by default. This approach assumes that tracking is equally likely to happen through both first-party and third-party trackers. + +Therefore, a list of known third-party trackers is irrelevant to tracking evasion. Users following this approach in its purest form *treat every party capable of tracking as a hostile tracker*. + +TE techniques typically revolve around minimizing the size of one’s fingerprint, either through fingerprint normalization or randomization.[2] + +### Sample TE techniques + +* Using the Tor Browser. +* Avoiding identifiable browser extensions. +* Randomizing typing behavior (A good example is kloak, a keystroke anonymizer used by Whonix). +* Using a coarse scroll interval. + +=> https://github.com/Whonix/kloak Kloak on GitHub +=> https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/40704 Tor Browser issue 40704: Minimize fingerprintability of scroll interval/rate + +### Half-measures are ineffective + +If an adversary employs multiple fingerprinting vectors, then normalizing or randomizing a small subset of those vectors might make a user stand out even more. + +=> gemini://seirdy.one/misc/xkcd_1105.png xkcd 1105: A difficult-to-read licence plate number will stand out, putting the owner at risk. Similarly, TE half-measures could make users more easily identifiable. +=> https://explainxkcd.com/1105/#Transcript Transcript of xkcd 1105 + +TE carries the risk of “springing a leak”. While TR presents an incremental solution, TE is much harder: it’s only a slight exaggeration to describe TE as a binary “all-or-nothing” approach. + +Other relevant discussions worth reading: + +=> https://github.com/arkenfox/user.js/issues/1274 Arkenfox user.js issue 1274: Effort towards a common browser fingerprint +=> https://github.com/privacyguides/privacyguides.org/discussions/374 PrivacyGuides discussion 374: Great browser re-write-reboot + +## Conflicts between TR and TE + +Good approaches to TR often weaken TE. Conflating the two can have harmful consequences. + +### Badness enumeration: content blocking + +While content blocking through badness enumeration is useful for TR, it’s generally antithetical to TE. A website can use a first-party script and/or inspect server logs to determine information such as: + +* Which network requests succeed or fail. +* Whether certain elements (e.g. certain images) load successfully. +* Whether injected content (e.g. from an ad-blocker) is present.[3] +* Whether content-blocking changes which elements are in or near the viewport.[4] + +These pieces of information (and others I haven’t included) can tell a website if a browser has a content-blocker, and which filters a user has enabled. The latter piece of information can uniquely identify a user; this compromises TE. Nonetheless, these techniques aren’t in widespread use. I think that sharing first-party fingerprinting data between different organizations is the exception rather than norm. As long as this is the case, content-blocking remains a viable technique for TR. + +Badness enumeration shouldn’t be applied in a TE context. The Tor Browser’s design philosophy explicitly includes a “no filters” directive and recommends against their use, to reduce fingerprinting. +=> https://2019.www.torproject.org/projects/torbrowser/design/#philosophy Tor Browser design documentation + +As of mid-2022, the version of the Tor Browser included in Tails includes a content-filtering extension anyway. The entire point of using the Tor Browser Bundle is to maximize TE; Tails compromises this goal. + +Brave has a similar problem. Its content-blocker allows users to create custom filters or activate additional filter lists. Brave also tries to enable TE through fingerprint-randomization. Combining the two likely makes users even more unique. Brave could mitigate this flaw by having its “advanced” level of fingerprinting protection also normalize the content-blocking filters applied.[5] + +### Do Not Track (DNT) + +DNT was an HTTP request header indicating that a user does not wish to be tracked. Unfortunately, unlike [Global Privacy Control](https://globalprivacycontrol.org/), there was no legal obligation to obey DNT. The DNT header ended up being used as a fingerprinting vector to track users instead of a way for them to avoid tracking. + +WebKit removed DNT support because it was antithetical to TE, and its utility for TR was too low to justify these harms. +=> https://webkit.org/tracking-prevention/#anti-fingerprinting Tracking Prevention in WebKit + +## Exceptions and overlap + +There is grey area between TE and TR. Some techniques don’t neatly fit into one of the two categories. Here’s an incomplete list of those techniques, for illustrative purposes: + +### Disabling browser features +The fingerprintability of disabling JavaScript, the Reporting API, and hyperlink auditing is typically dwarfed by the the fingerprinting made possible by enabling them. I struggle to categorize this technique. On one hand, feature-toggles represent uncommon browser configuration that may prevent some trackers from running (TR); on the other, it treats all external parties equally and can reduce fingerprinting vectors (TE). I’m inclined to say that feature-disabling is closer to TE than TR only if enough people share the same configuration.