Don't. #28
Comments
|
This is DRM infrastructure for websites and fundamentally counter to an open web. So yeah, don’t. |
|
100% agree. This proposal offers far too many opportunities for abuse. The authors have clearly tried to mitigate this, but their measures are insufficient and always will be, because the underlying idea is flawed. Lets leave this one in the past - it will only ever cause more harm than good. |
|
Almost every reasonable use case of this proposal is something that makes the web worse for users. It opens another front in the War On General Computation, and continues the trend of web browsers ceasing to be user-agents, and becoming the property of the website owners. It's a straight-up attack on the open web. |
|
I would add myself to the points above, this is not a good idea and opens up so much potential abuse, and shutting out of marginalised groups who may not be able to use the latest version of a program. The world is also dividing along ideological lines that could see this used to perpetrate a shutdown of information to a select few. tl;dr Don't |
|
Please just withdraw this horrible idea. |
|
Have you lost your fucking minds? DRM never was and never will be a good idea. Just stop. |
|
No. Either no one else than you can build browser engines anymore, or this won't work anyways. |
|
The entire premise of this proposal is completely flawed. To quote the authors,
If the security of your web service depends on a specific client environment, your web service is designed wrong. Period. If something is security-critical, you should not ever delegate that computation to client side and you should not ever blindly trust any client-side input, even if you can attest to any digital signature from the client. Are you sure you are going to be able to maintain an up-to-date list of all the vulnerabilities of all "trusted" clients? And how are you going to mitigate all of them in time? Even with Android, a lot of known vulnerable devices are still "trusted" under SafetyNet / Play Integrity. The only way for any service to be secure is to not trust client input blindly.
Your proposal has exactly nothing to do with whether a human user is interacting with the device. All you can ever do is attest to the fact that the client uses software with a signature trusted by the server. An automated program does not have to actually execute within this environment -- it can be a device outside of the control of the client-side operating system entirely. Are you then going to authenticate all peripherals connected to the device?
Let's make this very clear: the backbone of the open internet is the fact that any client from any vendor can access any website, as long as they implement all the open standards a given website / application depends on. By giving the ability to exclude certain vendors and users to operators of a website, you are destroying the open internet, not the other way around. |
|
^^ what they said. There is no compelling argument for any of this other than "policing the content/services I provide on the internet WITH humans, in order to maintain a productive service FOR humans, is expensive and I don't wanna; so lets add more complexity to an already complicated and impossible to understand/maintain tech stack and add even more hurdles a user has to go through rather than just sending a browser to a URL.." Plus if you add yet another thing I have to 2FA just to read the instructions on how to repair my dishwasher, I may start to get nasty. |
|
Hello! I'm hoping to help with potential workarounds, in case this issue is closed without action. In the United States it might be possible to request a workaround through the involvement of the United States Department of Justice Antitrust Citizen Complaint Center at https://www.justice.gov/atr/citizen-complaint-center — as observers have noted, if we end up with website DRM everywhere and whitelisted entries for browsers like Chrome and agents like Googlebot, the net effects will be radically anti-competitive. Please remember:
In the European Union you want the DG Competition:
|
|
"so preoccupied with whether they could, they didn't stop to think if they should" |
|
how about no TEEs in our phones to attest bootloader lock and SafetyNet (yes it's now Play Integrity) are already way too much |
|
When most ads are malware and most sites are not accessible out of the box, including Google sites, how will this API improve the browsing experience for real users? If your service trusts the client, you have failed as a developer |
|
Authors: Google, Google, Google and Google Maybe Google should play in it's sandbox rather than defining what Internet is? |
|
"what if the web sucked as hard as app stores do?" |
|
I would like to respectfully add my suggestion that Ben Wiser (Google), Borbala Benko (Google), Philipp Pfeiffenberger (Google), and Sergey Kataev (Google) all take this opportunity to engage a personal lawyer and seek legal advice, i.e. do not defer to the corporate counsel (Google), who may not have their best interests in mind. Antitrust law is real. Some violations are crimes. |
|
