It's time to start lobbying hard for an antitrust breakup of Google. This DRM plan, as abuse of a monopoly position, provides more political coverage for a forced breakup.
It's pretty clear how to break up Alphabet, because it grew mostly by acquisition.
- Google - search, ads on search pages and nothing more.
- DoubleClick - third party ads on other sites.
- Analytics - services to web sites.
- Cloud - the money-losing data center service. Probably gets sold to AWS or Hurricane Electric.
- Android - phones and similar devices
- Chrome - browsers
- YouTube - streaming content. Probably gets sold to Netflix or AT&T or Comcast.
- Waymo - self-driving cars. Probably gets sold to a car company.
- Alphabet - all the other stuff.
Now, some of these have conflicting interests. That's a good thing. With Chrome separated from Google and Doubleclick, and forced to fight for market share, it's not in Chrome's interest to prevent blocking ads from DoubleClick or Google. Google wants people to see ads on search pages, while Doubleclick wants people to leave the search site and see ads elsewhere. Now there's competition.
Antitrust action against Google is already underway. The State of Texas and several state attorneys general have a case pending.[1] There are other cases.[2] All these cases benefit from Google's move to entrench their monopoly by technical means.
So make lots of noise politically about that. It's quite likely to make Google dump this proposal, on the advice of their antitrust lawyers.
We all let it come this far, because of how we treat the services Google provides: As nice free and helpful tools. Talking about "Chrome this and that" all the time we forget what that really means, namely:
Using the strategic tools of the largest Advertising Agency in the world, that allows them to ever grow their dominance. Chrome, GMail and all that jazz all fit into a global-scale ad-tech framework to push shady ads and slurp in your PII for shady business. Google uses monopolies and oligopolies to force itself into your life. In other words..
Google is SHADY BUSINESS. And that should be the framing to spread about. Always repeating that Google is an advertising giant. Not some trustworthy biz. Zero integrity. So how can Chrome relate to integrity then?
Is your Bank using Google's integrity foo? Give them a support call. Act like a noob and keep them busy for as long as possible with "It isn't working". Until they explain about Integrity + Chrome. Then comes the angry phase: "WHAT? Are you in bed with a SHADY advertising agency?? I thought you were a trustworthy bank."
> Give them a support call. Act like a noob and keep them busy for as long as possible with "It isn't working".
I'm all for grassroots change, but I really don't think that doing this to Tier 1 support staff is going to effect any real change. With all love to my helpdesk folks, what matters is ticket closure metrics and call duration -- an emotional outburst isn't going to change a thing.
> We all let it come this far, because of how we treat the services Google provides: As nice free and helpful tools.
This is exactly what we need to change. "Free" services are never really free. You pay for them in the end, anyway, and doubly so. First with your data, then with your money.
The free internet may be nice for some people, but we all pay the advertising tax in the products we buy. It would be much better if we banned this entire freemium pricing model and started paying for things like in the old days. It would solve a lot of problems.
In 2012, I interviewed at Google Ireland for an SRE position. I ended up not taking the job due to family issues, but I somewhat regretted having missed the opportunity to tackle Google-sized problems and make FAANG-sized money for a few years after.
This feeling has ceased entirely in the meantime, due to what Google has become, and how its understanding of its role in the world seems to have shifted. Or maybe its true corporate nature has only become more apparent? I am not sure - but I was a firm believer that Google was a force of good in the corporate landscape of the 00s, and I am fully convinced it is not any more. It actually makes me sad, and I am afraid of the damage it will end up doing to the places (the 'net) and communities (most of the FOSS world) I love.
It's also been a massive boost to FOSS as well. I don't think Google is a single entity with a true nature. It's just people deciding things. Sometimes we get VP8 open sourced, a world-level value adding move. Sometimes we get them running an experiment whose intentions should've been better articulated.
They used to be innovative and forward looking and send to be having fun at contributing new tech. Under Pichai they seem to only want to lock in their position, kill all competitors, convert the WWW to GWWW
I think Google did used to be a force for good. I even got happy when they bought the notorious DoubleClick, because I was confident that they would be able to change the scumbag online ad industry for the better.
That didn't happen, though. What happened instead is that Google became a scumbag online ad company.
Early Google seemed to be genuine and upstanding fellas. The dotcom crash made everyone scramble to pay the bills and monetize which is where the seeds were sown for what we have today.
