looks like rendering adblockers extensions obsolete with manifest-v3 was not enough so now they try to implement DRM into the browser giving the ability to any website to refuse traffic to you if you don’t run a complaint browser ( cough…firefox )

here is an article in hacker news since i’m sure they can explain this to you better than i.

and also some github docs

  • @[email protected]
    link
    fedilink
    English
    402 years ago

    They want to go back to the days of websites requiring internet explorer… just this time with their browser. Even though getting away from that culture is most of the reason people ever switched to chrome. I will say though, just using firefox for everything you can isn’t enough of a protest. If this goes the way Google (Alphabet I guess) wants it to, you bank will require you to use a browser with DRM. You will be forced to use a browser whose source code you can’t verify as secure, to access your bank. And that is where the protest lines need to be drawn. If your bank does that? Send your message. Close the account. Take back your money. Now I’d personally do this for everything possible, but that would be a looooot of time spent getting very little across to companies that don’t care if you visit their site. Taking money from banks though? Yeah it might be a whole process where you gotta request it, verify in person, wait a week to get the cash, and THEN close it, but so what? A couple hours of doing stuff and then a week of business as usual before a couple more hours opening a new bank account. That’s more than worth doing to send a REAL message.

    • @[email protected]
      link
      fedilink
      English
      42 years ago

      Why would my bank care which browser I use? Their business model isn’t based on showing me ads.

      • redjard
        link
        fedilink
        English
        92 years ago

        Why do banks require "safety"net on their apps now? The safest roms specifically don’t have the security nightmare that is google play services, and banking apps are always the hardest to get working.

        It is a symbiotic relationship. Regulators hear about the next wave of compromised online banking, add some law requiring whatever, banks are stuck having to comply and in comes google with “Hey this great webDRM/safetynet/playprotect totally complies with this”, which it doesn’t really but google has the capabilities to lock up any legal processes about it for years when they bring in the next thing and repeat. Banks in large part know it’s bullshit but don’t care, they’re off the hook (They are the ones doing 2 factor by making the banking app on your phone require a confirmation in your tan app on your phone to make a transaction, they don’t give a rats ass about the safety of their systems).

        Banks get someone shielding them from regulations for cheap, google gets partners that can help them lock you in their proprietary system, and you get extra work on your rooted phone and can’t fully remove play services.

        • @[email protected]
          link
          fedilink
          English
          12 years ago

          I notice the big American banks’ apps don’t care, as long as a compatible implementation of Google Play Services is available. Nor does my American bank seem to care that I do my desktop banking in Firefox on Linux. Is this an issue only in specific countries?

          making the banking app on your phone require a confirmation in your tan app on your phone to make a transaction

          I’m afraid I don’t know what you’re talking about here. I don’t have to give any kind of confirmation to make a transaction. What’s a “tan app”?

          • Rikudou_Sage
            link
            fedilink
            English
            32 years ago

            I’m using a SailfishOS (Linux) phone and on SFOS forums it’s one of the biggest complaints, they can’t use their bank through the Android compatibility layer because it doesn’t pass SafetyNet. I’m lucky enough that my bank doesn’t do this, but I had to fiddle with low level stuff for Revolut to work - they require you install the app from Play Store or the app doesn’t work.

            • @[email protected]
              link
              fedilink
              English
              12 years ago

              Can you take your business elsewhere, to a company that doesn’t require you to compromise your security and privacy?

              • Rikudou_Sage
                link
                fedilink
                English
                12 years ago

                If I didn’t find a solution, I would, though it would be a great pain to migrate all my money spending flows.

      • @[email protected]
        link
        fedilink
        English
        52 years ago

        I could go into the conspiratorial 4D chess I’m sure google is playing, but let me ask this instead: Does you bank not have any captchas, anywhere in the flow of accessing/using their website? Cause if they do, I hope you know google is absolutely going to advertise DRM requirements as the best tech for fighting bot traffic. Even if Google wasn’t doing anything like offering cheap training to their standards to influence the future of the cybersecurity space, that would be PLENTY to get a looooot of big corporations, including banks, to use it.

        • @[email protected]
          link
          fedilink
          English
          02 years ago

          Criminals will crack the DRM in short order—they always do—so that idea won’t last long.

          And no, the DRM can’t be updated to fix the vulnerability if it’s implemented in firmware. Not without shutting out absolutely everyone whose computer/phone is more than 3 years old, and there’s not a snowball’s chance in hell that banks will do that when half of their customers are old farts with decade-old computers and an “if it ain’t broke, don’t fix it” attitude.