Oh wow, another Google attempt to lock out adblocking in the long run. Absolutely unsurprising. Knock it off. |
|
This, also quit your jobs at Google. |
This is a masterpiece of doublespeak, I have nothing but awe and congratulations for whoever pinched this one off. |
|
This proposal speaks a lot about trust, but seems not to realize that trust happens in multiple directions, often simultaneously. By locking a user out of changes - possibly even at the configuration level or installing extensions - to their browser, they can no longer trust the browser to behave with their interests in mind. It actively corrodes a user's ability to trust the browser to not spy on them, or perform other malicious behavior such as deleting data without consent. |
|
@RupertBenWiser writes about how frustrating it is to be locked out of your own hardware: http://benwiser.com/blog/I-just-spent-%C2%A3700-to-have-my-own-app-on-my-iPhone.html |
|
Don't be evil. This gets a rousing, unequivocal NOPE from me. I'm sure we all understand the challenges of servers fighting against attacks like DDoS and other issues, but in trying to mitigate against bad actors, we can't break the web in the process. |
@jaredcwhite They dropped that motto a long time ago. Google has accustomed itself to indulge in evil. |
|
This is pure, unmitigated evil. You're basically ensuring a monopoly for your platform. Each of you should be personally ashamed and likely banned from the industry. I will be the first person suing your company if you implement this, this is guaranteed to be illegal. |
|
This is very much a love letter to people who engage in phishing and as well as write malware as it makes their job a lot easier. |
I strongly agree. This is a blatant, willful violation of a bunch of antitrust laws. Remember that the VW engineers were the only ones who served prison time for the emissions scandal. |
|
I would feel deeply, personally ashamed to have my name associated with an idea as bad as this. |
|
Let's imagine this scenario: There is a search engine "A" and a search engine "B", both of which uses scrapers capable of executing javascript code. But the search engine "A" also happens to have some kind of involvement with attester entity called, for example, "Google Play". The question: what are the chances of attester entity to be more biased towards the scraper of the search engine "A", than search engine "B" when giving their verdict? |
|
Human-facing, client-side platform-state attestation won't and will never be used to secure the agency or well-being of a human. I'll put a thousand dollars down that everybody involved in drafting this spec uses an ad-blocker, without exception. And yet here you are trying to strip other people of the agency that you enjoy every day, to shelter a failing business model from inconvenient market realities like "people who don't like the product are allowed to not buy it". Is this the work you wanted to do? Was this the dream, is this the kind of engineer you wanted to be? Because you have agency too, you can still make choices about who you want to be and how you want the world to be different because you were in it, and maybe they can be better choices than this. |
|
It doesn't take much critical thinking to see the problem with this API. I mean, you even put it in the "open questions" section. None of the possible solutions in the explainer seem very realistic, either. The whole point of an API like this is to allow a site to modify its behavior for certain browsers or operating environments. It'd be surprising if someone didn't use it to exclude some browsers. I can imagine it already. A user wants to browse their favorite website on their favorite browser or operating system. They try to log on, only to be greeted by a (likely very modern and trendy looking) icon of a padlock, followed by some text along the lines of "We only serve secure environments. Please use one of the following browsers." Now they're at a fork in the road: stop going to your favorite site, or start using that site's favorite software. If you truly care about the open web, scrap this idea. Otherwise, stop pretending that you do. |
|
Don't blame google for doing what google does, blame yourself for using their products. |
I use Firefox, but that won't help me, when they release this oppressive tech. Either Firefox will be excluded, or, worse, it will have to implement the same oppression and break itself this way. It's not that easy. If Google had only a small market share, webadmins would say, "we can't use this tech, nobody would use our site". But that's not how it is. |
|
|
|
The plan isn't to exclude all other browsers, it's just to create yet another structural imbalance favoring the largest available browsers and platforms. So, exclude competition but in a way that they can spin in court later. I found this interesting too.. basically a very weak proposal to add some "open" to this: But even that small concession to a diverse web isn't favored? |
My goodness, I never thought about that! Let's do internet activism in the github issues for a day to prevent it, just like it prevented manifest v3, mass surveillance and paid reddit API! |