Google might have pretended to stood for something, but they have been an evil corporation since they have been a corporation. That's what corporations do by design.
One relevant example is that they've been doing the "only for ie5+" with their services for 10+ years now. They killed most of their browser competition not by having a good product, but by having or buying up good services that they used to force chrome onto users - voluntarily (billions worth of advertisements) or not (lies about compatibility, performance or outright blocking other UAs).
That’s not how I remembered it. Chrome really was a good browser and I would argue is still a good browser (for now).
IE got displaced by Firefox’s predecessors because MS got caught napping - they disbanded the IE team thinking they have won. Firefox simply got outcompeted by Chrome as Google went crazy making it faster and faster. Firefox fell behind often enough that Chrome managed to take almost all of its market share.
I’m not happily with Chrome’s dominance, and Google’s abuse of its market position, but it was a good product for most of its life span.
Your computing device is your agent, more than any doctor, priest, or lawyer-- you share greater intimacies with it, and you have far less ability to go about an ordinary life without access to one. Your computers mediate an increasing share of your interactions with other people, with the world at large. You need one to communicate, to obtain essential services. You take it into your home, into your bedroom. It should be required to act in your best interests and it certainly should not against your best interests.
This shouldn't be an unusual demand or even a demand at all-- it should be table stakes.
Even back when the concept of Free Software had just become an identifiable thing people advocated it in terms of respecting the user. But for a long time the disrespect was largely banal-- rent seeking, over priced, indifference to features or bugs that matter to you, rules that benefit the author but didn't care about the user's needs. The fact that software could actively and intentionally work against its users wasn't a surprise-- the freedom to inspect, modify, and share the results answers those risks too, at least in theory. But back then it wasn't a common problem. Somehow software and systems that actively betray their users became common, even normalized. And in large part it seems most people never noticed.
I have the strong impression that the vast majority of people simply do not care and mostly don't even want to know.
Most of the people I know are in this group. When they ask why I won't install the latest app they are playing with, they often cut me off before I even finish explaining. They seriously don't care about privacy, lock-in, loss of access to resources, right to repair, etc.
Personally, I'm investing as much time as I can in learning the alternatives: Gemini, Fediverse apps, Linux phones, etc. That combined with having a "mainstream" laptop that is used only for banking and similar life critical services that has nothing else installed and otherwise stays turned off.
> They seriously don't care about privacy, lock-in, loss of access to resources, right to repair, etc.
They care even less about this stuff than they do about plastic pollution, or systemic inequality and racism, or PFAS contaminating the world's water, or pesticides and runoff decimating biospheres. They don't care about corruption at the highest levels of government and justice, black sites and torture, or illegal wars for profit.
It's impossible to care about everything that's going on. It's unreasonable to expect people to care or even know about everything, even if politics wasn't a wrestling show and corporate news wasn't enraging entertainment.
And, most citizens are two paychecks away from destitution.
Lobbyists, on the other hand, have full access to decision makers and a truck or two of cash, determined to make concrete specific changes.
This is by design, and Google just take advantage of it the same way every other company does. Blaming 'people' for this is blaming the victim.
The article applies this terrific Doctrow quote about Secure Computing to WEI:
> Should your computer be able to be compelled to tell the truth, even when you would prefer that it lie on your behalf? Should there be a facility in your computer that you can’t control that other people can remotely trigger?
It is an apt application of the quote, and a fundamental question that is likely based on culture and each persons or organizations past experience with abusive overlords. I personally opposed it.
Doctorow demonstrably knows more about this, and has thought about this, than me, but to me the answer seems somewhat straightforward:
> Should your computer be able to be compelled to tell the truth
In the context of the soldered chip that "can't be removed" that can report the "truth" of the kernel etc, the answer to me is a simple, "it's impossible to know if the computer is telling the truth or not." Go to defcon once and you'll know this as true as well. No matter what, there's always a way in. There's always a hack. The harder you make it to hack, the more motivated those crazy people at defcon will be to break it.
> Should there be a facility in your computer that you can’t control that other people can remotely trigger?
"Other people" will never be "just the people you want." It will always include criminals, stalkers, and authoritarian governments. So the answer is a simple, "no."
