• @[email protected]
    link
    fedilink
    1372 years ago

    There’s a “we told you this would happen” going on here.

    If chromium didn’t have a monopoly amongst browsers, they would have a much harder time pushing this through.

    Imagine everyone using a browser built by an advertising company.

    • @[email protected]
      link
      fedilink
      11
      edit-2
      2 years ago

      I moved to FF the same time I found out about the DRM shit. It takes literally 10 minutes and the only thing FF lacks is tab groups. Not a big loss compared to a stupid bigtech telling me what I can use.

      • @[email protected]
        link
        fedilink
        -2
        edit-2
        2 years ago

        The problem is that Mozilla dropped the ball so hard, by focusing on making their C-staff into millionaires instead of making a good product, that it no longer matters. Their market share is so small that Firefox compatibility no longer matters.

        Soon websites will require that DRM and either Firefox will implement it or it will be unable to render those websites.

          • @[email protected]
            link
            fedilink
            12 years ago

            The only use chrome gets on a fresh phone before deactivation is installing Firefox. Same for IE

            I’ve used Firefox since it was Netscape and it’s been a fun ride

      • @[email protected]
        cake
        link
        fedilink
        7
        edit-2
        2 years ago

        FF has tab containers which, while I haven’t used much myself, seem pretty similar to tab groups from a quick search. Edit: Also looks like there’s “Simple tab groups” extension which maybe even more similar to what you may want

        • @[email protected]
          link
          fedilink
          22 years ago

          Containers have nothing to do with tab groups. One is an organisation tool and the other is a privacy tool.

    • @[email protected]
      link
      fedilink
      392 years ago

      That’s not even the biggest level of “we told you this would happen.”

      They pulled this shit previously with other standards (WebHID). Where they proposed a terrible standard, and then implemented it ignoring all feedback. Only last time it played out over months, and this time… weeks?

      Sweet jesus.

  • @[email protected]
    link
    fedilink
    582 years ago

    The Internet in the last five or so years has just been less fun and interesting to use in general. Except for anywhere I can interact with friends, I just don’t really care for using corporate social media sites anymore. I’ve pretty much removed Google from my life except for YouTube and rarely Google Maps, and if Google tries to use this to force ads into YouTube (which I’m sure is going to be one of its uses) then I will just stop using YouTube. I will just stop patronizing any site or business that tries to implement this as a feature to stop my browser choice, OS choice, or my extension choice (which included adblock extensions). I miss the days when the Internet was less corporately controlled than it is now, and I think we need a renaissance of those days.

  • delirium
    link
    fedilink
    82 years ago

    I wonder how many people will be ok with this, considering that there’s a large portion of folks who does not know what’s AdBlock

    • @[email protected]
      link
      fedilink
      10
      edit-2
      2 years ago

      Yup. The vast majority of internet users NEVER:

      • Customizes their web experience

      • Uses apps almost exclusively

      • Navigates beyond the first page/screen

      How will they react to this?

      “Shut the hell up, fucking nerd and your fucking idiotic, stupid ass ‘privacy’ bullshit. God WHO THE FUCK CARES!? I was literally - LITERALLY - never inconvenienced by any of that stuff, so SHUT UP!”

      That’s how.

      We’re doomed. We were always doomed.

      • @[email protected]
        link
        fedilink
        22 years ago

        Would be kinda cool to go back to irc or usenet, because the average internet user does not and will not give a shit about privacy, and definitely won’t get a complicated chat thing setup.

      • @[email protected]
        link
        fedilink
        2
        edit-2
        2 years ago

        We’re doomed. We were always doomed.

        I’m afraid that’s always been the case because the mass majority just don’t a give a shit. They’ll happily conform to whatever the monopolies tell them to.

  • jeebus
    link
    fedilink
    17
    edit-2
    2 years ago

    Fuck this is trash. DRM for the web. I wish people would understand websites like kbin are not free and that if you use a website you need to pay to keep it alive. But no one wants to pay for anything on the internet, and so we have ads. Ads will for sure kill the internet.

