CHROME (google) is planing to implement DRM (kinda) into their browser
looks like rendering adblockers extensions obsolete with manifest-v3 was not enough so now they try to implement DRM into the browser giving the ability to any website to refuse traffic to you if you don't run a complaint browser ( cough...firefox )
here is an article in hacker news since i'm sure they can explain this to you better than i.
and also some github docs
Ad Blocking is cyber security
Every once in a while I help a family member or friend out with their machine and am stunned when I see the web without an adblocker. It honestly reminds me of the malicious early 2000s porn and “free downloads” sites… but it’s everywhere now, like cnn and eBay and shit. First thing I do is install Firefox and ublock origin, and mostly for their security.
Youtube has also been running basically porn ads on “for kids” youtube channels as well and my kindergarten aged niece and nephew have been exposed to that shit. Adblock is 100% cyber security AND for kids safety.
100% agree. The few times I have to turn off uBlock because it is breaking some obscure website it is always an awful experience. Auto-playing videos, ads taking up half the screen, and those annoying as fuck cookie banners. I can't imagine using the internet without an ad/cookie blocker. I accidentally turned it off on Lemmy for a while and it was the only site that I didn't immediately notice.
It's always nice when you look at uBlock Origin and it says
connected: 1 out of 1
19/19 right here on lemmy.ca
I said this in another thread, but a lot of the internet is unusable without uBlock Origin IMO.
It's the shadowy lands run by bots that only unsuspecting bots go to.
True, True, it's damn near unusable. You take it for granted what a job your blocker is doing for you.
You remember browser toolbars? People would have 3 of them at once, having no clue where they got it from nor how to remove it.
Good times.
I installed uBlock Origin on clients computers when I worked at Geek Squad, even.
It kinda makes sense. All the people who know better already use an ad blocker so they don't know what it's really like and all the people who don't know to use an ad blocker don't know any better and that's just what the internet looks like.
The FBI recommends using an ad blocker: https://www.ic3.gov/Media/Y2022/PSA221221
https://en.wikipedia.org/wiki/Malvertising?wprov=sfla1
Just as noscript and pop-up/new tab blockers are.
We need more browser options, not just Firefox and 20 versions of chrome.
If you have the funds, donate to Mozilla. They're not only the main developers of the only major competing browser engine, but also do a lot of other good work. You can hope for others, but with Firefox only having single-digit usage share it needs all the help it can get.
This. I see a lot of talk about Firefox forks on Lemmy but at the end of the day we need Mozilla to to survive for other Firefox and their forks to continue
You can’t legally donate to Firefox, as it is developed by a Corp (Mozilla Corp.). Donations go to Mozilla Foundation, which does… other things with you money. In other words, your money don’t go towards FF development.
So, if you donate thinking that your money helps Firefox development, you're doing it wrong.
To be fair, there are about 20 versions of Firefox too. It’s just that most of them aren’t there to Hoover up ad revenue.
I completely agree, but don’t forget that WebKit exists too on Mac and Linux with about the same market share as Firefox (at least based on w3school’s stats). Chrome/Blink dominate but all hope is not lost and there are more options, they’re just small. I think focusing on embracing Firefox/Gecko as it has so much momentum and community already is the most productive way forward though
The only reason WebKit has any market share left is because iOS/iPadOS forces it on their users even if you try to use other browser
A good project to support would be the Ladybird.
https://github.com/SerenityOS/serenity/tree/master/Ladybird
They don’t even have builds. How can we support tools the bulk of users can’t easily implement or recommend non technical people to try?
Definitely, oftentimes open source projects don’t make it easy for themselves
You can support by joining the project and helping them to fix issues. It's a young project, but they've been progressing really fast. Andreas Kling is one of the original developers of Safari, and in the past years he's been creating his own operating system (Serenity OS) and formed a team who've been doing their own JavaScript engine, web browser and a programming language together with the OS. It's a really fascinating story and I give all the respect for them for doing this. This is the work we have to do if we want to beat Google from taking the internet. It's us who need to step up and start fixing the internet.
https://awesomekling.github.io/Ladybird-a-new-cross-platform-browser-project/
https://serenityos.org/
I don’t disagree with you on alternatives but again it’s challenging for the technical folks amongst our peer groups to help adoption of an alternative if we can’t provide places for the folks we support to download the alternative and try it
There’s no way for any of my family or friends to understand how to build their own browser, let alone setup a WSL2 environment to make it work. Their eyes are going to glaze over at the thought then they’re going to go download something else.
Google basically made it so that it takes a large company to compete with all the """web features""" that they have, so good luck with that.
Nah that's more of a spoiler vote. You need one large competitor to Chrime, not a bunch of small ones that can get wiped out
Google Chrome (v42.12.0183, MULTi5) [FitGirl Repack]
It's going to be very annoying to find new cracks every week
Just google it.
