this post was submitted on 10 Nov 2023
134 points (95.9% liked)

Technology

59106 readers
5446 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
top 18 comments
sorted by: hot top controversial new old
[–] Gradually_Adjusting 37 points 1 year ago (1 children)

I can live without the stuff I watch on YouTube. The harder they try to squeeze me, the less onerous I will find it to do the work of degoogling myself.

[–] [email protected] 12 points 1 year ago* (last edited 1 year ago) (1 children)

That's the way. I can't understand people ranting over how bad or evil YT/Google are (spoiler: they actually are) and still going out of their way to keep using them.

[–] Gradually_Adjusting 10 points 1 year ago

Helplessness can be taught.

[–] [email protected] 14 points 1 year ago* (last edited 1 year ago) (1 children)

If you are Spotify or YouTube, you could already block modified devices at the app level before the embedded WebView even boots up, via the Play Integrity API.

That's a pretty serious misconception. Regardless of whatever they do with the Play Integrity API, YouTube cannot currently stop me from installing ReVanced or some other app from F-Droid on my LineageOS phone. The idea of this new API is to prevent anything not Google-approved from playing Youtube videos, in a cryptographically secure way.

Nothing that isn't Chrome will be allowed to use Youtube without implementing this API, nothing that isn't Google-approved will be allowed to do so, and if it doesn't make it into Chrome that just means they have other plans for dealing with the problem in Chrome.

[–] [email protected] 6 points 1 year ago* (last edited 1 year ago)

... and come to think of it, if this does make it into Chrome (and why wouldn't it, really? WebView is just another brand name for Android Chrome) it's going to be difficult to stop any random website using it to refuse service for things that have nothing to do with the intended use case of preventing "media playback" simply by adding some otherwise irrelevant embedded media to any web page and refusing to operate if it doesn't load. Any site that wants to will be able to verify that you don't have unauthorized browser extensions, just like the original "Web Environment Integrity."

They have simply taken "Web Environment Integrity", changed its name to "Webview Media Integrity", and launched a massive press campaign to fool half the world into thinking it's not exactly the same damn thing.

[–] [email protected] 13 points 1 year ago (1 children)

It could. In fact it will make that part of the Web yet another step closer to a bot-populated SEO-infested graveyard where a living human will find nothing useful.

If only my friends would stop using VK to communicate, and my family FB for the same.

[–] Potatos_are_not_friends 7 points 1 year ago (2 children)

SEO-infested graveyard where a living human will find nothing useful.

Hate to say it. But we're already here.

It's impossible to find information through search anymore without writing some specific queries. It's actually getting easier to just ask a chat AI.

[–] applejacks 3 points 1 year ago (1 children)

the most frustrating part is when I search for a result I know exists, and I know that Google knows it exists, but it floods me with pages and pages of things it thinks I "should" see instead.

[–] [email protected] 3 points 1 year ago

Try using DuckDuckGo. It's not perfect, but I like it a lot more that Google.

[–] [email protected] 1 points 1 year ago

I'm too young, but I think I've read that we've already been there, when expert systems written in Lisp were all the rage, and you would write them questions. Of course, the percentage of humanity to ever see such a system was slim.

[–] baked_tea 12 points 1 year ago (1 children)
[–] [email protected] 3 points 1 year ago (2 children)

Why? Has someone else written it up in a more informative way elsewhere?

[–] [email protected] 7 points 1 year ago

Perhaps the GP missed in details the first paragraph of the article in which it mentions that while google indeed is backing away from its more general “environment integrity API” for the web, it is perhaps still pursuing a version of this for android devices.

[–] [email protected] 0 points 1 year ago* (last edited 1 year ago) (1 children)

~~Google already said they are not implementing this any more, there was an article about this here last week.~~

Ignore this, I got confused

[–] [email protected] 3 points 1 year ago* (last edited 1 year ago) (1 children)

It hit the news a week ago, yes. But you are apparently confusing it with something else, as are a lot of people. I'm not sure why. Some kind of disinformation campaign going on in addition to the big media fanfare announcing the thing? What they seem to have learned from their previous experience is to announce it loudly through carefully-crafted press releases designed to prepare the ground of public opinion by sowing confusion, not try to sneak it in without people noticing.

Anyway, it's called "Webview Media Integrity" if you want to try and find a source claiming that it's been discontinued.

[–] [email protected] 1 points 1 year ago

Awww shit, you are right. Got confused with the web manifest certification api thing.

[–] [email protected] 3 points 1 year ago

This is the best summary I could come up with:


When you tried to access some protected content, a browser supporting the Web Integrity API would first contact a third-party "environment attestation" server, and your computer would have to pass some kind of test.

The company says: "We’ve heard your feedback, and the Web Environment Integrity proposal is no longer being considered by the Chrome team."

Unlike the web version, which would have been a big step "forward" for invasive DRM solutions, Android already has environment attestation, so it doesn't sound like this is doing that much.

If you are Spotify or YouTube, you could already block modified devices at the app level before the embedded WebView even boots up, via the Play Integrity API.

Netflix famously demands preinstallation of Widevine on devices in order to show HD content, and problems with the DRM are a common support issue.

The blog post notes that while Android's WebView system brings "a lot of flexibility... it can be used as a means for fraud and abuse, because it allows app developers to access web content, and intercept or modify user interactions with it.


The original article contains 784 words, the summary contains 181 words. Saved 77%. I'm a bot and I'm open source!

[–] [email protected] 0 points 1 year ago