All this.. all this multi billion dollar development, all those 'brains', all the time and space a tech company occupies in it's lifetime... just to force you to watch ads?
What a shitty society and what a shitty communication system we have, just because some morons want to earn some billions more...
There is no endgame when it comes to greed, those pricks will always want more.
I feel it's worse than this. Imagine being the brightest mind in college, have a ton of experience, just to invent new algorithms to get people to click on more ads.
I consider it close to going to school for engineering or design and winding up being the guy in charge of making airplane seats ever smaller and more uncomfortable.
Yeah, the brightest minds of recent generations are figuring out how to get people to watch ads. We probably could have had fusion energy by now, but instead have ads.
It has shittier sides than the one you are looking at.
and what a shitty communication system
Well, Zuck and others found the way to assemble all blonde girls from your town on one site. It was decided then.
At least until the general humanity realized that this doesn't change shit except that we no longer have the normal Web itself, the truly miraculous one which we got used so quickly to.
I like Gemini, but I'll take the ActivityPub-based Web. Better both, of course. With old Skype-like IM on top of that as well.
However, the identities being not cryptography-based and being tied to an instance I don't really like, that should be fixed in future versions if we want to have stuff working differently from e-mail, which is not as decentralized as one would like.
And frankly maybe one should separate content instances from authentication instances. The latter would only present identities.
Mozilla really did that with Firefox and Thunderbird to help kill IE and Outlook Express. Chrome came quite a bit later, but was instrumental in bringing about a performance reckoning, and a push for universal standards, sort of creating that movement. Really shocking now when you think of Google doing that.
Mozilla and Thunderbird existed as decent alternatives, but they had a tiny market share of generally tech minded people, which was a much smaller subset of the population than it is now.
Chrome and Gmail came in and completely demolished the market. They came in with a strong brand name, and a huge suite of features that worked well, and really ignited the Cloud app paradigm.
I have mained Firefox on desktop throughout the decades. But give credit where credit is due.
Write to your country’s anti-trust body if you feel Google is unilaterally going after the open web with WEI (content below taken from HN thread https://news.ycombinator.com/item?id=36880390).
Google has proposed a new Web Environment Integrity standard, outlined here: https://github.com/RupertBenWiser/Web-Environment-Integrity/blob/main/explainer.md
This standard would allow Google applications to block users who are not using Google products like Chrome or Android, and encourages other web developers to do the same, with the goal of eliminating ad blockers and competing web browsers.
Google has already begun implementing this in their browser here: https://github.com/chromium/chromium/commit/6f47a22906b2899412e79a2727355efa9cc8f5bd
Basic facts:
Google is a developer of popular websites such as google.com and youtube.com (currently the two most popular websites in the world according to SimilarWeb)
Google is the developer of the most popular browser in the world, Chrome, with around 65% of market share. Most other popular browsers are based on Chromium, also developed primarily by Google.
Google is the developer of the most popular mobile operating system in the world, Android, with around 70% of market share.
Currently, Google’s websites can be viewed on any web-standards-compliant browser on a device made by any manufacturer. This WEI proposal would allow Google websites to reject users that are not running a Google-approved browser on a Google-approved device. For example, Google could require that Youtube or Google Search can only be viewed using an official Android app or the Chrome browser, thereby noncompetitively locking consumers into using Google products while providing no benefit to those consumers.
Google is also primarily an ad company, with the majority of its revenue coming from ads. Google’s business model is challenged by browsers that do not show ads the way Google intends. This proposal would encourage any web developer using Google’s ad services to reject users that are not running a verified Google-approved version of Chrome, to ensure ads are viewed the way the advertiser wishes. This is not a hypothetical hidden agenda, it is explicitly stated in the proposal:
“Users like visiting websites that are expensive to create and maintain, but they often want or need to do it without paying directly. These websites fund themselves with ads, but the advertisers can only afford to pay for humans to see the ads, rather than robots. This creates a need for human users to prove to websites that they’re human, sometimes through tasks like challenges or logins.”