    • interolivary
      link
      fedilink
      -22 years ago

      The fact that people feel entitled to free content online really activates my almonds. They’ll whine and moan about enshittification and how eg. news is just clickbait now, and then promptly shit their pants when someone suggests they actually pay for things since they clearly don’t want ads either

      • Anomandaris
        link
        fedilink
        172 years ago

        Surely you can reverse that and point out corporations whining and moaning about people expecting free content when they’re barely paying their employees enough to afford to pay their bills.

        The problem starts with corporate greed, hoarding revenue by keeping employee’s salaries to the minimum acceptable, providing as little functionality as possible to reduce overheads, double dipping by selling a product/subscription and then selling their customer’s data, and then complaining they aren’t getting more money for what little they are doing.

        Then inevitably a little guy like Kbin comes along and suffers because the internet is filled with soulless, ultra-capitalist corpo scumbags.

        • interolivary
          link
          fedilink
          -52 years ago

          Surely you can reverse that and point out corporations whining and moaning about people expecting free content when they’re barely paying their employees enough to afford to pay their bills.

          Those are separate issues

          • Anomandaris
            link
            fedilink
            122 years ago

            They are absolutely not separate issues. How can I be expected to shell out $15 per month for 10 different content subscriptions if I can only just afford to put food on my table?

            • interolivary
              link
              fedilink
              -32 years ago

              Doesn’t mean that content producers and the people running services don’t need to eat too. Sure, many if not all big corporations are terrible, but not all online content is provided by them.

              • Anomandaris
                link
                fedilink
                6
                edit-2
                2 years ago

                But a massive amount of them are. Small and solo creators on Youtube or Twitch need to conform to the rules of Google and Amazon, and even medium size creators are influenced and coerced by the precedents and market trends set by the much larger corporations.

                And it doesn’t matter if not all content is provided by large corporations, those large corporations employ the most people, and dictate in a lot of ways, the rules of the employment market. It’s due to their habits and practices that wages are artificially low and expenses are inflated for record profits.

                Until corporate greed is managed properly, consumers will always struggle to have enough expendable income to pay content creators, and therefore will always be searching for free content.

                • interolivary
                  link
                  fedilink
                  -12 years ago

                  Oh yeah, no disagreement there; the source of all these problems is ultimately an economic system designed by and for sociopaths. But, be that as it may, the fact that even the people who could afford to pay for services simply don’t, and many run adblockers too and rarely turn them off for eg. news sites even if the ads they run aren’t extremely distracting. For example when ABP introduced a whitelist for “non-annoying” ads, it didn’t exactly go down well and people said they had “sold out.”

                  Big corporations can get fucked for all I care, but as I said, the ones not working for them and running services or news media or whatever also need to eat, and peoples’ reticience to pay for things in one way or another has directly led to those big companies taking over more and more of the field and WEI is an outgrowth of that.

  • @[email protected]
    link
    fedilink
    -42 years ago

    Why is this bad? On first read, it seems like it could replace personally identifiable advertiser cookies with a trusted assertion that I am a human. Feels like a win

  • @[email protected]
    link
    fedilink
    82 years ago

    I don’t understand. Isn’t someone just going to fork Chromium, take out this stuff, put in something that spoofs the DRM to the sites so that adblocking still works?

    • 133arc585
      link
      fedilink
      102 years ago

      Isn’t someone just going to fork Chromium, take out this stuff,

      Yes, upstream Chromium forks will likely try to remove this functionality, but

      put in something that spoofs the DRM to the sites so that adblocking still works?

      This is the part that is not possible. The browser is not doing the attestation; it’s a third party who serves as Attestor. All the browser does is makes the request to the attestor, and passes the attestor’s results to the server you’re talking to. There is no way a change in the browser could thwart this if the server you’re talking to expects attestation.

      • SokathHisEyesOpen
        link
        fedilink
        142 years ago

        This violates just about every single open web principal that allowed Google to gain so much power. When they changed their motto from Don’t Be Evil, to Do No Harm, they obviously chose deception. Their new motto should be Do Whatever is Profitable, or more succinctly Be Evil.

      • @[email protected]
        link
        fedilink
        62 years ago

        I don’t really understand how that’s possible. The browser gets a token from the third party, and passes that token to the server to “prove” it’s running the DRM. The server then passes code back to the browser. At that point, why can’t the browser just cut out the DOM elements which are ads?