          • @[email protected]
            link
            fedilink
            English
            22 years ago

            Wait were they seriously looking to implement it at a FIRMWARE level? jesus that’s just stupid.

            • @[email protected]
              link
              fedilink
              English
              22 years ago

              If they implement it in hardware, then fixing vulnerabilities is completely impossible instead of only mostly impossible.

              • @[email protected]
                link
                fedilink
                English
                22 years ago

                I was just expecting it to be something built into chrome, similar to how drivers need to be signed to run in windows, they’d force you to use browsers Signed By Google to be verifiably compliant with the DRM. It seems like the easiest option for them and the most well understood since it’s been used for drivers for so long

                • @[email protected]
                  link
                  fedilink
                  English
                  1
                  edit-2
                  2 years ago

                  If they implement it in pure software, then it’s easy to crack.

                  They’re not going to wrap Chrome in Denuvo because that would ruin its performance. The last thing they want is for Firefox to be not only faster but dramatically faster. Performance is a big part of how Internet Explorer lost its market share. And even if they do wrap it in Denuvo, Empress will no doubt show them the error of their ways.

                  So yes, I expect they will use firmware/hardware, presumably TPM or Microsoft Pluton, to implement this.

        • @[email protected]
          link
          fedilink
          English
          22 years ago

          No captcha’s for any of my banking services. I don’t know how effective captcha’s are anyways. I suspect slow cooldowns are probably more secure.

          • @[email protected]
            link
            fedilink
            English
            32 years ago

            Huh, neat. Regardless, I think google will find a way to sell it or they wouldn’t be invested in it so much, but point taken. I just saw a lot of people commenting on other places about how this is hopeless and there’s no way to protest and wanted to give a solid example of how it could be done effectively.

  • vewave
    link
    fedilink
    6
    edit-2
    2 years ago

    From what I’ve read, the information they’re gathering already exists and can be gathered by the server (browser type, user, etc.) with an added layer of encryption to ensure that information isn’t tampered with which is easily spoofed today. Of course, this approach doesn’t stop folks from tampering with the web browser directly to inject whatever information (outside of maybe what browser they’re using since that’ll be tied to the key) they want into the payload but that makes closed-source web browsers substantially more trustworthy (aka not Firefox) to site owners.

    If this does gain mass market adoption, then yeah, I suspect it will force users to use proprietary web browsers (google chrome, edge, etc.). Which is a step in the direction that Google wants.

    I imagine that ad providers (Google) can also start throwing their weight to force mass adoption by de-monetizing non-compliant browsers, which may pressure site owners to not serve non-compliant browsers.

    Correct me if I’m mistaken.

  • @[email protected]
    link
    fedilink
    English
    11
    edit-2
    2 years ago

    I know my uBO has saved me from some hostile shit. So yeah it’s a part of my browser security. I have it configured to a stricter blocking mode so it’s not just blocking ads for me, it gets other stuff that can be a problem.

    Anyway I’m aware of the Manifest V3 business and being on Chrome I’m just waiting for the hammer to fall before going to Firefox. If they start adding DRM as well, I’m out of there quick.

    Yeah, yeah, I know, just go to Firefox now, but I don’t really want to deal with a new browser and all my custom stuff until I have to. I’m old and that shit is super hard to motivate on for me. Not to say I’m inept, I mean I’ve spent my whole career in tech, but old dogs and all.

  • @[email protected]
    link
    fedilink
    English
    262 years ago

    Unless something changed isn’t every browser running on iOS essentially just Safari at it’s core? That’s a pretty big user base to punish.

    • @[email protected]
      link
      fedilink
      English
      152 years ago

      Yes that’s correct. Same with the apple keyboard, which is why the keyboard and browsers on IOS are such shit

      • @[email protected]
        link
        fedilink
        English
        22 years ago

        What do you mean for the keyboards? Isn’t there an API for third parties? I guess it’s too limited but I’m wondering in what ways exactly

        • @[email protected]
          link
          fedilink
          English
          32 years ago

          They’re right about browsers, but jumped the shark on keyboards.

          Custom keyboards come with some rules and limitations for obvious reasons, but they’re by no means the system keyboard in disguise like how browsers are all WebKit under the hood.

          Here’s documentation on custom keyboards: https://developer.apple.com/library/archive/documentation/General/Conceptual/ExtensibilityPG/CustomKeyboard.html#//apple_ref/doc/uid/TP40014214-CH16

          • @[email protected]
            link
            fedilink
            English
            42 years ago

            Yeah that’s what I thought, it’s not really comparable. Doesn’t explain why they all suck so bad compared to Android’s custom keyboard though

            • @[email protected]
              link
              fedilink
              English
              22 years ago

              Most likely different incentives and platform culture.