[6] + +### Goodness enumeration +Assuming that all actors are actively hostile might be overkill. A user may follow a TE approach and/or disable browser features, while also maintaining a list of trusted exceptions. Trusted sites may use disabled features or have access to a larger fingerprint. This represents a “middle ground” of sorts between the convenience of TR and the effectiveness of TE. + +### Amnesia +The most common amnesiac technique is clearing cookies. A more thorough technique is using a disposable VM that’s erased and re-created between sessions. Rather than reduce or evade tracking, these measures reduce the persistence of trackers (and/or malware) that slip through other defenses. + +=> https://www.whonix.org/wiki/Qubes/Disposables Qubes Disposables + +The list goes on. “TR versus TE” is an important perspective to have, but it isn’t the only lens through which we should view privacy-enhancing techniques. Let’s be mindful the TR/TE framework’s limitations. + +## How to make privacy recommendations + +Privacy-enhancement recommendations need to account for whether a preference for TR over TE exists. Whenever applicable, please do the following: + +* Clarify if a privacy-enhancing technique has a focus on TR or TE. +* When discussing TR techniques, mention any compromises made from a TE perspective. + +Most importantly: recognize that different people need to make different trade-offs. Someone with special needs might require some fingerprintable personalizations. If non-negotiable personalizations make tracking-evasion too difficult, you might need to steer the person towards tracking-reduction and explain the trade-offs involved.[7] + +A single solution isn’t enough for everyone. In fact, it’s not usually enough for an individual. An individual may switch between multiple tasks, each with a different list of acceptable trade-offs. + +For example, you can encourage people to use multiple browsers and browser-profiles for different needs. Users could use a “TR browser” to sign into their school or work accounts, but use a “TE browser” to browse anonymously. + +Personally: my “main” browser is a heavily personalized Firefox that trades away some security and privacy; where possible, it employs TR. I browse anonymously in the Tor Browser with “Safest” mode enabled to achieve TE, or using the “Safer” mode in Whonix. Finally, I use certain web apps in Chromium without any privileged extensions: this trades both convenience and privacy for some forms of security. + +### Threat modelling + +Threat modelling is critical when deciding whether TR or TE is relevant, and how far one must go to achieve TE. It’s slightly less relevant when it comes to deciding which TR techniques are effective. This is because TR involves less advanced threat models and addresses needs that blur the lines between security, privacy, and convenience. + +Rather than framing discussions explicitly in terms of threats, it makes more sense to frame a TR technique in terms of what the technique improves and worsens regarding privacy, security, and convenience. Take what you can get until things get annoying; save extreme measures for a different browser or browser-profile. + +Threat modelling does make sense whenever security trade-offs come into play. It’s relevant when evaluating security trade-offs of TR techniques involving privileged extensions. + +## Conclusion + +Communities are starting to understand that recommendations should be made in the context of threat models, and that security- and privacy-related goals are different despite having significant overlap. + +People are complex creatures. When recommending techniques to improve privacy, we should remember that different people have different goals. Moreover, an individual’s goals may vary depending on the situation. + +Our recommendations need to take into account the fact that “privacy” means different things to different people. Techniques that aid in tracking-reduction might weaken tracking-evasion. The latter is much more powerful, but it’s also not necessarily what everyone is looking for. + +## Acknowledgements + +My article could be considered a “derivative work” of "Recommending Tools" by the EFF. That article laid the foundations for my thought process. +=> https://sec.eff.org/articles/recommending-tools Recommending Tools + +This article is an expansion of the ideas I presented in an earlier microblog entry: +=> /notes/2022/06/06/on-tracker-blocking/ On tracker blocking + +That microblog entry was a response to another article from which this article borrow some elements: +=> https://madaidans-insecurities.github.io/browser-tracking.html "Browser Tracking" by Madaidan + +## Footnotes + +1. I’d