Excuse me but would you happen to have the link to the 100% real ONE LINK no-fake MegaUpload version?
No! LOL! Who still uses direct links? Get with the times man. The kids these days are torrenting. (they're not zooming around in Elden Ring, it's just a piracy term)
-->since everyone is confused about this i'm gonna try to explain as best as i could and also clearing some misconceptions:
1# why this is such a big deal ?
if this gets implemented AND it gets widely adopted websites now can refuse to give you content if you are running a non complied browser, remember those website that say "oh you are using an ad blocker so disable it to access our site" they can detect this by various methods but ultimately all of them rely on running a JavaScript into your browser. which you guessed it, its easy to modify and tamper with manually or using extensions
now what WEI-API does is that it can verify the integrity of the web page ( JavaScript/HTML/CSS has not been modified ) and even tell the website what extensions - ad blocker detected no content for you - you are using and what browser you are using - firefox or brave detected no content for you - and do not be fooled into thinking that this can be spoofed. and website owners who think that they are running a business not a charity will implement this.
2#will using firefox save me?
if this gets widely adopted and you inevitably encounter a website that require this ( for your job ,school or your bank ) you have no choice but to use chrome just like when your banking apps refuse to work because your phone is rooted which means that SAFETY-NET is broken
3#why this is a threat to begin with?
this is only viable if the web adopt it so why bother?, well guess what google is famous for making its services very easy to integrate and well documented just look on how easy it is to integrate google analytics and google adsense* into websites and how many of them use it in the internet.
4#what can we do to prevent this?
this is my personal opinion but i think we simply can't, this not like the reddit incident were very large portion of the user base was upset most people don't know/care/give-a-fuck about web technologies and how they work.
#and Finally "but google said they don't plan to use this to fingerprint you (Device ID) or track your browser history or interfere with the work of extensions"
do you really believe that a company like google whose bread and butter is advertising would not make it easier for themselves, a company who has been exposed time and time again for lying and having ulterior motives ( you don't need to look far just look into what manifest-v3 did )
I can easily imagine this not being a necessary, anymore. Just let the website using this WEI API automatically disable all browser extensions on a WEI-enabled site. Why not, after all? Why should you dictate the traffic you receive on your computer? Why should you own anything?
I will happily stop visiting any website that demands I use an approved browser.
Well, those of us who care all say that but I for one have to access government and banking websites in several countries, if they implement this I have no choice. This abomination must be prevented in the first place.
You can use Chrome for those websites if they completely break, and Firefox for everything else.
Banks and government websites don't tend to have adverts.
Agreed.
Do you require ad blockers with these? This use case sounds like the intention of the feature, not like the perversion we're headed for now.
You won't have a choice if it's a bank or your job. This is the truly insidious thing, if enough important websites start demanding the standard, you might just end up forcing yourself off of the internet with that attitude
There would have to be very significant reasons for a bank to do that.
Like what? The only reason I've seen is laziness. Several banks in my area still require IE for some of their more elaborate online services. It's typically limited to business users, but they're still requiring it; to the point where they have a team of support agents that remote connect and reconfigure edge to run an IE-mode tab to the site, and install all their malware on your PC to make the service work. With the proper effort the whole thing could be reduced to little more than a chrome/firefox/opera/edge/safari/whatever extension....
But they don't. because they're lazy.
What Banks do this? USAA doesn't, and that's what I use.
I've zero issues swapping banks if needed.
On the consumer front, almost everything has a web interface layer over the grotesque monster that actually runs the services.
For any business accounts, banks are an entirely different monster. If you've only ever used consumer services, you'll never know the disgusting mess underneath it all. Banks have only done this much for consumers because if they didn't, they would have either lost, or never attracted any of the modern generations to their services, namely millennials, and all those who came after.
The older generation for the large part, is happy to continue using IE, and walking into a bank to do whatever they need to.... But starting with millennials, having browser agnostic web based services to do simple things like bill payments, account to account transfers, balances and transaction records, and most don't need much more than that.
One of the more recent, and possibly most egregious examples was a cheque scanner for a business, which was a USB attachment to a client's workstation for bringing in payments in bulk, rapidly. Think about it like the mobile cheque deposit in your favorite banks app, but on steroids. The bank provided the cheque scanner, and a business login page for the service. The way it operated, from what I could see, is that it required special drivers from the bank for the device, and a series of custom ActiveX plugins, which, as expected, only work with IE. The entire process was essentially to take a high resolution scan of the cheque, and dump the image into the website (I presume, securely), to submit the payment to the bank. This process would be complete in a matter of seconds when it's running correctly. From what I saw from what the bank technician did, remotely, was to load the site in edge, force it to display in an IE tab, then adjust the drivers and signing of ActiveX control to validate and submit the scans.