              Customization isn’t that big on iOS, other than the occasional viral fad, so there’s less interest for custom keyboards and in return less development spent on it.

              Monetization of custom keyboards is also really hard and due to limitations on tracking and collecting data the incentives that Android has don’t really exists on iOS.

              So what you end up with is a handful of custom keyboards often by big players that have bags of money to throw at it or as a companion to a regular app (e.g. Grammarly, GIF apps) to fulfill a specific function.

      • @[email protected]
        link
        fedilink
        English
        -2
        edit-2
        2 years ago

        I think Apples philosophy is that for everything you normally do on your iPhone you use an app. The browser is only for exceptions, and that’s reflected in the care they put in it.

        I don’t know why you hate the keyboard. It works just fine with a multitude of features for me, for which I’d install two or three different keyboards on my Android devices. Why on earth you would want to install a 3rd party keyboard of all things is beyond me. That’s the thing where you type in all your passwords.

        • @[email protected]
          link
          fedilink
          English
          02 years ago

          Then you are doing it wrong. I have one keyboard, Gboard, and everything about it is superior to the Apple keyboard.

          That’s but to say Gboard is good, is not… It’s crap. But Apple keyboard says “Hold my beer” and shows just how bad a keyboard can be when you really try.

          The IOS keyboard is absolutely awful. The fact that you think it’s good tells me you’ve never used a different keyboard.

        • RandomException
          link
          fedilink
          English
          52 years ago

          If you aren’t native English speaker and therefore use a different keyboard layout than US, pretty much all features disappear on iOS. The keyboard is garbage compared to Android’s native keyboard and for some reason even after 3 years of iPhone ownership I still write more typos on the iPhone than I ever did on Android phones.

          I wish I could use some 3rd party keyboard, but because Jobs decided in the past that Apple’s keyboard is the only thing users ever really need, I can’t. There is a limited support for custom keyboards but in practice the user experience is garbage.

  • Thomas Gray
    link
    fedilink
    English
    32 years ago

    I haven’t used Chrome years, Firefox and Brave browser suit me fine. Since Brave uses the same engine and extensions. What’s the downside of Brave besides ppl not liking the creator? If I stopped using every device and product with an evil genius behind it I’d live in a cave somewhere with no technology at all.

  • @[email protected]
    link
    fedilink
    English
    182 years ago

    refuse traffic to you if you don’t run a complaint browser ( cough…firefox )

    Ah, so I’ll need a new extension that fakes my browser to say it’s chrome before I can use adblocker. I think this is a cat and mouse game with no end.

    • @[email protected]
      link
      fedilink
      English
      202 years ago

      You would need an extension that could implement the drm, which would be no small feat and I’m not even sure how poss that would be with the extensions API. Not saying it won’t happen but i wouldn’t hold my breath.

      • El Barto
        cake
        link
        fedilink
        English
        102 years ago

        I wouldn’t use it anyway, because DRM is cancer.

  • @[email protected]
    link
    fedilink
    English
    1352 years ago

    Stop using Google products I don’t know how else to fucking say it.

    Chrome -> Firefox Drive -> sync or Dropbox or any number of options Sheets and productivity tools > libre office or Apache open office YouTube -> Invidious or even better, odysse Google search -> duck duck go, SearXNG, StartPage, etc Gmail -> not a ton of great options. I’d probably recommend proton mail but the FOSS email world is definitely lacking, or gets blocked or goes down, harder to self host etc.

      • @[email protected]
        link
        fedilink
        English
        142 years ago

        Linux, but that’s not a viable option. I would use degoogled Android OSs. GrapheneOS, CalyxOS, e/os, and LineageOS are some of the popular ones.

        • @[email protected]
          link
          fedilink
          English
          12 years ago

          Also correct here.

          The 3 main have varying degrees of function vs security/privacy and should be researched.

      • @[email protected]
        link
        fedilink
        English
        12 years ago

        Look, it’s an unpopular opinion and many will disagree with me, but while Apple does certain things to restrict you from customizing your experience, they’re doing far less to destroy the open Internet than Google. So if you need a fully featured OS (which degoogled custom Android ROMs might not be, if you need banking for an example), it’s still an alternative for now, until Linux mobile experience gets better.

        • @[email protected]
          link
          fedilink
          English
          22 years ago

          On iOS, there’s no browser extensions (for e.g. ad blocking), no alternative browsers, and no FOSS apps of any kind. That platform is extremely hostile to the ideals of computing freedom.

