- cross-posted to:
- [email protected]
- [email protected]
- cross-posted to:
- [email protected]
- [email protected]
The much maligned “Trusted Computing” idea requires that the party you are supposed to trust deserves to be trusted, and Google is DEFINITELY NOT worthy of being trusted, this is a naked power grab to destroy the open web for Google’s ad profits no matter the consequences, this would put heavy surveillance in Google’s hands, this would eliminate ad-blocking, this would break any and all accessibility features, this would obliterate any competing platform, this is very much opposed to what the web is.
This is why we need Firefox.
And Firefox needs to be a market that can’t be ignored.
@TheYang Exactly! Came here to say this. Everybody actively using chromium based browsers is a part of the problem.
Stop with this excuse and stop Insulting people. I’ve been on Firefox for nearly 20 years, but Mozilla has ruined it for me little by little. The last straw has been the horrible UI redesign. So I switched to a Chromium browser. Tell Mozilla to make a better browser and to listen to their community, instead of blaming people for using what serves them best.
What does your UI gripe have to do with this biased tabloid piece you shared?
Firefox is fine and works even better than it ever has. If you cared about the UI so much you’d have tried any of its forks that use different and older designs.
Firefox depends on google for funding though. Google could probably deal a killing blow quite easily.
i think they probably donate so much to make sure they have at least one competitor so they don’t get busted up like Standard Oil
They are not donating, if I remember correctly fairly recently Microsoft outbid them and bing was default for a bit.
But maybe I’m not remembering correctly tbh.
I’m skeptical if the government would even do that given how stacked it is with cronies
Don’t know what government you’re referring to, but if the EU anti-trust regulation kicks in it will affect everyone. EU agencies are slow but they do their job eventually.
THIS IS NOT (just) ABOUT GOOGLE
Currently, attestation and “trusted computing” are already a thing, the main “sources of trust” are:
- Microsoft
- Apple
- Smartphone manufacturers
- Third party attestators
This is already going on, you need a Microsoft signed stub to boot anything other than Windows on a PC, you need Apple’s blessing to boot anything on a Mac, your smartphone manufacturer decides whether you can unlock it and lose attestation, all of Microsoft, Apple and Google run app attestation through their app stores, several governments and companies run attestation software on their company hardware, and so on.
This is the next logical step, to add “web app” attestation, since the previous ones had barely any pushback, and even fanboys of walled gardens cheering them up.
PS: Somewhat ironically, Google’s Play Store attestation is one of the weaker ones, just look at Apple’s and the list of stuff they collect from the user’s device to “attest” it for any app.
I started looking at Mac’s for my next computer. Due to this amazing project. https://asahilinux.org/
you need a Microsoft signed stub to boot anything other than Windows on a PC
Not necessarily, most motherboards and laptops (at least every single one I’ve ever owned) allow users to enroll their own Secure Boot keys and maintain an entirely non-Microsoft chain of trust. You can also disable secure boot entirely.
Major distros like Ubuntu and Fedora started shipping with Microsoft-signed boot shims as a matter of convenience, not necessity.
Secure Boot itself is not some nefarious mechanism, it is a component of the open UEFI standard. Where Microsoft comes in to play is the fact that most PC vendors are going to pre-enroll Microsoft keys because they are all shipping computers with Windows, and Microsoft wants Secure Boot enabled by default on machines shipping with with their operating system.
Windows 11 is saying you’re required to have tpm 2.0 enabled in your bios in order to upgrade. Didn’t know what it was on my self built computer until recently when windows said my system wasn’t compatible to upgrade.
TPM and SecureBoot are separate UEFI features. Windows 11 requires TPM 2.0. If your system meets the CPU requirements, then it should support this without needing to install a hardware TPM dongle. However, until recently, many vendors turned had this feature turned off for some reason.
Where some confusion comes in is another Windows 11 requirement, that machines be SecureBoot capable. What this actually means in practice is that your system needs to be configured to boot in UEFI mode rather than CSM (“Legacy BIOS”) mode.
It’s time for Alphabet to be broken up into separate letters.
Pretty much the entire US needs a healthy dose of monopoly busting.
Hell, just look at the Ma Bell breakup and the path all of those companies took to where they are now. We’re basically back to step 1.
Ugh. DRM. I freaking hate DRM. I “buy” a book from Amazon and it’s all DRMed. I like the Kindle app so I keep buying there. But when I can I buy physical books at a LBS
deleted by creator
Why do people have a problem with this? It explicitly says browser extensions, like ad blockers, will still work. It says cross site tracking won’t be allowed. It all sounds pretty good.
It sounds like most are not liking it because of some potential future abuses rather than what it actually is?
Maybe somebody can do a better job of boiling this down than I can.
Basically, right now, if you ask for something on the internet, it gets served to you. Sure there are lots of server side protections that may require an account to log in to access things or what have you, but still you can at least request something from a server and get some sort of response in return.
