Security News > 2021 > April > WordPress core contributor proposes treating Google FLoC as a security vulnerability
A proposal by a WordPress core contributor to treat Google's FLoC ad tech as a security vulnerability, and therefore backport an automatic opt-out to previous WordPress versions, shows the depth of community opposition to the technology.
Now a WordPress Core contributor has proposed treating "FLoC as a security concern."
If WordPress were to treat FLoC as a vulnerability and apply this header to all WordPress sites that automatically apply security patches, a substantial proportion of the web would be opted out.
The author of the proposal, Carike, added that there is also a feature request to make the next version of WordPress, 5.8, opt-out of FLoC by default - but remarked that "5.8 is only scheduled for July 2021. FLoC will likely be rolling out this month."
There are of course also naysayers, such as this one arguing that "Those websites who want to block FLoC are likely to have the technical know-how to add in the header and disable it ... Where do we draw the line at what WordPress should be blocking in core for privacy? ... Calling it a"security concern" is just absolutely false and sets a dangerous precedent for what is security, and what is privacy.
Much of what is called SEO is focused on how to optimise a site for Google and it is likely that supporting FLoC will simply be added to the list of steps web sites should take in order to perform at their best from a commercial perspective.
News URL
Related news
- GiveWP WordPress Plugin Vulnerability Puts 100,000+ Websites at Risk (source)
- Google Warns of CVE-2024-7965 Chrome Security Flaw Under Active Exploitation (source)
- Fortra Issues Patch for High-Risk FileCatalyst Workflow Security Vulnerability (source)
- Vulnerability allows Yubico security keys to be cloned (source)
- Critical Security Flaw Found in LiteSpeed Cache Plugin for WordPress (source)
- Week in review: Vulnerability allows Yubico security keys cloning, Patch Tuesday forecast (source)
- Google Chrome gets a mind of its own for some security fixes (source)
- Google Adds New Pixel Security Features to Block 2G Exploits and Baseband Attacks (source)
- WordPress LiteSpeed Cache Plugin Security Flaw Exposes Sites to XSS Attacks (source)
- WordPress Security Checklist (source)