have liked to call this “Tracking prevention”. Unfortunately, that name is taken by a Firefox feature aiming to achieve tracking reduction. Naming things is difficult. + +2. I haven’t seen much research comparing these two approaches, but I’m not convinced they’re in conflict. Normalizing all vectors that can be normalized but randomizing the rest sounds like a decent strategy. At least, as long as users don’t significantly adjust *which* vectors are normalized or randomized. + +3. Sites can detect injected content even without scripts by using Content-Security-Policy reporting APIs. For this reason, uBlock Origin includes a preference to disable all CSP reports. That being said, sites can still use first-party scripts to do the same. + +4. This is possible without any JavaScript, using lazy-loading directives. Browsers like Firefox disable lazy-loading if JavaScript is also disabled via "about:config", to mitigate this. If JavaScript is enabled, assume this is always a possibility. + +5. This does present a new issue: filter lists need to get updated at a different cadence than the browser. Not everyone updates at the same time. Imagine that a given browser version at a given time has V versions of a filter list in use across a user-base. Users have N different filters enabled. That’s V×N possible combinations. I’m over-simplifying; the point is that filter lists enabled could add significant entropy to a user’s fingerprint, and that’s before you involve custom filters. + + We could reduce the number of combinations by combining all the filter lists into a single list that gets updated all at once. When N=1, we’re at just V possible combinations. Updates could be spread out over a longer cadence, decreasing the value of V. + +6. Torbutton aims to allow many Tor Browser users to share the same configuration. +=> https://tb-manual.torproject.org/security-settings/ Tor security settings +=> https://gitweb.torproject.org/torbutton.git/tree/modules/security-prefs.js The preferences impacted by those security settings + +7. Users of metered connections may need to block large elements. Users with accessibility needs may need to alter inaccessible pages. Users who don’t speak a page’s language may need to use machine translation.[8] Telling users to just “stop doing this” would be arrogant, yet all three of these examples are fingerprintable. + +8. Copying page text and pasting it into a separate translation tool could help, but it’s not always a replacement for full-page translation. Machine translation uses semantic HTML, and plain-text translation often provides worse results. (ooh, is this my first footnote within a footnote?) diff --git a/content/posts/two-types-of-privacy.md b/content/posts/two-types-of-privacy.md new file mode 100644 index 0000000..0509a66 --- /dev/null +++ b/content/posts/two-types-of-privacy.md @@ -0,0 +1,270 @@ +--- +title: "Two types of privacy" +date: 2022-06-25T15:25:14-07:00 +draft: true +techarticle: true +outputs: + - html + - gemtext +description: "\"Privacy\" can mean different things in different contexts. Tracking-reduction and tracking-evasion represent different goals with some conflict and overlap." +--- +
+ +

Preface

+ +Threat modelling provides important context to security and privacy advice. Measures necessary to protect against an advanced threat are different from those effective against unsophisticated threats. Moreover, threats don't always fall along a simple one-dimensional axis from "simple" to "advanced". I appreciate seeing communities acknowledge this complexity. + +When qualifying privacy recommendations with context, I think we should go further than describing threat models: we should acknowledge different types of privacy. "Privacy" means different things to different people. Even a single person may use the word "privacy" differently depending on their situation. Understanding a user's unique situation(s), _including their threat models,_ can inform us when we select the best of approach. How do we choose between reducing a footprint's _spread_ and _size?_ + +
+ +{{}} + +
+ +Intro­duction {#introduction} +----------------- + +I highlight two main approaches to privacy: "tracking reduction" and "tracking evasion". + + +Tracking reduction (TR) +: TR aims to reduce the amount of data collected about an exposed user. It reduces a footprint's _spread_ primarily by blocking trackers. Sometimes this can increase the size of a footprint. + +Tracking evasion (TE) +: TE reduces the amount of data exposed by a user. Rather than eliminating data collection itself, TE prevents useful data from being made available in the first place. In other words, it reduces a footprint's _size._[^1] + +There is gray area between these two extremes, and not every privacy measure falls neatly into one of these two categories. I'll address that later in this article. + +

Note: this article focuses primarily on Web browsers; however, its concepts can apply to any software capable of tracking users.

