NilsGoogle is ruining the entire web
papajohnSecutity is not priotity.
They’re adding DRM? In what way?
Bri Guy You can read a little about it here
I also encourage you to look at the GitHub…be warned that there are some quite angry folks on there
Browser developers push back on Google's “web DRM” WEI API
Google's plans to introduce the Web Environment Integrity (WEI) API on Chrome has been met with fierce backlash from internet software developers, drawing criticism for limiting user freedom and undermining the core principles of the open web.
Understandable lol
TeddEBasically by allowing websites to refuse to load unless the browser the operating system running the browser promises that the user isn’t allowed to know what the computer is doing. And Google super duper promises this won’t be used for evil.
EherVielleichtYeah, I’m sure they fucking do lol Glad I use a combination of it, Firefox, and Opera GX now to diversify
Everything not Firefox or Safari is Chromium based.
Then I guess I’m still glad that’s in my mix lol
No, there are forks of Gecko (Firefox’ engine) as well. Librewolf and Waterfox for example.
Glowing LanternIf you want to experience this kind of feature today, try streaming in 1080p or better on Linux. Worse than DVD quality even if you pay for 4K HDR, just because of DRM.
Which platform? Netflix works fine - do you mean YouTube?
I’ve never had this happen on YouTube or any other video streaming website.
YouTube doesn’t use invasive DRM. It’s mainly Netflix (there’s a workaround for 1080p), Prime Video, Disney+, Paramount+, etc.
AnUnusualRelicallowing websites to refuse to load unless the browser the operating system running the browser promises that the user isn’t allowed to know what the computer is doing
So they won’t support Linux anymore?
That seems to be the message everyone is drawing from this.
I think it’ll be more insidious than that, there will be Linux, but only “signed, verified” Linux will be allowed, and the only Linux distributions that will make that list are the ones with corporate or government versions. Specifically distributions like Google’s Android, IBM’s Red Hat, Canonical’s Ubuntu, and China’s Kylin.
This is still as horrible. Imagine Ubuntu winning the snap vs flatpack exchange, because their OS is ‘legit’, whereas every other distro is pushed out, because it’s too much work to install an unsigned OS.
I can’t wait to have to download a crack for my browser so a website thinks that my browser is using wei and no-adblock.
ObiRight. I mean there’s always going to be a way. Your open source browser can run a spoof of an “official” browser, present itself as a valid user, load the page with all the ads and tracking in a sandbox in between, strip all of it out and serve you the actual content.
Or maybe people will eventually be fed up and we’ll start our own internet completely out of corporate control.
Or maybe people will eventually be fed up and we’ll start our own internet completely out of corporate control.
Or just return to the land, because it’s still right there. Would also help to do for climate change what corporations seem unwilling to do themselves.
Eh? Just use a different browser?
No, we need to burn it all down and start again with sticks and rocks
I mean, we’re not there quite yet, but if future technological developments are used to own people instead of help them, then is it really a bad idea?
Based luddite
JackGreenEarthI hear web3 is a decentralised web.
I hear web3 is a decentralised web.
That’s the cryptobros’ vision of the “decentralized web”
They’re talking about piracy.
And if the only choice becomes between privacy and piracy, well, I can’t be saying which I would choose, matey. Avast!
The web is already decentralized. Always was. It’s the people that want centralized services for convenience, and some of these services have valid reasons to be centralized. Web3 have nothing to do with any of this.
Domains aren’t, and that’s a large part of the web. ICANN, a single company, controls all domains, and you have to apply to be a registry with that one company, and don’t get me started on ‘premium’ domains.
ICANN is at least a nonprofit, and theoretically controlled by multiple stakeholders. And it doesn’t really hold all the power from a technical perspective, their power only works as long as all the global network operators comply with what they ask. They are a coordinating body more than anything
Your open source browser can run a spoof of an “official” browser
Not if the server requires the digital signature of a challenge to be produced by a key whose certificate is signed by a “trusted” third party, said third party only providing that key at runtime, if your browser can also provide the same kind of authorization from the OS, itself being only able to produce it if it can safely determine that it’s running on completely locked-down hardware AND having online-activated DRM tells him he can provide such key; the hardware itself requiring constant online connexion to ensure it’s “authorized”, and including yet another layer of keys in hardware.
There’s been progress toward this kind of things. At every step, people warning about the risks are seen as lunatics. SecureBoot preventing booting a custom kernel? No problem, microsoft will sign your keys. TPM not delivering keys to non-trusted kernels? No problem, just don’t use it (and don’t get the keys, obviously). UEFI requiring digital signature to be flashed? It’s for your safety, but we won’t give you the keys or it would defeat the purpose. Embedded CPU inside your CPU running opaque code on every operation you do? Trust me bro, there’s no problem here.
