I'll keep using Firefox and be extremely vocal about websites that won't support it. I mean that's all I can really do.
And hope the EU will oppose it.
EU really is the one doing all the good work. Meanwhile, the US government is useless as a government for its size.
corporate-owned america, baby!
Why aren’t the vaccuous, corporate whore sociopaths defending our freedoms!?!
Maybe if our politicians weren't fucking 80 years old and actually understood technology even a little bit.
“Here’s our millennial expert on technology to explain it to us. Thank you for being here.”
“No problem.”
“WHAT”
... they'd know what exact nasty deeds they're being paid for? How does that help you?
First of all, you need accountable politicians that serve their nation. Age, while it's important, is not of prime importance.
Basically they have made themselves kings and everyone else are peasants. Now they are dividing the land between them.
The US government being useless against megacorps is not a bug, it's a feature
Why would they? It's FrEE maRKeT. Google can point to Edge and Safari as proof that they don't have a monopoly on browsers, so no anti-trust issue there no sireee. The fact that Edge is based on Chromium does not factor into this (in fact the EU loves it, just look at what they did to "liberalize" the electricity market, aside from some extremely anecdotal stories, it's all companies whose only job is to build a website and the fiscal "infrastructure" to buy energy from state-controlled producers to resell it at a markup using state-controlled energy distributors, but hey there is a private middleman so it's liberal and the innovation/investment dividends will pay out any year now... any year...).
The concept of the WWW being supported by free, standard, interoperable protocols was never codified into law. Despite how much good it has done so many industries to have a common free interoperable tech stack, it doesn't have to be this way; the French Minitel was a walled garden built by France Telecom, and that was 100% legal, because interoperability is not a legal requirement. The Apple Store and Game Consoles work under the same principle, you basically can't sell anything on there without abiding by some asinine rules (Apple has had some issues but IIRC that has to do with them abusing their monopoly position to extract 30 % of all sales, not with the fact that they have an exclusive App Store to begin with).
Also this whole bullshit is not new and was never legally challenged because there is no case. For years you could not even browse instagram in your browser because they "only supported the mobile app", which was a blatant way to force you into a walled garden where they can force you to watch as many ads as they want and where scraping is much harder.
I expect we'll lose about 90% of the web within five years as this becomes normalized.
It will primarily be the seo driven AI crap driven ripoff regurgitated shitfest that's arisen in the last 5 years tho.
I'll be waiting for a search engine to arise that only shows user controllable presentation and will use that.
A way to filter out the corporate trash will make the human web better, not worse.
Check out Kagi. It's a subscription search service since they don't show you ads, but that also means they don't track you at all (no search history, for example). They also let you influence the priorities of the sites you see in the results or even completely block them, and the results are usually better than Google with less bullshit – or even at worst as good as Google. Some people seem to be skeptical about paying for a search engine, but everybody wanting shit for free is what got us into this fucking mess in the first place
I second this, was about to recommend Kagi, auto filters listicles, fantastic for actually finding information written by real people on blogs and things that aren't SEO spam
Quick bangs alone almost make it worth it for me. The functionality exists in other browsers but it's not synced, so being universal in the search engine itself is a giant usability improvement for me. Especially when using in conjunction with Orion.
I'm pretty satisfied with Kagi after using it for a bit over two months.
A subscription search is an interesting idea, is there any more info about the company behind Kagi available anywhere? Looking from my phone I can't find much
I personally moved from Google to DDG a few years ago, and the last time I tried Google the results were bootywaste.
I expect we'll lose about 90% of the web within five years
Which part? I feel it will be part I don't even want. I might be forced to use that part for work, but that will be nice filter.
I was thinking that "they" ( governments and big corporations) should have their own internet which is clean and ordered and "safe" and leave us on other part. This might be a way to achieve that.
Yeah, this is pretty much my take.
The web sites that are interested in this tool never wanted to be actual web sites. They wanted to be closed client-server systems with proprietary, opaque protocols… HTTP was just a convenient implementation to leverage.
What WEI does is basically allow all of these wanna-be walled gardens to become actual walled gardens.
They never wanted to be interoperable in the first place, so what are we losing? Good riddance.
Maybe with this in place, we’ll be able to start rebuilding the interoperable web that we had before VC money took it over.
We just need a compelling business model for it. “Free” ad-supported is toxic for open discourse, and now it’s functionally deprecated on the open web. I think that’s a good thing, but good changes are not necessarily easy to endure.
I’m not sure how we’ll do it. Attention tokens and all that crypto stuff seems like garbage, but having a thousand different subscriptions to get past paywalls is not great either.
You might want to recommend forks of Firefox too. Part of the reason Chrome/Chromium is dominant is because of its forks, and a fork of Firefox might appeal to someone more than the main browser. I use Pulse, but Waterfox is also solid from what I've heard.
I mean that’s all I can really do.
Unfortunately when my bank or other critical institution rejects Firefox for failure to use attestation, I can't even do that. I'll be forced to use Chrome. Firefox would have to adopt WEI to remain compatible. In that case I can use Firefox, but it would be the same as using Chrome.
I'd say the monopoly Google has with Chrome is way more threatening than in the early 2000's with MS and IE. That threat resulted in an anti-trust lawsuit, but not a peep from any government about the destruction Google is doing.
Not much you can do about institutions you have no control over, but surely you could go to a different bank?
Assuming there is a bank that doesn't use this of course.
I‘m old so i actually remember this but I‘m old so my memory might be shit but wasn‘t the lawsuit about the fact that microsoft shipped IE wirth windows as a default browser and not about it being too dominant?
I'd say the monopoly Google has with Chrome is way more threatening than in the early 2000's with MS and IE. That threat resulted in an anti-trust lawsuit, but not a peep from any government about the destruction Google is doing.
Took the words right out of my mouth. I don't even know that eu cares. Google is as evil as everyone feared if not worse. Apple is pretty bad too, not even allowing any browser but their own on mobile. People don't realize it, but browser choice is actually a huge deal when it comes to causing damage to society (or protecting it)
I know I'm just dreaming, but I really like the Gemini protocol and hope it'll grow and develop more. It doesn't have everything, but it's very close to the "old web'.
Is Brave safe from these shenanigans? Asking for a friend.
Brave is built on Chromium. So, by default, no they are not safe from this. Without extra effort, Brave will have this feature. I don't know if its feasible but there's a chance the Brave devs can remove the code from their distribution, but that's the best case scenario and just puts them in the same position as Firefox: they get locked out because they refuse to implement the spec.
I have to imagine they will strip it because if they don't, it'll be dead to all of their users.
It may be dead to its users anyway depending on how forceful Google is with this. If Brave doesn't work on 98.8% of all websites with advertising or indeed on 49.5% of all websites (approximately Google's ad network's reach), it becomes as niche as lynx.
Yeah Brave would probably be fucked then. If you can't have privacy anyway, might as well use Chrome.
No brave users don‘t care. Brave proved how untrustworthy they are and in any case their business model is unethical yet they still have a cult like following plus a group of crypto bros that are obsessed with getting digital pennies.
I'm a Brave user that certainly cares. They're not untrustworthy.
Brave devs have stated that their fork of chromium is essentially degoogled, detracked,etc. Just the browser core and built from there.. They don't automatically add in new features into their fork just because chromium does.
I see, thanks for the clarification. I wasn't sure about the specifics of how they produce their product from the upstream source.
Brave is a re-skin of Chromium.
It may be the last few years of the free web because of Google. Their goals are clear.
Please switch to Firefox, another search engine and another email provider...
I've long been trying to de-googlify myself, but it's certainly ramped up this year.
Been trying out Kagi and just set up proton mail account. Not sure what I'll land on in the end but it's nice trying out newer services.
It's not too hard. The most important things are web search and email. I still use Google Maps. But I don't want my private emails and searches at a company who is user hostile and preditory.
I quite disagree, it is very hard. Sure, switching search engine takes all of two seconds, and email can be had from many vendors free and commercial.
But calendaring! A calendar that is at least somewhat integrated with am email client, supports more than one actual calendar, and has real-world capability to share them with others - "if you succeed in this, two me how."
My calendaring needs might be less restrictive than yours, but Proton offers a nice calendar that from what I understand offers at least some integration with their e-mail client. Have you checked it out?
I use Nextcloud self-maintained on a VPS myself for all my calendaring needs, which is basically keeping track of appointments, syncing via CalDAV to my phone, as well as sharing some sub-calendars with other people. Setting up a Nextcloud-server is admittedly a bit more hassle than just signing up for a service, but also here there are options of making it a bit easier than hosting yourself.
I find Google Maps by far the hardest service to rid myself off, followed by Gmail (the time it takes!!! Been using Proton for two years, still not completely rid of my Gmail-account). I'm slowly getting used to using OSM-based map services more and more.
Ohh, this does indeed look quite fantastic. I am certainly going to look more into this. Thank you!
_Edit: Ah, but $50/user/year. For the whole family that adds up real fast. Still, nice tip.
CalDav? Integrated in nextcloud. Or Mailcow. Why does it needs to be integrated with e-mail? Thunderbird is able to add all invitations or reminders into my CalDav Account.
It is hard when you have a business. You really have to actively try to stay away from them. They control so much business infrastructure.
I know my business partner (god bless him, great friend but...) is super into big tech and every new product they offer. So it's a bit of an uphill battle.
And I'm lucky. I own my own firm. Most people don't have such a luxury.
Google server infrastructure products are almost universally worse than Amazon's. The interfaces, APIs, and documentation look like they were designed by people who don't understand humanity.
Most importantly, they are designed by people that don't use them. Amazon uses AWS themselves, Google doesn't use GCP.
At least they're not as bad as Microsoft. Azure is a goddamn dog with fleas.
I am fortunate enough to have never had MS servers forced upon me.
Good to know.
I found out about Kagi from another Lemmy user and I've been really impressed. I feel like I'm getting better results than Google. I'm using their Personalized Results feature and it helps a ton!
Any recommendations for free email providers?
Any recommendations for free email providers?
I'm using proton. I like it a lot.
Nothing is free. How would they make money as a company to pay employees and pay hosting bills?
All these big tech companies are free exactly because they are preditory on users.
Pay for good email like Fastmail or Proton.
I mean, Proton, which you just mentioned, also has a free tier, which is just as usable as Gmail is for 90% of people, myself included.
Proton's free tier is a step to right direction, and at least they don't run a huge advertisement company that could benefit from the free tier users' data. And if you pay for Proton Unlimited, you also get access to SimpleLogin's Premium tier which is nice. I just found this out when I finally bit the bullet and changed away from Gmail over to Proton. Now I don't have to expose my real email address to some random never-to-be-seen-again websites or campaigns if I don't want to.
If one has enough motivation, time and interest in purchasing their own domain, you can get one step forward with changing away from Gmail. Then you can pay something like 5€/month for Proton Mail Plus, use your own domain as your email address and if one day you find a better email provider, you could just change the MX records for that service and wouldn't have to go through all your accounts and update the new address to all the places.
I had pondered moving away from Gmail years and years ever since I found out Google doesn't have any real customer support and HN had stories where people had suddenly been locked out of their Google accounts because of some silly reason and couldn't get their accounts back without some inside connections. At one point most of my digital life was at the mercy of Google and losing access to my Gmail or Google Calendar or G Drive would have been a disaster. Reading all these web-DRM news reminded me that I should continue de-googlefying my life and finally made the change. Firefox has been my primary browser for years and I moved over to iPhone with my phone.
I understand the sentiment, but email is a necessary part of modern life and not everyone has the luxury of paying for it.
A lot of things are necessary parts of modern live and you also have to pay for it, a mobile plan for your smartphone for example.
I had a smartphone but not a mobile plan for years. People can get very creative when times are tough.
Don't get me wrong, I think everybody should have the guarantee for social participation, I'm just saying that Email is no exception. If you did not have a mobile plan for whatever reason, you were just not participating.
Not really; I could do everything everyone else was doing; just not make phone calls or send sms texts. I used wifi to connect to the net and I could still make emergency calls. Im actually considering going back to that to save money, lol.
Well I know you're talking about cutting the cord completely, but if you're in the us TMobile (micro-shilling for a second) has a $15 unlimited talk/text and 2.5g of data prepaid that I used for a few years (until I upgraded) but since I was mostly on wifi it was absolutely viable
Also I guess the sentiment here is to de-google , but I've had my Google voice number for over a decade and I've used that as my primary number even when I haven't had a cell phone provider. I use it for texting and calling and can use it on the PC in a browser window
Alright shilling over, but I guess my point is there's that route or I'm sure countless other options that are more secure you can use so you don't have to do without calling/texting
Nah then gmail is good enough.
Register your own domain name with Gandi and they gift you free email with a choice of two webmail interfaces. It's really good, and owning the domain name enables moving to a different provider later if you wish.
I do use the better options but lets be real, the battle was lost many years ago
So is the only way around it to not use Chromium-based browsers? Or does it pollute everything??