+ +Let's get started: + +
+ +Tracking reduction (TR) +----------------------- + +TR is suitable for casual threat models. These techniques typically aim to remove trackers or to block malicious traffic. + +If someone just wants to browse the web with less tracking, they're probably not expecting a "nuclear option" that removes all their personalization. That user is more likely to concerned with manipulation by personalized ads, or something vague such as being "followed around" as they browse websites while signed out. + +These users are likely okay with being identified by a site; several of their accounts are probably linked to the same identity. However, when they log into "example.com", they'd rather not ping trackers from "facebook.com" or "amazon-adsystem.com". + +Of course, data-sharing could happen on the backend. Users may accept that there's little they can do about this beyond reading a privacy policy and filing suit upon violations. + +In other words, TR falls closer to "wants" on the (somewhat contrived) "wants versus needs" spectrum. It addresses the gray area between personal preferences and real present threats. Our goal is to reduce tracking where we can, without significantly degrading the user experience. + +### Sample TR techniques + +- Badness enumeration: content-blocking and firewalls. + +- Sending headers such as [Global Privacy Control](https://globalprivacycontrol.org/) or [Do Not Track.](#dnt) + +- Opting out of tracking when given the choice. + +- Exercising legal rights (e.g., rights granted under the [GDPR](https://en.wikipedia.org/wiki/General_Data_Protection_Regulation) or [CCPA](https://en.wikipedia.org/wiki/California_Consumer_Privacy_Act)) to remove information. + +- Having a preference for services whose privacy policies indicate less data collection and/or sharing. + +- Turning off telemetry. + +### Attack surface + +I mentioned content-blocking, which typically happens through browser extensions and/or third-party filter lists. These can add attack surface; be mindful of the trade-off. Even [trusted extensions like uBlock Origin are no exception;](https://portswigger.net/research/ublock-i-exfiltrate-exploiting-ad-blockers-with-css) exercise restraint when adding third-party filter lists. + +I covered this topic a bit more in {{}}{{}}{{}}. Safe yet limited approaches to content filtering should lay a foundation, topped off by risky yet powerful approaches that users selectively enable. + +Tracking evasion (TE) +--------------------- + +TE prevents an adversary from collecting meaningful information tied to one's identity. Unlike "opting-out" and blocking known well-known third-party trackers, tracking evasion _distrusts all parties by default._ This approach assumes that tracking is equally likely to happen through both first-party and third-party trackers. + +Therefore, a list of known third-party trackers is irrelevant to tracking evasion. Users following this approach in its purest form _treat every party capable of tracking as a hostile tracker._ + +TE techniques typically revolve around minimizing the size of one's fingerprint, either through fingerprint normalization or randomization.[^2] + +### Sample TE techniques + +- Using the Tor Browser. + +- Avoiding identifiable browser extensions. + +- Randomizing typing behavior (A good example is [kloak, a keystroke anonymizer used by Whonix](https://github.com/Whonix/kloak)). + +- [Using a coarse scroll interval.](https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/40704) + +### Half-measures are ineffective + +If an adversary employs multiple fingerprinting vectors, then normalizing or randomizing a small subset of those vectors might make a user stand out even more. + +{{< transcribed-image type="comic" id="xkcd-1105" >}} + +#### xkcd comic: license plate {#infinite-scrolling} + +{{< transcribed-image-figure id="xkcd-1105" has-transcript="true" >}} + +{{< picture name="xkcd_1105" alt="Comic: a license plate that's hard to read will be read more carefully by an adversary." >}} + +
+ +A difficult-to-read licence plate number will stand out, putting the owner at risk. Similarly, TE half-measures could make users more easily identifiable. From + +
