I find the blatant gaslighting regarding this topic baffling.
> Wisner insists that “WEI is not designed to single out browsers or extensions” and that it won’t block browsers that spoof their identity.
WEI's sole purpose in life is to detect browsers that do things that Google does not like. If it does not block browsers that spoof their identity then what the hell does it do?
Sure, sure, WEI won't block them: it will just tell the web server that you are not using an approved browser. It's not Google's fault if the web server then blocks you! How could they have known?
I would find it slightly more respectable if Google just came out and said the quiet part out loud: "Our profits and the industry's profits are more important than your freedom, so shut up and take it, since you can do nothing about it."
Sneaking around like this is just an insult to our intelligence.
> Attacks and doxing make me personally MORE likely to support stronger safety features in chromium, as such acts increase my suspicion that there is significant intimidation from criminals who are afraid this feature will disrupt their illegal and/or unethical businesses, and I don't give in to criminals or bullies
They have apologized for using the word criminals & bullies in a broader context and I appreciate that. However, the initial part of the comment is very telling of how they view those who oppose.
This proposal will mainly disrupt ad-blockers, rooted devices and any one who is willing to maintain control of their own tech stack and they are considered illegal/unethical businesses.
I can't ignore the parallels with the real world here.
Authoritarian government introduces laws that restrict freedom and privacy. People oppose and protest. Government doubles down and proclaims only those who do illegal activities are protesting and they are the ones that have something to hide. Seeing how many there are, we urgently need these laws.
Further down in the response:
> the whole point of designing in the open and having public debate is to find reasonable compromises between stakeholders with very different perspectives
You can either introduce a hostile feature in one go or through a series of "compromises" which is also known as "Boiling the frog" strategy.
Unless the current one is abandoned and there's a radically different approach, I don't think there's any scope for compromise in the current proposal.
> > Wisner insists that “WEI is not designed to single out browsers or extensions” and that it won’t block browsers that spoof their identity.
Lets have Wisner, or Google, put their money where their mouth is. Lets have a serious financial penalty per instance where someone's browser is blocked due to WEI, regardless of who is doing the actual blocking. Because that is what you're promising us here. Or are you a bold-faced liar Mr. Wisner?
> If it does not block browsers that spoof their identity then what the hell does it do?
They mentioned recognizing which ads where viewed and clicked by humans.
Stood out as the thing they really want.
This is Google's general strategy for dealing with any controversy surrounding web standards, not just the big ones around ad blocking. The first thing that they will always say is, "critics don't understand what we're trying to do and they're unknowledgeable about the spec and there's a lot of misinformation floating around..."
Literally any controversy about a standard that Chrome adopts, that will always be the first thing that Google says. It's just a standard pattern.
Being able to say, "I understand people's concerns and I have concerns and we need to have a conversation and iterate but it's just hard with all this misinformation floating around" allows Google to position themselves as a reasonable party while also allowing them to completely ignore any criticism that is inconvenient because they just lump it into the misinformation category.
If the gaslighting doesn't work, Google's next step will be to talk about how the debate has spiraled out of control and how everyone needs to "remember the human." If that doesn't work, they'll lock down and refuse to talk to critics and then plead with critics to be patient because "we're working on it."
Then they'll make some minor changes to the spec and claim that everyone's criticisms are outdated and go back to the gaslighting again. That's already happened here, the original spec did not mandate hold-backs, in fact it suggested that hold-backs were not a desirable solution to pursue. Now all of a sudden it's, "why is everyone so mad, don't they know we have hold-backs?"
If everything falls apart and Google has to backtrack, the closest thing that you'll get to an apology from Google is that "we need to be better about communicating with users/developers." It's not that anything was wrong, it was that the web standards teams just weren't able to communicate how right they were.
And then we'll repeat the process with whatever the next controversy is.
----
I wrote a little bit about this process back in 2018 when web audio was the controversy (a comparatively minor browser change with very few privacy implications): https://danshumway.com/blog/chrome-autoplay and I keep paying attention to how Chrome approaches controversy, and it's pretty much always following this pattern, it's wild how consistently this has played out with Manifest V3, FLOC, Topics, etc, etc...