The proposed solution here is to allow web developers to reject any user that cannot prove they have viewed Google-served ads with their own human eyes.
It is essential to combat this proposal now, while it is still in an early stage. Once this is rolled out into Chrome and deployed around the world, it will be extremely difficult to rollback. It may be impossible to prevent this proposal if Google is allowed to continue owning the entire stack of website, browser, operating system, and hardware.
Thank you for your consideration of this important issue.
This standard would allow Google applications to block users who are not using Google products like Chrome or Android, and encourages other web developers to do the same, with the goal of eliminating ad blockers and competing web browsers.
Google is a developer of popular websites such as google.com and youtube.com (currently the two most popular websites in the world according to SimilarWeb)
Google is the developer of the most popular browser in the world, Chrome, with around 65% of market share. Most other popular browsers are based on Chromium, also developed primarily by Google.
Google is the developer of the most popular mobile operating system in the world, Android, with around 70% of market share.
Currently, Google’s websites can be viewed on any web-standards-compliant browser on a device made by any manufacturer. This WEI proposal would allow Google websites to reject users that are not running a Google-approved browser on a Google-approved device. For example, Google could require that Youtube or Google Search can only be viewed using an official Android app or the Chrome browser, thereby noncompetitively locking consumers into using Google products while providing no benefit to those consumers.
Google is also primarily an ad company, with the majority of its revenue coming from ads. Google’s business model is challenged by browsers that do not show ads the way Google intends. This proposal would encourage any web developer using Google’s ad services to reject users that are not running a verified Google-approved version of Chrome, to ensure ads are viewed the way the advertiser wishes. This is not a hypothetical hidden agenda, it is explicitly stated in the proposal:
“Users like visiting websites that are expensive to create and maintain, but they often want or need to do it without paying directly. These websites fund themselves with ads, but the advertisers can only afford to pay for humans to see the ads, rather than robots. This creates a need for human users to prove to websites that they’re human, sometimes through tasks like challenges or logins.”
The proposed solution here is to allow web developers to reject any user that cannot prove they have viewed Google-served ads with their own human eyes.
It is essential to combat this proposal now, while it is still in an early stage. Once this is rolled out into Chrome and deployed around the world, it will be extremely difficult to rollback. It may be impossible to prevent this proposal if Google is allowed to continue owning the entire stack of website, browser, operating system, and hardware.
Thank you for your consideration of this important issue.
Thank you, sent. While I'm crossing my fingers that someone reads/notices this, I am just as doubtful that any valuable action will be taken before it is too late. Democratic governments are simply too slow.
This is way worse than what Microsoft did back in the day with Internet Explorer. They were forced to build a browser selection popup into their operating system because of that.
Batter way would be to just watch youtube video on youtube while ad block being enabled that way all the server load goes to google and they can't get the ad revenue. Isn't it win win?
It's basically all the bad things that tech writers have already warned about, except shit just got real. Google is actually shipping WEI in Chrome and large important sites and services are no longer working except in Chrome and with Goggle's blessing.
The author makes a very good comparison with Android, where you need a locked-down device and Google Services installed to be able to use Netflix, or your bank's services.
The rest of the article dives into what WEI claims to achieve vs what it's actually doing, and who it really benefits. Good read if you're still unclear about that.
Google is actually shipping WEI in Chrome and large important sites and services are no longer working except in Chrome and with Goggle's blessing.
Source? I can’t find anyone claiming that sites aren’t working. Someone else in the comments mentioned Logitech, but their site is working fine for me in Firefox.
I was multitasking while watching but I'm pretty sure this is the idea.
Googles "web DRM" makes it impossible (or extremely difficult) to lie to a website about your browser, operating system, and whether or not you're human (or a bot). Websites can then use this info to deny access if they decide not to trust any of the info given.
This could easily be used to suppress the use of open source software which is probably why so many FOSS projects and foundations oppose it.