The mobile deposit does the same but much slower, potentially taking minutes to capture the cheques image and fill in all the details, per cheque. Meanwhile this process could literally process a dozen cheques in the same amount of time. What kills me is that mobile deposit is basically the same thing and they have the structure for it already. It should be relatively trivial to adapt the process to use the cheque scanner to submit the images of the cheque, compared to basically having to registry hack each client computer to work with the antiquated system instead; but they do it anyways.
Time to find a new bank.
I'm self employed so I aint worried about that.
They don't need everyone to comply, just the vast majority.
... Until all the sites you absolutely need to use in order to *function in society *require approved devices with proper tracking.
So you fight it now by switching away from Google as much as you can.
I will as well, unless it's necessary for work/school, or to participate with the government, or not using it will isolate me from friends and family.
Google has close to absolute control of the internet, which is now an essential tool to participate in society. The amount of power they have is insane, it rivals governments.
Stop using Google products I don’t know how else to fucking say it.
Chrome -> Firefox Drive -> sync or Dropbox or any number of options Sheets and productivity tools > libre office or Apache open office YouTube -> Invidious or even better, odysse Google search -> duck duck go, SearXNG, StartPage, etc Gmail -> not a ton of great options. I’d probably recommend proton mail but the FOSS email world is definitely lacking, or gets blocked or goes down, harder to self host etc.
helped with formatting:
And I agree for sure. In order I use firefox (and brave sometimes), Proton Drive, Apple Productivity suite (pages, numbers etc), and either startpage or qwant, and proton mail. I do still use use YouTube Premium, but the point is Google doesn't need to have its fingers in every aspect of my digital life.
While I get your spirit… Dropbox belongs to google too 😂 they are everywhere! Worse than the plague.
For many people, Google controls the entire network stack from their ISP, router, OS, DNS, their browser, all the way down to the platform hosting the content they watch.
Google has captured such a wide part of the Internet that any changes they make will have at least a moderate effect on our lives. Even if we don't use any Google services.
The only thing that can stop them is probably the EU at this point. And I'm sure Google has a plan for that.
They can't have a plan for that. They have two options: conform or leave EU.
lol, just
become the governmentpay the EU.EU is widely adopting the policy of fining by a percentage of global revenue which is what hurts even the largest companies, precisely to avoid "just pay the EU".
i didn't write the quoted list, just helped the OP with his formatting. I use proton drive, not dropbox.
I had no idea Proton Drive was a thing. I'll switch to it, Dropbox is becoming incredibly obnoxious with the advertising popups and notifications.
I'm not sure LibreOffice is a drop-in replacement for Google Docs if you need sharing, collaboration and built-in version control.
Yes, something like collabora would be a better fit, although I never managed to get an actual instance of the thing running.
YouTube -> Invidious or even better, odysse -> or even, even better, PeerTube
FYI, you need two new lines (hit Enter twice) to actually get a new line in Lemmy.
Two new lines One new line.
Can also add two spaces at the end of line to force line break
Proton mail for sure!! Great great great! Cant stop recomending
Yea i love Protonmail. I haven't had one issue with it.
What's the replacement for Android?
Linux, but that's not a viable option. I would use degoogled Android OSs. GrapheneOS, CalyxOS, e/os, and LineageOS are some of the popular ones.
Wait. Sync offers file storage? I thought it was just to sync up your Firefox sessions across multiple devices.
Or am I confusing services with similar names?
I think they're referring to the storage service at sync.com, not Firefox Sync.
Correct
How is the worlds biggest ad distributor also the worlds biggest browser maker without it being an anti-trust violation?
Because it is legal in the US to bribe politicians and this company has a lot of money
Also doesn't help that half the people supposedly in charge of cracking down on this kind of thing in the US belong in an old folks home. Most of them don't even comprehend the issue.
I'm surprised I haven't heard any pushback on it from the EU though.
Because the majority of legislatures think Chrome is the Internet
I've met plenty of people who can't differentiate between facebook and the internet, or the term "wifi" and the internet - literally calling ethernet a "wifi cable".
The people in charge barely understand enough to put on their own pants sometimes, yet they're pushing legislation like they're fully informed, and most don't even read the brief about a new law before voting on it; literally voting along party lines because that's what's expected of them. They're mostly braindead as-is; and you expect them to differentiate between the internet, a website, and a browser?
They should, but I really don't expect that much from anyone who is elected.
Don't forget that one dude who said 72 hours wasn't enough time to read a 99 page bill
Well anti-trust would get in the way of profits, you see
Remember when browsers just browsed....
I really want to push the What's Cool! button
Holy cow im getting nostalgia and I wasn't even alive when Netscape was a thing, I think...
Fuck I'm old.
This is exactly why everyone should use fully idenpendted browser like Firefox
This is exactly why everyone should donate to Mozilla so they can stop being reliant on the Google search deal in Firefox.