A bit similar dilemma with self-driving cars that they don't necessarily serve their owners but rather "what is right" (aka the truth); in case of unavoidable collision, should they save the interests of the current owners, or the interests of the manufacturer, or the interests of everybody on average, etc.
one “side effect” of this would be enabling Google to effectively block ad-blocking. And, of course, plenty of people will insist that that’s not a side-effect, that’s the end goal.
It seems Everyone is taking for granted the claim that this is about DRM.
The claim is that websites (not Google) will use this signal to allow or deny access but this is already possible with various means. Google or any other Browser vendor do not have a say on how websites use or misuse features.
> There is a tension between utility for anti-fraud use cases requiring deterministic verdicts and high coverage, and the risk of websites using this functionality to exclude specific attesters or non-attestable browsers.
This risk is already present and actually happening. What makes this not widespread is not that it is not possible (it is) but that it is unpopular.
Websites that you are forced to use (many banks for example) do it every day and they get away it with it because you have no choice.
Many articles are just reapeating the "DRM" claim without explaining how is this different, what does Google have to do with how websites choose to treat their users or what solution they would propose. It seems to me just protest for the sake of it because it's trendy to question every Google Initiative. And yes every Google Initiative must be questioned but I don't see any questioning here beside just parroting in article after article what someone identified as a potential misuse without any critical thought going into it. Might as well autogenerate the contents with AI already because the utility of all articles i have seen on this topic is the same, just rearrange words without adding anything to it.
The difference is that currently you can lie. You can identify the fingerprinting techniques being used, and work around them. yt-dlp already does something like this, for example. In Android, there was a lot of support for making your rooted / custom ROM system look like stock Android so you could still do banking. Now, depending on the level of Safetynet the app is using, you literally can't. I'm not arguing in favour of fingerprinting, just pointing out that prior to TPM-backed attestation you had control over your own device.
With Android Safetynet attestation, you can't work around the problem because the attestation is backed by a root of trust which your custom ROM can't provide. Being able to supply your own thing doesn't matter, because everyone will just support the one that Google supplies. LineageOS is a good example of this; they have their own Safetynet implementation which has very little buy-in.
WEI is effectively an extension of Safetynet to the Web.
In summary, this is fundamentally different because it takes away your control of your own device.
You know this is about DRM because that is explicitly the stated goal of this move.
Apologies for just repeating a previous post I made about this but:
The first goal of the proposal is to
> Allow web servers to evaluate the authenticity of the device and honest representation of the software stack and the traffic from the device.
That is, to give web servers the ability to Digitally restrict (or Manage) a user's Rights to access content on a device and software stack of their choice.
The fact that this is DRM is unquestionable. What you seem to be taking at face value is Google's claim that this DRM will only be used to discriminate against bots and other abusive traffic, whereas everyone else is just pointing out that this technology can very easily be used for evil and that Google has every incentive and ability to do so.
> what solution they would propose
A man on the street stops you, points a gun to your head and instructs you to give him all of your money. How do you propose to solve the man's problem of lack of your money in his hands? Also, you cannot ask him to put down the gun before solving that problem.
> It seems Everyone is taking for granted the claim that this is about DRM. The claim is that websites (not Google) will use this signal to allow or deny access but this is already possible with various means.
How about you offer a reasonable opposing viewpoint? It's hard to see this, at best, as anything other than an extremely naive viewpoint. Every feature that can be used to lock down content and/or spy on users, will be used to do just that. That's true for every single feature that exists today. Claiming otherwise borders on bad faith.
> Google or any other Browser vendor do not have a say on how websites use or misuse features.
That's settled then. Full filesystem, location, camera, and microphone access should therefore come on by default without a permission dialog. Why not bring back Java and Flash while we're at it! It's not the browser vendor's fault that websites are misusing it.
> Many articles are just reapeating the "DRM" claim without explaining how is this different
This is different because any meaningful "attestation about the environment the browser is running in" can only be achieved via a full chain of trust, starting with secure boot, which will allow Google (and websites you visit) to verify that your system is using a Google-approved bootloader to load a Google-approved operating system which only loads Google-approved drivers and Google-approved software (or worse, website-approved software).
> Google or any other Browser vendor do not have a say on how websites use or misuse features.
Seriously? Would you give the kiddies sharp knives and loaded guns, and then be shocked when someone is injured?
If we let this become available, we will all have to live with the consequences. We can see clearly what those consequences will be. Let's not be stupid.