Sure, opensource (or even just open at this point) alternative will most likely remain available as a niche, but once all major services that people want requires such a chain of control, the vast majority of people will gladly flock to locked-down system. Heck, it’s already happening. Nowadays I can’t even log into my bank website without a trusted iOS or Android device. The “free, open” alternative will be rare, expensive, and only work for people that cares. Which is not too much sadly.
PsythikJust use Firefox. I don’t understand why people are so hell-bent on using a Chromium-based browser.
Honestly, I’ve just switched from Brave to Firefox after trying it awhile ago and I can’t even begin to say how much I hate it. Despite turning off settings to open new tabs, every website I open browsing on mobile opens a new tab, so before I know it I have 27 tabs open, the desktop version is clunky, I had to adjust a ton of settings to stop it from downloading in the background every file I just wanted to view or print, and it won’t even let me print or save as pdf a lot of things, so I have to open Chrome or Brave to do that stuff anyway. I feel like grandma trying to learn to text using it, but for now I’m going to press on because the ad blocking works better than Brave and I like some of the extra features and plugins.
Despite turning off settings to open new tabs, every website I open browsing on mobile opens a new tab That shouldn’t happen, I’ve just set Homepage > Opening screen to last tab and when I open firefox it defaults to the last tab that I was on before exiting the browser I had to adjust a ton of settings to stop it from downloading in the background every file I just wanted to view or print Iirc its just setting browser.download.open_pdf_attachments_inline to true at about:config
MalReynoldsFair enough, you have an opinion, that firefox is wrong in everything it does, it’s not valid, but you need to learn the defaults. Be well.
Fair enough, you have an opinion, that firefox is wrong in everything it does
That’s not what they are saying though. A lot of this is configurable for a reason.
but you need to learn the defaults
I don’t think that they do. They have see. They don’t like the defaults and it’s their right to change them. That’s the whole point of configurable FOSS ffs.
I had to adjust a ton of settings to stop it from downloading in the background every file I just wanted to view or print,
Well, you can’t view or print a file without downloading it.
Give Vivaldi a try, it’s a chromium fork but with a strong focus on privacy.
kaduUntil Netflix decides you can only watch high resolution content via Chrome passing the DRM check.
Or your banking website does the same. Or YouTube. Or PayPal. And so on.
Though, honestly, nobody so far came up with any good explanations as to how this DRM scheme inside a browser would truly prevent adblocking and screen recording - my browser hasn’t got higher privileges than my admin user account.
HeavenAndHellI mean, you can just literally read the Google DRM github repo and it’ll tell you everything you need to know about how bad this is for the free internet.
you can already only watch netflix hdr content on edge.
Still Chromium based
That has nothing to do with Chromium, but Edge being the only browser integrated into your system enough to use the DRM of your chipset.
Yes, and how many people bother to do that when other means are so much easier even if you pay for Netflix…
On edge and Piracy, you mean. ;)
I don’t, myself, use Edge.
I also don’t do piracy, but downloading Edge sure looks less convenientn every day…
my browser hasn’t got higher privileges than my admin user account
They’ll fix that. The endgame might very well be you can only run a trusted browser, safely checked by your OS, itself trusted, running on fully signed code from a trusted source, started on a trusted motherboard/CPU, with hardware lockdown that would only boot trusted kernel and embed private keys so deep that you’d need a full lab to recover them, only to have them remotely disabled if anything funky seems to be happening at any point in that chain.
For now, this is fiction. For now. We already started moving that way with secureboot, opaque UEFI in our systems and TPM modules. The only saving grace is that they currently all have flaws.
yeah the goal is that the browser verifies the OS and itself and reports back that it’s running in a “secure” (ie, not user controlled) environment
My computer my control fuckers.
I’ll stop using 99% of the internet. I don’t give a fucking shit.
Vudu, Hulu, and I’m sure others already prevent Hdx+ content unless it’s through chrome or Microsoft’s whatever-it-is.
Good thing I sail the high seas. Fuck those companies.
Because the browser choice has nothing to do with what Google is trying to achieve with the DRM thing.
1984A few of us sitting and using Firefox while Google is suggesting being able to control what computer you use, what software is installed, what plugins you are allowed to have?
This is a very big threat not solved by using Firefox.
They want ChromeOS…on literally everything.
The problem is what people are trying to do with the Internet. It was never going to be capable of replacing every facet of society the way these corporations seem to have envisioned things. To paraphrase Serial Experiments Lain: The wired should support the real world, not replace it.
Such a good fucking show
Ah damn it’s still sitting unwatched on my hard drive. I should get on it.
That was the plan all along.
Margot RobbieThey already did it with site doing SEO for Google’s algorithmic dark patterns.
But a $35 le potato sbc and run the two lines of commands to install pi-hole. Then, set your router’s DHCP to the pi-holes IP. BOOM no more ads or tracking. Your welcome.