+{{< /transcribed-image-figure >}} +{{< transcribed-image-transcript >}} + +Cueball is walking in from the right holding a license plate up with both hands for an off-panel Megan to see. It is possible to see the plate, but here it looks like all I's (or 1's). + + +Cueball +: Check out my personalized license plate! + +Megan (off-panel) +: "1I1-III1"? + +Cueball +: It's perfect! + +Cueball +: No one will be able to correctly record my plate number! + +Cueball +: I can commit any crime I want! + +Megan +: Sounds foolproof. + +Soon, at a crime scene: + + +Witness +: The thief's license plate was all "1"s or something. + +Police officer 1 +: Oh. That guy. + +Police officer 2 +: His address is on a post-it in the squad car. + +

Transcript based on the explain xkcd wiki entry for xkcd #1105.

+ +{{< /transcribed-image-transcript >}} {{< /transcribed-image >}} + +TE carries the risk of "springing a leak". While TR presents an incremental solution, TE is much harder: it's only a slight exaggeration to describe TE as a binary "all-or-nothing" approach. + +#### Other relevant discussions worth reading + +- [Arkenfox user.js issue 1274: Effort towards a common browser fingerprint](https://github.com/arkenfox/user.js/issues/1274) +- [PrivacyGuides discussion 374: Great browser re-write-reboot](https://github.com/privacyguides/privacyguides.org/discussions/374) + +Conflicts between TR and TE +--------------------------- + +Good approaches to TR often weaken TE. Conflating the two can have harmful consequences. + +### Badness enumeration: content blocking + +While content blocking through badness enumeration is useful for TR, it's generally antithetical to TE. A website can use a first-party script and/or inspect server logs to determine information such as: + +- Which network requests succeed or fail. + +- Whether certain elements (e.g. certain images) load successfully. + +- Whether injected content (e.g. from an ad-blocker) is present.[^3] + +- Whether content-blocking changes which elements are in or near the viewport.[^4] + +These pieces of information (and others I haven't included) can tell a website if a browser has a content-blocker, and which filters a user has enabled. The latter piece of information can uniquely identify a user; this compromises TE. Nonetheless, these techniques aren't in widespread use. I think that sharing first-party fingerprinting data between different organizations is the exception rather than norm. As long as this is the case, content-blocking remains a viable technique for TR. + +Badness enumeration shouldn't be applied in a TE context. The [Tor Browser's design philosophy](https://2019.www.torproject.org/projects/torbrowser/design/#philosophy) explicitly includes a "no filters" directive and recommends against their use, to reduce fingerprinting. As of mid-2022, the version of the Tor Browser included in [Tails](https://tails.boum.org/) includes a content-filtering extension anyway. The entire point of using the Tor Browser Bundle is to maximize TE; Tails compromises this goal. + +Brave has a similar problem. Its content-blocker allows users to create custom filters or activate additional filter lists. Brave also tries to enable TE through fingerprint-randomization. Combining the two likely makes users even more unique. Brave could mitigate this flaw by having its "advanced" level of fingerprinting protection also normalize the content-blocking filters applied.[^5] + +### Do Not Track (DNT) {#dnt} + +DNT was an HTTP request header indicating that a user does not wish to be tracked. Unfortunately, unlike [Global Privacy Control](https://globalprivacycontrol.org/), there was no legal obligation to obey DNT. The DNT header ended up being used as a fingerprinting vector to track users instead of a way for them to avoid tracking. + +[WebKit removed DNT support](https://webkit.org/tracking-prevention/#anti-fingerprinting) because it was antithetical to TE, and its utility for TR was too low to justify these harms. + +Exceptions and overlap +---------------------- + +There is grey area between TE and TR. Some techniques don't neatly fit into one of the two categories. Here's an incomplete list of those techniques, for illustrative purposes: + + +Disabling browser features +: The fingerprintability of disabling JavaScript, the [Reporting API](https://w3c.github.io/reporting/), and [hyperlink auditing](https://html.spec.whatwg.org/multipage/links.html#hyperlink-auditing) is typically dwarfed by the the fingerprinting made possible by enabling them. I struggle to categorize this technique. On one hand, feature-toggles represent uncommon browser configuration that may prevent some trackers from running (TR); on the other, it treats all external parties equally and can reduce fingerprinting vectors (TE). I'm inclined to say that feature-disabling is closer to TE than TR only if enough people share the same configuration.