That will work until websites start requiring it. At that point browsers like Firefox have to either capitulate and implement Google's DRM or become unusable for the majority of websites.
And then we'll have a web where the corporations have complete control over what you can view and how. Ad blocking and anti-tracking will be things of the past, and corporate websites will have a unique key from your browser to help them track you around the web. And no more hiding your identity behind anonymous browsers over Tor or VPNs.
So we found out about this about 4 days ago, and when people objected they shut down people's ability to log issues or comment on the GitHub repo. And now they're already cramming it into their browser. This is strong evidence that Google knows it's unpopular and tried to keep it under wraps as long as possible so they could get it into the browser before people had time to react.
Let them require it. Search engines like DDG should really begin maintaining their own index, and they should exclude sites that use the tech from the index.
I can also see Apple taking a stand against this. They have a competing (and much more reasonable) implementation that respects user privacy.
Search engines like DDG should really begin maintaining their own index, and they should exclude sites that use the tech from the index.
If this gets implemented, it would ruin the ability for competitor search engines (such as DDG) to exist. If Google convinces site operators to require attestation, then suddenly automated crawlers and indexers will not function. Google could say to site operators that if they wish to run ads via Google's ad network they must require attestation; then, any third-party search indexer or crawler would be blocked from those sites. Google's ad network is used on about 98.8% of all sites which have advertising, and about 49.5% of all websites.
Even if the effects didn't go this far (which I agree they quite probably will), it wouldn't be feasible for other search engines to just exclude sites that implemented Google's DRM. If Google makes it attractive enough to the owners of major sites to implement this (and it will be attractive if it ensures they get ad views), then no one will use a search engine that omits all the most popular websites. The same goes for non-Google browsers. This is really a shocking attempt by Google to use its own browser's popularity to seize an effective monopoly of the web.
The idea is that service providers would only trust chromium browsers
No. The only way "around it" is to give up and use Chrome.
Everything else will have to dance to Google's tune to access any website that implements this, and that will at very least include Google's own websites.
Okay then, then I don’t use it, stick to Safari and phone call anyone who requires me using their site with Chrome. Or I’ll go elsewhere. I’ve been down this road with IE before…
Web dev here. It enforces the original markup and code from a server to be the markup and code that the browser interprets and executes, preventing any post-loading modifications.
That sounds a bit dry, but the implications are huge. It means:
ad blockers won't work (the main reason for Google's ploy)
many, if not most, other browser extensions won't work (eg.: accessibility, theming, anti-malware)
people are going to start running into a lot of scam ads that ad blockers would otherwise prevent
malicious websites will be able to operate with impunity since you cannot run security extensions to prevent them
web developers are going to be crippled for lack of debugging ability
These are just a few things off the top of my head. There are endless and very dangerous implications to WEI. This is very, very bad for the web and antithesis of how it's supposed to be.
TBL is probably experiencing a sudden disturbance in the force.
Wouldn't it be possible to create some kind of "post-browser" that takes input from the web browser and displays it after passing it through ad blockers and whatever else?
Such an abstraction, while unnecessary, should be possible, providing that Google doesn't forcibly prevent access to the final markup that coalesces (ie.: view source and web dev tools)
The only acceptable browser would obviously be ones that restrict that access, how else are they going to force people to see all their ads?
Perhaps, but it's not as simple as it sounds.
Most of the Web requires js to work. I don't think the js will work without the DRM.
So the proxy would need to be running the js, and emulate your clicks and so on.
Would this impact web proxies at all? If so, that would entail a pretty huge security change for a lot of corporations.
If it's something like a proxy server that pre-modifies the markup/code, then yes, I can see WEI interfering with that.
It's a way to disable ad blockers.
Presently web servers send data to your browser, which can arrange the content however you wish, because it's your browser on your device. Excluding content you don't like is fairly trivial.
This drm stuff will basically make the browser refuse to display anything unless the whole page is unaltered.
Does unaltered include things like colorblind extension that change colors to more easily differentiate between some red/green for example? Or stuff like reddit enhancement suite? Sounds like a good way to kill other possible useful extensions.
That's exactly what it will do. Don't believe the bullshit in their "non-goals" section, they don't give a fuck. If accessibility extensions happen to continue working (at least temporarily), it will be by accident, because they for damn sure aren't going to spend even a second on compatibility.
Shit man, this would ruin even the small internet. I won't even be able to cheat on dragcave. And most of what I was doing was keeping a tally of my collection since the site doesn't do that. But there's no way page modifications wouldn't be caught and punished no matter what they actually do.
Yes.
Imagine you're a builder and you build a store (website). People can come into your store through the door or window. WEI will make sure you come through the door just as the builder intended.
At face value, that sounds fine, but now imagine that builder puts a maze (all of the ads littered on a webpage) on the other side of the door. It's a pain in the ass to get through and someone (adblock) has told you about the window that lets you skip the maze. You can get what you want and the store gets to sell a thing. Everyone's happy except the maze builder (Google), so they're trying to force the entire world to go through the maze.
Wait Google can place ads on my website without my permission?
You're the builder, and thus the one who can choose to put a maze there or not.
There might have be a time when Google tried not to be evil, but they've been Satin himself for a good number of years now. It just took them a while to realize the irony of their mission statement. It's funny I used to get mad at Microsoft for being evil, but they've got nothing on Google.
They removed 'don't be evil' from their code of conduct 5 years ago.
There's a "we told you this would happen" going on here.
If chromium didn't have a monopoly amongst browsers, they would have a much harder time pushing this through.
Imagine everyone using a browser built by an advertising company.
That's not even the biggest level of "we told you this would happen."
They pulled this shit previously with other standards (WebHID). Where they proposed a terrible standard, and then implemented it ignoring all feedback. Only last time it played out over months, and this time... weeks?
Sweet jesus.
I moved to FF the same time I found out about the DRM shit. It takes literally 10 minutes and the only thing FF lacks is tab groups. Not a big loss compared to a stupid bigtech telling me what I can use.
FF has tab containers which, while I haven’t used much myself, seem pretty similar to tab groups from a quick search.
Edit: Also looks like there’s “Simple tab groups” extension which maybe even more similar to what you may want
Containers have nothing to do with tab groups. One is an organisation tool and the other is a privacy tool.
The problem is that Mozilla dropped the ball so hard, by focusing on making their C-staff into millionaires instead of making a good product, that it no longer matters. Their market share is so small that Firefox compatibility no longer matters.
Soon websites will require that DRM and either Firefox will implement it or it will be unable to render those websites.
Firefox is awesome and I never switched to chrome because Google is the devil
The only use chrome gets on a fresh phone before deactivation is installing Firefox. Same for IE
I've used Firefox since it was Netscape and it's been a fun ride
And this is the consequence of browser vendors relying on Chromium.
To be honest - easy to pull a Microsoft a fork a branch without the crap.
Ohnonono
Well time to burn down google I guess ¯\(ツ)/¯
The Internet in the last five or so years has just been less fun and interesting to use in general. Except for anywhere I can interact with friends, I just don't really care for using corporate social media sites anymore. I've pretty much removed Google from my life except for YouTube and rarely Google Maps, and if Google tries to use this to force ads into YouTube (which I'm sure is going to be one of its uses) then I will just stop using YouTube. I will just stop patronizing any site or business that tries to implement this as a feature to stop my browser choice, OS choice, or my extension choice (which included adblock extensions). I miss the days when the Internet was less corporately controlled than it is now, and I think we need a renaissance of those days.
this is a userbase killer right here
If manifest 3 didn't change egoogke chrome share I doubt this will.
Manifest 3 didn't create noticable chnages for the average user. Not yet anyway.
The idea is these changes are never a full at first. The internet will not break tomorrow because of integrity checking.
But it will in a few years. And people will be upset then. When it's far too late.
hey everyone a friendly reminder that alternatives exist, and just drop this shit fast and move to better alternatives. In this case firefox.
The problems start to happen when buisnesses adopt this en masse. Expect all banks to implement this for example. You can use Firefox all you want, but then you won't be able to do online banking.
Standards are really fucking important to help people stay functional in a society. This is one area that the ANCAP mindset just gets it totally wrong, unless you like the idea of being a hermit.
Anyway, we are already seeing some websites basically reject browsers like Firefox because they basically give the consumer too much protection and freedom. Arguably we've seen this before, but this may be a new tier of corporate lockout of open standards as consumer protection gets thrown in the trash. Thanks America.
This needs to be pinned at the top of every single threat about this. Far too many people are just saying "Well I'll just keep using Firefox". They do not understand the gravity of the issue.
If my bank does this I'll take my custom to a smaller one that doesn't.
I don't think they will though, since they gave me a hardware thingy to login to my online banking from my rooted android 🫠
I don't think that checks out.
Firefox only exists because it's primarily funded by Google. It's funded by Google to ensure they actually have some competition and avoid becoming a Monopoly.
If they kill Firefox or otherwise make it unusable they'll be shooting themselves in the foot.
However, if it ends up being a bad experience that no one wants to use, well that's not on them and they have no responsibility to fix it.
What will likely happen is Firefox will also adopt this DRM.
Mozilla does not exist because of Google. Google doesn't have controlling power over Mozilla, nor do they have power over the many forks. It's hilarious that you think a company would give a shit about being a monopoly; that's what they strive for. This stupid take has been going around for years, and I'm sad to see it spread to Lemmy.
They give a shit about not being a monopoly because if they were, they'd be broken up so they're not one anymore. At least currently still.
Oh, you. I remember you from another thread the other week, saying how Chromium is not Chrome and that this would never happen. Hi. It is happening. Also, I remember telling you to stop moving goalposts, which is what you are doing here.
Microsoft would be happy to pay Firefox to set Bing as default (has happened in the past already) so even your goalpost moving is moot.
The issue isn't that we have no alternative, it's that this feature will basically eliminate those alternatives sadly. You can read more about it here if you haven't, but it's bad.
For sure, I agree and it's bad. But frankly unsurprising. This is the trajectory of the internet: greater control.
We've become too dependent on centralized tech companies and erred in allowing tech companies to change, define, and control the internet in the first place.
Alternatives must be promoted in mass scale.
When websites start blocking clients that don't implement the wei handshake, you'll be forced to use one that does if you want to visit those sites. Firefox will either adopt it or become a second rate browser.
I wish that this kind of thing would generate enough outrage to increase Firefox' market share considerably (from the <3% it is today), and in that way deter websites from adopting it since they would block a larger share of users. Unfortunately, I think that might be too naive of me...
You require Chrome or a Chromium based browser to view this comment.
Websites should be able to block me. I can just go elsewhere.
May be a bit problematic with banks, insurances and maybe government institutions...
it will truly be messed up if essential websites block user access because of this
Most banking apps don't work on rooted Android phones. It's not the same, but I don't think it's a stretch to assume that at least these companies would force their customers to use specific software...
And I use my root to hide my root from my banking app... Idk about the implementation details of this, but I kinda think the same could happen here as well.
This is the problem for me. If my bank or other critical institution decides to refuse me access with Firefox, I can't use Firefox. This is the crux of the issue. Google is creating a browser monopoly with it's market dominance and attestation scheme.
MS tried to exert control in the early 2000's with its IE dominance and was thwarted by an anti-trust lawsuit. Google will probably skate on this one. Nowadays the consumer is only a resource to be plundered. The customer is shit.
As pointed out above, individual use of Firefox doesn't really do that much. Especially when Firefox already doesn't work properly for some sites. Plus, lots of people (myself included) need to use Chrome for work. This shit sucks.
Have you used Firefox recently? I haven't had even one instance of a website not working simply because of Firefox.
I use it daily. It’s my default browser, but it ain’t perfect. Most recently, it was an interactive map for Diablo IV that would never work on Firefox. After an update it started working, but that’s just the most recent example.
it is pretty rare for issues like that to happen. and just keep a chromium based browser installed for the 0.2% of websites with compatibility problems or whatever.
for work purposes, ok fine. but personal purposes i'd try and steer clear as much as i can.
My general point is we should use alternatives whenever possible to discourage this kind of centralized power developing in the first place.
I'm do not experience any of these improper working sites. My daily driver is Librewolf, where this sometimes occur, but when it does, I just switch to vanilla Firefox, and everything is fine.
As an aside, I know we're not supposed to care about Reddit, but the lack of this news getting any attention over there is just depressing. Hell the Firefox sub hasn't had any posts in days apparently.
People that care about this stuff are probably already jumped ship.
That's because the firefox sub moved to Lemmy...
Wow they moved incredibly fast, even considering the repository was first committed to in April 2023. I wonder why the outrage only started a few days ago? There was also a discussion, started in May.
It's a shame that no matter the amount of outrage, no matter what the pitfalls of this change may be, it's going to happen no matter what because money.
Luckily we have choices. From WebKit browsers to Mozilla browsers. This will make me quit chrome. (Way overdue anyways)
If you switch to a browser that cannot be remotely attested, eventually commercial websites will just stop serving you. So switch now and tell everyone you know to switch to something that is not Chrome or Safari.