Oh, there's no way this changes their minds for a second, there's too much money and too little ethics involved. I just want to help annoy them briefly by making them have to clean up and lock down their GitHub. :P EDIT: to be clear, I'm pro-posting here and telling them this sucks, I'm just acknowledging the likely results and also enjoy those |
What a BS. "Let's implement a means to differentiate, but stop it from discriminating" (as if they didn't know that discriminate MEANS differentiating (with a dark subtext which isn't really relevant, here) |
It won't prevent it, but maybe we can at least make the next person who even thinks about advancing this evil set of technologies feel just a little bit of shame, and do so politely, because that's how it hurts the most, we know it from how the corporate speak they use to communicate with us works. The solution to this is to make it illegal, and I hope at least people who stumble here will know they're not alone in thinking this and know what they have to do. |
|
This is the "site best viewed in internet explorer" of the modern age, taken to its logical, horrendous conclusion. As many have said before me, if you're putting any trust in the client environment as a web dev, the problem lies with you. We don't need this. |
Thanks for opening my eyes, I totally forgot that the governments (who would never ever get involved in shady dealings with Google) may make this feature illegal. |
Luckily, there's the EU. |
It's difficult to oppose a system (or change to a system) that has not yet been implemented, outside of screaming that it shouldn't happen. When they actually build the digital padlocks is the time for the digital boltcutters. Until then, we scream. |
|
|
what is the point of the "commenting doesn't help" genre of comment except as literally a conservative troll |
![@gitlimes](data:image/svg+xml,<svg xmlns="http://www.w3.org/2000/svg" width="40" height="40"><rect fill-opacity="0"/></svg>){kind=avatar}
|
|
So how do the EFF and Firefox feel about this? |
|
On the topic of botnets and sockpuppet accounts, I wonder if the authors (all Google employees, of course) are familiar with proposed solutions that put control in the hand of the user, for example Trustnet , or if they came up with this next step in the war on general purpose computing first and then looked for a way to justify it second? Is this going to be pushed through despite the vocal opposition, just like Manifest v3, because management told you so? |
|
The funniest thing about this is how it's definitely not at all related to them lying about the nature of ad views to their customers |
You assume the teams talk to each other enough for that to be intentional. It turns out management accidentally colludes like this sometimes, and the individual contributors have absolutely no idea. Something something YouTube Shadow DOM v0 polyfill... |
|
This and the Idle Detection API. Why do we trust Chromium anymore? (talking bout the corporate developers, not the hobbyists) |
|
This is a foolish and dangerous proposal that will lead to widescale degradation of the internet as a whole. Don't do it. |
|
Someone should just mass report this repo (harsh and against TOS i know) |
That won't accomplish anything. Even if it gets taken down (which it won't), that just means it won't be public, not that it will disappear entirely. |
|
This is a direct attack on the free and open web and serves only to strengthen Google's abusive position of power over the entire industry. |
|
I will gladly employ tools to lie to all of your systems. I will not care about the legality or morality of such tools. I will do what I want with my hardware and software. |
|
We are already gagged by Chromium as the de facto browser to target in ways much worse than IE ever could've possibly reached. This'll only serve to make the situation worse. |
Don't forget to like, subscribe, and hit that notification bell button to stop a tech giant in its tracks. |
It's cute you think that alone will help defeat Google. Remember they're not alone either, they have the support of their buddies - Microsoft and Apple. Together these corporations literally dictate what goes into the chips on everyone's devices. They want a TZ inside phones? They get that. Pluton? Sure thing! And notice I said everyone's, not your specifically. You may run a librebooted thinkpad and this will still affect you. On the day YouTube starts requiring attestation and a fully encrypted link to your monitor, on a clean locked down install of Windows, or any other mainstream OS, and you'll have no choice but to get another device or wait for someone to (infrequently) upload an analog recorded copy or break another device to temporarily be able to rip it, you'll pull a surprised pikachu face. The same will happen when your bank requires it, your government, and that random fastfood website, because why wouldn't they? If the exclusion only affects 1% of people and it brings them ad revenue they won't care. Trusted computing is generally benign until 99% of people have it enabled by default, it then becomes impossible to go without it. |
|
Leave the web open. |
I don't think I can defeat Google, nor that I have to.