It doesn’t prove you’re not a bot though, only that the request is coming from a ‘genuine device’. You just need to pipe your malicious requests through a ‘real browser’ to get them approved and you’re set.
DRM in your web browser to forcibly require you to be running an "approved" browser (ie.: Chrome) in an "approved" configuration (ie.: no ad blockers) to load certain websites, and probably all major websites.
Thing is, if this takes off and websites adopt it, FF will be forced to integrate it aswell. I'd be fine with some websites not working in FF, but my mother will call me and say "the internet is broken". I guess Mozilla doesn't want and/or cannot afford that.
That is correct, but for now, Mozilla has the right stance on the matter.
I'm still waiting for what Apple's stance is. They integrated functionality into Safari that technically works similarly, but that's only used for captcha verification. I can see them choosing either side to be honest. They can embrace the Web Integrity API because it fits their "closed ecosystem" (in case of iOS devices) type of product quite well, but on the other hand they don't really have a website that would be suitable to use the Web Integrity API, so why would they give in to what Google wants? If Apple doesn't integrate Web Integrity API into Safari, I don't see any major website using it. They can't afford to lose ~28% of the mobile market.
Likely true, but as someone pointed out in another thread, it should be possible to "technically" comply with WEI enforcement, and then have a transparent abstraction layer to extract the "enforced" markup and code, exposing it to the user-facing browser to interpret like it normally would.
It's some real asinine bullshit software engineering that shouldn't be necessary, but it should work.
Exactly, why don't all these chromium-based browsers which came out against WEI don't fork Chromium to maintain a base version without this bullshit? And manifest V3 while they're at it.
Sadly the only real move the average person has to play in all of this is if they do this, refuse to use any site that blocks access or extensions based on it.
Go back to paying your property tax with checks, etc if you have to. But the only way to deal with these companies is being willing to go to whatever lengths are required to avoid using their products and services.
i don't quite get why can't the attester just.. lie.. about who he is
like if I'm using firefox on linux, why cant my linux attester claim to be actually windows attester and say I'm using chrome?
I am not an expert, but it's likely signed and cryptographically secured. Change a single byte in the be Browser executable and your browser goes on the naughty list. This is total lockdown of the browser, and in principle you can extend certification of both software and hardware all the way down through the OS into the hardware.
The website has to choose to trust a given attestation provider. If Open Source Browser Attestation Provider X is known for freely handing out attestations then websites will just ignore them
The browser's self-attestation. This is tricky part to implement. I haven't looked at the WEI spec to see how this works, but ultimately it depends on code running on your machine identifying when it's been modified. In theory, you can modify the browser however you want, but it's likely that this code will be thoroughly obfuscated and regularly changing to make it hard to reverse engineer. In addition, there are CPU level systems like Intel SGX that provide secure enclaves to run code and a remote entity can verify that the code that ran in SGX was the same code that the remote entity intended to run.
If you're on iOS or Android, there's already strong OS level protections that a browser attestation can plugin to (like SafetyNet.)
Every time somebody calls this "web of trust" I feel the need to remind that really Web of Trust is a system of, well, decentralized manual trust, like with PGP. Like in Retroshare or Freenet for some people.
Every such attempt at replacing the actually relevant meaning of a thing which is still good and needed is suspicious.
We had the dominance of Microsoft with IE back in the day. They made sure that the web was being kept back. Google is doing the same now, even though people have been shouting that they'd never do that. Here we are..
Once entities like tax authorities require it for filing your taxes (or any other thing you absolutely have to do), that's not really an option any more.
I use Youtube a lot on Librewolf, which probably isn't going to be very trusted.. Hoping i don't get booted off of sites i usually use like YT.
It was time to switch to Invidious anyway.
Which will stop working once this is implemented, since it doesn't use a trusted browser to access YT. As will any kind of automated access. Search engine bots, archive crawlers, third party apps... anything websites don't like or know won't be able to access them anymore.