The sad part is Mozilla is more of a political organization than just the developers of Firefox now. So you're donating for their lobbying, not just browser development.
Firefox needs new ownership. But it's kinda hard considering how big of a project a browser is nowadays.
"Do no evil." ...unless it's projected as profitable, in which case, evil that shit up!
They ditched the "don't be evil" years ago. Now it's "As many ads as possible".
I hear that they can cover up to 80% of a user's visual field without inducing seizures.
They stopped using that saying years ago
They officially removed that back in 2018.
I see so many comments from people saying they'll jump ship if Google adds this to Chrome. They'll move over to Firefox right away. But the thing most people don't know is one reason Google has such a broad reach is they make it so crazy easy to integrate their services for developers.
So, yes, users who dislike what they're doing should stop using Google products if possible. But, more importantly, developers or project managers, etc. should all resist the urge to utilize this kind of feature even if it's easy.
What do you mean? Gcloud is definitely not "easy" when compared to others like AWS. Also I think it's common sense to avoid google products because they tend to abandon ship in a few years.
I completely agree.
Would you like to follow me on G+ ?
Google & Microsoft are famous for copying what all the other companies are doing and then letting it all die.
Hello from Zune land.
I mean Google has very convenient libraries that developers can add to their apps/websites like libraries for ads, A/B testing, crash reporting, push notifications, etc. Even using one's Google account for SSO in an app just leaks a tiny bit of data for Google to suck up. I think the average phone user is unaware of how even non-Google apps can have Google code, even for iOS. Obviously, this is worse for Android since Google Play Services is installed on almost all Android devices.
This kind of feature is likely to be cloud agnostic, so Gcloud vs AWS isn't really what's up for debate.
They're likely referencing the ease of adding something like google analytics to a website, where you include a url in the code for a page and you're done.
Won't you think of the poor poor ad companies?
Do they actually, or is that just all they have to visit anymore? Would users not be happier visiting a bunch of cheap geocities pages with blink tags instead of tracking cookies?
Unfortunately all the masses want is maximum ease of use, full stop. Just look at the Reddit exiles -
"Welcome to Lemmy, pick a server any server be a winner"
"WTF IS THIS NERD SHIT SIGNUP TOOK MORE THAN ONE ACTION ON MY PART RIP LEMMY LONG LIVE REDDIT IS LEMME JUST REDDIT YET NO FUUUUUUUUU"
Half the internet now seems to be bots creating content purely for the enjoyment of other bots. Typing any kind of difficult question into a search engine will now have you dodging a minefield of AI generated articles, none of which contain any useful information other than what they've scraped from other AI generated pages.
Nobody considers the plight of the humble sprawling multinational corporation and their army of lobbyists.
Time for me to start donating to Firefox. Need to do my part to make sure Chrome doesn’t complete its monopoly
You can't legally donate to Firefox, as it is developed by a Corp (Mozilla Corp.). Donations go to Mozilla Foundation, which does... other things with you money. In other words, your money don't go towards FF development.
However in theory the more self sustaining the Foundation is, the less the Corp needs to support it.
Except websites can just drop support for incompatible browsers.
FireFox already supports DRM. Sites like Hulu/Netflix already refuse to work without it
Yet another vitally important front in the war on general purpose computing (it's a short and important read imo)
Fuck Google, and fuck DRM.
Thank you for that read. That honestly gave me a lot more perspective than I had, and that speech was quoted from over a decade ago!? The more I know, the more I realize how much I don't know... but hot damn. I know it's been a fight, but "a war" really does seem more apt
I work at a vpn/adblocker company and we just finished releasing an updated mv3 extension that does block ads effectively (among other things) but the feature set is limited vs mv2 because of the changes. Furthermore, google has actually pushed back their mandated release schedule for mv3 compliance because something less than 30% of the extensions on their store are anywhere close to ready for it (which if they pushed ahead with mv3 they would effectively break 70% of what's on there overnight).
The DRM shit is just next-level bad though. Enshitification 101.
The thing is mv3 is not needed nor wanted by anyone, they are actively shoving an unnecessary product down our throats to show us more ads.
I will keep on using Firefox and Librewolf until the web goes back to webpages that load in text only browsers in less than 2 secs
I quit the internet before I quit Firefox.
Same. I feel like this will just push me offline. I refuse to relinquish control over my system.
Guess why I don't use the Chrome ecosystem and don't depend on Google.
Unfortunately, you don’t have much of a choice. If a lot of websites start using this implementation, Firefox will have no choice but to implement this, otherwise a lot of websites will be broken.
I have a choice of not using these sites nor enabling antifeatures like DRM support in Firefox now or likely its libre future forks.
Sticking to free/libre has been good to me in the last 30 years. I don't intend to change that.