Safari already does this in the form of Personal Access Tokens, and the reason the web hasn't taken it and ran with it yet is because their market share is ~20%. Chrome is 70%. This is about to be a systemic problem that you cannot fix by switching to software that respects your freedom.
Well, I don't know about now, but this Microsoft employee says some time ago an outrage worked.
From what I read in the related links they only claim to have applied pressure, they didn't cave because of that pressure though. Again it seemed to be about money.
"The only saving grace was Vista’s very painful and long development period where Palladium was eventually killed so Vista could actually ship."
Right, so outrage that they couldn't get enough money.
We also cannot say it wasn't a factor in their decision.
but we also have no reason to either
Could there be lawsuits over this?
If there will be, google is powerful than most governments. They know there will be some lawsuit and they are prepared for it. Its just cost of doing business.
Google isn't more powerful than any governments it's just the USA that allows them to have power.
Dude they have all the data on you and your circle of friends. What you share? What was shared with you, all the stuff you can possibly imagine.
I'm not sure how they have this when I only use e2e encrypted communication to share stuff with my friends and none of us use their services.
Ah but my point was majority people dont.
No they aren't, the US just makes them look that way. I'm sure many european countries will object to and fight this.
Not directly but this could be an antitrust case in some places.
Reasonable people will disagree... but no, probably not. This is a feature which websites can choose to use in the same way that websites can choose to use notifications. Even if you dislike the fact that web browsers provide the option, it's the website itself that's actively choosing to impose on you.
Now, the counterpoint to this argument is that the feature in question will most likely further strengthen Google's position as the market leader and lock out new independent browsers. This is certainly true and similar logic has indeed been employed in cases like the Microsoft antitrust case. With that being said, Google still has that extra layer of abstraction sitting between it and the actual mechanism of action (i.e.: independent website owners who want DRM). Think of it like the Uber of anti-trust law.
Chrome is a bag of shit anyway, easy jump
Chromium, not chrome. Which means also Brave, Edge, Opera, Vivaldi and a lot more.
Basically only Firefox and Safari are left as the big non-chromium ones.
But that's not the worst of it. Even if you tear out this code, more and more websites will be built that rely on it. Which means Firefox etc also need to include it to keep functioning.
If WebKit and Mozilla put up enough fight. It will not be the standard.
Well, you can’t say not chrome because it does include chrome, yes, it extends to other browsers using the same codebase, I understand I’m well versed.
Either which way, fuck google
Isn‘t Safari‘s WebKit the origin of Chromium‘s Blink 😉
Not saying you don't realize, but Safari already has this tech. They call it Personal Access Tokens.
Well, that's the worst case scenario. I hope that Brave will fork Chromium and leave the WEI out. Brave prides itself on being the no nonsense browser ...
Brave is a PoS. They are not looking out for you
Sorry, what is PoS? I'm using Brave just shortly but it appears to be concerned with privacy and ad-blocking - more than what Firefox does.
Pardon my ignorance but Can someone explain what google is trying to do?
Pardon formatting, on mobile. Its a form of device authentication. Apple does this with safari already BTW, and it can reduce things like captcha because the authentication is done on the backend when a request hits a server. While still an issue in concept with Apple doing it, chromium browsers are a much larger market share. In layman's terms this is basically the company saying, hey you are attempting to visit this site, we need to verify the device (or browser, or add on configuration, or no ad blocker, etc) is 'authentic'. Which of course is nebulous. It can be whatever the entity in charge of attestation wants it to be.
This sets the precedent that whomever is controlling verification, can deny whomever they see fit. I'm running GrapheneOS on my phone currently, they could deny for that. Or, if you are blocking ads. Maybe you're not sharing specific information about your device, and they want to harvest that. Too bad, comply or you're 'not allowed to do x or y'.
This is the gist. The web should be able to be accessed by anybody. It isn't for companies to own nor should it be built that way. Web2 is a corporate hellscape.
I suspect "authentic" will mean "pays a license fee to Google." In this respect it will work like other forms of DRM, and it will have the same effect of excluding new and smaller players from the market. Except in this case the market is the whole of the web.
Yeah, definitely. Some form of extortion because ultimately that's what will happen either way. I mean, that's really the whole point of being the party that chooses what is authentic or not (and, what the definition of that word even means in this context). Monetary, data, whatever. Gotta keep the bottom line increasing for shareholders.
Yeah, definitely. Some form of extortion because ultimately that's what it will be either way. I mean, that's really the whole point of being the party that chooses what is authentic or not (and, what the definition of that word even means in this context). Monetary, data, whatever. Gotta keep the bottom line increasing for shareholders.
No, there are no fees at all. Authentic just means approved device state, which will be defined by the website you go to I believe. So youtube might required many different things in order to be "authentic" like no ad blockers, genuine browser, non-rooted phone, etc., whereas bank-xyz may just check for one thing, like a genuine browser. Also, websites have to enable this on their side, so its not going to be used by default on all websites. The whole thing is crap though, even if only a few websites enable this, it could have huge impacts.
Not necessarily. With some forms od tracking being curbed, just being sent the who accesses which webpage on what device when (the bare minimum for attestation) has lots of value. And google won't stop at the bare minimum of data grabbing, of course.
From my limited understanding as a common pleb, they are inserting DRM into Chromium browsers to prevent ad-blockers.
Internet with no ad-blockers is like a nightmare
Yes, it is a nightmare. The insane volume of ads and clickbait injected into web pages is killing the internet as an information source. Most of the searchable stuff is unusable. Which explains why ChatGPT was so enthusiastically embraced - it's really just synthesizing content into a readable form that doesn't require navigating around a jungle of animated gifs and flashing ads. That's also I think why Lemmy and Mastodon are so refreshing to use, and hopefully will stay that way - although money seems to find a way to ruin everything. Lemmy right now feels a lot like the internet used to be before the big money came along and ruined it with advertising and platform lock-ins.
https://andisearch.com looks like it might be a better option - thank you so much for posting. I'm mostly using duck-duck-go which is tolerable but by this point we should have come up with a more useful way to index relevant information. Google would rather we see ads than any relevant content, which wasn't the case when they first launched google in the late 1990s. Google was refreshing at the time because of its cleaner interface than yahoo and uncluttered results, amusingly enough - it's a far cry from what it once was.
@fuser, Andi certainly is a fresh wind, it was the first search engine with AI which appears, before Google, Bing and the others. Great work of two very nice and friendly devs, Angie Hoover and Jed White, with an open ear to the user in their Discord channel for suggestions, feature request, bug report (well, it's still in developement) or simple chat.
Well, thanks again for the info - I'm trying it now and the results seem excellent, it took me to wikiwand, which I'd never used but it's a front end for wikipedia - it's quite nice. I've learned so much about alternative FOSS and great ad-free content by reading and posting here. I was never a great fan of reddit - liked to scroll but hardly ever posted there - I thought RPAN was the coolest thing they did - but Lemmy is great for conversation, despite the relatively small user base - I'm grateful that reddit's nonsense drove so many helpful people here.
@fuser, the fediverse has nothing to do with monolithic social networks, controlled by large multinationals. It doesn't matter if you use an instance of Lemmy, Friendica, Diaspora, or Mastodon. etc., are really of the people and independent of large corporations and linkable with each other. Here in Mastodon I see posts of all these in my Timeline and I suppose you too, like the one where I am.
I didn't notice that you were posting from Mastodon as I'm on Lemmy and your posts appear here just like any other Lemmy user - but the @fuser at the start of your messages is probably the tell, I think Mastodon defaults the username you're replying to, whereas Lemmy doesn't. It's great that we can use different applications without some corporate gatekeeper capturing everybody's personal info at the integration point to hawk to an advertising company.
@fuser, apart of Vivaldi social, the instance made by the Vivaldi browser for it's users, I'm also since long time ago in Lemmy.ml (with another Nick), also conected to Mastodon.
@fuser, with Mastodon you can even logging in Pixelfed. I love the #fediverse.
@fuser@Lem0n Regarding articles, I just save them to a read-later app that strips them of all the crap. If the site won't let me, I'll find another source reporting the same information, and save it to read later. If this process ultimately fails without a saved page, I won't read the article.
Right - that's a good approach, however if you're looking for a quick answer to an immediate question by searching using a common search engine, the garbage SEO pages are the most irritating, even with adblocking.
Living the dream.
To be fair, it is useful for other purposes, but the cost to users is likely to be huge, with ad blocking being one of them. It probably also prevents other things even outside your browser because there's no point in securing a browser running in an untrusted environment. IIRC there is/was an issue running Netflix on certain Android devices and rooted devices after a similar feature was added to Android.
This would also hurt users that need accessibility extensions so they can properly browse websites that don't have good accessibility features.
My S7 was running a custom rom, I had to manually download and install the Netflix apk, as the play store wouldn't let me do it. WhatsApp was weird too, it would let you install, but there were a bunch of aggravating bugs, like if your device was on it showed you as "online". Got in trouble at work because my boss thought I was on my phone all day.
EME for the rest of the internet, not just video. Basically doing what hulu does to stop screen recording/as blocking but across every webpage
Feels so good to see Google getting called out for this in the GitHub comments
Does it? It's making me depressed.
Because every last single thing said in those comments will be ignored. I sincerely doubt they're even reading them.
They know what they're doing. They know what people will say. They're going to do it anyway.
Regulate Big Tech and be done with it.
Or make the internet a public resource. Let the USPS be the ISP
The constitution allows for a nationwide communications network that's run at low cost for public good. USPS is absolutely legally allowed to run internet service and it's shame that it hasn't taken this over yet.
And I trust my privacy with the USPS a lot more than I do with AT&T
It would be a fitting legacy for Ben Franklin as well.
Gross.
i've been using a samsung chromebook plus since it launched until now... and it's end-of-support next month. being a typical human with low funds for new gear, i WAS considering a new chromebook of some kind. The chrome drm bullshit doesn't effect me too much as I use this mostly within the linux container, or firefox android version... however, I realize i need to take a stand and not financially support these tyrants.
so, what are my options? a pinebook running debian? are there any good netbooks out there? I don't use this thing for games or streaming media at all - mostly ssh, some browsing, etc. it's about time I take the final steps to de-goog my life.
i'm in the middle of this process now, and just frustrating myself. i've forgotten too much of the inner workings of the kernel - that is, my old knowledge doesn't apply anymore. I've got a dualboot working, but can't for the life of me get the wifi module to load. not relevant to this thread, so i won't dirty it up. but, thank you for getting my head in the right space!
i will, somehow, get some flavor working
Used thinkpads (like the T480) are a great choice.
Can someone ELI5 how this could prevent a fork of Chromium from just not playing nice and telling the website "yeah yeah, it's all untempered *wink wink*" and then still remove/alter stuff as it pleases?
Edit: ok I think I got it ... it's basically the server that decides if it trusts the judgment of the client or not. Can't wait to see that cat-and-mouse game going on 🙄
Yeah, I can imagine a fork of chromium existing that takes all the data and does the rendering pipeline """normally""", but then on the side does something completely different and shows THAT to the user, while giving the server an idea that nothing is wrong and what it is doing is just normal chromium stuff.
But such an idea will be done entirely by enthusiasts, slowly, on an obscure basis. For the majority of users, that will never even be a conceivable notion of something they can do with the internet. Itll never be something you see on a top, mainstream browser.
In other words, Google wins.
it’s basically the server that decides if it trusts the judgment of the client or not. Can’t wait to see that cat-and-mouse game going on
This is partially correct. The server will check that you have a valid token issued by a trusted third party, who will almost certainly be Google, Microsoft, or Apple. When you connect to the web page, your browser will give this token to the server and say "hey look I'm legit." The token will have enough information on it to identify that it is relevant (being provided by a client that matches the hardware it is meant to verify) as well as a cryptographic signature that verifies it is in fact from the trusted third party. So it's less the server trusting the judgement of the client than it is the server trusting the judgement of whatever third party is attesting to your system.
Fuck this is trash. DRM for the web. I wish people would understand websites like kbin are not free and that if you use a website you need to pay to keep it alive. But no one wants to pay for anything on the internet, and so we have ads. Ads will for sure kill the internet.
The fact that people feel entitled to free content online really activates my almonds. They'll whine and moan about enshittification and how eg. news is just clickbait now, and then promptly shit their pants when someone suggests they actually pay for things since they clearly don't want ads either
Surely you can reverse that and point out corporations whining and moaning about people expecting free content when they're barely paying their employees enough to afford to pay their bills.
The problem starts with corporate greed, hoarding revenue by keeping employee's salaries to the minimum acceptable, providing as little functionality as possible to reduce overheads, double dipping by selling a product/subscription and then selling their customer's data, and then complaining they aren't getting more money for what little they are doing.
Then inevitably a little guy like Kbin comes along and suffers because the internet is filled with soulless, ultra-capitalist corpo scumbags.