Developers and users should get better at recognizing this stuff during debates about Google policy, and they should go into conversations with the Chromium team about web standard controversies expecting that they will play out this way.
No unhinged computers for the people as predicted years ago by Cory.
Cory Doctorow has a great talk:
"The coming war on general computation" from 2011 (12 years ago) in which he argues that all general computing platforms (OS, phone OS, browser) would face challenges by governments and corporations.
This looks like another way to control content distribution and put more control in Google's hands. They've made a great strategic choice in building Chrome browser and effectively superseded Microsoft and Apple on desktops as a platform.
BTW, in the Soviet Union you couldn't have bought radios that were freely tunable to certain frequencies. The same was done in Warsaw where German occupation forces collected all radios from the people.
Future doesn't look good for freedom ... When the tools exists, people that control them would find a use. Look what's happening in the UK cryptography battle, the same trend there ...
Yeah, the future looks bleak. It just feels so hopeless. I understand the problem, I understand what needs to be done but I don't have the means or capital to do it. Free computers are a great thing and they will be destroyed by all these governments and corporations who want to control them.
> WEI can potentially be used to impose restrictions on unlawful activities on the internet, such as downloading YouTube videos and other content, ad blocking, web scraping, etc.
Since when did archiving, ad blocking, and web scraping become unlawful? This sounds like a wishlist of activities Google wishes were unlawful.
you are witnessing a corporation that is making extrajudicial laws, and a method of enforcing them. this is attempted parallel government, and is at least illegal, if not domestic terrorism.
> WEI can potentially be used to impose restrictions on unlawful activities on the internet, such as downloading YouTube videos and other content, ad blocking, web scraping, etc.
Note that every single one of those activities is legal.
It's legal to scrape websites. It's legal to download Youtube videos (copyright violation is the crime, not downloading videos, and there are plenty of videos on Youtube that can be legally downloaded). It is legal to block ads.
This article isn't bad, but it really shouldn't be playing into these tropes. That sentence caught me off-guard because it's just straight up wrong, and wrong in a harmful way that suggests that there aren't court ruling showing that these activities are legal, and that people should be somehow ashamed for doing them or that they're doing something transgressive when they scrape a website.
WEI sounds awful. And it seems like yet another aspect of the ongoing war on general-purpose computing.
> Wisner insists that [...] it won’t block browsers that spoof their identity.
What exactly is holding anyone to this pinky promise? Even if you assume angels are running everything right now, why should anyone trust that that will remain the case perpetually?
Let’s not dance around it like Google is doing. We should not tolerate WEI. We all know the end game with this tech. Google and all the people that work on chrome should be ashamed of themselves.
They have taken a stand in the past, but right now it’s crickets…
I checked today, and it looks like the proposal is still closed to contributions. it's been that way for a week. what's an open proposal that's closed to all discourse?
I'm sure that this is done under the premise of "too charged of a topic to be productive." I wonder what happens next. Either they close it and say sorry, or they quietly open the proposal back up after the initial frenzy. Hate to assume malice here, but it seems somewhat obvious that the latter will happen.
They’ll consort with an inner circle of “industry” accomplices to “address concerns”, keeping everyone out while covering the “we consulted widely” angle. This will get pushed through under cover of darkness with enough of a fig leaf of due process to plausible deny anything other than good intent.
The implementation will be really interesting: can a VM, container, or RDP be compliant ever with WEI? To proof - or give at least a solid certainty, a runtime is direct connected to a GUI, and function calls triggered by this GUI are coming from event handler, triggered by human interactions with a keyboard or pointer device, WEI would need a separate channel to the cam.
This means the only way to make this proof is to link the current environment and interactions with a history of interactions stored by a third party (i.e. Google). This only would make WEI to a new layer on top of todays fingerprinting.
Ok, lets be completely honest about what this is. This enables Google to reliably control user-installed ad blockers, which is hurting their business.
There is no reasonable defense for this “wolf-in-sheep’s clothing” control grab.