Of course they get that, because they know that you'll pay for that.
I won't notice anything, because I don't use youtube.
This is the only real problem on the list. |
|
Google pulling stuff like this is the reason we can't have nice things. |
|
The web is shite enough with all those cookies, JS frameworks bloat and trackers, let's stop making it even worse maybe, huh? |
I think a lot of people involved here are drastically underestimating how much it would suck to be involved in an antitrust lawsuit even if the target remains google, the corporation. Major litigation like this is regularly life altering for participants, with the stress of depositions (remember, lying to the government is a crime) and demands for document production being major life stressors. The authors are putting their own quality of life at what I personally would consider an unacceptable level of risk. |
|
Chromium must die. There must be active competition between it and some other browser engine again. That's the only solution I think will work to stop this stupidity. |
|
Lol, you should've acted when bootloader locking came or when Patriot Act was passed, its too late now |
|
I don’t understand how in good conscience you can work on such a project. If my employer made me do that I would simply quit. And I get that it’s easier said than done but if I had a job at Google I wouldn’t be worried about finding something else. Unless you need to be this morally bankrupt to work at Google in the first place. |
|
What a wonderful API, I love it! I hope this will finally let me quit my adblocking addiction which prevents me from truly enjoying my life by doing what I love the most - watching ads. I understand that initially it will only work on mobile devices, but I hope you will be able to partner with Microsoft to bring this to PCs as well. I'd like to see more ads SO MUCH, but currently my brain forces me to block all of them. I can't stand it anymore so I'm deeply thankful for this attempt to finally rescue me from this horrible addiction. Don't listen to what people are saying here. These comments are posted by poor misguided adblocker addicts and I hope you understand very well that people like them need urgent help. Please implement this ASAP!! |
|
This is a horrific idea in so many ways. Not only does it go against the values of the web, but from an EU side, I don't see it as ever meeting EU competition regulations. This is undoubtedly not something google should pursue. |
Yeah, right, de-google YouTube. De-zucking "Threads" would be more probable, by just moving to the Fediverse and letting "Threads" die... And I don't even believe in that. |
Until you need those repair instructions that somehow are posted there and nowhere else...
There are governments that are quite a lot more "for the people" than some parts of the US one... Can you spell "GDPR"? |
|
I hoped you were Wiser than that. |
laughs in yt-dlp |
|
"If a company claims to give access to the world of information, then presents a filtered view, the Web loses its crediblity." - Tim Berners-Lee It already feels like we're watching in realtime as the web becomes increasingly constricted and decreasingly democratic. Do the four names at the top of this proposal really want to be the ones to accelerate this to its next milestone? I realize that Google has long been an enemy of the open web, but the callousness of this is somehow still staggering. You should all feel deeply ashamed. I understand that there are Googlers who believe this is not "the right kind of feedback at the right time," but the only time to address it is now, and the only appropriate feedback is truly: "Don't." |
|
You should be ashamed. Evil. |
|
I agree with other people above. We do not need the Internet to become the new TV. |
|
Hey folks! Jumping in here in a chair role, at the request of the team working on this. I'd like to remind folks that contributions on this repo are subject to GitHub's code of conduct as well as the W3C's Code of Ethics and Professional Conduct. Violations of these codes of conduct will results in bans and reports. Spammy issues will be closed without comment. Duplicates of this issue will be folded into this one. I understand many folks here are upset about this proposal. I urge you to actually read the proposal, rather than rely on rumors about what it does or doesn't propose. If it's at all helpful, I wrote a few words about ways you can constructively engage with proposals you don't like. This repo represents an early stage proposal, not a fait-acompli. High quality feedback on the proposal itself is highly welcome. Unprofessional behavior is not. Thanks! |
|
I think the spirit of the proposal is locking down the web, which is Google's end game. You should all stop this, think about what you're doing here. You're human beings and users of the web first, Google employees second (hopefully). |
|
This proposal is problematic on multiple levels, and should never be implemented. This proposal being implemented means the death of the open Internet. I urge all involved in this proposal to remove it, to never reconsider it in the future.
