Apple already shipped attestation on the web, and we barely noticed
Apple already shipped attestation on the web, and we barely noticed
There's been a lot of concern recently about the Web Environment Integrity proposal, developed by a selection of authors from Google, and…
You're viewing a single thread.
The danger would be important entities like governments and banks using attestation. Then you'd be limited to using only Chrome, Safari and Edge, and Firefox could kiss its ass goodbye.
Bank: my bank is too boomercore to ever implement something like this, we only recently got 2fa
Government: my government still makes me file my taxes on paper and mail it to them so I’m ok for now
Banks and governments could get trapped into this because a third party vendor implements a system for them that includes this.
Like Salesforce's "Lightning Experience sites" only supports the latest versions of iOS and Android, as well as only supporting chromium based browsers and Firefox.
A lot of banks and government services run on that platform, and not all of them are going to be smart enough to pay for a custom solution that increases device support.
It’s less about what they implement, and more about what their users who have clout expect. My regional bank is far more responsive to customer feedback than, for example, Bank of America. As for governments there’s all sorts of bureaucracy I can push on with not a lot of resources. It’s not accessible to everyone but organizations don’t need all that much prodding to respond anyway
Salesforce dictates what they support now, not on what people want. If an entity implements it, they can use the put of the box functionality or pay to have it customized to increase accessibility, security and support.
That’s fine, I will continue to use websites that work for me and when they don’t I will complain
My bank is welcome to implement features that prevent using Firefox. It'll cost them when I move my deposits, but they're welcome to do it.
People didn't leave Wells Fargo and BoA en masse with all the illegal shit they did, why do you think this would have any real effect on them?
The EU wouldn't really stand for that.
The EU lets them get away with requiring device attestation for their mobile apps. It's not exactly the same thing since system requirements for native apps are traditionally narrower than websites, but it's similar.
Let's hope not.
In the UK at least, switching banks is super easy, I’ve done in twice in the last 2 months because they offered free cash to do so, there is enough competition that the banks have to make it easy to move or else they lose customers.
For government, generally most systems are built to be as accessible as they can be because there has been [https://www.gov.uk/guidance/accessibility-requirements-for-public-sector-websites-and-apps ](whole raft of legislation) written up to cover this.
I’m not saying it wouldn’t be a problem (power companies etc could prove to be sticky) but there are legal requirements that entities above a certain site have to meet.