It doesn’t benefit users to be constantly tracked and controlled and especially have one company in control of that, and this is another example of unnecessary and overly centralized meddling masquerading as security.
Google needs to get behind freedom and privacy — they are strongly heading in the wrong direction — and right before GPI. :(
Do you think high ranking people at FAANG even know what WEI is, or how web APIs work at all? Lol "Our biggest customers have told us this is important to them" is the only internal justification needed to push this through.
People are making money, and in most cases not the kind of money the decision-makers are getting. Is it unethical? maybe it is. I think it is, and in the past I have had the gumption to just quit, but that also comes from privilege. I was in a position where quitting was not going to cripple my living... some people might not be in that situation.
Oh, TechReport. Thats a name I haven't seen in awhile.
This used to be a highly regarded PC hardware site, famous for (among other things) pioneering frametime consistency testing. AMD and Nvidia are better today because of TR's relentless benchmarking.
Looks like they sold the domain to a generic tech news generator. Which circles right back around to the content of this article.
General rule of thumb: any proposal by one of the big tech companies should be considered bad and harmful for the FOSS communities or anyone who still values their privacy in the internet.
WEI seems like a nig nothing burger to me. I interpret it as just another anti bot verification service, but the incentive is simply not there for publishers to use it unless they want to lose out on every person who uses a browser other than the most up to date Chrome.
Yes, I'm sure Google cares a great deal about losing 17% [1] of its market share, or even less considering how many people with weak spines will switch if they're denied access to something based on browser and never look back.
I'm sure Google won't do something malicious like mandating anyone using google's adtech to implement this to ensure "integrity" of clickthroughs.
I'm sure Google won't use its market dominance to require this feature for every one of its products and intentionally cripple other browsers, as that's definitely not something they've done before and would be totally unprecedented in the modern tech industry.
[+] [-] alex7734|2 years ago|reply
> Wisner insists that “WEI is not designed to single out browsers or extensions” and that it won’t block browsers that spoof their identity.
WEI's sole purpose in life is to detect browsers that do things that Google does not like. If it does not block browsers that spoof their identity then what the hell does it do?
Sure, sure, WEI won't block them: it will just tell the web server that you are not using an approved browser. It's not Google's fault if the web server then blocks you! How could they have known?
I would find it slightly more respectable if Google just came out and said the quiet part out loud: "Our profits and the industry's profits are more important than your freedom, so shut up and take it, since you can do nothing about it."
Sneaking around like this is just an insult to our intelligence.
[+] [-] devsda|2 years ago|reply
From official proposal forum: https://groups.google.com/a/chromium.org/g/blink-dev/c/Ux5h_...
> Attacks and doxing make me personally MORE likely to support stronger safety features in chromium, as such acts increase my suspicion that there is significant intimidation from criminals who are afraid this feature will disrupt their illegal and/or unethical businesses, and I don't give in to criminals or bullies
They have apologized for using the word criminals & bullies in a broader context and I appreciate that. However, the initial part of the comment is very telling of how they view those who oppose.
This proposal will mainly disrupt ad-blockers, rooted devices and any one who is willing to maintain control of their own tech stack and they are considered illegal/unethical businesses.
I can't ignore the parallels with the real world here.
Authoritarian government introduces laws that restrict freedom and privacy. People oppose and protest. Government doubles down and proclaims only those who do illegal activities are protesting and they are the ones that have something to hide. Seeing how many there are, we urgently need these laws.
Further down in the response:
> the whole point of designing in the open and having public debate is to find reasonable compromises between stakeholders with very different perspectives
You can either introduce a hostile feature in one go or through a series of "compromises" which is also known as "Boiling the frog" strategy.
Unless the current one is abandoned and there's a radically different approach, I don't think there's any scope for compromise in the current proposal.
[+] [-] genocidicbunny|2 years ago|reply
Lets have Wisner, or Google, put their money where their mouth is. Lets have a serious financial penalty per instance where someone's browser is blocked due to WEI, regardless of who is doing the actual blocking. Because that is what you're promising us here. Or are you a bold-faced liar Mr. Wisner?