Chrome is the de-facto default browser of the Internet, and we have all seen what happened with EME. |
|
Normally I wouldn't bother joining the chorus on this sort of thing, but this is such a violently aggressive attack on the internet as a whole that I can't sit idly by and do nothing. Saying this is "not a fait-accompli" is a complete and utter pile of BS and you know it. Regardless of other browsers' existence, the reality is that Chrome dictates what the web is. If Chrome adds a feature, developers will use the shiny new thing with no regard for whether anything else supports it, it'll work for the overwhelming majority of web users, and every other browser in existence is forced to either add the feature or lose yet more market share. This proposal is the most egregious example yet of why it was a horrible mistake to allow Chrome to take over the vast majority of browser market share. It effectively destroys all freedom on the internet, gives Google the ability (and arguably, obligation) to literally dictate what content is and is not allowed online, and would give governments and organizations unparalleled ability to censor, restrict, manipulate, and oppress the public. If you can't see why this is a, to be blunt, ABSOLUTELY FUCKING HORRIFICALLY BAD IDEA that has infinitely more harmful uses than helpful ones, I don't know what to tell you. The internet is built on freedom. It is fundamentally decentralized, for the most part, despite many corporations and governments' attempts to constrain and control it. I was going to continue this comment, but since I see you're just deleting them blindly now, I won't waste my breath. Please consider the response your "proposal" has received before you or your corporate masters attempt to proceed any further. |
![@kg7y](data:image/svg+xml,<svg xmlns="http://www.w3.org/2000/svg" width="420" height="420"><rect fill-opacity="0"/></svg>){kind=avatar}
This is not helpful at all no. You are violating the basic code of conduct of the entire internet with this proposal. Tone policing when you are the one suggesting insane things is silly. You say to apply Occam's razor, which would clearly imply google locking down the internet for their own profit here. Stop this and delete the repository immediately. |
While the proposal may not directly be meant to do the things mentioned here, its power dynamics work out that way over time. In the end a solution like this requires power over verifying the client to be given out to the servers, which relies on a hardware root of trust that has been covertly installed by the industry in end-user devices without much thought given to whether society as a whole has consented to this. In fact the wording used around these technologies feels deliberataly technical and becomes a footnote security feature mentioned in marketing material, without the power implications being widely explained. It is an initiative undertaken by corporations without democratic control. I find the inspiration being taken from native implementions like play integrity to be problematic. These systems have shown us a taste of how this looks like, but thankfully limited to mobile devices. Regardless, I have first hand experience of having to battle with SafetyNet to keep older devices alive and up to date (which has a downgrade attack, so it's not a full use of remote attestation). Ironically using outdated vendor software brings no issues in that case, which makes SafetyNet a obstacle to better security. The overall effect is that other operating systems cannot interoperate in practice, because 3rd parties would have to explicitly support them, and they simply don't care. Since the user has no option of overriding their hardware, they cannot resort to spoofing. I don't believe there has to be a conspiracy there, market dynamics will simply ensure that smaller players won't get taken into account and will have a conflict of interest with the industry. Similarly the wide implementation of this technology is simply convenient to big tech players, they get to kill two birds with one stone (CAPTCHAs, 2FA) and they get to ensure their market dominance. It also avoids usual antitrust issues (though I'm not a lawyer, so don't hold me on this), because it distributes the enforcment of this. There are likely to be multiple gatekeepers here that all roughly align themselves with what big platforms want, which dillutes responsibility. They will keep their influence through network effects, as users and browsers will have to accept the standards of those who's attestation is trusted by the most platforms. I understand this is a convenient solution for some engineering problems, but as it's leading us down a very bad path, we have no choice but to back out of it and do something else. This is where your responsibility comes in, because I think pushing this set of technologies forward in any way should be avoided, it makes it much more difficult to back out of and will enable abuse. That's why I don't think it's possible to offer constructive criticism of this proposal itself, it comes with the assumption that it and the oppresive technology it's built on itself is valid. But I can offer constructive input on other paths the industry could take. External hardware tokens are one way, you still get attestation that someone holds a physical object, you get 2FA, but you cannot determine the device state, which is the whole point that makes TC an oppressive technology. Less convenient? Yes, both for users and industry, you'd probably need to manadate it through legal means, but it is 100% worth it to avoid compromising user autonomy on a global scale. Note here: Integrating that into devices without enabling TC is possible, but presents problems for reselling/giving away used devices and parts, but maybe something could be done about this. |