Surely you can reverse that and point out corporations whining and moaning about people expecting free content when they’re barely paying their employees enough to afford to pay their bills.
Those are separate issues
They are absolutely not separate issues. How can I be expected to shell out $15 per month for 10 different content subscriptions if I can only just afford to put food on my table?
Doesn't mean that content producers and the people running services don't need to eat too. Sure, many if not all big corporations are terrible, but not all online content is provided by them.
But a massive amount of them are. Small and solo creators on Youtube or Twitch need to conform to the rules of Google and Amazon, and even medium size creators are influenced and coerced by the precedents and market trends set by the much larger corporations.
And it doesn't matter if not all content is provided by large corporations, those large corporations employ the most people, and dictate in a lot of ways, the rules of the employment market. It's due to their habits and practices that wages are artificially low and expenses are inflated for record profits.
Until corporate greed is managed properly, consumers will always struggle to have enough expendable income to pay content creators, and therefore will always be searching for free content.
Oh yeah, no disagreement there; the source of all these problems is ultimately an economic system designed by and for sociopaths. But, be that as it may, the fact that even the people who could afford to pay for services simply don't, and many run adblockers too and rarely turn them off for eg. news sites even if the ads they run aren't extremely distracting. For example when ABP introduced a whitelist for "non-annoying" ads, it didn't exactly go down well and people said they had "sold out."
Big corporations can get fucked for all I care, but as I said, the ones not working for them and running services or news media or whatever also need to eat, and peoples' reticience to pay for things in one way or another has directly led to those big companies taking over more and more of the field and WEI is an outgrowth of that.
I guess I'll never use Chrome or Google products again then
So..I don't use chrome anymore, but I use Vivaldi. Guess this'll fuck that up too or will they remove it?
Edit: looks like they're concerned about it but also are worried stripping it out will f up theye browser being accepted
Hey, fellow Vivaldi user👋 . Yep, one of the Vivaldi devs already said if it was added upstream, they'd strip it out of the Chromium code, but they acknowledge that this would cause problems if WEI became standard. Websites would start to expect it, and not having that functionality would be a death-sentence for any browser (Chromium or otherwise).
That's great to hear. I like it and would like to continue
Can someone ELI5 me on what this is and why it is bad?
google want websites to be able to check whether you're running an approved browser. And they also want to be the ones to have the authority to decide what an "approved browser" is.
Given that google is an advertising company that owns a browser, constantly tries to cripple ad blockers they will probably simply start saying that any browser that doesn't implement the stuff they want (crippled ad blockers) is "untrustworthy"
I wonder how many people will be ok with this, considering that there's a large portion of folks who does not know what's AdBlock
Yup. The vast majority of internet users NEVER:
Customizes their web experience
Uses apps almost exclusively
Navigates beyond the first page/screen
How will they react to this?
"Shut the hell up, fucking nerd and your fucking idiotic, stupid ass 'privacy' bullshit. God WHO THE FUCK CARES!? I was literally - LITERALLY - never inconvenienced by any of that stuff, so SHUT UP!"
That's how.
We're doomed. We were always doomed.
Would be kinda cool to go back to irc or usenet, because the average internet user does not and will not give a shit about privacy, and definitely won't get a complicated chat thing setup.
We’re doomed. We were always doomed.
I'm afraid that's always been the case because the mass majority just don't a give a shit. They'll happily conform to whatever the monopolies tell them to.
NOOOOOOO
I don't understand. Isn't someone just going to fork Chromium, take out this stuff, put in something that spoofs the DRM to the sites so that adblocking still works?
Part of the point is that you may not be able to spoof it.
On code I write on hardware I run locally, how is it ever possible to not be able to remove an element from the UI?
If you don't use a client with certain signature, the web request will end in different response, i. E. an empty response,, as if your client had a certain signature. Please correct me if I am wrong, though.
Why can't my modded client just give it that signature?
Because you don't have Google's private key. Same reason you can't watch Netflix episodes without Widevine.
I watch Netflix shows in high definition without widevine every day.
🏴☠️🚢
A private key to do what?
I only have the most cursory understanding of what Widevine is, but a quick Google reveals github projects claiming to spoof it.
Where I fail to understand is this. Whatever authentication the open source browser I modify needs to do, I can let it keep doing, because at some point it has to provide my browser C++ code with a clear text DOM before it renders it to an image to be displayed by my window manager. I can write that browser to simply remove DOM elements it deems to be ads - just like ublock does - before it renders it graphically.
The only way around this would be to turn browsers in to a completely dumb terminal that accepts an octet stream of pixel data so it can display bitmaps, which is completely unfeasible (every webserver would become a graphics card for each of it's users), and even if it did that, a simple neural net would identify the ads and remove them.
What am I missing?
The attester will then sign a token containing the attestation and content binding (referred to as the payload) with a private key. The attester then returns the token and signature to the web page. The attester’s public key is available to everyone to request.
Websites will ultimately decide if they trust the verdict returned from the attester. It is expected that the attesters will typically come from the operating system (platform) as a matter of practicality, however this explainer does not prescribe that. For example, multiple operating systems may choose to use the same attester. This explainer takes inspiration from existing native attestation signals such as App Attest and the Play Integrity API.
Now Julien Picalausa of Vivaldi browser theorizes as follows:
To make matters worse, the primary example given of an attester is Google Play on Android. This means Google decides which browser is trustworthy on its own platform. I do not see how they can be expected to be impartial.
On Windows, they would probably defer to Microsoft via the Windows Store, and on Mac, they would defer to Apple. So, we can expect that at least Edge and Safari are going to be trusted. Any other browser will be left to the good graces of those three companies.
Of course, you can note one glaring omission in the previous paragraph. What of Linux? Well, that is the big question. Will Linux be completely excluded from browsing the web? Or will Canonical become the decider by virtue of controlling the snaps package repositories? Who knows. But it’s not looking good for Linux.
So, AFAIU, if worst comes to worst you won't be able to run an unsigned browser and browse the web.
I still don't see why my open source browser can't just lie when it's sending a description of itself to the third party. The only way I could see it working is if that description needs to be encrypted by a key that's compiled in to a closed source browser, and then websites only accept requests from a few closed source browsers.
Is that what you're saying? That unless I have one of a couple accepted clients which are proprietary and closed source, websites just won't work?
It seems logical to assume that there would be no point to the whole thing if it was so easily avoided just by modifying your browser. Someone who's, for example, selling fake engagement (e.g., fake reviews), which is listed as one of the things Ben Wiser at al. want to prevent, will probably have enough technical expertise to use a modified browser that will circumvent WEI, so why would Google even bother?
To make it harder, even if not impossible, for the average user to ad block them.
Are you asking because you're not sure of the answer, or because you are, and you know that web integrity will require a pre-compiled closed source binary to browse the web?
Isn’t someone just going to fork Chromium, take out this stuff,
Yes, upstream Chromium forks will likely try to remove this functionality, but
put in something that spoofs the DRM to the sites so that adblocking still works?
This is the part that is not possible. The browser is not doing the attestation; it's a third party who serves as Attestor. All the browser does is makes the request to the attestor, and passes the attestor's results to the server you're talking to. There is no way a change in the browser could thwart this if the server you're talking to expects attestation.
This violates just about every single open web principal that allowed Google to gain so much power. When they changed their motto from Don't Be Evil, to Do No Harm, they obviously chose deception. Their new motto should be Do Whatever is Profitable, or more succinctly Be Evil.
I don't really understand how that's possible. The browser gets a token from the third party, and passes that token to the server to "prove" it's running the DRM. The server then passes code back to the browser. At that point, why can't the browser just cut out the DOM elements which are ads?
I don't understand how code I write on hardware I run locally can ever have it's hands tied like this.
It won't be your hardware in a few years if this goes through. The code will run in a secure enclave and you won't be able to access your bank or log in to government websites if you control the hardware.
Android phones are starting to do this, and it's a nightmare for people like me who actually want to own the device they purchased.
Needing root access on Android to regain basic functionality (such as the ability to backup installed apps) is a sad indicator of where we're headed ☹️... As much as I dislike iOS's walled garden, they make backups dirt easy for the end user - and they do complete backups too - app data, homescreen layout and all.
I see what you're saying. I read it as implying the browser would fake the attestation token. I don't know the answer, but if their (stated) goal is to stop bots and scrapers, I have to assume it wouldn't be so simple. After all, a lot of bots and scrapers are literally running an instance of Chrome.
Would it be possible to create a fork of chromium to avoid google's influence?
The biggest problem is if Google can influence all the major websites (banks, e-commerce, news sites, streaming services, social media, etc) to adopt this standard.
They've done it before with AMP.
They won't even have to force them this time, they'll do it voluntarily because it would mean they can serve unblockable ads, track users much better, and for banks it would actually increase security for the user (but also force you to consume their content how they want, preventing stuff like accessibility extensions).
And fuck AMP, it's a fucking travesty.
Not really, since Google develops Chromium.
FireFox receives most of their funding from Google, even though they've come out as opposing this plan. They have next to no market share.
The only other browser engine that can seriously compete with Chromium is Safari.
Isn't Chromium/Blink a fork of WebKit?
Partially. The Blink browser engine used in Chromium is a fork from WebKit but it's diverged quite a bit in some ways I believe. But there's a lot more that goes into the project. For example, V8, the browser's JavaScript engine.
I just don't understand why they're trying to solve this issue on the client side. It seems like a losing battle to me.
Instead, focus on the server side. If you want to push ads, then host on (or tunnel from) the content server. Get rid of all the <div\>s and tags and scripts and adserver links that the adblockers are using to identify ads. Just assemble the page on the host so that it looks indistinguisable from the content the user is looking for and push it out. EAT BACHELOR CHOW! NOW WITH FLAVOR! Google could even start an ad-friendly hosting service that does this - some sitebuilder tools, identify where you want Google Adsense, and host the damn thing.
Unless everybody fully customises the display and styling of the adverts for their own website, there's going to be some sort of targetable, recognisable pattern in the way AdSense content looks. Most developers just want an easy drop-in solution.
Furthermore, Google don't necessarily want to give you that level of control over the adverts, because that makes it easier to game the ads system with malicious, fake and misleading clicks or invisible adverts. They need their tracking tech attached to it.
So render to image? That sounds terribly inefficient. That means you're drastically increasing the load on the server and sending way more data over the wire. And then on the client side, your page no longer changes to fit the huge variety of viewport sizes. And say goodbye to being able to copy-paste. Or any kind of user interaction. And anyone with visual disabilities can go fuck themselves, I guess.
No, they didn't mean to render it all as an image, but that everything comes from the content server you're getting the content you want from and thus the ads should be indistinguishable from content. I don't understand how you could misunderstand it to such a degree as to think they meant to render it all as an image.
so... PDF then?
/s
Thanks, BTW. It never occurred to me that someone could interpret my comment as "render-as-an-image".
You explicitly state "render to image".
Because even if you host the ad content on the same server, it's still possible to distinguish it, such as by URL or element xpath. To assemble the page to avoid this, you'd need to completely render the page.
Google is actively trying to drive people like me away. I have been trying my hardest to keep using Android, if Google keeps this up I might have to unwillingly move to Apple. At least they do more than just pretend to care about their users' privacy.
You, me, and everybody else commenting on this post are a miniscule, almost infintesimal percentage of Google's global userbase. If each and every one of us statistical outliers stopped using Google everything right this second they wouldn't even notice.
True, but might as well put up a good fight while we're at it.
More and more, I wonder if we're going to have to go back to Lynx or Links or something just to look at sites that aren't corporate because they'll be otherwise inaccessible from anything else.
I moved to Apple a few years ago, and recently I've stopped using Chrome for anything but work, where it's required (web development, lol). Still married to gmail and google calendar but maybe it's time I get away from those too...
This won't be used just to block ads. If you're signed in to Google, this DRM will be used to track you, as well. VPNs will be useless because the tracking won't be done through your IP address, but through your browser, identified by DRM and tied to your Google account.
That's what this is really about. Knowing, where you go, what you see, what you buy, who you associate with. Forcing you to watch ads is just the icing on the cake
Any ideas what the behavior of webpages will be if somebody uses PiHole?
Since PiHole isn't part of the browser but in the network I assume that still works.
PiHole can be bypassed with DNS over HTTPS, although there's ways to prevent that.
What does this mean?
I quite disagree, it is very hard. Sure, switching search engine takes all of two seconds, and email can be had from many vendors free and commercial.
But calendaring! A calendar that is at least somewhat integrated with am email client, supports more than one actual calendar, and has real-world capability to share them with others - "if you succeed in this, two me how."
I run Chrome to use work (Google) email and services, and Firefox for as much as possible. The challenge is that about a 10% of things I use only work properly on Chrome. It's IE6 all over again, history repeating itself.
