this post was submitted on 27 Jul 2023
285 points (97.7% liked)

Technology

59668 readers
3908 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 189 points 1 year ago* (last edited 1 year ago) (72 children)

It depends how websites choose to implement it, and how other browsers choose to implement it.

If Firefox et.al chooses not to implement browser environment integrity, then any website that chooses to require strict integrity would completely cease to work on Firefox as it would not be able to respond to a trust check. It is simply dead. However, if they do implement it, which I imagine they would if this API actually becomes widespread, they should continue to work fine even if they're stuck with the limitations on environment modification inherent to the DRM (aka rip adblockers)

Websites will vary though. Some may not implement it at all, others may implement a non-strict integrity check that may happily serve browsers that do not pass the check. Third parties can also run their own attestation servers that will report varying levels of environment data. Most likely you will see all Google sites and a majority of "big" websites that depend on ad revenue implement strict integrity through Google attestation servers so that their precious ads don't get blocked, and the internet will become an absolutely horrid place.

Frankly I'll just stop using anything and everything that chooses to implement this, since we all know Google is going to go full steam ahead with implementation regardless of how many users complain. Protecting their ad revenue is priority 1 through 12,000 and fuck everybody else.

[–] over_clox -1 points 1 year ago (30 children)

Wanna talk about web safety? Yeah, et.al now comes up as a website link.

Thanks Google! Thanks for letting pretty much any .bullshit top level domain...

[–] gothicdecadence 4 points 1 year ago (2 children)
[–] over_clox 5 points 1 year ago

Cuz Google somehow or another managed to get .zip passed as a top level domain.

attachment.zip

^ That's not even written out as a markdown link, that's literally just the letters I typed.

[–] over_clox 0 points 1 year ago (1 children)

See, clearly Google is getting a bit careless about their top level domains. Lemme try a thing...

google.bs

^ If this shows up as a link, please don't click. Or at least proceed with caution.

[–] gothicdecadence 3 points 1 year ago (2 children)

Probably just depends on how websites or apps handle it? I'm using Liftoff and that's not a link for me

[–] over_clox 1 points 1 year ago (1 children)

Strangely, I've discovered that for whatever reason, Liftoff isn't working right (as per current standards).

google.bs

https://en.wikipedia.org/wiki/.bs

[–] gothicdecadence 1 points 1 year ago

Hmm interesting, it probably just needs to be updated

[–] over_clox 0 points 1 year ago

Does show up as a link for me. Using Jerboa for Android.

load more comments (27 replies)
load more comments (68 replies)