        I don’t understand how code I write on hardware I run locally can ever have it’s hands tied like this.

        • @[email protected]
          link
          fedilink
          52 years ago

          It won’t be your hardware in a few years if this goes through. The code will run in a secure enclave and you won’t be able to access your bank or log in to government websites if you control the hardware.

          • 𝒍𝒆𝒎𝒂𝒏𝒏
            link
            fedilink
            22 years ago

            Android phones are starting to do this, and it’s a nightmare for people like me who actually want to own the device they purchased.

            Needing root access on Android to regain basic functionality (such as the ability to backup installed apps) is a sad indicator of where we’re headed ☹️… As much as I dislike iOS’s walled garden, they make backups dirt easy for the end user - and they do complete backups too - app data, homescreen layout and all.

        • 133arc585
          link
          fedilink
          12 years ago

          I see what you’re saying. I read it as implying the browser would fake the attestation token. I don’t know the answer, but if their (stated) goal is to stop bots and scrapers, I have to assume it wouldn’t be so simple. After all, a lot of bots and scrapers are literally running an instance of Chrome.

      • @[email protected]
        link
        fedilink
        32 years ago

        On code I write on hardware I run locally, how is it ever possible to not be able to remove an element from the UI?

        • @[email protected]
          link
          fedilink
          3
          edit-2
          2 years ago

          If you don’t use a client with certain signature, the web request will end in different response, i. E. an empty response, as if your client had a certain signature. Please correct me if I am wrong, though.

            • @[email protected]
              link
              fedilink
              32 years ago

              Because you don’t have Google’s private key. Same reason you can’t watch Netflix episodes without Widevine.

              • wagesof
                link
                fedilink
                62 years ago

                I watch Netflix shows in high definition without widevine every day.

              • @[email protected]
                link
                fedilink
                22 years ago

                A private key to do what?

                I only have the most cursory understanding of what Widevine is, but a quick Google reveals github projects claiming to spoof it.

                Where I fail to understand is this. Whatever authentication the open source browser I modify needs to do, I can let it keep doing, because at some point it has to provide my browser C++ code with a clear text DOM before it renders it to an image to be displayed by my window manager. I can write that browser to simply remove DOM elements it deems to be ads - just like ublock does - before it renders it graphically.

                The only way around this would be to turn browsers in to a completely dumb terminal that accepts an octet stream of pixel data so it can display bitmaps, which is completely unfeasible (every webserver would become a graphics card for each of it’s users), and even if it did that, a simple neural net would identify the ads and remove them.

                What am I missing?

                • @[email protected]
                  link
                  fedilink
                  1
                  edit-2
                  2 years ago

                  The attester will then sign a token containing the attestation and content binding (referred to as the payload) with a private key. The attester then returns the token and signature to the web page. The attester’s public key is available to everyone to request.

                  — The explainer, section How it works.

                  Websites will ultimately decide if they trust the verdict returned from the attester. It is expected that the attesters will typically come from the operating system (platform) as a matter of practicality, however this explainer does not prescribe that. For example, multiple operating systems may choose to use the same attester. This explainer takes inspiration from existing native attestation signals such as App Attest and the Play Integrity API.

                  — The explainer, section Web environment integrity.

                  Now Julien Picalausa of Vivaldi browser theorizes as follows:

                  To make matters worse, the primary example given of an attester is Google Play on Android. This means Google decides which browser is trustworthy on its own platform. I do not see how they can be expected to be impartial.

                  On Windows, they would probably defer to Microsoft via the Windows Store, and on Mac, they would defer to Apple. So, we can expect that at least Edge and Safari are going to be trusted. Any other browser will be left to the good graces of those three companies.

                  ​Of course, you can note one glaring omission in the previous paragraph. What of Linux? Well, that is the big question. Will Linux be completely excluded from browsing the web? Or will Canonical become the decider by virtue of controlling the snaps package repositories? Who knows. But it’s not looking good for Linux.

                  So, AFAIU, if worst comes to worst you won’t be able to run an unsigned browser and browse the web.

