On Sat, Oct 29, 2011 at 4:22 PM, Daniel Friesen lists@nadir-seen-fire.com wrote:
- It doesn't scale very well. If you do try to add more vendors and users
do enable most of them, you still end up loading from each enabled vendor slowing things down.
With the exception of the FB Like/Recommend button, everything (even the FB share link) is just an image paired with a HTML link. Maybe other sites allow embedding their logos, so the only image which needs to be loaded externally is the FB one.
- Frankly the UI is pretty bad.
That's the price you have to pay for total privacy, unfortunately.
- Once you enable a vendor we drop right back to a 3rd party script being
injected into the page such that it can do malicious things.
Btw, if you're a 3rd party with a script in a page you can go pretty far abusing XHR and history.pushState to make it look to a user like they're browsing the website normally when in reality they're on the same page with the script still running. Oh, and that includes making it look like you're safely visiting the login page when in reality you didn't change pages and the script is still running ready to catch passwords.
Do you have any links with further info on this?
Marco