What this does is force attestation through a third party. I can ask for something from a server and the server turns to the attester and goes, “Hey, should I give this guy what he’s asking for?” and the attester can say “No” for whatever reasons it might. Or worse yet, I can get the attestation but the server can then decide based in turn that it doesn’t like me having that attestation and I get nothing.
You can make arguments that this would be good and useful, but it’s so easy to see how this could go sideways and nobody with any sense should be taking Google or any of these large corporations at their word.
From my understanding, there’s no reason whatsoever to do this besides censorship, for better and for worse. There’s a possibility good, and I’m sure the good would happen, but there’s an even greater possibility it would be bad for users which would surely happen.
It will stop bots/scrapers/etc dead in their tracks seems to be the main reason.
Sorry, yes, still trying to wrap my head around it. It’s one of those things where there is quite obviously no direct benefit for the user. The company is trying to sell it as improving their content, moderation, security, etc. which may have indirect, knock-on effects for the end user but whether that would even be true or if it would be perceptible to your average person is MUCH more questionable.
It’s the same kind of thing when you see people defending exclusivity on consoles. I mean sure, it helps prop up your favorite company/developer in hopes that the market benefit may someday come back around and help them to produce more content/games that you like, but people seriously need to start looking out after their own self interests first and corporations be damned. They earn money by providing actual value, don’t ever argue against yourself.
Note of amusement: The GitHub issues tracker for that proposal got swamped with tickets either mocking this crap or denouncing it for what it is, this morning the person who seems to be the head of the project closed all those tickets and published this blog post, in essence saying “Shut up with your ethical considerations, give us a hand in putting up this electric fence around the web”. Of course that didn’t stop it.
Also somebody pointed out this gem in the proposal, quoted here:
6.2. Privacy considerations
Todo
Quick edit: This comment on one of the closed tickets points out the contact information of the Antitrust authorities of both US and EU, i think i’m gonna drop the EU folks a note
Edit: And they disabled commenting on the issues tracker
We developers should stop just looking at the technical side of our work only. There’s social, economic and values to be taken into account when we put our minds to solve a problem. We tend to go blindly into it, without thinking what it can cause when it is released into the world.
It’s like if we put a bunch of developers into a secret project to develop an Internet World Wide Nuclear Bomb a là Project Manhattan… the leaders shouldn’t really have to hide what they were about to do, just throw the developers and engineers troubles to solve and they wouldn’t mind what it will be used for. It’s just tech, right?
At least this guy seems to fit the type: I want to do this technology I’ve been tasked for, I’m trying to solve a technological problem. The rest of the world is telling him «Man, this is a bad idea to implement.» and he whines saying «I want solutions to this technology, not what is wrong with it!»
(And if you aren’t one of those developers, congratulations, we need more of you!)
[Don’t assume consensus nor finished state]
Often a proposal is just that - someone trying to solve a problem by proposing technical means to address it. Having a proposal sent out to public forums doesn’t necessarily imply that the sender’s employer is determined on pushing that proposal as is.
It also doesn’t mean that the proposal is “done” and the proposal authors won’t appreciate constructive suggestions for improvement.
[Be the signal, not the noise]
In cases where controversial browser proposals (or lack of adoption for features folks want, which is a related, but different, subject), it’s not uncommon to see issues with dozens or even hundreds of comments from presumably well-intentioned folks, trying to influence the team working on the feature to change their minds.
In the many years I’ve been working on the web platform, I’ve yet to see this work. Not even once.
…?
What is this, “Good vibes only?”“Good vibes only” seems to be embedded in the culture of web development today. Influential devs’ Twitter accounts have strong Instagram vibes: constantly promoting and congratulating each other, never sharing substantive criticisms. Hustle hustle.
People with deep, valid criticisms of popular frameworks like React seem to be ostracized as cranks.
It’s all very vapid and depressing.
Do you have an article about react? I’d love to read it. And yes tech is chock full of egos and fakers.
Alex Russell is a good read on React. His position gives him a broad view of its impacts and has kept him from being sidelined. This Changelog podcast is a decent distillation of his criticisms – it was recorded earlier this year, a few days after his Market For Lemons blog post.
(Sorry for the late reply! I’ve been a bit swamped lately and away from kbin.)
Unsupported browser, please install Chrome.
You are logged out, please log in or sign up for an account.
To verify your identity, please enter your phone number, a text message will be sent, please enter verification code.
Error, your account has been flagged for further review, please submit 3 different government IDs, with at least 2 containing your photo, and 2 containing your address.
Error, name doesn’t match, if you have changed you name, please submit proof of name change.
Error, no citizenship status detected, please submit birth certificate or naturalization certificate
Please wait 7-14 bussiness days. A phone call will be made to the number you’ve submitted.
Error, missed call. Please wait 30 days for another call.
Error, unsupported operating system, please use Chrome OS, Android, or Google Smart TV OS
Error, Google Smart Home assistant not installed, please purchase one within the next 3 days to avoid losing signup process.
Error, could not confirm identity, please purchase Google 360 cameras to verify identity.
Error, server maintenance in progress, please retry signup at a later time.
Thank you for using Google!
Please drink verification can