- cross-posted to:
- [email protected]
- cross-posted to:
- [email protected]
Summary
- Google’s proposal, Web Environment Integrity (WEI), aims to send tamper-proof information about a user’s operating system and software to websites.
- The information sent would help reduce ad fraud and enhance security, but it also raises concerns about user autonomy and control over devices.
- The authors argue that implementing WEI could lead to websites blocking access for users not on approved systems and browsers.
- They express worries about companies gaining more control over users’ devices and the potential for abuse.
- The authors emphasize that users should have the final say over what information their devices share.
- Remote attestation tools, like WEI, might have their place in specific contexts but should not be implemented on the open web due to potential negative consequences.
- The authors advocate for preserving user autonomy and the openness of the web, emphasizing that users should be the ultimate decision-makers about their devices.
Joke:
Two pieces of string walk into a bar. The first piece of string asks for a drink. The bartender says, “Get lost. We don’t serve pieces of string.”
The second string ties a knot in his middle and messes up his ends. Then he orders a drink.
The bartender says, “Hey, you aren’t a piece of string, are you?” The piece of string says, “Not me! I’m a frayed knot.”
Firefox it is again?
All the way. Don’t settle for just chrome plating.
I’m a happy Vivaldi user (features and configurability to me are more important!) but I’m sure this will be implemented in the Chromium open source platform and not exclusively in Chrome (like some other features).
Always has been
The problem is that Google has such a monopoly over web browsers that Firefox will most probably have to follow and implement this shit as well.
Smells like “this website is only compatible with Internet Explorer 7 or higher” kind of stuff, those were bad back then, it will be a lot worse now.
On the other hand: A website implementing such a functionality does not want me as a user. That’s fine. I’ll find the information elsewhere or give them useless date from within a VM. Starting and stopping minimalist single-purpose VMs isn’t hard nowadays.
It’s easy for us as we are tech literate, but I mostly think of the average person that “doesn’t care about privacy and personal data”. We’re also not Google’s main demographic. When most websites use this kind of shit, it will be extremely hard for everyone to get away from it.
I stopped thinking of them. But yes, those people will have their data stolen by Google, as usual. But those people also don’t care one single bit about that.