I personally switch between IceCat and LibreWolf occasionally which I believe will cut out this feature, but if Chrome implements this feature, expect Firefox to follow suit within a couple of months once usage ramps up on platforms like Nflx etc
I will not back down, as the fight for a free internet is important to me, but it is not important to Firefox, before everything else, Firefox wants higher userbase to earn more money.
Yes, Mozilla has been slowly taken over, so the time where I could stick to stock Firefox is drawing to a close. I think a useful community supported fork will emerge by that time.
The tor browser itself should just do ehat you want (without connecting to tor itself)
Here's to hoping Firefox won't implement it. But I'll understand if they do, though I'll then switch to some fork.
The solution is not using crappy things. As simple as that.
We're the minority, if this gets implemented it's endgame. Try convincing the billions of people who already don't care enough to use Firefox to protect their privacy to now stop using Chrome because it's killing the open web. Now tell them to stop using services they care about because DRM is bad.
At this point our only real hope is the EU decides to forcibly stop this, but I'm not holding my breath.
Wonderful solution, good luck convincing others.
This would include YouTube, mail, drive, maps, search which I use daily. And it will be baked into android, and possibly Mac os so it supports the latest standard.
My guess is that sooner or later google chrome will show scary warnings "this site does not support dem, here is a link why this is bad!!!" In the browsers address bar to get users and webmaster to adopt the DRM.
I rarely use Youtube, but this would help boost free/libre alternatives. I use Gmail web, which means Thunderbird-only or switching back to my own mailserver. Drive, there is Nextcloud. Maps, I mostly use Osmand. Search, I use ddg but here's good point to use p2p and speciality search engines. Android, guess why I'm using Lineage OS. OS X, guess why I'm using Linux, or could switch to *BSD.
Google can continue to devolve into a shittier version of a walled garden that is Apple.
Front ends might not be classified as approved environments, though..
Yeah looks like I'm going to have to start moving off as best as I can as well.
Don't think I can do it completely but I'll try my best.
!degoogle@lemmy.ml
www.getfirefox.com
Unfortunately they will also have to adapt to this. Or some popular websites will stop working and most common users won't care and leave firefox.
Giving into this billionaire blackmail won't help. We have to come together and crush google.
Louis Rossman made a video about this and especially where he quotes users from HackerNews hammers the point home for me. Firefox will be forced to adopt this "feature" if it ever becomes reality, as Chrome has overwhelming market share and the average user only cares that the site loads.
not OC: this comment written by CatZoomies@lemmy.world
It’s a [16 minute] video with many points and better if you watch it. However, here’s a break down of key points, made to be as simple as possible - there’s a lot more technical stuff, but I’ll try to keep it concise and less technical.
This is probably about a 10 minute read if these concepts are not familiar to you:
Why is this bad:
Can I use Firefox and stop using any Chromium browser
What can we do?
What will happen 20 years from now?
What happens 20+ years from now?
In 30 years when more of the population realizes their freedoms are under attack, they’ll consult the ones who left 10 years previously.
In 40 years, you might have choice. There may be a “new Firefox” that pops up after the old Firefox was wiped out 10 years ago, and let’s you use the internet, your IP, and your content in a different way.
The trick is to train yourself to see the big picture. You’ll never defeat your overlords - they’re behind tall walls and they control the money. However, you can opt out. You can refuse to participate. But by doing so, remember that you will be locked out. That’s not an easy choice to make.
But those users that do opt out, they will be the ones that were pushed too far. This is why refugees leave their homes - they just want to be safe, they want to be alright, they want their freedom from their opressors.
We will have “Google Internet” (Manifest v3) refugees one day
not OC: excellent original comment here from https://programming.dev/comment/1256612 based on https://programming.dev/post/865990
more by CatZoomies@lemmy.world here and here
Louis Rossman video alt sites https://onion.tube/watch?v=0i0Ho-x7s_U https://inv.zzls.xyz/watch?v=0i0Ho-x7s_U https://invidious.io.lol/watch?v=0i0Ho-x7s_U https://vid.puffyan.us/watch?v=0i0Ho-x7s_U https://inv.citw.lgbt/watch?v=0i0Ho-x7s_U
Small correction: While Chromium is not "owned" by Google, Google employees are the main contributers and the project is controlled by Google Employees. Chromium will absolutely support whatever Google wants it to support.
Firefox won't even implement something as mundane as WebSerial because Mozilla has deemed it "harmful", I really can't see them going along with this.
Here is an alternative Piped link(s): https://piped.video/watch?v=0i0Ho-x7s_U
Piped is a privacy-respecting open-source alternative frontend to YouTube.
I'm open-source, check me out at GitHub.
