Email or username:

Password:

Forgot your password?
Asahi Linya (朝日りにゃ〜)'s posts Post Back to profile
Asahi Linya (朝日りにゃ〜)

This is scary. It's (strong) SafetyNet for websites.

Every now and then I run into another Android app I can no longer run because someone decided my phone, running an official build of my choice of OS, that isn't even rooted, is "not trustable".

Now they want to start doing that for websites.

This kills open Linux on the desktop (including Asahi Linux). It kills alternative browsers. It is a backdoor to kill ad blockers.

No. Just no. Please.

github.com/RupertBenWiser/Web-

22 Jul 2023 at 1:55 | Open on vt.social
153 comments
daria-andrea
Erik Ableson
DELETED

@lina Oh crikey, what a terrible (or rather malicious) idea! For me, DRM, even in the context of streaming services, is in itself such a foolish concept. Punishing paying customers by making their experience worse than that of those who choose to sail the high seas by chasing what's unachievable, which is preventing digital data from being copied, just seems ridiculous.

22 Jul 2023 at 20:22 | Open on masto.ai
Niclas Hedhman

@lina

They have to do it! Don't you care about the children? Don't you care about the planet? The oceans will boil if they let the status quo continue.

22 Jul 2023 at 21:09 | Open on angrytoday.com
cpm

@lina
I'm *this* close to being ok with this.

Sure, go ahead and fragment the web

let's the rest of us back off 2 decades and run stuff that runs wonderfully on trash-day garage-cleanout hardware and create stuff & enjoy ourselves.

telnet mups & everything!
@EricLawton

22 Jul 2023 at 21:12 | Open on spore.social
Greaseワンkey

@lina@vt.social This is TCPA all over again, but potentially worse. End result of that: ...not reached yet, as the modern x86 computing stack is always under threat from Microsoft making their final step to insist on making their Secure Boot with their keys mandatory.
When it comes to problems like this, I haven't worked out a solution which involves convincing the "useful idiots" just how badly they're being abused by the services they use. They always seem to lean in favour of "but I'm using it and enjoying it a lot of the time therefore it's perfectly OK".

Case in point, I have to remind people that I actually cannot use Discord because they locked my account for "suspicious activity" and I refuse to give them my phone number. One friend said something like "yeah that happened to me so I just gave them my number". Another friend offered to let me use a burner number.
I can't even convince people to use LibreOffice, because they refuse to even consider anything that is an alternative to a Microsoft product (unless it's IE or Edge), so what do they do? They cave in and buy a subscription for Office 365.
A former coworker actually had to flee their country some time after purchasing a subscription. When they had to renew their subscription, they weren't able to do it from where they ended up, and they had to call Microsoft support. Their response? "Go back to the country where you purchased your subscription from and then do the purchase from there."

Raw fear hasn't really fixed that problem yet. Remember macro viruses? People still insist on using MS Office. Remember Wannacry? People still insist on using Windows... and also people are stupid enough to think that a particular TLA can still be trusted with anyone's security.
A possible solution for something like this is for the experience of Chrome specifically to be so utterly terrible on a popular website that they have no choice but to use something else. Pity Mozilla is basically a puppet for Google nowadays, and everything else seems to be Blink- or WebKit-based. But popular websites have an incentive to support the most popular browsers, so that ain't gonna happen.

I really need to find a solution for that. For one of the examples, perhaps I should fork LibreOffice, fill it with Microsoft branding, and shove it on peoples' computers and see if they notice. Not sure how well that would extend to websites, but it would be a good experiment.
... it would also ruin my reputation as someone who is known for being honest. Bleh.

@lina@vt.social This is TCPA all over again, but potentially worse. End result of that: ...not reached yet, as the modern x86 computing stack is always under threat from Microsoft making their final step to insist on making their Secure Boot with their keys mandatory.
When it comes to problems like this, I haven't worked out a solution which involves convincing the "useful idiots" just how badly they're being abused by the services they use. They always seem to lean in favour of "but I'm using it...

22 Jul 2023 at 21:14 | Open on misskey.neos.love
ged
@lina its authors have "google" written all over them
22 Jul 2023 at 21:19 | Open on social.hayalmasal.org
~/hyde

@lina it's the samo with banks that wont let you install their app if you dont use google, or even worst force you to move a smartphone to log to your accounts ...

22 Jul 2023 at 21:57 | Open on lazybear.social
m
@lina

Cowards

Move this into a separate privileged process for corporate environments requiring attestation

Bug: violates Yahweh's TOS

This is unnecessary

Absolutely unethical and against the open web

Why would I want this?

Code of conduct violation: closing issues raising concerns

Stinky

heyyy, just wondering... did you get those photos printed

Will Estrange Those On The Fence

Have you ever stopped to consider that you're the bad guys?

Seek EU Approval

Can someone explain what this does using only two words?

Proposal to go back to the 90s web standard

But on a serious note...
("This proposal is pretty problematic. The explainer.md is full of things that it doesn't help to solve, plus a few other problems. ...")

Discrimination Concerns

It is impossible to achieve the stated goals.

How do you ensure the modified and browsers with extensions or development tools can be used?

"Constructive" involvement is not ethical when the goal is harmful

Do not listen to ad blocking addicts, please ship this ASAP

Google Bordering on Antitrust

User Research?

Proposal entirely skips how attestors are supposed to actually function?

Confusion between client and user authentication

No real justification why challenges aren’t enough
@lina

Cowards

Move this into a separate privileged process for corporate environments requiring attestation
22 Jul 2023 at 22:13 | Open on mycrowd.ca
sbszine

@lina Using Chrome is a vote for this. Please everyone, stop using Chrome.

22 Jul 2023 at 22:36 | Open on dice.camp
Zaphod Beeblebrox :verifiedbi:

@lina
It seems this repo originates directly from hell itself

22 Jul 2023 at 23:35 | Open on tech.lgbt
Martijn Vos
We should just all stop using those abusive websites. Embrace the open internet and kick all the walled gardens out. Yes, that means you can't use everything you were used to, but maybe that's ultimately better for us.
23 Jul 2023 at 0:07 | Open on nerdica.net
jjtbsomhorst
Alonely0 🦀

@lina GrapheneOS on my P6a is enough for me to not be able to use Google Pay.

23 Jul 2023 at 9:26 | Open on mastodon.social
manu

@lina I’m sorry, but ensuring the client environment will "keep intellectual property secure" is the OPPOSITE of an open internet, not its backbone. The audacity..

23 Jul 2023 at 10:15 | Open on chaos.social
Go Up