[^6] + +Goodness enumeration +: Assuming that all actors are actively hostile might be overkill. A user may follow a TE approach and/or disable browser features, while also maintaining a list of trusted exceptions. Trusted sites may use disabled features or have access to a larger fingerprint. This represents a "middle ground" of sorts between the convenience of TR and the effectiveness of TE. + +Amnesia +: The most common amnesiac technique is clearing cookies. A more thorough technique is [using a disposable VM](https://www.whonix.org/wiki/Qubes/Disposables) that's erased and re-created between sessions. Rather than reduce or evade tracking, these measures reduce the persistence of trackers (and/or malware) that slip through other defenses. + +The list goes on. "TR versus TE" is an important perspective to have, but it isn't the only lens through which we should view privacy-enhancing techniques. Let's be mindful the TR/TE framework's limitations. + +How to make privacy recommen­dations {#how-to-make-privacy-recommendataions} +---------------------------------------- + +Privacy-enhancement recommendations need to account for whether a preference for TR over TE exists. Whenever applicable, please do the following: + +- Clarify if a privacy-enhancing technique has a focus on TR or TE. +- When discussing TR techniques, mention any compromises made from a TE perspective. + +Most importantly: recognize that different people need to make different trade-offs. Someone with special needs might require some fingerprintable personalizations. If non-negotiable personalizations make tracking-evasion too difficult, you might need to steer the person towards tracking-reduction and explain the trade-offs involved.[^7] + +A single solution isn't enough for everyone. In fact, it's not usually enough for an individual. An individual may switch between multiple tasks, each with a different list of acceptable trade-offs. + +For example, you can encourage people to use multiple browsers and browser-profiles for different needs. Users could use a "TR browser" to sign into their school or work accounts, but use a "TE browser" to browse anonymously. + +Personally: my "main" browser is a heavily personalized Firefox that trades away some security and privacy; where possible, it employs TR. I browse anonymously in the Tor Browser with "Safest" mode enabled to achieve TE, or using the "Safer" mode in Whonix. Finally, I use certain web apps in Chromium without any privileged extensions: this trades both convenience and privacy for some forms of security. + +### Threat modelling + +Threat modelling is critical when deciding whether TR or TE is relevant, and how far one must go to achieve TE. It's slightly less relevant when it comes to deciding which TR techniques are effective. This is because TR involves less advanced threat models and addresses needs that blur the lines between security, privacy, and convenience. + +Rather than framing discussions explicitly in terms of threats, it makes more sense to frame a TR technique in terms of what the technique improves and worsens regarding privacy, security, and convenience. Take what you can get until things get annoying; save extreme measures for a different browser or browser-profile. + +Threat modelling does make sense whenever security trade-offs come into play. It's relevant when evaluating security trade-offs of TR techniques involving privileged extensions. + +Conclusion +---------- + +Communities are starting to understand that recommendations should be made in the context of threat models, and that security- and privacy-related goals are different despite having significant overlap. + +People are complex creatures. When recommending techniques to improve privacy, we should remember that different people have different goals. Moreover, an individual's goals may vary depending on the situation. + +Our recommendations need to take into account the fact that "privacy" means different things to different people. Techniques that aid in tracking-reduction might weaken tracking-evasion. The latter is much more powerful, but it's also not necessarily what everyone is looking for. + +