They want to go back to the days of websites requiring internet explorer... just this time with their browser. Even though getting away from that culture is most of the reason people ever switched to chrome. I will say though, just using firefox for everything you can isn't enough of a protest. If this goes the way Google (Alphabet I guess) wants it to, you bank will require you to use a browser with DRM. You will be forced to use a browser whose source code you can't verify as secure, to access your bank. And that is where the protest lines need to be drawn. If your bank does that? Send your message. Close the account. Take back your money. Now I'd personally do this for everything possible, but that would be a looooot of time spent getting very little across to companies that don't care if you visit their site. Taking money from banks though? Yeah it might be a whole process where you gotta request it, verify in person, wait a week to get the cash, and THEN close it, but so what? A couple hours of doing stuff and then a week of business as usual before a couple more hours opening a new bank account. That's more than worth doing to send a REAL message.
Why would my bank care which browser I use? Their business model isn't based on showing me ads.
Why do banks require "safety"net on their apps now? The safest roms specifically don't have the security nightmare that is google play services, and banking apps are always the hardest to get working.
It is a symbiotic relationship. Regulators hear about the next wave of compromised online banking, add some law requiring whatever, banks are stuck having to comply and in comes google with "Hey this great webDRM/safetynet/playprotect totally complies with this", which it doesn't really but google has the capabilities to lock up any legal processes about it for years when they bring in the next thing and repeat. Banks in large part know it's bullshit but don't care, they're off the hook (They are the ones doing 2 factor by making the banking app on your phone require a confirmation in your tan app on your phone to make a transaction, they don't give a rats ass about the safety of their systems).
Banks get someone shielding them from regulations for cheap, google gets partners that can help them lock you in their proprietary system, and you get extra work on your rooted phone and can't fully remove play services.
I could go into the conspiratorial 4D chess I'm sure google is playing, but let me ask this instead: Does you bank not have any captchas, anywhere in the flow of accessing/using their website? Cause if they do, I hope you know google is absolutely going to advertise DRM requirements as the best tech for fighting bot traffic. Even if Google wasn't doing anything like offering cheap training to their standards to influence the future of the cybersecurity space, that would be PLENTY to get a looooot of big corporations, including banks, to use it.
This is scary
That's why I'm not using chromium based browser.
Remember when the web looked like this?
Or this:
https://motherfuckingwebsite.com/
Found this in the source code, lol
The free web will never escape trackers…
I read this with Samuel L. Jackson's voice and it sounds motherfucking cool
Hot take: the internet was better when it was simpler like that.
Not hot take; correct take
Fast loading, accessible, secure, adjusts to any screen size. This might be the perfect site.
nice 👌
Fuck google and anything they have to offer.
They want everything to run in TEE on the TPM, which has device specific keys signed by the manufacturer and can't be accessed through normal means
Best case scenario is someone learns to spoof it, but that's not easy. Possible, but unlikely to be packaged for personal use, since it'd be the kind of exploit you could sell to the right group for a 6 or 7 figure payout - and that's doing it officially and above board. Plus, if you did share it, you'd want to keep your identity hidden, the manufacturer would probably try to silence you with legal action
Hopefully, the EU challenges them if they try to move forward, someone brought up a law on the books in Germany that makes it illegal to use an automated system to make the decision to deny someone access to a system
Remember kids, piracy and shoplifting are your friends. Reason I say shoplifting is this will be used to block you from paying for stuff online, just look at how google pay is blocked on non google approved spyware Roms
Ever since I switched to Firefox, I have not looked back and I am glad I did it.
I'm the exact same. Firefox has been great. Switched about three years ago.
i cant believe people still use chrome.
!degoogle@lemmy.ml
Dude if they make youtube accessible only through Chrome we gonna have some problems.
I'd have to stop using it. I'd even go to another service like Nebula, at that point, and pay for it.
But I am not going to start running Chrome on my home computer as a daily driver.
If they go after NewPipe and SmartTube I'm going to shill hard the alternatives.
Better archive videos now. Save your favourites and some more.
Oh man you're not wrong. hiyaah
Unless something changed isn’t every browser running on iOS essentially just Safari at it’s core? That’s a pretty big user base to punish.
Yes that's correct. Same with the apple keyboard, which is why the keyboard and browsers on IOS are such shit
What do you mean for the keyboards? Isn’t there an API for third parties? I guess it’s too limited but I’m wondering in what ways exactly
They’re right about browsers, but jumped the shark on keyboards.
Custom keyboards come with some rules and limitations for obvious reasons, but they’re by no means the system keyboard in disguise like how browsers are all WebKit under the hood.
Here’s documentation on custom keyboards: https://developer.apple.com/library/archive/documentation/General/Conceptual/ExtensibilityPG/CustomKeyboard.html#//apple_ref/doc/uid/TP40014214-CH16
Yeah that’s what I thought, it’s not really comparable. Doesn’t explain why they all suck so bad compared to Android’s custom keyboard though
Most likely different incentives and platform culture.