  • @[email protected]
    link
    fedilink
    10
    edit-2
    2 years ago

    So…I don’t use chrome anymore, but I use Vivaldi. Guess this’ll fuck that up too or will they remove it?

    Edit: looks like they’re concerned about it but also are worried stripping it out will f up theye browser being accepted

    • @[email protected]
      link
      fedilink
      English
      4
      edit-2
      2 years ago

      Hey, fellow Vivaldi user👋 . Yep, one of the Vivaldi devs already said if it was added upstream, they’d strip it out of the Chromium code, but they acknowledge that this would cause problems if WEI became standard. Websites would start to expect it, and not having that functionality would be a death-sentence for any browser (Chromium or otherwise).

  • @[email protected]
    link
    fedilink
    62 years ago

    Google is actively trying to drive people like me away. I have been trying my hardest to keep using Android, if Google keeps this up I might have to unwillingly move to Apple. At least they do more than just pretend to care about their users’ privacy.

    • The Doctor
      link
      fedilink
      42 years ago

      You, me, and everybody else commenting on this post are a miniscule, almost infintesimal percentage of Google’s global userbase. If each and every one of us statistical outliers stopped using Google everything right this second they wouldn’t even notice.

        • The Doctor
          link
          fedilink
          12 years ago

          More and more, I wonder if we’re going to have to go back to Lynx or Links or something just to look at sites that aren’t corporate because they’ll be otherwise inaccessible from anything else.

    • @[email protected]
      link
      fedilink
      02 years ago

      I moved to Apple a few years ago, and recently I’ve stopped using Chrome for anything but work, where it’s required (web development, lol). Still married to gmail and google calendar but maybe it’s time I get away from those too…

  • @[email protected]
    link
    fedilink
    62 years ago

    I just don’t understand why they’re trying to solve this issue on the client side. It seems like a losing battle to me.

    Instead, focus on the server side. If you want to push ads, then host on (or tunnel from) the content server. Get rid of all the <div\>s and tags and scripts and adserver links that the adblockers are using to identify ads. Just assemble the page on the host so that it looks indistinguisable from the content the user is looking for and push it out. EAT BACHELOR CHOW! NOW WITH FLAVOR! Google could even start an ad-friendly hosting service that does this - some sitebuilder tools, identify where you want Google Adsense, and host the damn thing.

    • @[email protected]
      link
      fedilink
      112 years ago

      Unless everybody fully customises the display and styling of the adverts for their own website, there’s going to be some sort of targetable, recognisable pattern in the way AdSense content looks. Most developers just want an easy drop-in solution.

      Furthermore, Google don’t necessarily want to give you that level of control over the adverts, because that makes it easier to game the ads system with malicious, fake and misleading clicks or invisible adverts. They need their tracking tech attached to it.

    • @[email protected]
      link
      fedilink
      42 years ago

      So render to image? That sounds terribly inefficient. That means you’re drastically increasing the load on the server and sending way more data over the wire. And then on the client side, your page no longer changes to fit the huge variety of viewport sizes. And say goodbye to being able to copy-paste. Or any kind of user interaction. And anyone with visual disabilities can go fuck themselves, I guess.

      • @[email protected]
        link
        fedilink
        English
        12 years ago

        No, they didn’t mean to render it all as an image, but that everything comes from the content server you’re getting the content you want from and thus the ads should be indistinguishable from content. I don’t understand how you could misunderstand it to such a degree as to think they meant to render it all as an image.

        • @[email protected]
          link
          fedilink
          English
          12 years ago

          Because even if you host the ad content on the same server, it’s still possible to distinguish it, such as by URL or element xpath. To assemble the page to avoid this, you’d need to completely render the page.

        • @[email protected]
          link
          fedilink
          English
          22 years ago

          so… PDF then?
          /s

          Thanks, BTW. It never occurred to me that someone could interpret my comment as “render-as-an-image”.

    • deweydecibel
      link
      fedilink
      232 years ago

      Does it? It’s making me depressed.

      Because every last single thing said in those comments will be ignored. I sincerely doubt they’re even reading them.

      They know what they’re doing. They know what people will say. They’re going to do it anyway.