> what does Google have to do with how websites choose to treat their users or what solution they would propose
Google owns YouTube. Is it so hard to imagine that some product manager at YouTube counted the losses due to adblockers and asked a team in Chrome to prevent them?
I've been wary of Google for a while now, and this is further proof my wariness is justified. However, one thing I can't seem to kick is using Google search as a fallback.
I use DuckDuckGo or Brave search for most of my searches, but half the time I have to add "!g" to the search to switch to Google to get actually useful results. Does anyone have any tips or tricks (or search engines I'm unfamiliar with) so I can break free? I know Bing is technically an option, but I'm under the impression it's not much better than Google (privacy wise) and their AI integration is off-putting.
I use Kagi and I only find myself switching to Google if I'm looking for local, up-to-the-minute information. Kagi maps is barely useful at all compared to Google Maps, at least at time of writing.
Google have long been a trojan horse for corporate and governmental interests. This was clear with the approach they took with rss - make a fantastic product to draw in lots of users, then kill it as rss disintermediated the web, with little scope for google to direct you to where they want you to go.
I suppose they told us what they are when they scrapped their "don't be evil" motto.
It turns out that when the growth stops, companies show their real face. The reason everyone in the world is praying infinite growth is this dynamic, people, companies are alike.
You want to know if someone is truly a nice person - put them into a now growth situation for a while. Before that, it’s all talk.
Pure irony that when you go to look at Tech Dirt, there’s first an intermediate page (maybe by cloudflare, maybe by some other provider) that first verifies your browser is secure.
Google stands for nothing but their bottomline. Thinking that private companies have "morals" is foolish at best. All the things Google claimed stood for was simply PR in a world where Microsoft used to be the bad guy. Same with all the ESG, DEI and whatever "social initiatives". It's PR. You shouldn't fall for that.
Google can achieve horizontal integration since they own youtube, search and lead the Chromium project. They are "the web" and make money with ads so they are going to force you to watch these ads, nothing more.
My conjecture is that Google just pretended to stand for freedom, when they were a smaller company and they needed goodwill to be able to build an empire. Now they don't need that goodwill anymore.
The freedom Google stood for was also a trend of the time — tech start-ups were trying to break out in the burgeoning internet against established giants — and naturally the companies ideologies reflected that rebellion against the norm.
They a few billion dollars later and you realise that morality and stakeholder profits can never be aligned...
As I understand it, Google wants to add some signal to http requests which tell the server that the user is using a system made from some specific software. For example an unaltered stock Android phone.
What would be the one-sentence technical explanation of how Google wants to achieve this?
Most chips have a TPM which holds a key. You can’t access the key without expensive and specialised equipment. The key is signed by the manufacturer’s key (google, in this case).
The TPM has an API that returns a signature of the running OS code. If you tamper with the OS, you get a signature mismatch.
Every request first goes through "trusted attesters" (read: Google and pretty much Google alone) along with some information about your device (hardware information, browser data, executable hash, etc) for them to sign it and decide whether or not you're legit. See the Play Integrity API on Android for similar implementations.
The elephant in the room is the increase of interest rates. The free lunch of cheap money is over. Now corps have to make money by squeezing every rock for the last bit of water.
My advice to everyone is to watch out, and be carefull. Look over the license changes over the incoming days to see how you might potentially be squeezed.
[+] [-] Animats|2 years ago|reply
It's pretty clear how to break up Alphabet, because it grew mostly by acquisition.
- Google - search, ads on search pages and nothing more.
- DoubleClick - third party ads on other sites.
- Analytics - services to web sites.
- Cloud - the money-losing data center service. Probably gets sold to AWS or Hurricane Electric.
- Android - phones and similar devices
- Chrome - browsers
- YouTube - streaming content. Probably gets sold to Netflix or AT&T or Comcast.
- Waymo - self-driving cars. Probably gets sold to a car company.
- Alphabet - all the other stuff.
Now, some of these have conflicting interests. That's a good thing. With Chrome separated from Google and Doubleclick, and forced to fight for market share, it's not in Chrome's interest to prevent blocking ads from DoubleClick or Google. Google wants people to see ads on search pages, while Doubleclick wants people to leave the search site and see ads elsewhere. Now there's competition.
Antitrust action against Google is already underway. The State of Texas and several state attorneys general have a case pending.[1] There are other cases.[2] All these cases benefit from Google's move to entrench their monopoly by technical means.