          • @[email protected]
            link
            fedilink
            English
            12 years ago

            Like I said, it’s a better (for privacy) alternative to stock Android when you need a fully functional operating system. If you can stand to lose the oppressive Google functionality, you can go degoogled Android or preferably Linux (if you don’t care about battery life or app availability).

      • @[email protected]
        link
        fedilink
        English
        12 years ago

        Android, but the real one (AOSP, etc) that you can get with custom ROMs, not Google® Android©.

          • @[email protected]
            link
            fedilink
            English
            12 years ago

            That¿s why I said “the one you get from the custom ROMs”. Well, the ones that fork and maintain on their own anyway.

            The other alternative honestly is Linux mobile, once it more properly launches.

      • @[email protected]
        link
        fedilink
        English
        132 years ago

        Brave has done too many shady bullshit things and has thus completely lost my support and interest. I do not recommend them.

    • @[email protected]
      link
      fedilink
      English
      22 years ago

      Question, I use Google docs a lot cause I like the sync and it’s convenient when I write something like a book on my computer and then can add more on my phone and it syncs. Does Apache open office do that? I would like to switch if all this chrome stuff is bad but I use all of it all the time

        • @[email protected]
          link
          fedilink
          English
          12 years ago

          Interesting. Well, I did find Gnumeric in my search for a simple spreadsheet app for making flashcards with, so TIL something new I guess my “cloudsync” can be using syncthing or just backing up to a flash drive lol

      • @[email protected]
        link
        fedilink
        English
        22 years ago

        look into syncthing paired with local-first notes application (obsidian or similar), or simple text editor. work like a charm in my case.

        • @[email protected]
          link
          fedilink
          English
          22 years ago

          Ok I really like Obsidian! The interface is really clean! I might still need to look for a proper word processor (I guess I could use libreoffice) but I also use geany as a notepad++ substitute and it’s really nice too. I still gotta look into setting up syncthing though

    • El Barto
      cake
      link
      fedilink
      English
      42 years ago

      Wait. Sync offers file storage? I thought it was just to sync up your Firefox sessions across multiple devices.

      Or am I confusing services with similar names?

          • El Barto
            cake
            link
            fedilink
            English
            22 years ago

            How do you like it? Would you prefer it over dropbox, or not really?

            • @[email protected]
              link
              fedilink
              English
              32 years ago

              I’ve been migrating to sync from Dropbox after hearing too many reports of Dropbox scanning user content for things they deem objectionable. I like the end to end encryption, but I have found the mobile experience on iOS to be lacking. It seems to have trouble integrating with Files and uploading files directly via the iOS share menu. Annoying but not a dealbreaker.

            • @[email protected]
              link
              fedilink
              English
              12 years ago

              I prefer it to drop box, it’s a better service and I believe not owned by Google like drop box it

              • El Barto
                cake
                link
                fedilink
                English
                12 years ago

                Gawd damn, I didn’t know Google acquired Dropbox in 2010. Ok. Time to move.

                But what makes Sync a better service? A better UI?

    • @[email protected]
      link
      fedilink
      English
      12 years ago

      I really really want to move from google workspace, google photos and google drive. I used it all to backup a 16TB archive, sharing photos with family and friends and keeping my personal files in the cloud and synched across computers. I used a Synology to backup the archive from the computer locally to the Synology and offsite to google drive. But here’s the thing, I’m a somewhat PC and Mac-savvy technical guy, but purely GUI. Is moving to Nextcloud on my synology going to be as easy as moving to google drive? I’m a little scared TBH. There are so many ways of installing next cloud and doing 3-2-1 backups and I don’t have time to handle a little error on a Synology destroying my whole workflow for days… Someone give me hope.

    • @[email protected]
      link
      fedilink
      English
      10
      edit-2
      2 years ago

      FYI, you need two new lines (hit Enter twice) to actually get a new line in Lemmy.

      Two new lines One new line.

        • The Quuuuuill
          link
          fedilink
          English
          62 years ago

          Markdown treats single newline breaks as being a line wrap in a long text flow

        • @[email protected]
          link
          fedilink
          English
          92 years ago

          It’s standard markdown afaik. Two new lines creates a new paragraphs, two spaces and one new line creates just a new line.

            • @[email protected]
              link
              fedilink
              English
              42 years ago

              That’s actually a bit of a relief to learn. I didn’t want to believe it was simply because Lemmy was trying to copy Reddit, but I just didn’t know enough to see any other reason.

      • @[email protected]
        link
        fedilink
        English
        112 years ago

        Immich is getting pretty darn close, close enough that you could genuinely have a think about what features really matter to you, vs the cost of privacy lost continuing to use Google Photos.