Customization isn’t that big on iOS, other than the occasional viral fad, so there’s less interest for custom keyboards and in return less development spent on it.
Monetization of custom keyboards is also really hard and due to limitations on tracking and collecting data the incentives that Android has don’t really exists on iOS.
So what you end up with is a handful of custom keyboards often by big players that have bags of money to throw at it or as a companion to a regular app (e.g. Grammarly, GIF apps) to fulfill a specific function.
Safari will be among the first to follow this.
I am pirating stuffs. They can't stop me. No other websites can stop me. Piracy sites are not going to use DRM. Firefox + ublock is heaven. Using it even for browsing lemmy as I like the mobile interface better than apps available right now.
Most probably firefox will also bring this or they will lose market share further which is already pretty low.
Alright time to move off of any google systems then. Starting with gmail later today..
What webmail can you use for alternative?
Proton.me
I personally like Mailfence. But the others aren't bad alternatives either.
Fastmail is Australia-based, so it's a privacy nightmare. If you're okay with that, it's cheap and works. You get a lot of storage for what you pay.
Tutanota is a German option, but you have to use their email client. They use a custom encryption protocol instead of your typical PGP. They're good, but at the end of the day I like my third party email client.
Mailfence is Belgian and only has infrastructure in Belgium. So they don't even respond to court orders outside that jurisdiction. They offer PGP. Also support IMAPS, etc, so you can use your own email client.
I don't like ProtonMail, and I know this is probably going to be an unpopular opinion, but I don't like them. They have been busted giving client data to law enforcement without a warrant, they don't encrypt the email subject line, they still log IPs like every other service, and they received a ton of venture capital funding. I fully expect their enshittification to happen soon.
Posteo and mailbox(.)org are also options. Never used them so I can't vouch. I hear good things about both though.
And if you're in Europe or have your own domain, Infomaniak offers a suite comparable to Google's at a competitive price. I haven't used it either but it could be good.
I use web browsers with tutamail and it works well.
Good point! That's an option for most email providers, and that's fine for most applications. I just like using a desktop client, but if you don't, then that's not even a factor for Tutanota.
Protonmail is great
Posteo
Fastmail
I moved to Fastmail a couple of months ago and it is fantastic. Much prefer it to Google Mail, besides the privacy improvements.
Lol welp, guess who just switched to Firefox
I have long felt that the computer industry course-corrected with mobile phones. They made a mistake in the early years of computers by letting users do things like install software from unauthorized sources, modify software to run to their liking, or even strip out the operating system and replace it with an alternative. Now we get things like TPM, Pluton, chains of trust, and DRM. 2% (rounding up) to protect users from malicious software tampering, 99% (rounding down) to extract rents from users and to track them for advertising or other purposes.
And if you start building a QEMU machine that spoofes your machine IDs? So you can do all ypur DRM sruff from QEMU?
https://github.com/A1exxander/KVM-Spoofing
BIG INTERNET is coming to get us
This code will only ever be installed on my machines by force against my will.
No benefit to any users at all, all benefit only to Google and their Advertisers.
Well they can DRM deez nutz
Ah, so I'll need a new extension that fakes my browser to say it's chrome before I can use adblocker. I think this is a cat and mouse game with no end.
You would need an extension that could implement the drm, which would be no small feat and I’m not even sure how poss that would be with the extensions API. Not saying it won’t happen but i wouldn’t hold my breath.
I wouldn't use it anyway, because DRM is cancer.
Can someone please ELI5 this?
First they established a new standard for extensions that makes it harder for adblockers to work in chrome, that's manifest v3.
And now they want establish cryptographic verification of the environment so that you can't have a custom environment in your browser, like having adblockers. Similar to how DRM works.
As long as average Joe uses chrome, we're doomed.
Why can't we have nice things? I switch to Lemmy, about a month after that, Meta joins the fediverse.
I switch to Firefox ( thanks to the hype in this community, because I am average Joe after all) and yeah, it feels nicer. But wait- now these news...
Sorry everyone it's my fault. I switched to Firefox and Lemmy recently so Google and Facebook felt pressured to bring me back.
All fine. We'll tell them you're not here.
We forgive you. Don't give in
Also thanks for your comment, now I fully get the meme
Is it possible to circumvent by running two environments and reporting only one?
DRM is the thing in games, movies etc. that ensures only legitimate users can use the content. Now Google wants to do the same for webpages. It means that only approved browsers will have access and no extensions can interract with the page. So you won't be able to view some pages from unapproved browsers, forcing you to switch to Chrome if you really want to see it. And no adblocker can interract with the page and block the ads there.
That's screwed up. Thanks for explaining
Feels like a great way of close sourcing chromium without actually doing it.
