"... but when you browse to steals-your-history.com, your history won't be stolen."
Ah, but you won't know if your history's being stolen, right? The exploit can be hidden from the user's eyes, hidden in an ad, for example, that the site you trust shows you without realizing that ad is hacking your history. Phishing sites, too, of course.
A big problem caused by this elegant hack is that it uses services web users can't easily do without, services that most browser users don't know about (and, ideally, shouldn't need to understand). I guess you're suggesting that a user must be more wary of websites, avoiding unknown ones. Is that what you're suggesting?
It'll be interesting to see what can be tried to remedy the privacy issues caused by this.
Ah, but you won't know if your history's being stolen, right? The exploit can be hidden from the user's eyes, hidden in an ad, for example, that the site you trust shows you without realizing that ad is hacking your history. Phishing sites, too, of course.
A big problem caused by this elegant hack is that it uses services web users can't easily do without, services that most browser users don't know about (and, ideally, shouldn't need to understand). I guess you're suggesting that a user must be more wary of websites, avoiding unknown ones. Is that what you're suggesting?
It'll be interesting to see what can be tried to remedy the privacy issues caused by this.