The real two internets is happening
Why is this bad? On first read, it seems like it could replace personally identifiable advertiser cookies with a trusted assertion that I am a human. Feels like a win
oh, hai guys
Hello there browser which already implemented DRM similar to this a while ago!
![[wei] Ensure Origin Trial enables full feature · chromium/chromium@6f47a22](https://forkk.me/pictrs/image/f0a2bea4-7a31-4d23-a004-955e0eb5c782.png?format=jpg&thumbnail=256)
I'll keep using Firefox and be extremely vocal about websites that won't support it. I mean that's all I can really do.
And hope the EU will oppose it.
EU really is the one doing all the good work. Meanwhile, the US government is useless as a government for its size.
corporate-owned america, baby!
Why aren’t the vaccuous, corporate whore sociopaths defending our freedoms!?!
Maybe if our politicians weren't fucking 80 years old and actually understood technology even a little bit.
“Here’s our millennial expert on technology to explain it to us. Thank you for being here.”
“No problem.”
“WHAT”
... they'd know what exact nasty deeds they're being paid for? How does that help you?
First of all, you need accountable politicians that serve their nation. Age, while it's important, is not of prime importance.
Basically they have made themselves kings and everyone else are peasants. Now they are dividing the land between them.
The US government being useless against megacorps is not a bug, it's a feature
Why would they? It's FrEE maRKeT. Google can point to Edge and Safari as proof that they don't have a monopoly on browsers, so no anti-trust issue there no sireee. The fact that Edge is based on Chromium does not factor into this (in fact the EU loves it, just look at what they did to "liberalize" the electricity market, aside from some extremely anecdotal stories, it's all companies whose only job is to build a website and the fiscal "infrastructure" to buy energy from state-controlled producers to resell it at a markup using state-controlled energy distributors, but hey there is a private middleman so it's liberal and the innovation/investment dividends will pay out any year now... any year...).
The concept of the WWW being supported by free, standard, interoperable protocols was never codified into law. Despite how much good it has done so many industries to have a common free interoperable tech stack, it doesn't have to be this way; the French Minitel was a walled garden built by France Telecom, and that was 100% legal, because interoperability is not a legal requirement. The Apple Store and Game Consoles work under the same principle, you basically can't sell anything on there without abiding by some asinine rules (Apple has had some issues but IIRC that has to do with them abusing their monopoly position to extract 30 % of all sales, not with the fact that they have an exclusive App Store to begin with).
Also this whole bullshit is not new and was never legally challenged because there is no case. For years you could not even browse instagram in your browser because they "only supported the mobile app", which was a blatant way to force you into a walled garden where they can force you to watch as many ads as they want and where scraping is much harder.
I expect we'll lose about 90% of the web within five years as this becomes normalized.
It will primarily be the seo driven AI crap driven ripoff regurgitated shitfest that's arisen in the last 5 years tho.
I'll be waiting for a search engine to arise that only shows user controllable presentation and will use that.
A way to filter out the corporate trash will make the human web better, not worse.
Check out Kagi. It's a subscription search service since they don't show you ads, but that also means they don't track you at all (no search history, for example). They also let you influence the priorities of the sites you see in the results or even completely block them, and the results are usually better than Google with less bullshit – or even at worst as good as Google. Some people seem to be skeptical about paying for a search engine, but everybody wanting shit for free is what got us into this fucking mess in the first place
I second this, was about to recommend Kagi, auto filters listicles, fantastic for actually finding information written by real people on blogs and things that aren't SEO spam
Quick bangs alone almost make it worth it for me. The functionality exists in other browsers but it's not synced, so being universal in the search engine itself is a giant usability improvement for me. Especially when using in conjunction with Orion.
I'm pretty satisfied with Kagi after using it for a bit over two months.
A subscription search is an interesting idea, is there any more info about the company behind Kagi available anywhere? Looking from my phone I can't find much
I personally moved from Google to DDG a few years ago, and the last time I tried Google the results were bootywaste.
Which part? I feel it will be part I don't even want. I might be forced to use that part for work, but that will be nice filter.
I was thinking that "they" ( governments and big corporations) should have their own internet which is clean and ordered and "safe" and leave us on other part. This might be a way to achieve that.
Yeah, this is pretty much my take.
The web sites that are interested in this tool never wanted to be actual web sites. They wanted to be closed client-server systems with proprietary, opaque protocols… HTTP was just a convenient implementation to leverage.
What WEI does is basically allow all of these wanna-be walled gardens to become actual walled gardens.
They never wanted to be interoperable in the first place, so what are we losing? Good riddance.
Maybe with this in place, we’ll be able to start rebuilding the interoperable web that we had before VC money took it over.
We just need a compelling business model for it. “Free” ad-supported is toxic for open discourse, and now it’s functionally deprecated on the open web. I think that’s a good thing, but good changes are not necessarily easy to endure.
I’m not sure how we’ll do it. Attention tokens and all that crypto stuff seems like garbage, but having a thousand different subscriptions to get past paywalls is not great either.
You might want to recommend forks of Firefox too. Part of the reason Chrome/Chromium is dominant is because of its forks, and a fork of Firefox might appeal to someone more than the main browser. I use Pulse, but Waterfox is also solid from what I've heard.
Unfortunately when my bank or other critical institution rejects Firefox for failure to use attestation, I can't even do that. I'll be forced to use Chrome. Firefox would have to adopt WEI to remain compatible. In that case I can use Firefox, but it would be the same as using Chrome.
I'd say the monopoly Google has with Chrome is way more threatening than in the early 2000's with MS and IE. That threat resulted in an anti-trust lawsuit, but not a peep from any government about the destruction Google is doing.
Not much you can do about institutions you have no control over, but surely you could go to a different bank?
Assuming there is a bank that doesn't use this of course.
I‘m old so i actually remember this but I‘m old so my memory might be shit but wasn‘t the lawsuit about the fact that microsoft shipped IE wirth windows as a default browser and not about it being too dominant?
Took the words right out of my mouth. I don't even know that eu cares. Google is as evil as everyone feared if not worse. Apple is pretty bad too, not even allowing any browser but their own on mobile. People don't realize it, but browser choice is actually a huge deal when it comes to causing damage to society (or protecting it)
I know I'm just dreaming, but I really like the Gemini protocol and hope it'll grow and develop more. It doesn't have everything, but it's very close to the "old web'.
Is Brave safe from these shenanigans? Asking for a friend.
Brave is built on Chromium. So, by default, no they are not safe from this. Without extra effort, Brave will have this feature. I don't know if its feasible but there's a chance the Brave devs can remove the code from their distribution, but that's the best case scenario and just puts them in the same position as Firefox: they get locked out because they refuse to implement the spec.
I have to imagine they will strip it because if they don't, it'll be dead to all of their users.
It may be dead to its users anyway depending on how forceful Google is with this. If Brave doesn't work on 98.8% of all websites with advertising or indeed on 49.5% of all websites (approximately Google's ad network's reach), it becomes as niche as lynx.
Yeah Brave would probably be fucked then. If you can't have privacy anyway, might as well use Chrome.
No brave users don‘t care. Brave proved how untrustworthy they are and in any case their business model is unethical yet they still have a cult like following plus a group of crypto bros that are obsessed with getting digital pennies.
I'm a Brave user that certainly cares. They're not untrustworthy.
Brave devs have stated that their fork of chromium is essentially degoogled, detracked,etc. Just the browser core and built from there.. They don't automatically add in new features into their fork just because chromium does.
I see, thanks for the clarification. I wasn't sure about the specifics of how they produce their product from the upstream source.
Brave is a re-skin of Chromium.
It may be the last few years of the free web because of Google. Their goals are clear.
Please switch to Firefox, another search engine and another email provider...
I've long been trying to de-googlify myself, but it's certainly ramped up this year.
Been trying out Kagi and just set up proton mail account. Not sure what I'll land on in the end but it's nice trying out newer services.
It's not too hard. The most important things are web search and email. I still use Google Maps. But I don't want my private emails and searches at a company who is user hostile and preditory.
I quite disagree, it is very hard. Sure, switching search engine takes all of two seconds, and email can be had from many vendors free and commercial.
But calendaring! A calendar that is at least somewhat integrated with am email client, supports more than one actual calendar, and has real-world capability to share them with others - "if you succeed in this, two me how."
My calendaring needs might be less restrictive than yours, but Proton offers a nice calendar that from what I understand offers at least some integration with their e-mail client. Have you checked it out?
I use Nextcloud self-maintained on a VPS myself for all my calendaring needs, which is basically keeping track of appointments, syncing via CalDAV to my phone, as well as sharing some sub-calendars with other people. Setting up a Nextcloud-server is admittedly a bit more hassle than just signing up for a service, but also here there are options of making it a bit easier than hosting yourself.
I find Google Maps by far the hardest service to rid myself off, followed by Gmail (the time it takes!!! Been using Proton for two years, still not completely rid of my Gmail-account). I'm slowly getting used to using OSM-based map services more and more.
The Fastmail calendar is pretty good. Just a random page about them: https://www.fastmail.com/blog/shared-calendars/
Ohh, this does indeed look quite fantastic. I am certainly going to look more into this. Thank you!
_Edit: Ah, but $50/user/year. For the whole family that adds up real fast. Still, nice tip.
CalDav? Integrated in nextcloud. Or Mailcow. Why does it needs to be integrated with e-mail? Thunderbird is able to add all invitations or reminders into my CalDav Account.
It is hard when you have a business. You really have to actively try to stay away from them. They control so much business infrastructure.
I know my business partner (god bless him, great friend but...) is super into big tech and every new product they offer. So it's a bit of an uphill battle.
And I'm lucky. I own my own firm. Most people don't have such a luxury.
Google server infrastructure products are almost universally worse than Amazon's. The interfaces, APIs, and documentation look like they were designed by people who don't understand humanity.
Most importantly, they are designed by people that don't use them. Amazon uses AWS themselves, Google doesn't use GCP.
At least they're not as bad as Microsoft. Azure is a goddamn dog with fleas.
I am fortunate enough to have never had MS servers forced upon me.
Good to know.
I found out about Kagi from another Lemmy user and I've been really impressed. I feel like I'm getting better results than Google. I'm using their Personalized Results feature and it helps a ton!
Any recommendations for free email providers?
I'm using proton. I like it a lot.
Nothing is free. How would they make money as a company to pay employees and pay hosting bills?
All these big tech companies are free exactly because they are preditory on users.
Pay for good email like Fastmail or Proton.
I mean, Proton, which you just mentioned, also has a free tier, which is just as usable as Gmail is for 90% of people, myself included.
Proton's free tier is a step to right direction, and at least they don't run a huge advertisement company that could benefit from the free tier users' data. And if you pay for Proton Unlimited, you also get access to SimpleLogin's Premium tier which is nice. I just found this out when I finally bit the bullet and changed away from Gmail over to Proton. Now I don't have to expose my real email address to some random never-to-be-seen-again websites or campaigns if I don't want to.
If one has enough motivation, time and interest in purchasing their own domain, you can get one step forward with changing away from Gmail. Then you can pay something like 5€/month for Proton Mail Plus, use your own domain as your email address and if one day you find a better email provider, you could just change the MX records for that service and wouldn't have to go through all your accounts and update the new address to all the places.
I had pondered moving away from Gmail years and years ever since I found out Google doesn't have any real customer support and HN had stories where people had suddenly been locked out of their Google accounts because of some silly reason and couldn't get their accounts back without some inside connections. At one point most of my digital life was at the mercy of Google and losing access to my Gmail or Google Calendar or G Drive would have been a disaster. Reading all these web-DRM news reminded me that I should continue de-googlefying my life and finally made the change. Firefox has been my primary browser for years and I moved over to iPhone with my phone.
I understand the sentiment, but email is a necessary part of modern life and not everyone has the luxury of paying for it.
A lot of things are necessary parts of modern live and you also have to pay for it, a mobile plan for your smartphone for example.
I had a smartphone but not a mobile plan for years. People can get very creative when times are tough.
Don't get me wrong, I think everybody should have the guarantee for social participation, I'm just saying that Email is no exception. If you did not have a mobile plan for whatever reason, you were just not participating.
Not really; I could do everything everyone else was doing; just not make phone calls or send sms texts. I used wifi to connect to the net and I could still make emergency calls. Im actually considering going back to that to save money, lol.
Well I know you're talking about cutting the cord completely, but if you're in the us TMobile (micro-shilling for a second) has a $15 unlimited talk/text and 2.5g of data prepaid that I used for a few years (until I upgraded) but since I was mostly on wifi it was absolutely viable
Also I guess the sentiment here is to de-google , but I've had my Google voice number for over a decade and I've used that as my primary number even when I haven't had a cell phone provider. I use it for texting and calling and can use it on the PC in a browser window
Alright shilling over, but I guess my point is there's that route or I'm sure countless other options that are more secure you can use so you don't have to do without calling/texting
Nah then gmail is good enough.
Register your own domain name with Gandi and they gift you free email with a choice of two webmail interfaces. It's really good, and owning the domain name enables moving to a different provider later if you wish.