+ +Ack­nowledge­ments {#acknowledgements} +-------------------------- + +My article could be considered a "derivative work" of {{}}{{}} by the EFF{{}}. That article laid the foundations for my thought process. + +This article is an expansion of the ideas I presented in the microblog entry {{}}{{}}{{}}. That microblog entry was a response to the article {{}}{{}} by {{}}{{}}; this article's coverage of TE draws from that article. + +
+ + +[^1]: I'd have liked to call this "Tracking prevention". Unfortunately, that name is taken by a Firefox feature aiming to achieve tracking reduction. Naming things is difficult. + +[^2]: I haven't seen much research comparing these two approaches, but I'm not convinced they're in conflict. Normalizing all vectors that can be normalized but randomizing the rest sounds like a decent strategy. At least, as long as users don't significantly adjust _which_ vectors are normalized or randomized. + +[^3]: Sites can detect injected content even without scripts by using Content-Security-Policy reporting APIs. For this reason, uBlock Origin includes a preference to disable all CSP reports. That being said, sites can still use first-party scripts to do the same. + +[^4]: This is possible without any JavaScript, using lazy-loading directives. Browsers like Firefox disable lazy-loading if JavaScript is also disabled via `about:config`, to mitigate this. If JavaScript is enabled, assume this is always a possibility. + +[^5]: This does present a new issue: filter lists need to get updated at a different cadence than the browser. Not everyone updates at the same time. Imagine that a given browser version at a given time has V versions of a filter list in use across a user-base. Users have N different filters enabled. That's V×N possible combinations. I'm over-simplifying; the point is that filter lists enabled could add significant entropy to a user's fingerprint, and that's before you involve custom filters. + + We could reduce the number of combinations by combining all the filter lists into a single list that gets updated all at once. When N=1, we're at just V possible combinations. Updates could be spread out over a longer cadence, decreasing the value of V. + +[^6]: Torbutton aims to allow many Tor Browser users to share the same configuration. See its [security settings](https://tb-manual.torproject.org/security-settings/) and [the preferences they change](https://gitweb.torproject.org/torbutton.git/tree/modules/security-prefs.js). + +[^7]: Users of metered connections may need to block large elements. Users with accessibility needs may need to alter inaccessible pages. Users who don't speak a page's language may need to use machine translation.[^8] Telling users to just "stop doing this" would be arrogant, yet all three of these examples are fingerprintable. + +[^8]: Copying page text and pasting it into a separate translation tool could help, but it's not always a replacement for full-page translation. [Machine translation uses semantic HTML](https://seirdy.one/posts/2020/11/23/website-best-practices/#machine-translation), and plain-text translation often provides worse results. (ooh, is this my first footnote within a footnote?) + + diff --git a/linter-configs/vnu_filter.jq b/linter-configs/vnu_filter.jq index 2de3308..163d31b 100644 --- a/linter-configs/vnu_filter.jq +++ b/linter-configs/vnu_filter.jq @@ -14,7 +14,7 @@ and (.extract | test(" name=\"theme-color\"")) ) or - ( # Allow raw templates + ( # the search page has raw templates, let those slide. I validate the final dynamic search page manually. (.url | test ("/search/index.")) and ( (.message == "Text not allowed in element “ol” in this context.")