|
I implore everyone involved in working on this proposal to read Phillip Rogaway's 2015 paper The Moral Character of Cryptographic Work and to think about what kind of world you want to live in. |
Everyone should also watch Cory Doctorow's speech on The Coming War on General Computing from 11 years ago that talks about this concept and it's detrimental effects to humanity as a whole. https://youtu.be/HUEvRyemKSg |
|
They're gonna do it, just like they did manifest v3, and you're not gonna do anything about it, just because they can. |
|
Apologies for my earlier snide remark w.r.t. comment deletion, at least one of those did deserve to be removed. I just have one more thing to add. Re-reading the proposal, there are multiple places where you point out several Very Bad Things that it could be used for. It appears that your entire plan for "mitigating" those possible uses is 80% "well we'll just tell people not to" and 20% "maybe we can just randomly not present the information sometimes so people can't rely on it?" and I think it's pretty obvious that neither of those will work. If it is possible for a technology to be abused for oppressive or abusive purposes, it will be. "telling people not to" (or pointing at "agreements"/"pledges" that companies have made, basically them saying "I swear I won't misuse this" despite being under massive financial pressure to take every single possible commercial advantage they can get their hands on) is laughable. Anything that involves intermittently not sending the attestation will just result in people seeing errors until they've mashed refresh enough times to trigger a fallback/failsafe, or begin an unending game of cat and mouse between the masking algorithm and enterprises seeking to bypass it. It is helpful to remember that under our current Western system of economics and government, every single publicly traded business is driven by a single goal: Provide a bigger number on the next quarterly return than the last one. Literally nothing else matters. Adding functionality with such massive potential for misuse and abuse, without any guard rails against abuse other than "we swear we won't uwu", is not even remotely close to good enough - and I fail to see any way this could be made to achieve any of the stated goals (goals I don't believe are remotely necessary or worthwhile, mind you, but that's beside the point) without it being possible to misuse. The only way to stop this technology from being misused is to not implement it in the first place. |
I found this interesting:
Source: |
|
Great so even the powerful Microsoft gave up on writing a web browser and went Chrome. Everything is Chrome, and now here comes the flex to lock us little people out. I understand that pulling up the ladder, and closing out people is a priority but wow just wow. I wonder if we will even be allowed to host web sites in this brave new world? I left blogger for a reason, namely that Google was beyond inept at running it. What happens when this standard gets pushed, and we get locked out, and this will become the IE6 of the 2030's forever locked us into some AOL land where we have zero freedom to use the open networks? If you wanted innovation, it should be leveraging AI to augment routing protocols, dns lookups, threat detection & mitagation. I'd love to see some Gibson-esque ICE. Instead all I see is the slamming wall of the 防火长城. I'd say I was sad, but I'd expect nothing more from an organisation shielding itself from the people, to protect the megacorps. Shame. |
I don't care about SJW "Codes of Conduct." They have no place in open discussions and should be abolished. Anyone in software laying out a "Code of Conduct" is contributing to the social cancer and should be exiled. Bullies like @scanlime [1] who would open project issues just to accuse people of "abuse" are precisely the reason that both "Codes of Conduct" and remote attestation are horrible ideas. Remote attestation in particular will be used to restrict and silence anyone who disagrees with the narrative of those who have access to the technology or the favor of the people controlling it. Even Google themselves admit upfront that this can and will be abused by bad actors.
|
Gonna be straightforward in this one. Don't be a coward and and dismiss your peers outrage as "spam". The level of outrage generated is a valid thing to consider, and deleting issues has never ever worked out for anyone PR wise. I'll also note that abusive comments supporting the proposal so far have stayed up. Just saying...