I do use the better options but lets be real, the battle was lost many years ago
Don'tbe evil.Be Evil, Do Ads
Can you explain this to a layman what this does?
It's DRM, but for the whole web.
https://arstechnica.com/gadgets/2023/07/googles-web-integrity-api-sounds-like-drm-for-the-web/
So is the only way around it to not use Chromium-based browsers? Or does it pollute everything??
That will work until websites start requiring it. At that point browsers like Firefox have to either capitulate and implement Google's DRM or become unusable for the majority of websites.
And then we'll have a web where the corporations have complete control over what you can view and how. Ad blocking and anti-tracking will be things of the past, and corporate websites will have a unique key from your browser to help them track you around the web. And no more hiding your identity behind anonymous browsers over Tor or VPNs.
So we found out about this about 4 days ago, and when people objected they shut down people's ability to log issues or comment on the GitHub repo. And now they're already cramming it into their browser. This is strong evidence that Google knows it's unpopular and tried to keep it under wraps as long as possible so they could get it into the browser before people had time to react.
Let them require it. Search engines like DDG should really begin maintaining their own index, and they should exclude sites that use the tech from the index.
I can also see Apple taking a stand against this. They have a competing (and much more reasonable) implementation that respects user privacy.
If this gets implemented, it would ruin the ability for competitor search engines (such as DDG) to exist. If Google convinces site operators to require attestation, then suddenly automated crawlers and indexers will not function. Google could say to site operators that if they wish to run ads via Google's ad network they must require attestation; then, any third-party search indexer or crawler would be blocked from those sites. Google's ad network is used on about 98.8% of all sites which have advertising, and about 49.5% of all websites.
Even if the effects didn't go this far (which I agree they quite probably will), it wouldn't be feasible for other search engines to just exclude sites that implemented Google's DRM. If Google makes it attractive enough to the owners of major sites to implement this (and it will be attractive if it ensures they get ad views), then no one will use a search engine that omits all the most popular websites. The same goes for non-Google browsers. This is really a shocking attempt by Google to use its own browser's popularity to seize an effective monopoly of the web.
The idea is that service providers would only trust chromium browsers
No. The only way "around it" is to give up and use Chrome.
Everything else will have to dance to Google's tune to access any website that implements this, and that will at very least include Google's own websites.
Okay then, then I don’t use it, stick to Safari and phone call anyone who requires me using their site with Chrome. Or I’ll go elsewhere. I’ve been down this road with IE before…
Web dev here. It enforces the original markup and code from a server to be the markup and code that the browser interprets and executes, preventing any post-loading modifications.
That sounds a bit dry, but the implications are huge. It means:
These are just a few things off the top of my head. There are endless and very dangerous implications to WEI. This is very, very bad for the web and antithesis of how it's supposed to be.
TBL is probably experiencing a sudden disturbance in the force.
Wouldn't it be possible to create some kind of "post-browser" that takes input from the web browser and displays it after passing it through ad blockers and whatever else?
Such an abstraction, while unnecessary, should be possible, providing that Google doesn't forcibly prevent access to the final markup that coalesces (ie.: view source and web dev tools)
The only acceptable browser would obviously be ones that restrict that access, how else are they going to force people to see all their ads?
Perhaps, but it's not as simple as it sounds.
Most of the Web requires js to work. I don't think the js will work without the DRM.
So the proxy would need to be running the js, and emulate your clicks and so on.
Would this impact web proxies at all? If so, that would entail a pretty huge security change for a lot of corporations.
If it's something like a proxy server that pre-modifies the markup/code, then yes, I can see WEI interfering with that.
It's a way to disable ad blockers.
Presently web servers send data to your browser, which can arrange the content however you wish, because it's your browser on your device. Excluding content you don't like is fairly trivial.
This drm stuff will basically make the browser refuse to display anything unless the whole page is unaltered.
Does unaltered include things like colorblind extension that change colors to more easily differentiate between some red/green for example? Or stuff like reddit enhancement suite? Sounds like a good way to kill other possible useful extensions.
That's exactly what it will do. Don't believe the bullshit in their "non-goals" section, they don't give a fuck. If accessibility extensions happen to continue working (at least temporarily), it will be by accident, because they for damn sure aren't going to spend even a second on compatibility.
Shit man, this would ruin even the small internet. I won't even be able to cheat on dragcave. And most of what I was doing was keeping a tally of my collection since the site doesn't do that. But there's no way page modifications wouldn't be caught and punished no matter what they actually do.
Yes.
Imagine you're a builder and you build a store (website). People can come into your store through the door or window. WEI will make sure you come through the door just as the builder intended.
At face value, that sounds fine, but now imagine that builder puts a maze (all of the ads littered on a webpage) on the other side of the door. It's a pain in the ass to get through and someone (adblock) has told you about the window that lets you skip the maze. You can get what you want and the store gets to sell a thing. Everyone's happy except the maze builder (Google), so they're trying to force the entire world to go through the maze.
Wait Google can place ads on my website without my permission?
You're the builder, and thus the one who can choose to put a maze there or not.
There might have be a time when Google tried not to be evil, but they've been Satin himself for a good number of years now. It just took them a while to realize the irony of their mission statement. It's funny I used to get mad at Microsoft for being evil, but they've got nothing on Google.
They removed 'don't be evil' from their code of conduct 5 years ago.
https://time.com/4060575/alphabet-google-dont-be-evil/
There's a "we told you this would happen" going on here.
If chromium didn't have a monopoly amongst browsers, they would have a much harder time pushing this through.
Imagine everyone using a browser built by an advertising company.
That's not even the biggest level of "we told you this would happen."
They pulled this shit previously with other standards (WebHID). Where they proposed a terrible standard, and then implemented it ignoring all feedback. Only last time it played out over months, and this time... weeks?
Sweet jesus.
I moved to FF the same time I found out about the DRM shit. It takes literally 10 minutes and the only thing FF lacks is tab groups. Not a big loss compared to a stupid bigtech telling me what I can use.
FF has tab containers which, while I haven’t used much myself, seem pretty similar to tab groups from a quick search. Edit: Also looks like there’s “Simple tab groups” extension which maybe even more similar to what you may want
Containers have nothing to do with tab groups. One is an organisation tool and the other is a privacy tool.
The problem is that Mozilla dropped the ball so hard, by focusing on making their C-staff into millionaires instead of making a good product, that it no longer matters. Their market share is so small that Firefox compatibility no longer matters.
Soon websites will require that DRM and either Firefox will implement it or it will be unable to render those websites.
Firefox is awesome and I never switched to chrome because Google is the devil
The only use chrome gets on a fresh phone before deactivation is installing Firefox. Same for IE
I've used Firefox since it was Netscape and it's been a fun ride
And this is the consequence of browser vendors relying on Chromium.
To be honest - easy to pull a Microsoft a fork a branch without the crap.
Ohnonono Well time to burn down google I guess ¯\(ツ)/¯
Fuck you Google.
The Internet in the last five or so years has just been less fun and interesting to use in general. Except for anywhere I can interact with friends, I just don't really care for using corporate social media sites anymore. I've pretty much removed Google from my life except for YouTube and rarely Google Maps, and if Google tries to use this to force ads into YouTube (which I'm sure is going to be one of its uses) then I will just stop using YouTube. I will just stop patronizing any site or business that tries to implement this as a feature to stop my browser choice, OS choice, or my extension choice (which included adblock extensions). I miss the days when the Internet was less corporately controlled than it is now, and I think we need a renaissance of those days.
this is a userbase killer right here
If manifest 3 didn't change egoogke chrome share I doubt this will.
Manifest 3 didn't create noticable chnages for the average user. Not yet anyway.
The idea is these changes are never a full at first. The internet will not break tomorrow because of integrity checking.
But it will in a few years. And people will be upset then. When it's far too late.
hey everyone a friendly reminder that alternatives exist, and just drop this shit fast and move to better alternatives. In this case firefox.
The problems start to happen when buisnesses adopt this en masse. Expect all banks to implement this for example. You can use Firefox all you want, but then you won't be able to do online banking.
Standards are really fucking important to help people stay functional in a society. This is one area that the ANCAP mindset just gets it totally wrong, unless you like the idea of being a hermit.
Anyway, we are already seeing some websites basically reject browsers like Firefox because they basically give the consumer too much protection and freedom. Arguably we've seen this before, but this may be a new tier of corporate lockout of open standards as consumer protection gets thrown in the trash. Thanks America.
This needs to be pinned at the top of every single threat about this. Far too many people are just saying "Well I'll just keep using Firefox". They do not understand the gravity of the issue.
If my bank does this I'll take my custom to a smaller one that doesn't.
I don't think they will though, since they gave me a hardware thingy to login to my online banking from my rooted android 🫠
I don't think that checks out.
Firefox only exists because it's primarily funded by Google. It's funded by Google to ensure they actually have some competition and avoid becoming a Monopoly.
If they kill Firefox or otherwise make it unusable they'll be shooting themselves in the foot.
However, if it ends up being a bad experience that no one wants to use, well that's not on them and they have no responsibility to fix it.
What will likely happen is Firefox will also adopt this DRM.
Mozilla does not exist because of Google. Google doesn't have controlling power over Mozilla, nor do they have power over the many forks. It's hilarious that you think a company would give a shit about being a monopoly; that's what they strive for. This stupid take has been going around for years, and I'm sad to see it spread to Lemmy.
They give a shit about not being a monopoly because if they were, they'd be broken up so they're not one anymore. At least currently still.
Oh, you. I remember you from another thread the other week, saying how Chromium is not Chrome and that this would never happen. Hi. It is happening. Also, I remember telling you to stop moving goalposts, which is what you are doing here.
Microsoft would be happy to pay Firefox to set Bing as default (has happened in the past already) so even your goalpost moving is moot.
Come on, wake up.
The issue isn't that we have no alternative, it's that this feature will basically eliminate those alternatives sadly. You can read more about it here if you haven't, but it's bad.
For sure, I agree and it's bad. But frankly unsurprising. This is the trajectory of the internet: greater control.
We've become too dependent on centralized tech companies and erred in allowing tech companies to change, define, and control the internet in the first place.
Alternatives must be promoted in mass scale.
When websites start blocking clients that don't implement the wei handshake, you'll be forced to use one that does if you want to visit those sites. Firefox will either adopt it or become a second rate browser.
For now, Mozilla's official stance is to oppose this proposal: https://github.com/mozilla/standards-positions/issues/852#issuecomment-1648820747
I wish that this kind of thing would generate enough outrage to increase Firefox' market share considerably (from the <3% it is today), and in that way deter websites from adopting it since they would block a larger share of users. Unfortunately, I think that might be too naive of me...
You require Chrome or a Chromium based browser to view this comment.
Websites should be able to block me. I can just go elsewhere.
May be a bit problematic with banks, insurances and maybe government institutions...
it will truly be messed up if essential websites block user access because of this
Most banking apps don't work on rooted Android phones. It's not the same, but I don't think it's a stretch to assume that at least these companies would force their customers to use specific software...
And I use my root to hide my root from my banking app... Idk about the implementation details of this, but I kinda think the same could happen here as well.
This is the problem for me. If my bank or other critical institution decides to refuse me access with Firefox, I can't use Firefox. This is the crux of the issue. Google is creating a browser monopoly with it's market dominance and attestation scheme.
MS tried to exert control in the early 2000's with its IE dominance and was thwarted by an anti-trust lawsuit. Google will probably skate on this one. Nowadays the consumer is only a resource to be plundered. The customer is shit.
As pointed out above, individual use of Firefox doesn't really do that much. Especially when Firefox already doesn't work properly for some sites. Plus, lots of people (myself included) need to use Chrome for work. This shit sucks.
Have you used Firefox recently? I haven't had even one instance of a website not working simply because of Firefox.
I use it daily. It’s my default browser, but it ain’t perfect. Most recently, it was an interactive map for Diablo IV that would never work on Firefox. After an update it started working, but that’s just the most recent example.
it is pretty rare for issues like that to happen. and just keep a chromium based browser installed for the 0.2% of websites with compatibility problems or whatever.
for work purposes, ok fine. but personal purposes i'd try and steer clear as much as i can.
My general point is we should use alternatives whenever possible to discourage this kind of centralized power developing in the first place.
I'm do not experience any of these improper working sites. My daily driver is Librewolf, where this sometimes occur, but when it does, I just switch to vanilla Firefox, and everything is fine.
As an aside, I know we're not supposed to care about Reddit, but the lack of this news getting any attention over there is just depressing. Hell the Firefox sub hasn't had any posts in days apparently.
People that care about this stuff are probably already jumped ship.
That's because the firefox sub moved to Lemmy...
Wow they moved incredibly fast, even considering the repository was first committed to in April 2023. I wonder why the outrage only started a few days ago? There was also a discussion, started in May.