So make lots of noise politically about that. It's quite likely to make Google dump this proposal, on the advice of their antitrust lawyers.
[1] https://www.bloomberg.com/news/articles/2023-06-05/google-an...
[2] https://www.lanierlawfirm.com/google-antitrust-lawsuits-expl...
[+] [-] rapnie|2 years ago|reply
Using the strategic tools of the largest Advertising Agency in the world, that allows them to ever grow their dominance. Chrome, GMail and all that jazz all fit into a global-scale ad-tech framework to push shady ads and slurp in your PII for shady business. Google uses monopolies and oligopolies to force itself into your life. In other words..
Google is SHADY BUSINESS. And that should be the framing to spread about. Always repeating that Google is an advertising giant. Not some trustworthy biz. Zero integrity. So how can Chrome relate to integrity then?
Is your Bank using Google's integrity foo? Give them a support call. Act like a noob and keep them busy for as long as possible with "It isn't working". Until they explain about Integrity + Chrome. Then comes the angry phase: "WHAT? Are you in bed with a SHADY advertising agency?? I thought you were a trustworthy bank."
[+] [-] jkingsman|2 years ago|reply
I'm all for grassroots change, but I really don't think that doing this to Tier 1 support staff is going to effect any real change. With all love to my helpdesk folks, what matters is ticket closure metrics and call duration -- an emotional outburst isn't going to change a thing.
[+] [-] amelius|2 years ago|reply
This is exactly what we need to change. "Free" services are never really free. You pay for them in the end, anyway, and doubly so. First with your data, then with your money.
The free internet may be nice for some people, but we all pay the advertising tax in the products we buy. It would be much better if we banned this entire freemium pricing model and started paying for things like in the old days. It would solve a lot of problems.
[+] [-] delfinom|2 years ago|reply
https://httptoolkit.com/blog/apple-private-access-tokens-att...
You should be more afraid of banks soon requiring Apple devices only
[+] [-] gniv|2 years ago|reply
[+] [-] c0l0|2 years ago|reply
This feeling has ceased entirely in the meantime, due to what Google has become, and how its understanding of its role in the world seems to have shifted. Or maybe its true corporate nature has only become more apparent? I am not sure - but I was a firm believer that Google was a force of good in the corporate landscape of the 00s, and I am fully convinced it is not any more. It actually makes me sad, and I am afraid of the damage it will end up doing to the places (the 'net) and communities (most of the FOSS world) I love.
[+] [-] robertlagrant|2 years ago|reply
[+] [-] stjohnswarts|2 years ago|reply
[+] [-] JohnFen|2 years ago|reply
That didn't happen, though. What happened instead is that Google became a scumbag online ad company.
[+] [-] 2OEH8eoCRo0|2 years ago|reply
Early Google seemed to be genuine and upstanding fellas. The dotcom crash made everyone scramble to pay the bills and monetize which is where the seeds were sown for what we have today.
[+] [-] rplnt|2 years ago|reply
One relevant example is that they've been doing the "only for ie5+" with their services for 10+ years now. They killed most of their browser competition not by having a good product, but by having or buying up good services that they used to force chrome onto users - voluntarily (billions worth of advertisements) or not (lies about compatibility, performance or outright blocking other UAs).
[+] [-] worrycue|2 years ago|reply
IE got displaced by Firefox’s predecessors because MS got caught napping - they disbanded the IE team thinking they have won. Firefox simply got outcompeted by Chrome as Google went crazy making it faster and faster. Firefox fell behind often enough that Chrome managed to take almost all of its market share.
I’m not happily with Chrome’s dominance, and Google’s abuse of its market position, but it was a good product for most of its life span.
[+] [-] nullc|2 years ago|reply
This shouldn't be an unusual demand or even a demand at all-- it should be table stakes.
Even back when the concept of Free Software had just become an identifiable thing people advocated it in terms of respecting the user. But for a long time the disrespect was largely banal-- rent seeking, over priced, indifference to features or bugs that matter to you, rules that benefit the author but didn't care about the user's needs. The fact that software could actively and intentionally work against its users wasn't a surprise-- the freedom to inspect, modify, and share the results answers those risks too, at least in theory. But back then it wasn't a common problem. Somehow software and systems that actively betray their users became common, even normalized. And in large part it seems most people never noticed.
