this post was submitted on 25 Jul 2023
1476 points (99.1% liked)

Firefox

17301 readers
154 users here now

A place to discuss the news and latest developments on the open-source browser Firefox

founded 4 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] SamDuede 57 points 1 year ago (6 children)

What is the web integrity API?

[–] [email protected] 111 points 1 year ago (3 children)

Basically drm for your browser

Fuck that though

[–] bappity 55 points 1 year ago* (last edited 1 year ago) (2 children)

this is the most batshit insane proposal... I hope nobody supports it

[–] [email protected] 30 points 1 year ago (1 children)

if google microsoft and apple support it, that already covers over 90% of the market

[–] SinningStromgald 32 points 1 year ago (1 children)

Google alone is enough. Biggest browser, search engine, advertiser, OS and some of the biggest sites on the web all owned by them.

[–] [email protected] 6 points 1 year ago

If they steamroll this thru, youll have an amazing anti trust case

[–] [email protected] 8 points 1 year ago (1 children)

Don't worry, people will certainly make bypasses for that shit

[–] Nindelofocho 16 points 1 year ago (1 children)

that’s exactly what people said with manifest V3 then all the sudden they were getting strikes on youtube for having their ad blocker on

[–] [email protected] 9 points 1 year ago (2 children)

And how well did that work out? I personally haven't gotten any strike on youtube, using uBlock/mpv on PC, Youtube Revanced on mobile and SmartTube for TV since forever

Also there's this https://invidious.io/. So yeah, it's just the classic cat & mouse game that has been going on for ever since software added drm

[–] [email protected] 6 points 1 year ago (1 children)

Google has already lashed out at Invidious though, and they'll keep trying

I agree that in most cases people can find workarounds, but I don't think we should take these things for granted

[–] [email protected] 4 points 1 year ago (1 children)

Google has no ground to stand on against Invidious

They may harass them but it'll be veeery difficult to chase down all instances

[–] [email protected] 5 points 1 year ago (1 children)

Oh, I'm well aware of that, but I also have little faith in the justice system to recognize this

In any case, it seems like a warning shot from Google and an interest in taking down sites like Invidious

I'm not trying to spread doubt, but I also think complacency is dangerous, especially given the history of corporate giants like Google

[–] [email protected] 0 points 1 year ago* (last edited 1 year ago) (1 children)

Steamrolling this change Forcing people to have an incredably invasive change to force you to use chrome or use googled android, or use googled chromebooks.

its incredably bright lines it would destablize trust in anything that agrees with it. If the amrican court doesnt prosecute. It will eather show the ignorance/lies in others or destablize amarican trust in the law.

[–] [email protected] 3 points 1 year ago

We're talking about a public and justice system that mostly agreed the Patriot Act was a good idea and that ICE protects us from terrorism

Anyone who hasn't already lost trust America and our law has been sleeping for decades

[–] Nindelofocho 2 points 1 year ago

It’s probably a slow roll out for exact cases like this one to ease the backlash. I havent gotten any notice like such either but Im on Firefox. I do fully support invidious though

[–] [email protected] 7 points 1 year ago

Notice they are DRMing text and computer code, WSJ and malware brokers are gonna really happy, everyone else had their DRM fix with multimedia

[–] [email protected] 4 points 1 year ago (3 children)

and what kinda of thing does this protect?

[–] azuth 14 points 1 year ago (2 children)

Ads. To be precise this on it's own provides a way for servers to be certain of the environment the pages run (browser, plugins, os). Protecting ads or other functions come from servers refusing unattested configurations or configurations they don't like (i.e. running adblock, running firefox, running linux).

[–] [email protected] 7 points 1 year ago

if chrome fully adapts this, this might well be a full blown commerical by chrome for people to switch to firefox. i have been only using chrome only to run our projects locally and test it out.

[–] [email protected] 5 points 1 year ago

It should be noted that “being certain of the environment the pages run” requires controlling the client software being executed which requires preventing the user from modifying said executable which requires the browser to either be closed source or, more effectively, controlling the user's hardware via blackbox verification chips (e.g. TPM DRM). It's not just advertisers that would benefit but any website that wants to DRM content.

[–] [email protected] 6 points 1 year ago (1 children)

I'd guess it's first gonna be used for streaming TV shows and such. After that it'll probably be used for absurd things

[–] [email protected] 10 points 1 year ago (1 children)

I'd guess it's first gonna be used for streaming TV shows

I thought they were already being protected by DRM.

[–] [email protected] 4 points 1 year ago (1 children)

Kinda, but it doesn't work very well. Using video download manager you can download pretty much every video from the web

[–] [email protected] 3 points 1 year ago (1 children)

Can you recommend me one that can be used to download DRM protected content from OTT platforms such as Netflix, Amazon Prime and Mubi? Might well as archive the content I watch.

[–] [email protected] 3 points 1 year ago (1 children)

Sadly I can't, netflix won't let me watch anything on Librewolf/Firefox on linux. I'd recommend looking into getting a good proxy, a Jellyfin server and also the *arr stack (Sonarr, etc...)

[–] [email protected] 2 points 1 year ago (1 children)
[–] [email protected] 1 points 1 year ago (1 children)

Yes, personally I use ProtonVPN. Iirc they don't care about copyright laws because they don't really apply in their country, I might be wrong though

Also make sure your ip doesn't get leaked by your torrent client

[–] [email protected] 2 points 1 year ago (1 children)

I have been using PIA for sometime. Has port forwarding and have been liking it so far.

[–] [email protected] 2 points 1 year ago

Don't know about that one, you can check for IP address leaks here https://ipleak.net/

Also https://browserleaks.com/ is pretty useful

And last but not least, inform yourself if PIA is trustworthy, some VPN providers gave information about their users to the police

[–] [email protected] 3 points 1 year ago

Malware, malware encrypts its code so researchers cant crack into it and antivirus cant anilize it. Google is accedentally sponsoring malware

[–] [email protected] 58 points 1 year ago (1 children)

Some fucking greedy cunts at Google having a vision of internet being accessible only by "approved"(Chrome) browsers/clients.

[–] [email protected] 42 points 1 year ago (1 children)

They want to approve the whole environment, including os, even if virtualized or not

[–] [email protected] 19 points 1 year ago

The whole stack will need to be approved. approved browser running on approved OS on approved hardware. Good luck browsing on Linux. The end of user software choice.

[–] [email protected] 17 points 1 year ago* (last edited 1 year ago) (1 children)

Orwellian doublespeak for DRMing and paywalling the web.

[–] Goodie 17 points 1 year ago

V3 manifest got too much bad press so they had to hinder it's ability to gimp ad block.

So now their trying another approach, this time they will probably develop and push this proposal out, and have multiple adopters before anyone can do anything about it. See also: WebHID.

[–] [email protected] 11 points 1 year ago* (last edited 1 year ago)

A system for websites to request a proof of the "integrity" of a user's browser and underlying OS/hardware, and "attesters" to check this "integrity" and provide the proof. If that sounds vague, that's because it is. What "integrity" means is for the "attester" to decide.

Google would of course be one of the major "attesters", and could just deny the proof if you installed an ad blocker or VPN for example. In this case you would likely not be able to access the website anymore, because your device is deemed as "untrustworthy". Or you're using a browser that the big "attesters" don't like, so you can't get a proof either.

So it's a way for big companies to decide who can still use big parts of the internet and who can't, based on whether it would make them money.