It's a shame that no matter the amount of outrage, no matter what the pitfalls of this change may be, it's going to happen no matter what because money.
Luckily we have choices. From WebKit browsers to Mozilla browsers. This will make me quit chrome. (Way overdue anyways)
If you switch to a browser that cannot be remotely attested, eventually commercial websites will just stop serving you. So switch now and tell everyone you know to switch to something that is not Chrome or Safari.
Safari already does this in the form of Personal Access Tokens, and the reason the web hasn't taken it and ran with it yet is because their market share is ~20%. Chrome is 70%. This is about to be a systemic problem that you cannot fix by switching to software that respects your freedom.
Well, I don't know about now, but this Microsoft employee says some time ago an outrage worked.
From what I read in the related links they only claim to have applied pressure, they didn't cave because of that pressure though. Again it seemed to be about money.
"The only saving grace was Vista’s very painful and long development period where Palladium was eventually killed so Vista could actually ship."
Right, so outrage that they couldn't get enough money.
We also cannot say it wasn't a factor in their decision.
but we also have no reason to either
Could there be lawsuits over this?
If there will be, google is powerful than most governments. They know there will be some lawsuit and they are prepared for it. Its just cost of doing business.
Google isn't more powerful than any governments it's just the USA that allows them to have power.
Dude they have all the data on you and your circle of friends. What you share? What was shared with you, all the stuff you can possibly imagine.
I'm not sure how they have this when I only use e2e encrypted communication to share stuff with my friends and none of us use their services.
Ah but my point was majority people dont.
No they aren't, the US just makes them look that way. I'm sure many european countries will object to and fight this.
Not directly but this could be an antitrust case in some places.
Reasonable people will disagree... but no, probably not. This is a feature which websites can choose to use in the same way that websites can choose to use notifications. Even if you dislike the fact that web browsers provide the option, it's the website itself that's actively choosing to impose on you.
Now, the counterpoint to this argument is that the feature in question will most likely further strengthen Google's position as the market leader and lock out new independent browsers. This is certainly true and similar logic has indeed been employed in cases like the Microsoft antitrust case. With that being said, Google still has that extra layer of abstraction sitting between it and the actual mechanism of action (i.e.: independent website owners who want DRM). Think of it like the Uber of anti-trust law.
Chrome is a bag of shit anyway, easy jump
Chromium, not chrome. Which means also Brave, Edge, Opera, Vivaldi and a lot more. Basically only Firefox and Safari are left as the big non-chromium ones.
But that's not the worst of it. Even if you tear out this code, more and more websites will be built that rely on it. Which means Firefox etc also need to include it to keep functioning.
If WebKit and Mozilla put up enough fight. It will not be the standard.
Well, you can’t say not chrome because it does include chrome, yes, it extends to other browsers using the same codebase, I understand I’m well versed. Either which way, fuck google
Isn‘t Safari‘s WebKit the origin of Chromium‘s Blink 😉
Not saying you don't realize, but Safari already has this tech. They call it Personal Access Tokens.
Well, that's the worst case scenario. I hope that Brave will fork Chromium and leave the WEI out. Brave prides itself on being the no nonsense browser ...
Brave is a PoS. They are not looking out for you
Sorry, what is PoS? I'm using Brave just shortly but it appears to be concerned with privacy and ad-blocking - more than what Firefox does.
E.g. Brave browser at one point in the not too distant past automatically added affiliate links to cryptocurrency URLs
Pardon my ignorance but Can someone explain what google is trying to do?
Pardon formatting, on mobile. Its a form of device authentication. Apple does this with safari already BTW, and it can reduce things like captcha because the authentication is done on the backend when a request hits a server. While still an issue in concept with Apple doing it, chromium browsers are a much larger market share. In layman's terms this is basically the company saying, hey you are attempting to visit this site, we need to verify the device (or browser, or add on configuration, or no ad blocker, etc) is 'authentic'. Which of course is nebulous. It can be whatever the entity in charge of attestation wants it to be.
This sets the precedent that whomever is controlling verification, can deny whomever they see fit. I'm running GrapheneOS on my phone currently, they could deny for that. Or, if you are blocking ads. Maybe you're not sharing specific information about your device, and they want to harvest that. Too bad, comply or you're 'not allowed to do x or y'.
This is the gist. The web should be able to be accessed by anybody. It isn't for companies to own nor should it be built that way. Web2 is a corporate hellscape.
Edit wrt Safari: https://httptoolkit.com/blog/apple-private-access-tokens-attestation/
I suspect "authentic" will mean "pays a license fee to Google." In this respect it will work like other forms of DRM, and it will have the same effect of excluding new and smaller players from the market. Except in this case the market is the whole of the web.
Yeah, definitely. Some form of extortion because ultimately that's what will happen either way. I mean, that's really the whole point of being the party that chooses what is authentic or not (and, what the definition of that word even means in this context). Monetary, data, whatever. Gotta keep the bottom line increasing for shareholders.
Yeah, definitely. Some form of extortion because ultimately that's what it will be either way. I mean, that's really the whole point of being the party that chooses what is authentic or not (and, what the definition of that word even means in this context). Monetary, data, whatever. Gotta keep the bottom line increasing for shareholders.
No, there are no fees at all. Authentic just means approved device state, which will be defined by the website you go to I believe. So youtube might required many different things in order to be "authentic" like no ad blockers, genuine browser, non-rooted phone, etc., whereas bank-xyz may just check for one thing, like a genuine browser. Also, websites have to enable this on their side, so its not going to be used by default on all websites. The whole thing is crap though, even if only a few websites enable this, it could have huge impacts.
Not necessarily. With some forms od tracking being curbed, just being sent the who accesses which webpage on what device when (the bare minimum for attestation) has lots of value. And google won't stop at the bare minimum of data grabbing, of course.
From my limited understanding as a common pleb, they are inserting DRM into Chromium browsers to prevent ad-blockers.
Internet with no ad-blockers is like a nightmare
Yes, it is a nightmare. The insane volume of ads and clickbait injected into web pages is killing the internet as an information source. Most of the searchable stuff is unusable. Which explains why ChatGPT was so enthusiastically embraced - it's really just synthesizing content into a readable form that doesn't require navigating around a jungle of animated gifs and flashing ads. That's also I think why Lemmy and Mastodon are so refreshing to use, and hopefully will stay that way - although money seems to find a way to ruin everything. Lemmy right now feels a lot like the internet used to be before the big money came along and ruined it with advertising and platform lock-ins.
@fuser @Lem0n, the only AI I most use and which is really useful for me is Andisearch.
https://andisearch.com
https://andisearch.com looks like it might be a better option - thank you so much for posting. I'm mostly using duck-duck-go which is tolerable but by this point we should have come up with a more useful way to index relevant information. Google would rather we see ads than any relevant content, which wasn't the case when they first launched google in the late 1990s. Google was refreshing at the time because of its cleaner interface than yahoo and uncluttered results, amusingly enough - it's a far cry from what it once was.
@fuser, Andi certainly is a fresh wind, it was the first search engine with AI which appears, before Google, Bing and the others. Great work of two very nice and friendly devs, Angie Hoover and Jed White, with an open ear to the user in their Discord channel for suggestions, feature request, bug report (well, it's still in developement) or simple chat.
Well, thanks again for the info - I'm trying it now and the results seem excellent, it took me to wikiwand, which I'd never used but it's a front end for wikipedia - it's quite nice. I've learned so much about alternative FOSS and great ad-free content by reading and posting here. I was never a great fan of reddit - liked to scroll but hardly ever posted there - I thought RPAN was the coolest thing they did - but Lemmy is great for conversation, despite the relatively small user base - I'm grateful that reddit's nonsense drove so many helpful people here.
@fuser, the fediverse has nothing to do with monolithic social networks, controlled by large multinationals. It doesn't matter if you use an instance of Lemmy, Friendica, Diaspora, or Mastodon. etc., are really of the people and independent of large corporations and linkable with each other. Here in Mastodon I see posts of all these in my Timeline and I suppose you too, like the one where I am.
I didn't notice that you were posting from Mastodon as I'm on Lemmy and your posts appear here just like any other Lemmy user - but the @fuser at the start of your messages is probably the tell, I think Mastodon defaults the username you're replying to, whereas Lemmy doesn't. It's great that we can use different applications without some corporate gatekeeper capturing everybody's personal info at the integration point to hawk to an advertising company.
@fuser, apart of Vivaldi social, the instance made by the Vivaldi browser for it's users, I'm also since long time ago in Lemmy.ml (with another Nick), also conected to Mastodon.
@fuser, with Mastodon you can even logging in Pixelfed. I love the #fediverse.
@fuser @Lem0n Regarding articles, I just save them to a read-later app that strips them of all the crap. If the site won't let me, I'll find another source reporting the same information, and save it to read later. If this process ultimately fails without a saved page, I won't read the article.
Right - that's a good approach, however if you're looking for a quick answer to an immediate question by searching using a common search engine, the garbage SEO pages are the most irritating, even with adblocking.
Living the dream.
To be fair, it is useful for other purposes, but the cost to users is likely to be huge, with ad blocking being one of them. It probably also prevents other things even outside your browser because there's no point in securing a browser running in an untrusted environment. IIRC there is/was an issue running Netflix on certain Android devices and rooted devices after a similar feature was added to Android.
This would also hurt users that need accessibility extensions so they can properly browse websites that don't have good accessibility features.
My S7 was running a custom rom, I had to manually download and install the Netflix apk, as the play store wouldn't let me do it. WhatsApp was weird too, it would let you install, but there were a bunch of aggravating bugs, like if your device was on it showed you as "online". Got in trouble at work because my boss thought I was on my phone all day.
EME for the rest of the internet, not just video. Basically doing what hulu does to stop screen recording/as blocking but across every webpage
Feels so good to see Google getting called out for this in the GitHub comments
Does it? It's making me depressed.
Because every last single thing said in those comments will be ignored. I sincerely doubt they're even reading them.
They know what they're doing. They know what people will say. They're going to do it anyway.
Regulate Big Tech and be done with it.
Or make the internet a public resource. Let the USPS be the ISP
The constitution allows for a nationwide communications network that's run at low cost for public good. USPS is absolutely legally allowed to run internet service and it's shame that it hasn't taken this over yet.
And I trust my privacy with the USPS a lot more than I do with AT&T
It would be a fitting legacy for Ben Franklin as well.
Gross.
i've been using a samsung chromebook plus since it launched until now... and it's end-of-support next month. being a typical human with low funds for new gear, i WAS considering a new chromebook of some kind. The chrome drm bullshit doesn't effect me too much as I use this mostly within the linux container, or firefox android version... however, I realize i need to take a stand and not financially support these tyrants.
so, what are my options? a pinebook running debian? are there any good netbooks out there? I don't use this thing for games or streaming media at all - mostly ssh, some browsing, etc. it's about time I take the final steps to de-goog my life.
Install Linux on your current chromebook. If the hardware is still good that's a no-brainer in my book.
i'm in the middle of this process now, and just frustrating myself. i've forgotten too much of the inner workings of the kernel - that is, my old knowledge doesn't apply anymore. I've got a dualboot working, but can't for the life of me get the wifi module to load. not relevant to this thread, so i won't dirty it up. but, thank you for getting my head in the right space!
i will, somehow, get some flavor working
Used thinkpads (like the T480) are a great choice.
I use Manjaro Cinnamon on mine.
Get a used Thinkpad. They run Debian well!
Can someone ELI5 how this could prevent a fork of Chromium from just not playing nice and telling the website "yeah yeah, it's all untempered *wink wink*" and then still remove/alter stuff as it pleases?
Edit: ok I think I got it ... it's basically the server that decides if it trusts the judgment of the client or not. Can't wait to see that cat-and-mouse game going on 🙄
Yeah, I can imagine a fork of chromium existing that takes all the data and does the rendering pipeline """normally""", but then on the side does something completely different and shows THAT to the user, while giving the server an idea that nothing is wrong and what it is doing is just normal chromium stuff.
But such an idea will be done entirely by enthusiasts, slowly, on an obscure basis. For the majority of users, that will never even be a conceivable notion of something they can do with the internet. Itll never be something you see on a top, mainstream browser.
In other words, Google wins.
This is partially correct. The server will check that you have a valid token issued by a trusted third party, who will almost certainly be Google, Microsoft, or Apple. When you connect to the web page, your browser will give this token to the server and say "hey look I'm legit." The token will have enough information on it to identify that it is relevant (being provided by a client that matches the hardware it is meant to verify) as well as a cryptographic signature that verifies it is in fact from the trusted third party. So it's less the server trusting the judgement of the client than it is the server trusting the judgement of whatever third party is attesting to your system.
Fuck this is trash. DRM for the web. I wish people would understand websites like kbin are not free and that if you use a website you need to pay to keep it alive. But no one wants to pay for anything on the internet, and so we have ads. Ads will for sure kill the internet.