This is a pretty neat sleight of hand trick you've pulled off. Implicitly assuming that the constructive outcome is to improve the proposal. This is of course a bad response when the community consensus is that the proposal is fundamentally bad not in its methods, but in its stated goals.
Once again, the fundamental issue here is that nobody trusts Google. You can swear up and down that it's not a fait accompli, but it's not like we've seen Google use their market dominance to force through unpopular standards changes before. Part of the long term consequences of this loss of credibility is that any proposal like this is treated as a nine alarm fire because
These things would be obvious to you too if you stopped and listened to other people, rather than talking at us. |
|
Google has often proven untrustworthy. Thus, there's no reason to trust this proposal either. Sure you can claim all you want that "content blocking will still work!" but people clearly know what is up. Do the right thing: It's time to stop this madness just to get people to watch ads or destroy their privacy, for a quick buck. People also have right to their privacy and right to not connect their computer to addresses they do not wish to connect. Leaving a husk of "open" internet to future generations is not what anyone wants. It must be preserved as it is. You do not have to do anything. Or do you really wish your children's and their children's privacy to be invaded? That's the route we're on, once again. And why we're on that route? Because Google has a stranglehold of the internet. For other users of the internet, I hope that you will very least switch your browser from any chromium based ones. |
To a megacorp, children are slaves to be bred into good little worker bee CONSOOMERS. This entire "remote attestation" idea is peak corporatism. |
The proposal is crystal clear, anybody with the slightest experience in software development can clearly see what you are trying to do here. Have you noticed that you haven't got any defenders, under this issue?
Something that you are not willing to withdraw is not a proposal, and given your affiliation with Google it is already a fait accompli.
There is no higher quality feedback than this: show integrity and dump this. Expecting others to even assist you with your nefarious attempt does neither speak for your professionalism nor for your integrity. It just demonstrates that you have already made up your mind and will try to pull this off, at all costs. |
|
@jbruchon it undermines your attempt at taking the high road when you delete the post I was responding to and replace it to obscure the edit history. |
|
Is that whole thing a joke? If something like that gets implemented people will no longer keep dealing with it like it's nothing, a bloody revolution may be the only solution. So just don't implement this |
I don't care about "taking the high road." I care about the "open" part of "open source." You pretend to care until someone says something you don't like, then it's "rules for thee, not for me." If you don't like people seeing the shitty things you say then you're free to stop saying those things. People like you who make it impossible to agree on one thing while disagreeing with something else are the shining example of what I'm talking about in my previous comment. You want a codified method to rules lawyer anyone who disagrees with you out of anywhere you go and a big hammer to enforce it with. Remote attestation is a colossal magic banhammer that can be wielded over the Web. You pretend to be against it until someone disagrees, then it's all "this guy is why authoritarianism is needed, now hand me that banhammer for a minute." |
I'll just brow beat this a bit. If it's actually a proposal and not a fait accompli, by what mechanism would this be dropped @yoavweiss? Not modified, abandoned. Because if there is not a mechanism by which the entire proposal is scrapped then it is a fait accompli. Also, it sure looks like Google is already beginning to prototype this on Chromium. Which begins to call into question whether you're being dishonest or merely misled by your peers. |
So far all I've done is file an issue on your repo with a link to your (now deleted) comment. No bans, no censorship. You've deleted my issue and deleted your comment. I just can't figure out what angle i'm supposed to view your strawman from for it to make sense. |
@scanlime: Suggestion: Add "anti-code-of-conduct" to solidify this project's pro-abuse position (Issue #1) Also @scanlime: "All I did was file an issue and link to a comment!" I can't fix your issue. We can agree to disagree though. Have a great day. |
This is not my proposal. I'm here as chair to make sure this remains a professional working environment. I left open mostly the issues which I think the team working on this proposal should reply on. I closed the issues that were not actionable, spammy, and counter to the code of conduct, or ones that were duplicates.