[+] [-] getoffmyyawn|2 years ago|reply
I have the strong impression that the vast majority of people simply do not care and mostly don't even want to know.
Most of the people I know are in this group. When they ask why I won't install the latest app they are playing with, they often cut me off before I even finish explaining. They seriously don't care about privacy, lock-in, loss of access to resources, right to repair, etc.
Personally, I'm investing as much time as I can in learning the alternatives: Gemini, Fediverse apps, Linux phones, etc. That combined with having a "mainstream" laptop that is used only for banking and similar life critical services that has nothing else installed and otherwise stays turned off.
[+] [-] mandmandam|2 years ago|reply
They care even less about this stuff than they do about plastic pollution, or systemic inequality and racism, or PFAS contaminating the world's water, or pesticides and runoff decimating biospheres. They don't care about corruption at the highest levels of government and justice, black sites and torture, or illegal wars for profit.
It's impossible to care about everything that's going on. It's unreasonable to expect people to care or even know about everything, even if politics wasn't a wrestling show and corporate news wasn't enraging entertainment.
And, most citizens are two paychecks away from destitution.
Lobbyists, on the other hand, have full access to decision makers and a truck or two of cash, determined to make concrete specific changes.
This is by design, and Google just take advantage of it the same way every other company does. Blaming 'people' for this is blaming the victim.
[+] [-] dotancohen|2 years ago|reply
[+] [-] komali2|2 years ago|reply
> Should your computer be able to be compelled to tell the truth
In the context of the soldered chip that "can't be removed" that can report the "truth" of the kernel etc, the answer to me is a simple, "it's impossible to know if the computer is telling the truth or not." Go to defcon once and you'll know this as true as well. No matter what, there's always a way in. There's always a hack. The harder you make it to hack, the more motivated those crazy people at defcon will be to break it.
> Should there be a facility in your computer that you can’t control that other people can remotely trigger?
"Other people" will never be "just the people you want." It will always include criminals, stalkers, and authoritarian governments. So the answer is a simple, "no."
[+] [-] rvnx|2 years ago|reply
[+] [-] avereveard|2 years ago|reply
2010s
https://nakedsecurity.sophos.com/2011/08/26/real-canadian-ph...
"we don't collet private data" https://europe.googleblog.com/2010/04/data-collected-by-goog...
"ops we do" https://googleblog.blogspot.com/2010/05/wifi-data-collection...
google wage fixing, all the way back from 2001 https://www.cnet.com/tech/tech-industry/apple-google-seek-ap...
before that it's harder to search data, but you get the idea.
[+] [-] veave|2 years ago|reply
[+] [-] moneycantbuy|2 years ago|reply
[+] [-] meragrin_|2 years ago|reply
[+] [-] cowl|2 years ago|reply
> There is a tension between utility for anti-fraud use cases requiring deterministic verdicts and high coverage, and the risk of websites using this functionality to exclude specific attesters or non-attestable browsers.
This risk is already present and actually happening. What makes this not widespread is not that it is not possible (it is) but that it is unpopular. Websites that you are forced to use (many banks for example) do it every day and they get away it with it because you have no choice.
Many articles are just reapeating the "DRM" claim without explaining how is this different, what does Google have to do with how websites choose to treat their users or what solution they would propose. It seems to me just protest for the sake of it because it's trendy to question every Google Initiative. And yes every Google Initiative must be questioned but I don't see any questioning here beside just parroting in article after article what someone identified as a potential misuse without any critical thought going into it. Might as well autogenerate the contents with AI already because the utility of all articles i have seen on this topic is the same, just rearrange words without adding anything to it.
[+] [-] wzdd|2 years ago|reply
With Android Safetynet attestation, you can't work around the problem because the attestation is backed by a root of trust which your custom ROM can't provide. Being able to supply your own thing doesn't matter, because everyone will just support the one that Google supplies. LineageOS is a good example of this; they have their own Safetynet implementation which has very little buy-in.
WEI is effectively an extension of Safetynet to the Web.
In summary, this is fundamentally different because it takes away your control of your own device.
[+] [-] Adverblessly|2 years ago|reply
Apologies for just repeating a previous post I made about this but:
The first goal of the proposal is to
> Allow web servers to evaluate the authenticity of the device and honest representation of the software stack and the traffic from the device.