[+] [-] andrei_says_|2 years ago|reply
I honestly think they are saying it, just in their weasel speak gaslighting way.
[+] [-] martin8412|2 years ago|reply
[+] [-] pawelmurias|2 years ago|reply
[+] [-] GhostWhisperer|2 years ago|reply
there is plenty we can do, but we have to give up some "comforts"
[+] [-] danShumway|2 years ago|reply
Literally any controversy about a standard that Chrome adopts, that will always be the first thing that Google says. It's just a standard pattern.
Being able to say, "I understand people's concerns and I have concerns and we need to have a conversation and iterate but it's just hard with all this misinformation floating around" allows Google to position themselves as a reasonable party while also allowing them to completely ignore any criticism that is inconvenient because they just lump it into the misinformation category.
If the gaslighting doesn't work, Google's next step will be to talk about how the debate has spiraled out of control and how everyone needs to "remember the human." If that doesn't work, they'll lock down and refuse to talk to critics and then plead with critics to be patient because "we're working on it."
Then they'll make some minor changes to the spec and claim that everyone's criticisms are outdated and go back to the gaslighting again. That's already happened here, the original spec did not mandate hold-backs, in fact it suggested that hold-backs were not a desirable solution to pursue. Now all of a sudden it's, "why is everyone so mad, don't they know we have hold-backs?"
If everything falls apart and Google has to backtrack, the closest thing that you'll get to an apology from Google is that "we need to be better about communicating with users/developers." It's not that anything was wrong, it was that the web standards teams just weren't able to communicate how right they were.
And then we'll repeat the process with whatever the next controversy is.
----
I wrote a little bit about this process back in 2018 when web audio was the controversy (a comparatively minor browser change with very few privacy implications): https://danshumway.com/blog/chrome-autoplay and I keep paying attention to how Chrome approaches controversy, and it's pretty much always following this pattern, it's wild how consistently this has played out with Manifest V3, FLOC, Topics, etc, etc...
Developers and users should get better at recognizing this stuff during debates about Google policy, and they should go into conversations with the Chromium team about web standard controversies expecting that they will play out this way.
[+] [-] freefaler|2 years ago|reply
Cory Doctorow has a great talk: "The coming war on general computation" from 2011 (12 years ago) in which he argues that all general computing platforms (OS, phone OS, browser) would face challenges by governments and corporations. This looks like another way to control content distribution and put more control in Google's hands. They've made a great strategic choice in building Chrome browser and effectively superseded Microsoft and Apple on desktops as a platform.
The talk can be found here: https://www.youtube.com/watch?v=HUEvRyemKSg
BTW, in the Soviet Union you couldn't have bought radios that were freely tunable to certain frequencies. The same was done in Warsaw where German occupation forces collected all radios from the people.
Future doesn't look good for freedom ... When the tools exists, people that control them would find a use. Look what's happening in the UK cryptography battle, the same trend there ...
[+] [-] matheusmoreira|2 years ago|reply
[+] [-] rpdillon|2 years ago|reply
> WEI can potentially be used to impose restrictions on unlawful activities on the internet, such as downloading YouTube videos and other content, ad blocking, web scraping, etc.
Since when did archiving, ad blocking, and web scraping become unlawful? This sounds like a wishlist of activities Google wishes were unlawful.
[+] [-] rolph|2 years ago|reply
[+] [-] Ekaros|2 years ago|reply
[+] [-] raxxorraxor|2 years ago|reply
[+] [-] danShumway|2 years ago|reply
> WEI can potentially be used to impose restrictions on unlawful activities on the internet, such as downloading YouTube videos and other content, ad blocking, web scraping, etc.
Note that every single one of those activities is legal.
It's legal to scrape websites. It's legal to download Youtube videos (copyright violation is the crime, not downloading videos, and there are plenty of videos on Youtube that can be legally downloaded). It is legal to block ads.
