Also note there is a “roulette” feature in most address bars, where the browser starts loading and rendering the site before you ever hit submit. Very handy for sites wanting to pursue persistence

I am all for bashing bad privacy options, but from the linked tweet at least, this IS off by default. I can certainly see enterprise scenarios where this feature is very useful for security reasons. Did I miss some context?

Edit: oh, this is in addition to the Mirror stuff. Yea this should never be a thing.

you missed the obvious one (that is actually related to the linked edge issue): SafeBrowse. SafeBrowse gets ALL your traffic from most browsers.

Ah I was wrong about this!!! SafeBrowse uses hashes.

Edit: never be afraid to admit your were wrong folks :) So it only gets a “potential list” of sites you visited. Wonder if the operators could aggregate the data enough to deanonymize things

The hash isn't even necessarily transmitted, and it's often partial hashes at that.

I agree with this, but do not think it contradicts the parent. Apple has reasonably set themselves in a position where if they were caught violating privacy in any of the ways that [ad company] is incentivized to do, they would lose a ton of money and suffer monstrous brand damage. So I think you are both right.