That is, to give web servers the ability to Digitally restrict (or Manage) a user's Rights to access content on a device and software stack of their choice.
The fact that this is DRM is unquestionable. What you seem to be taking at face value is Google's claim that this DRM will only be used to discriminate against bots and other abusive traffic, whereas everyone else is just pointing out that this technology can very easily be used for evil and that Google has every incentive and ability to do so.
> what solution they would propose
A man on the street stops you, points a gun to your head and instructs you to give him all of your money. How do you propose to solve the man's problem of lack of your money in his hands? Also, you cannot ask him to put down the gun before solving that problem.
[+] [-] dns_snek|2 years ago|reply
How about you offer a reasonable opposing viewpoint? It's hard to see this, at best, as anything other than an extremely naive viewpoint. Every feature that can be used to lock down content and/or spy on users, will be used to do just that. That's true for every single feature that exists today. Claiming otherwise borders on bad faith.
> Google or any other Browser vendor do not have a say on how websites use or misuse features.
That's settled then. Full filesystem, location, camera, and microphone access should therefore come on by default without a permission dialog. Why not bring back Java and Flash while we're at it! It's not the browser vendor's fault that websites are misusing it.
> Many articles are just reapeating the "DRM" claim without explaining how is this different
This is different because any meaningful "attestation about the environment the browser is running in" can only be achieved via a full chain of trust, starting with secure boot, which will allow Google (and websites you visit) to verify that your system is using a Google-approved bootloader to load a Google-approved operating system which only loads Google-approved drivers and Google-approved software (or worse, website-approved software).
[+] [-] drpixie|2 years ago|reply
Seriously? Would you give the kiddies sharp knives and loaded guns, and then be shocked when someone is injured?
If we let this become available, we will all have to live with the consequences. We can see clearly what those consequences will be. Let's not be stupid.
[+] [-] choeger|2 years ago|reply
Google owns YouTube. Is it so hard to imagine that some product manager at YouTube counted the losses due to adblockers and asked a team in Chrome to prevent them?
[+] [-] unknown|2 years ago|reply
[deleted]
[+] [-] TheCleric|2 years ago|reply
I use DuckDuckGo or Brave search for most of my searches, but half the time I have to add "!g" to the search to switch to Google to get actually useful results. Does anyone have any tips or tricks (or search engines I'm unfamiliar with) so I can break free? I know Bing is technically an option, but I'm under the impression it's not much better than Google (privacy wise) and their AI integration is off-putting.
[+] [-] buzzy_hacker|2 years ago|reply
[+] [-] ColinHayhurst|2 years ago|reply
https://seirdy.one/posts/2021/03/10/search-engines-with-own-...
[+] [-] unknownsky|2 years ago|reply
[+] [-] monetus|2 years ago|reply
[+] [-] verisimi|2 years ago|reply
I suppose they told us what they are when they scrapped their "don't be evil" motto.
[+] [-] gmerc|2 years ago|reply
You want to know if someone is truly a nice person - put them into a now growth situation for a while. Before that, it’s all talk.
[+] [-] Aeolun|2 years ago|reply
[+] [-] throw_m239339|2 years ago|reply
Google can achieve horizontal integration since they own youtube, search and lead the Chromium project. They are "the web" and make money with ads so they are going to force you to watch these ads, nothing more.
[+] [-] saagarjha|2 years ago|reply
[+] [-] DeathArrow|2 years ago|reply
[+] [-] nness|2 years ago|reply
They a few billion dollars later and you realise that morality and stakeholder profits can never be aligned...
[+] [-] palrtyx|2 years ago|reply
[+] [-] smackeyacky|2 years ago|reply
[+] [-] TekMol|2 years ago|reply
What would be the one-sentence technical explanation of how Google wants to achieve this?
[+] [-] danielheath|2 years ago|reply
The TPM has an API that returns a signature of the running OS code. If you tamper with the OS, you get a signature mismatch.
[+] [-] est|2 years ago|reply
Denuvo for browsers. Rootkit disguised as a browser from your favorite Ads service provider.
[+] [-] ohgodplsno|2 years ago|reply
[+] [-] unknown|2 years ago|reply
[deleted]
[+] [-] ImHereToVote|2 years ago|reply
My advice to everyone is to watch out, and be carefull. Look over the license changes over the incoming days to see how you might potentially be squeezed.