this post was submitted on 26 Jul 2023
906 points (98.9% liked)

Technology

34968 readers
36 users here now

This is the official technology community of Lemmy.ml for all news related to creation and use of technology, and to facilitate civil, meaningful discussion around it.


Ask in DM before posting product reviews or ads. All such posts otherwise are subject to removal.


Rules:

1: All Lemmy rules apply

2: Do not post low effort posts

3: NEVER post naziped*gore stuff

4: Always post article URLs or their archived version URLs as sources, NOT screenshots. Help the blind users.

5: personal rants of Big Tech CEOs like Elon Musk are unwelcome (does not include posts about their companies affecting wide range of people)

6: no advertisement posts unless verified as legitimate and non-exploitative/non-consumerist

7: crypto related posts, unless essential, are disallowed

founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 28 points 1 year ago (24 children)

Pardon my ignorance but Can someone explain what google is trying to do?

[–] [email protected] 78 points 1 year ago* (last edited 1 year ago) (5 children)

Pardon formatting, on mobile. Its a form of device authentication. Apple does this with safari already BTW, and it can reduce things like captcha because the authentication is done on the backend when a request hits a server. While still an issue in concept with Apple doing it, chromium browsers are a much larger market share. In layman's terms this is basically the company saying, hey you are attempting to visit this site, we need to verify the device (or browser, or add on configuration, or no ad blocker, etc) is 'authentic'. Which of course is nebulous. It can be whatever the entity in charge of attestation wants it to be.

This sets the precedent that whomever is controlling verification, can deny whomever they see fit. I'm running GrapheneOS on my phone currently, they could deny for that. Or, if you are blocking ads. Maybe you're not sharing specific information about your device, and they want to harvest that. Too bad, comply or you're 'not allowed to do x or y'.

This is the gist. The web should be able to be accessed by anybody. It isn't for companies to own nor should it be built that way. Web2 is a corporate hellscape.

Edit wrt Safari: https://httptoolkit.com/blog/apple-private-access-tokens-attestation/

[–] [email protected] 26 points 1 year ago* (last edited 1 year ago) (4 children)

I suspect "authentic" will mean "pays a license fee to Google." In this respect it will work like other forms of DRM, and it will have the same effect of excluding new and smaller players from the market. Except in this case the market is the whole of the web.

[–] Johem 3 points 1 year ago

Not necessarily. With some forms od tracking being curbed, just being sent the who accesses which webpage on what device when (the bare minimum for attestation) has lots of value. And google won't stop at the bare minimum of data grabbing, of course.

load more comments (3 replies)
load more comments (3 replies)
load more comments (21 replies)