cross-posted from: https://lemmy.blackeco.com/post/25574
And since you won’t be able to modify web pages, it will also mean the end of customization, either for looks (ie. DarkReader, Stylus), conveniance (ie. Tampermonkey) or accessibility.
The community feedback is… interesting to say the least.
It does seem that using Chrome (or Chrome based browsers) is just going to going to perpetuate this. Firefox has never been more important IMHO.
This is why tech monopolies are bad. Google waited until they had a near monopoly on the browser engine and then pulls this shit. Alternatives still exist though, and people will vote with their actions by either not using Chrome or not using those websites that have DRM.
I fear the number of sites taking that hit would be so many that we may feel excluded from the web. It feels really dangerous and we need more people on FF asap to make it clear to businesses that this is too costly to be worth it and they’re losing a lot of users.
Bug: violation of w3c code of ethics issue was opened 15 hours ago.
It was closed 14 hours ago with the status “completed” without further comment.
The guy who closed it posted an entry a day earlier called “So, you don’t like a web platform proposal” on his rarely used blog. It has the appearance of telling people how to critique proposals in a professional way, while being completely dismissive of any communication attempts simultaneously. Perhaps he needs to reflect a little more on his blog entry’s subheading “We’re all humans”, because he doesn’t seem keen to address how users who rely on Assistive Technology are going to be able to use his DRM Web.
Edited to add: The code of ethics is for people who work at the W3c, so not entirely applicable anyway.
You should absolutely have web environment integrity. Your browser should not allow the website to do things that you don’t approve of, so the integrity of your computer can be ensured.
Wait, that’s not what they mean, is it? Oh no … 🙄
Yea, I feel like Google has this a bit backwards. As always, I like to turn the metaphor on it’s head. You’re not visiting a website, you’re inviting a website. You’re allowing the website to use your system resources, bandwidth, CPU cycles, etc. And what you do with your own system is none of the websites business. They can protect their business model on the server side, if they need to. But maybe they just need better business models.
Boosting because this is how we should see websites. You dont visit them you download them. Websites are vampires that must be invited inside to use your system’s resources to do whatever it does.
@frustbox
Time to go all in on Gemini, or something like it?
@CrypticCoffee @degoogle
Just what the web needed, SafetyNet in your browser. Does anyone have the EFF on speed dial?
Google is fucking evil, and they even admitted it when they changed their motto from Don’t Be Evil.
Let them burn it down for us.
Time to bring back Gopher but with blackjack and hookers.
That’s how we GOT Firefox.
It kinda feels like I’m being chased offline
The concept of having third party “trusted” attesters just screams abuse, corruption, and data selling. What would their business model be? Direct payments from browser companies? Selling “anonymized” data? What if their data security is crap it just ends up being another vector by which leaks and scams can happen? I doubt the average web user is going to understand that all of their data is going to be going thru some man in the middle when they Google something
What about competition? What if attester A has major ties with Microsoft edge and decide to block Firefox users? Or what about smaller third party apps that are made for accessibility reasons? Or hell - what about startups that are trying to enter the market?
The only reason these attesters would be trusted is because the large companies say they are. Theyd be completely at the whims of Google and Microsoft. What a stupid fucking idea with little upside for the end user
I use Firefox and LibreWolf trying to avoid Chrome based browsers, but doesn’t Mozilla get the majority of the funding for Firefox development from making Google default search? I’ve purchased a few of Firefox’s paid features, VPN, etc hoping that it would contribute to getting them a new business model.
You’re doing a great job and if more did what you did, they wouldn’t have to rely on search revenues. They know most users switch search engines. Those defaults are what fund browser development. Firefox are not in the search engine market, and if they took that sacrifice, they’d go bust and wouldn’t be in the browser market either. It sucks, and it isn’t glamorous, but it is the only way they can financially compete in the browser market at all. Browsers are complex and millions of lines of code and only getting more complex. It is far from cheap.
Who has read The Master Switch by Tim Wu? It’s a great book and that essentially argues every mass communication medium started off as a decentralized playground for hobbyists before consolidating into a centralized profit seeking (or profit-seeking-enabling) entity. It the ends with the question of whether the same destiny awaits the internet.
I remember hoping it didn’t, and that hope grows harder to maintain by the day. It’s so fucking sad.
I just hope that even if this standard is implemented, the protocol maintains enough of it’s flexibility for small enclaves of people who still believe in the technology’s original vision to “opt out” of it.
Denuvo for Chrome when?
Use DRM to encrypt site content. Use DMCA anti circumvention clauses to make ad blocking effectively illegal. Turn everyone into your little b-tch sheep and expose them to unskippable totally irrelevant ads over and over. Execs and shareholders profit.
Just block ads with a local recursive DNS resolver.
Doesn’t help for things like YouTube ads or the like where the ads are delivered from the same domain. Also the attester may not validate your environment as safe. I didn’t do s deep deep dive into what may be part of the attestation, but resolution of various domains (or ensuring they return some specific value) could easily make it’s way in if they wanted.
This is speculation. DNS is a tool enterprise uses to manage networks. It’s unlikely that Google will upend this so ads can be watched.
There’s a risk that IT departments nationwide would just deploy Edge or Firefox instead of Chrome to retain the ability to manage and secure networks. This is not what Google wants.
They literally already do this with YouTube ads, what are you talking about? This is a thing that already happens.
Edit: there are already sites I can’t visit due to work blocking some domains and those sites have the “disable your ad blocker” with no way to say no thanks. It isn’t google that will break it. It’ll be an attester and it’ll be the site that chooses that attester.
this is a social problem not a personal one. why are you proposing personal hacks already?
You’re confused. DNS servers are the backbone of the internet, not a “hack.” Also, this isn’t a social problem. Poverty is a social problem.
Out of curiosity what would you recommend? I’m aware of PiHole, but many struggle to get hold of a pi. Any other good options?
You can run pihole on any linux system, not sure how compatibility is with windows/macos. I used to just run it locally. It also has some speed benefits to run it on the same machine that consumes it
There are a number of pie hole in a container options as well
With a little work involving Wireguard, you could setup a pihole on DigitalOcean for between $6-$7 ($4-$5 if you use their cheapest server, but I want to tinker a bit so wanted just a tad more power) a month. It’s split tunnel configuration, so it only handles DNS. Essentially, no matter where I go, I can connect to the pihole and get its functionality. I get it on my phone no matter I’m on wifi or cell network. If something is blocked that I need real quick, I don’t even need to configure the pihole, just disconnect from Wireguard temporarily. So, it’ll run you the cost of the suggested retail cost of a pi4 and accessories basically each year.
I use unbound!
good suggestion!
It’s also going to be used to enforce locking down of Android (custom roms, root). You don’t have to read very far to find “secure” Android device or them being inspired by Play Integrity.
I hope you’re wrong. As someone on GrapheneOS, that would suck. By that time, I hope other Linux mobile options are more mature.
When tech companies say we’re doing this for security, it’s not about our security. It’s about securing more profits for their shareholders.