- cross-posted to:
- [email protected]
- cross-posted to:
- [email protected]
I’m happy to see this being noticed more and more. Google wants to destroy the open web, so it’s a lot at stake.
Google basically says “Trust us”. What a joke.
I’m happy to see this being noticed more and more. Google wants to destroy the open web, so it’s a lot at stake.
Google basically says “Trust us”. What a joke.
As other have pointed out, it goes way beyond ad-blocking. It’s a complete reversal of the trust model, and is basically DRM for your OS:
Right now, websites assume rightfully that clients can’t be trusted. Any security measure happens on the server side, with the rationale that the user has control over the client and you as a dev control the server. If your security is worth two cents, you secure server side. This change propose to extend vendor power, by defining a set of rule about what they deem acceptable as a client app, and enforcing it through a token system. It gives way too much power to the vendor, who gets to dictate what you can do on your machine.
We actually have a live experience of how that could go down with safetynet on android. Instead of doubling down on the biggest security issue there (OEM that refuses to support their software for more than 1 or 2 year after release which, quite frankly, should be universally considered as unacceptable), google decided that OEMs should be allowed way more trust than the user. Therefore modifying your own OS in any way, even if it’s ripe with security flaws to begin with and you’re just trying to fix that, breaks safetynet. If you break safetynet, “critical apps” like banking apps stop working altogether.
The worst part is that there are ways to circonvent safetynet breakage, because in the end, if DRM taught us anything, it is that if you control the client and know your way around, with enough work you can do pretty much anything you want with it. So bad actors are certainly not kept at bay, you just unjustly annoy people with legitmate usecases or even just experimenting with their hardware because in the end, you consider that your user are at best dumb security flaws, at worst huge cash machine, often both at the same time.
My biggest problem is that it actually makes things easier for bad actors when you set them in stone, because there’s more things that they know they can count on to happen a certain way.
Yeah, moreover you give server admins the illusion that they CAN control what happens client side, which is bonkers.
Honestly the most infuriating thing in this whole controversy is that the proposed approach fix almost none of the issues that the authors say their proposal should fix.
What it does however is break the open web principles in major ways.
Another example: latest iteration of Google Captcha. Released with promises to end manually inputting text captchas, the main thing it turned out to check for is whatever you are logged into your google account. If so, you get through automatically, or, at worst have to press a checkbox. If you are not logged in, enjoy selecting fire hydrants and crosswalks.