I have never used Chrome because Google is evil. I used edge once to download Firefox.
TIP:
winget install mozilla.firefox
so you don't need to use Edge either.jokes on them
im going back to lynx
It's funny how they think this is gonna do shit. The only thing this'll do is make everyone switch browsers.
That's the point, DRM would force everyone to use a "compliant" browser (Chrome, or extension-free Firefox etc), and the other browsers might not be able to show content; they may also lock the content from copying and editing without special tools, just like website video DRM works now
But we already see "sorry you're running adblocker so no content for you" websites, so I'm not sure if that's gonna change much
Firefox works around video drm by running it in an isolated container though.
I know my uBO has saved me from some hostile shit. So yeah it's a part of my browser security. I have it configured to a stricter blocking mode so it's not just blocking ads for me, it gets other stuff that can be a problem.
Anyway I'm aware of the Manifest V3 business and being on Chrome I'm just waiting for the hammer to fall before going to Firefox. If they start adding DRM as well, I'm out of there quick.
Yeah, yeah, I know, just go to Firefox now, but I don't really want to deal with a new browser and all my custom stuff until I have to. I'm old and that shit is super hard to motivate on for me. Not to say I'm inept, I mean I've spent my whole career in tech, but old dogs and all.
So glad I switched to Firefox at home, wish I could use it at work.
Why can't you?
Who I work for doesn't allow me to
Question: Firefox renders certain DRM content in containers. Would that be applicable here? (Run unmodified site in container in background, load site content from that to user, and direct the attestor to the container so that the user can modify the site on the front end)?
The point of this is so that the user can't modify the site at all, despite what the proposal might say. Their goals and non-goals are contradictory.
Running this content in a container will not protect you. Just don't even try to adapt to it. Reject it completely.
NO, that's not the case.
it doesn't prevent that. did you read that misleading post? All it checks is thay you're running a drm-compilant browser by providing a special token (signed by your device's id and real name from google account) which can be verified by the server.
of course that means that Firefox users will get a worse experience (more captcahas, or get completely blocked) on websites that use this new api.
okay, but what's the idea of a "DRM" compliant browser to you?
because with that vague language, it may be one that the DRM basically blocks out any third-party plugins, extensions, apps or systems from reading, modifying, or changing any website code (which is how most adblocks work); setting the DRM flag may nullify any adblocks ability to even see what is going on with the site as it loads, making it useless - essentially turning the web code into a black box (at least to the extensions) that it cannot interact with, modify, read or even may not know exists at all.
It's security that slowly robs people of their freedom to run whatever they want on their system and interact with the information they receive on any level. It's one step for corporations profits, one giant leap backwards for freedom.
They also don't want users to be able to use adblockers, that isn't all they're checking for. So this absolutely is the case. Their entire proposal is contradictory.
No no no Just no FUCK DRM!!!
The cat becomes the mouse yet again 🥱
not quite , this is way more serious than refusing to give extensions access to websites content. ( for those who don't know that's what manifest-v3 essentially do )
I think i understand it.
You would need to be using a browser that is "verified" to view content.
I'm saying that most things trend toward homeostasis. If it's "successful" it will hurt them. But it won't be successful. All verification is falsifiable.
Agreed. It's like people forgot about Microsoft and IE. They also had drm options in the browser. Anyone remember Silverlight?
And how did that work out for them?
From what I've read, the information they're gathering already exists and can be gathered by the server (browser type, user, etc.) with an added layer of encryption to ensure that information isn't tampered with which is easily spoofed today. Of course, this approach doesn't stop folks from tampering with the web browser directly to inject whatever information (outside of maybe what browser they're using since that'll be tied to the key) they want into the payload but that makes closed-source web browsers substantially more trustworthy (aka not Firefox) to site owners.
If this does gain mass market adoption, then yeah, I suspect it will force users to use proprietary web browsers (google chrome, edge, etc.). Which is a step in the direction that Google wants.
I imagine that ad providers (Google) can also start throwing their weight to force mass adoption by de-monetizing non-compliant browsers, which may pressure site owners to not serve non-compliant browsers.
Correct me if I'm mistaken.
Will this fly with GDPR?
I haven’t used Chrome years, Firefox and Brave browser suit me fine. Since Brave uses the same engine and extensions. What’s the downside of Brave besides ppl not liking the creator? If I stopped using every device and product with an evil genius behind it I’d live in a cave somewhere with no technology at all.
rip cds dvds and load to cheap thumb drives for legal backups. distribute to your friends in case you lose your copy. It's on them if they copy your backups. vlc usually just works as a mobile->car bluetooth source. G broke theirs hoping to charge for it on YTmusic. not a dime mfrs. ha. I use HandBrake for ripping dvds->mp4s, mp3 w/e you need. many other rippers to choose from. open source forever. chrome is just google's version of that source code. get a working version