The fact that people feel entitled to free content online really activates my almonds. They'll whine and moan about enshittification and how eg. news is just clickbait now, and then promptly shit their pants when someone suggests they actually pay for things since they clearly don't want ads either
Surely you can reverse that and point out corporations whining and moaning about people expecting free content when they're barely paying their employees enough to afford to pay their bills.
The problem starts with corporate greed, hoarding revenue by keeping employee's salaries to the minimum acceptable, providing as little functionality as possible to reduce overheads, double dipping by selling a product/subscription and then selling their customer's data, and then complaining they aren't getting more money for what little they are doing.
Then inevitably a little guy like Kbin comes along and suffers because the internet is filled with soulless, ultra-capitalist corpo scumbags.
Those are separate issues
They are absolutely not separate issues. How can I be expected to shell out $15 per month for 10 different content subscriptions if I can only just afford to put food on my table?
Doesn't mean that content producers and the people running services don't need to eat too. Sure, many if not all big corporations are terrible, but not all online content is provided by them.
But a massive amount of them are. Small and solo creators on Youtube or Twitch need to conform to the rules of Google and Amazon, and even medium size creators are influenced and coerced by the precedents and market trends set by the much larger corporations.
And it doesn't matter if not all content is provided by large corporations, those large corporations employ the most people, and dictate in a lot of ways, the rules of the employment market. It's due to their habits and practices that wages are artificially low and expenses are inflated for record profits.
Until corporate greed is managed properly, consumers will always struggle to have enough expendable income to pay content creators, and therefore will always be searching for free content.
Oh yeah, no disagreement there; the source of all these problems is ultimately an economic system designed by and for sociopaths. But, be that as it may, the fact that even the people who could afford to pay for services simply don't, and many run adblockers too and rarely turn them off for eg. news sites even if the ads they run aren't extremely distracting. For example when ABP introduced a whitelist for "non-annoying" ads, it didn't exactly go down well and people said they had "sold out."
Big corporations can get fucked for all I care, but as I said, the ones not working for them and running services or news media or whatever also need to eat, and peoples' reticience to pay for things in one way or another has directly led to those big companies taking over more and more of the field and WEI is an outgrowth of that.
I guess I'll never use Chrome or Google products again then
So..I don't use chrome anymore, but I use Vivaldi. Guess this'll fuck that up too or will they remove it?
Edit: looks like they're concerned about it but also are worried stripping it out will f up theye browser being accepted
Hey, fellow Vivaldi user👋 . Yep, one of the Vivaldi devs already said if it was added upstream, they'd strip it out of the Chromium code, but they acknowledge that this would cause problems if WEI became standard. Websites would start to expect it, and not having that functionality would be a death-sentence for any browser (Chromium or otherwise).
That's great to hear. I like it and would like to continue
Can someone ELI5 me on what this is and why it is bad?
google want websites to be able to check whether you're running an approved browser. And they also want to be the ones to have the authority to decide what an "approved browser" is.
Given that google is an advertising company that owns a browser, constantly tries to cripple ad blockers they will probably simply start saying that any browser that doesn't implement the stuff they want (crippled ad blockers) is "untrustworthy"
I wonder how many people will be ok with this, considering that there's a large portion of folks who does not know what's AdBlock
Yup. The vast majority of internet users NEVER:
Customizes their web experience
Uses apps almost exclusively
Navigates beyond the first page/screen
How will they react to this?
That's how.
We're doomed. We were always doomed.
Would be kinda cool to go back to irc or usenet, because the average internet user does not and will not give a shit about privacy, and definitely won't get a complicated chat thing setup.
I'm afraid that's always been the case because the mass majority just don't a give a shit. They'll happily conform to whatever the monopolies tell them to.
NOOOOOOO
I don't understand. Isn't someone just going to fork Chromium, take out this stuff, put in something that spoofs the DRM to the sites so that adblocking still works?
Part of the point is that you may not be able to spoof it.
On code I write on hardware I run locally, how is it ever possible to not be able to remove an element from the UI?
If you don't use a client with certain signature, the web request will end in different response, i. E. an empty response,, as if your client had a certain signature. Please correct me if I am wrong, though.
Why can't my modded client just give it that signature?
Because you don't have Google's private key. Same reason you can't watch Netflix episodes without Widevine.
I watch Netflix shows in high definition without widevine every day.
🏴☠️🚢
A private key to do what?
I only have the most cursory understanding of what Widevine is, but a quick Google reveals github projects claiming to spoof it.
Where I fail to understand is this. Whatever authentication the open source browser I modify needs to do, I can let it keep doing, because at some point it has to provide my browser C++ code with a clear text DOM before it renders it to an image to be displayed by my window manager. I can write that browser to simply remove DOM elements it deems to be ads - just like ublock does - before it renders it graphically.
The only way around this would be to turn browsers in to a completely dumb terminal that accepts an octet stream of pixel data so it can display bitmaps, which is completely unfeasible (every webserver would become a graphics card for each of it's users), and even if it did that, a simple neural net would identify the ads and remove them.
What am I missing?
— The explainer, section How it works.
— The explainer, section Web environment integrity.
Now Julien Picalausa of Vivaldi browser theorizes as follows:
So, AFAIU, if worst comes to worst you won't be able to run an unsigned browser and browse the web.
I still don't see why my open source browser can't just lie when it's sending a description of itself to the third party. The only way I could see it working is if that description needs to be encrypted by a key that's compiled in to a closed source browser, and then websites only accept requests from a few closed source browsers.
Is that what you're saying? That unless I have one of a couple accepted clients which are proprietary and closed source, websites just won't work?
It seems logical to assume that there would be no point to the whole thing if it was so easily avoided just by modifying your browser. Someone who's, for example, selling fake engagement (e.g., fake reviews), which is listed as one of the things Ben Wiser at al. want to prevent, will probably have enough technical expertise to use a modified browser that will circumvent WEI, so why would Google even bother?
To make it harder, even if not impossible, for the average user to ad block them.
Are you asking because you're not sure of the answer, or because you are, and you know that web integrity will require a pre-compiled closed source binary to browse the web?
No, I'm not sure. It's possible that this is a benign technology, but many believe it's not, including people at Mozilla, people at Vivaldi, Cory Doctorow, Jay Freeman (aka "Saurik"), the developer of Cydia (via The Register), so I'm concerned.
This recent blog post also mentions the intent of disallowing unsigned software to browse the web. Perhaps you'll find it interesting.
Bro I’m watching a Netflix show right now and don’t have a subscription
Widevine has been hacked multiple times, it's the usual arms race.
Drink up, me hearties, yo ho!
Yes, upstream Chromium forks will likely try to remove this functionality, but
This is the part that is not possible. The browser is not doing the attestation; it's a third party who serves as Attestor. All the browser does is makes the request to the attestor, and passes the attestor's results to the server you're talking to. There is no way a change in the browser could thwart this if the server you're talking to expects attestation.
This violates just about every single open web principal that allowed Google to gain so much power. When they changed their motto from Don't Be Evil, to Do No Harm, they obviously chose deception. Their new motto should be Do Whatever is Profitable, or more succinctly Be Evil.
I don't really understand how that's possible. The browser gets a token from the third party, and passes that token to the server to "prove" it's running the DRM. The server then passes code back to the browser. At that point, why can't the browser just cut out the DOM elements which are ads?
I don't understand how code I write on hardware I run locally can ever have it's hands tied like this.
It won't be your hardware in a few years if this goes through. The code will run in a secure enclave and you won't be able to access your bank or log in to government websites if you control the hardware.
Android phones are starting to do this, and it's a nightmare for people like me who actually want to own the device they purchased.
Needing root access on Android to regain basic functionality (such as the ability to backup installed apps) is a sad indicator of where we're headed ☹️... As much as I dislike iOS's walled garden, they make backups dirt easy for the end user - and they do complete backups too - app data, homescreen layout and all.
I see what you're saying. I read it as implying the browser would fake the attestation token. I don't know the answer, but if their (stated) goal is to stop bots and scrapers, I have to assume it wouldn't be so simple. After all, a lot of bots and scrapers are literally running an instance of Chrome.
Would it be possible to create a fork of chromium to avoid google's influence?
The biggest problem is if Google can influence all the major websites (banks, e-commerce, news sites, streaming services, social media, etc) to adopt this standard.
They've done it before with AMP.
They won't even have to force them this time, they'll do it voluntarily because it would mean they can serve unblockable ads, track users much better, and for banks it would actually increase security for the user (but also force you to consume their content how they want, preventing stuff like accessibility extensions).
And fuck AMP, it's a fucking travesty.
Not really, since Google develops Chromium.
FireFox receives most of their funding from Google, even though they've come out as opposing this plan. They have next to no market share.
The only other browser engine that can seriously compete with Chromium is Safari.
Isn't Chromium/Blink a fork of WebKit?
Partially. The Blink browser engine used in Chromium is a fork from WebKit but it's diverged quite a bit in some ways I believe. But there's a lot more that goes into the project. For example, V8, the browser's JavaScript engine.
I just don't understand why they're trying to solve this issue on the client side. It seems like a losing battle to me.
Instead, focus on the server side. If you want to push ads, then host on (or tunnel from) the content server. Get rid of all the <div\>s and tags and scripts and adserver links that the adblockers are using to identify ads. Just assemble the page on the host so that it looks indistinguisable from the content the user is looking for and push it out. EAT BACHELOR CHOW! NOW WITH FLAVOR! Google could even start an ad-friendly hosting service that does this - some sitebuilder tools, identify where you want Google Adsense, and host the damn thing.
Unless everybody fully customises the display and styling of the adverts for their own website, there's going to be some sort of targetable, recognisable pattern in the way AdSense content looks. Most developers just want an easy drop-in solution.
Furthermore, Google don't necessarily want to give you that level of control over the adverts, because that makes it easier to game the ads system with malicious, fake and misleading clicks or invisible adverts. They need their tracking tech attached to it.
So render to image? That sounds terribly inefficient. That means you're drastically increasing the load on the server and sending way more data over the wire. And then on the client side, your page no longer changes to fit the huge variety of viewport sizes. And say goodbye to being able to copy-paste. Or any kind of user interaction. And anyone with visual disabilities can go fuck themselves, I guess.
No, they didn't mean to render it all as an image, but that everything comes from the content server you're getting the content you want from and thus the ads should be indistinguishable from content. I don't understand how you could misunderstand it to such a degree as to think they meant to render it all as an image.
so... PDF then?
/s
Thanks, BTW. It never occurred to me that someone could interpret my comment as "render-as-an-image".
You explicitly state "render to image".
Because even if you host the ad content on the same server, it's still possible to distinguish it, such as by URL or element xpath. To assemble the page to avoid this, you'd need to completely render the page.
Google is actively trying to drive people like me away. I have been trying my hardest to keep using Android, if Google keeps this up I might have to unwillingly move to Apple. At least they do more than just pretend to care about their users' privacy.
You, me, and everybody else commenting on this post are a miniscule, almost infintesimal percentage of Google's global userbase. If each and every one of us statistical outliers stopped using Google everything right this second they wouldn't even notice.
True, but might as well put up a good fight while we're at it.
More and more, I wonder if we're going to have to go back to Lynx or Links or something just to look at sites that aren't corporate because they'll be otherwise inaccessible from anything else.
I moved to Apple a few years ago, and recently I've stopped using Chrome for anything but work, where it's required (web development, lol). Still married to gmail and google calendar but maybe it's time I get away from those too...
I guess I won that bet. :/
This won't be used just to block ads. If you're signed in to Google, this DRM will be used to track you, as well. VPNs will be useless because the tracking won't be done through your IP address, but through your browser, identified by DRM and tied to your Google account.
That's what this is really about. Knowing, where you go, what you see, what you buy, who you associate with. Forcing you to watch ads is just the icing on the cake
Any ideas what the behavior of webpages will be if somebody uses PiHole?
Since PiHole isn't part of the browser but in the network I assume that still works.
PiHole can be bypassed with DNS over HTTPS, although there's ways to prevent that.
What does this mean?
I quite disagree, it is very hard. Sure, switching search engine takes all of two seconds, and email can be had from many vendors free and commercial.
But calendaring! A calendar that is at least somewhat integrated with am email client, supports more than one actual calendar, and has real-world capability to share them with others - "if you succeed in this, two me how."
(not sure this worked as intended. I meant to reply to https://lemmy.world/comment/1748023)
Tutanota is trying, but there's still ways to go
I run Chrome to use work (Google) email and services, and Firefox for as much as possible. The challenge is that about a 10% of things I use only work properly on Chrome. It's IE6 all over again, history repeating itself.
The real two internets is happening
Why is this bad? On first read, it seems like it could replace personally identifiable advertiser cookies with a trusted assertion that I am a human. Feels like a win
oh, hai guys
Hello there browser which already implemented DRM similar to this a while ago!
Safari is ahead on this DRM game. It already deployed attestation silently a while ago: https://httptoolkit.com/blog/apple-private-access-tokens-attestation/