Presenting unmitigated risks that outweigh the benefits of the anti-abuse use cases, and that go beyond the status-quo of device fingerprinting could be one way of convincing e.g. the Blink API owners not to approve this proposal when it reaches an Intent to Ship stage (quite a long time from now, as it's an early stage proposal).
Code for this is being prototyped in Chromium behind a flag. That means nothing regarding this feature shipping in the future. Lots of code gets prototyped in Chromium and then modified or scrapped when the feature changes course.
Let's keep this civil. |
"Diplomacy is the art of saying 'Nice doggie' until you can find a rock."
|
Well, the community sure seems to think that they've provided such unmitigated risks and they have credibly called into question the purported benefits. It'd be nice if the people supporting the proposal engaged with us. The idea that we have to wait until "Intent to ship" to weigh in seems to tilt the scales more than a tiny bit, don't you think?
Yes, it's also exactly what I'd do if I wanted to be able to ram a feature through ASAP the moment it was green lit. Again, we've seen google do this before. Google implementing features before they're standardized in order to leave other browsers at a permanent disadvantage is hardly new feedback. Repeatedly google has pulled these tricks to accomplish short term goals, at the cost of community and user trust. You were warned repeatedly that such things were costing organizational credibility, and you did not listen. And now you're surprised that you don't get the benefit of the doubt? Come on.
No definition of civility requires that someone who thinks they're being lied to just accept it without comment. |
but it can be activated with an origin trial |
|
Hey all, we plan to respond to your feedback but I want to be thorough which will take time and it’s the end of a Friday for me. We wanted to give a quick TL;DR:
|
|
Hey everyone, thank you for your patience, and thank you to everyone who engaged constructively. It is clear based on the feedback we’ve received that a bigger discussion needs to take place, and I’m not sure my personal repository is the best place to do that - we are looking for a better forum and will update when we have found one. We want to continue the discussion and collaborate to address your core concerns in an improved explainer. I want to be transparent about the perceived silence from my end. In the W3C process it is common for individuals to put forth early proposals for new web standards, and host them in a team member's personal repository while pursuing adoption within a standards body. My first impulse was to jump in with more information as soon as possible - but our team wanted to take in all the feedback, and be thorough in our response. That being said, I did want to take a moment to clarify the problems our team is trying to solve that exist on the web today and point out key details of this early stage proposal that may have been missed. WEI’s goal is to make the web more private and safe Privacy features like user-agent reduction, IP reduction, preventing cross-site storage, and fingerprint randomization make it more difficult to distinguish or reidentify individual clients, which is great for privacy, but makes fighting fraud more difficult. This matters to users because making the web more private without providing new APIs to developers could lead to websites adding more:
All of these options are detrimental to a user’s web browsing experience, either by increasing browsing friction or significantly reducing privacy. We believe this is a tough problem to solve, but a very important one that we will continue to work on. We will continue to design, discuss, and debate in public. WEI is not designed to single out browsers or extensions Maintaining users' access to an open web on all platforms is a critical aspect of the proposal. It is an explicit goal that user agents can browse the web without this proposal, which means we want the user to remain free to modify their browser, install extensions, use Dev tools, and importantly, continue to use accessibility features. WEI prevents ecosystem lock-in through hold-backs This is designed to prevent WEI from becoming “DRM for the web”. Any sites that attempted to restrict browser access based on WEI signals alone would have also restricted access to a significant enough proportion of attestable devices to disincentivize this behavior. Additionally, and this could be clarified in the explainer more, WEI is an opportunity for developers to use hardware-backed attestation as alternatives to captchas and other privacy-invasive integrity checks. WEI does not disadvantage browsers that spoof their identity Let’s work together on finding the right path |
and others
Sometimes you have to ask the question whether something should be done at all, and trusted computing is certainly one of those cases where the answer is obviously a big fat NO.
So please reconsider what you believe in, leave this demon to history where it forever belongs.