          • @[email protected]
            link
            fedilink
            English
            22 years ago

            Yeah, me too. I’ve been on Photoprism for a while, and that got me out of Google Photos, but not my wife.

            What annoys me about Photoprism is the long-promised multi-user feature was put behind a paid subscription. I was a paid Github supporter, and would’ve been happy to continue with my annual donation (like I do for other tech projects), but then they went the greedy ongoing sub route.

    • nevernevermore
      link
      fedilink
      1072 years ago

      helped with formatting:

      Chrome -> Firefox

      Drive -> sync or Dropbox or any number of options

      Sheets and productivity tools > libre office or Apache open office

      YouTube -> Invidious or even better, odysse

      Google search -> duck duck go, SearXNG, StartPage, etc

      Gmail -> not a ton of great options. I’d probably recommend proton mail but the FOSS email world is definitely lacking, or gets blocked or goes down, harder to self host etc.

      And I agree for sure. In order I use firefox (and brave sometimes), Proton Drive, Apple Productivity suite (pages, numbers etc), and either startpage or qwant, and proton mail. I do still use use YouTube Premium, but the point is Google doesn’t need to have its fingers in every aspect of my digital life.

      • @[email protected]
        link
        fedilink
        02 years ago

        Nextcloud technically does much of what Drive does, but my instance is buggy lol

        Still, costing me nothing to run for now, AWS 12 month free tier. Will move to a VPS somewhere not-aws before that’s over.

      • @[email protected]
        link
        fedilink
        62 years ago

        I’m not sure LibreOffice is a drop-in replacement for Google Docs if you need sharing, collaboration and built-in version control.

        • Magnor
          link
          fedilink
          62 years ago

          Yes, something like collabora would be a better fit, although I never managed to get an actual instance of the thing running.

            • Magnor
              link
              fedilink
              12 years ago

              Well I tried this and… I just can’t get to run properly. Tried docker, AIO, separate installs :(

              • @[email protected]
                link
                fedilink
                12 years ago

                I found that quite easy, for once: I have a bare NC instance and I installed 2 add-ons (the integration bits and the CODE server that IIRC drops an appimage of the actual collabora server). Unless you have hundreds of users, that’s about as much admin as you need :)

      • @[email protected]
        link
        fedilink
        272 years ago

        While I get your spirit… Dropbox belongs to google too 😂 they are everywhere! Worse than the plague.

        • nevernevermore
          link
          fedilink
          32 years ago

          i didn’t write the quoted list, just helped the OP with his formatting. I use proton drive, not dropbox.

          • rastilin
            link
            fedilink
            62 years ago

            I had no idea Proton Drive was a thing. I’ll switch to it, Dropbox is becoming incredibly obnoxious with the advertising popups and notifications.

        • @[email protected]
          link
          fedilink
          322 years ago

          For many people, Google controls the entire network stack from their ISP, router, OS, DNS, their browser, all the way down to the platform hosting the content they watch.

          Google has captured such a wide part of the Internet that any changes they make will have at least a moderate effect on our lives. Even if we don’t use any Google services.

          The only thing that can stop them is probably the EU at this point. And I’m sure Google has a plan for that.

          • Rikudou_Sage
            link
            fedilink
            62 years ago

            They can’t have a plan for that. They have two options: conform or leave EU.

              • Rikudou_Sage
                link
                fedilink
                English
                42 years ago

                EU is widely adopting the policy of fining by a percentage of global revenue which is what hurts even the largest companies, precisely to avoid “just pay the EU”.

  • @[email protected]
    link
    fedilink
    English
    122 years ago

    It’s funny how they think this is gonna do shit. The only thing this’ll do is make everyone switch browsers.

    • @[email protected]
      link
      fedilink
      English
      172 years ago

      That’s the point, DRM would force everyone to use a “compliant” browser (Chrome, or extension-free Firefox etc), and the other browsers might not be able to show content; they may also lock the content from copying and editing without special tools, just like website video DRM works now

      But we already see “sorry you’re running adblocker so no content for you” websites, so I’m not sure if that’s gonna change much

      • voxel
        link
        fedilink
        English
        2
        edit-2
        2 years ago

        Firefox works around video drm by running it in an isolated container though.

  • @[email protected]
    link
    fedilink
    English
    1102 years ago

    How is the worlds biggest ad distributor also the worlds biggest browser maker without it being an anti-trust violation?

  • @[email protected]
    link
    fedilink
    English
    222 years ago

    This code will only ever be installed on my machines by force against my will.

    No benefit to any users at all, all benefit only to Google and their Advertisers.