This article isn't bad, but it really shouldn't be playing into these tropes. That sentence caught me off-guard because it's just straight up wrong, and wrong in a harmful way that suggests that there aren't court ruling showing that these activities are legal, and that people should be somehow ashamed for doing them or that they're doing something transgressive when they scrape a website.
[+] [-] kahnclusions|2 years ago|reply
[+] [-] dataflow|2 years ago|reply
> Wisner insists that [...] it won’t block browsers that spoof their identity.
What exactly is holding anyone to this pinky promise? Even if you assume angels are running everything right now, why should anyone trust that that will remain the case perpetually?
[+] [-] martin8412|2 years ago|reply
[deleted]
[+] [-] klipklop|2 years ago|reply
They have taken a stand in the past, but right now it’s crickets…
[+] [-] potsandpans|2 years ago|reply
I'm sure that this is done under the premise of "too charged of a topic to be productive." I wonder what happens next. Either they close it and say sorry, or they quietly open the proposal back up after the initial frenzy. Hate to assume malice here, but it seems somewhat obvious that the latter will happen.
[+] [-] pornel|2 years ago|reply
[+] [-] thrown1212|2 years ago|reply
If you’re working on this, shame on you.
[+] [-] qrios|2 years ago|reply
This means the only way to make this proof is to link the current environment and interactions with a history of interactions stored by a third party (i.e. Google). This only would make WEI to a new layer on top of todays fingerprinting.
[+] [-] arianvanp|2 years ago|reply
Same technology is used for GCP where each server is attached a virtual TPM by the hypervisor.
[+] [-] happytiger|2 years ago|reply
There is no reasonable defense for this “wolf-in-sheep’s clothing” control grab.
It doesn’t benefit users to be constantly tracked and controlled and especially have one company in control of that, and this is another example of unnecessary and overly centralized meddling masquerading as security.
Google needs to get behind freedom and privacy — they are strongly heading in the wrong direction — and right before GPI. :(
[+] [-] bagacrap|2 years ago|reply
[+] [-] wildrhythms|2 years ago|reply
[+] [-] deathbypenguin|2 years ago|reply
[+] [-] brucethemoose2|2 years ago|reply
This used to be a highly regarded PC hardware site, famous for (among other things) pioneering frametime consistency testing. AMD and Nvidia are better today because of TR's relentless benchmarking.
Looks like they sold the domain to a generic tech news generator. Which circles right back around to the content of this article.
[+] [-] matheusmoreira|2 years ago|reply
[+] [-] tamimio|2 years ago|reply
[+] [-] user6723|2 years ago|reply
Terry Davis wasn't far off when he said "they" want a world where you don't have access to a compiler.
With wei "they" can sidestep open source entirely.
"Why would I want open source encryption? I don't have anything to hide."
"Why don't you have a normal phone?"
"Why come you don't have a tattoo?!"
Idiocracy is playing out in front of us. Anyone who accepts wei is a lower tier of human than those who reject it.
[+] [-] macic|2 years ago|reply
[+] [-] flangola7|2 years ago|reply
[+] [-] not_enoch_wise|2 years ago|reply
[+] [-] egberts1|2 years ago|reply
Had to use Firefox/Webkit/iOS to sign into Google.
Enough said.
[+] [-] egberts1|2 years ago|reply
(sigh)
[+] [-] Try1275|2 years ago|reply
[+] [-] 1MachineElf|2 years ago|reply
How should we adapt to a world where this pattern never ends, in a way that preserves our human rights?
[+] [-] j0hnyl|2 years ago|reply
[+] [-] thefurdrake|2 years ago|reply
Yes, I'm sure Google cares a great deal about losing 17% [1] of its market share, or even less considering how many people with weak spines will switch if they're denied access to something based on browser and never look back.
I'm sure Google won't do something malicious like mandating anyone using google's adtech to implement this to ensure "integrity" of clickthroughs.
I'm sure Google won't use its market dominance to require this feature for every one of its products and intentionally cripple other browsers, as that's definitely not something they've done before and would be totally unprecedented in the modern tech industry.
F Google.
[1] https://kinsta.com/browser-market-share/