Don't. #28
Labels
No Label
bug
documentation
duplicate
enhancement
good first issue
help wanted
invalid
looking for feedback
question
task
wontfix
No Milestone
No project
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: inhji/Web-Environment-Integrity#28
Loading…
Reference in New Issue
No description provided.
Delete Branch "%!s(<nil>)"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Sometimes you have to ask the question whether something should be done at all, and trusted computing is certainly one of those cases where the answer is obviously a big fat NO.
So please reconsider what you believe in, leave this demon to history where it forever belongs.
This is DRM infrastructure for websites and fundamentally counter to an open web.
So yeah, don’t.
100% agree. This proposal offers far too many opportunities for abuse. The authors have clearly tried to mitigate this, but their measures are insufficient and always will be, because the underlying idea is flawed. Lets leave this one in the past - it will only ever cause more harm than good.
Almost every reasonable use case of this proposal is something that makes the web worse for users. It opens another front in the War On General Computation, and continues the trend of web browsers ceasing to be user-agents, and becoming the property of the website owners. It's a straight-up attack on the open web.
I would add myself to the points above, this is not a good idea and opens up so much potential abuse, and shutting out of marginalised groups who may not be able to use the latest version of a program.
The world is also dividing along ideological lines that could see this used to perpetrate a shutdown of information to a select few.
tl;dr Don't
Please just withdraw this horrible idea.
"Web Environment Integrity" is when you, as developers, show integrity and dump this.
Have you lost your fucking minds? DRM never was and never will be a good idea. Just stop.
No. Either no one else than you can build browser engines anymore, or this won't work anyways.
This is against OpenSource. How would my homebrew-browser be forced to be honest?
The entire premise of this proposal is completely flawed. To quote the authors,
If the security of your web service depends on a specific client environment, your web service is designed wrong. Period. If something is security-critical, you should not ever delegate that computation to client side and you should not ever blindly trust any client-side input, even if you can attest to any digital signature from the client. Are you sure you are going to be able to maintain an up-to-date list of all the vulnerabilities of all "trusted" clients? And how are you going to mitigate all of them in time? Even with Android, a lot of known vulnerable devices are still "trusted" under SafetyNet / Play Integrity. The only way for any service to be secure is to not trust client input blindly.
Your proposal has exactly nothing to do with whether a human user is interacting with the device. All you can ever do is attest to the fact that the client uses software with a signature trusted by the server. An automated program does not have to actually execute within this environment -- it can be a device outside of the control of the client-side operating system entirely. Are you then going to authenticate all peripherals connected to the device?
Let's make this very clear: the backbone of the open internet is the fact that any client from any vendor can access any website, as long as they implement all the open standards a given website / application depends on. By giving the ability to exclude certain vendors and users to operators of a website, you are destroying the open internet, not the other way around.
^^ what they said. There is no compelling argument for any of this other than "policing the content/services I provide on the internet WITH humans, in order to maintain a productive service FOR humans, is expensive and I don't wanna; so lets add more complexity to an already complicated and impossible to understand/maintain tech stack and add even more hurdles a user has to go through rather than just sending a browser to a URL.."
Plus if you add yet another thing I have to 2FA just to read the instructions on how to repair my dishwasher, I may start to get nasty.
Hello! I'm hoping to help with potential workarounds, in case this issue is closed without action.
In the United States it might be possible to request a workaround through the involvement of the United States Department of Justice Antitrust Citizen Complaint Center at https://www.justice.gov/atr/citizen-complaint-center — as observers have noted, if we end up with website DRM everywhere and whitelisted entries for browsers like Chrome and agents like Googlebot, the net effects will be radically anti-competitive.
Please remember:
In the European Union you want the DG Competition:
"so preoccupied with whether they could, they didn't stop to think if they should"
how about no
TEEs in our phones to attest bootloader lock and SafetyNet (yes it's now Play Integrity) are already way too much
When most ads are malware and most sites are not accessible out of the box, including Google sites, how will this API improve the browsing experience for real users?
If your service trusts the client, you have failed as a developer
Authors: Google, Google, Google and Google
Maybe Google should play in it's sandbox rather than defining what Internet is?
"what if the web sucked as hard as app stores do?"
I would like to respectfully add my suggestion that Ben Wiser (Google), Borbala Benko (Google), Philipp Pfeiffenberger (Google), and Sergey Kataev (Google) all take this opportunity to engage a personal lawyer and seek legal advice, i.e. do not defer to the corporate counsel (Google), who may not have their best interests in mind. Antitrust law is real. Some violations are crimes.
Oh wow, another Google attempt to lock out adblocking in the long run. Absolutely unsurprising.
Knock it off.
This, also quit your jobs at Google.
This is a masterpiece of doublespeak, I have nothing but awe and congratulations for whoever pinched this one off.
This proposal speaks a lot about trust, but seems not to realize that trust happens in multiple directions, often simultaneously.
By locking a user out of changes - possibly even at the configuration level or installing extensions - to their browser, they can no longer trust the browser to behave with their interests in mind. It actively corrodes a user's ability to trust the browser to not spy on them, or perform other malicious behavior such as deleting data without consent.
@RupertBenWiser writes about how frustrating it is to be locked out of your own hardware:
http://benwiser.com/blog/I-just-spent-%C2%A3700-to-have-my-own-app-on-my-iPhone.html
Don't be evil.
This gets a rousing, unequivocal NOPE from me. I'm sure we all understand the challenges of servers fighting against attacks like DDoS and other issues, but in trying to mitigate against bad actors, we can't break the web in the process.
@jaredcwhite They dropped that motto a long time ago. Google has accustomed itself to indulge in evil.
This is pure, unmitigated evil. You're basically ensuring a monopoly for your platform.
Each of you should be personally ashamed and likely banned from the industry.
I will be the first person suing your company if you implement this, this is guaranteed to be illegal.
This is very much a love letter to people who engage in phishing and as well as write malware as it makes their job a lot easier.
I strongly agree. This is a blatant, willful violation of a bunch of antitrust laws.
Remember that the VW engineers were the only ones who served prison time for the emissions scandal.
I would feel deeply, personally ashamed to have my name associated with an idea as bad as this.
Let's imagine this scenario:
There is a search engine "A" and a search engine "B", both of which uses scrapers capable of executing javascript code.
But the search engine "A" also happens to have some kind of involvement with attester entity called, for example, "Google Play".
The question: what are the chances of attester entity to be more biased towards the scraper of the search engine "A", than search engine "B" when giving their verdict?
Human-facing, client-side platform-state attestation won't and will never be used to secure the agency or well-being of a human.
Particularly when the developers of that attestation process consider "How will we prevent this signal from being used to exclude vendors" to be an "open question" worth considering, and "how will we prevent this signal from being used to exclude or marginalize classes of people" doesn't deserve so much as the "todo" you've granted to lesser considerations like "privacy". This is an attempt to keep humans from being able to make choices that are inconvenient to your business model and that's it.
I'll put a thousand dollars down that everybody involved in drafting this spec uses an ad-blocker, without exception. And yet here you are trying to strip other people of the agency that you enjoy every day, to shelter a failing business model from inconvenient market realities like "people who don't like the product are allowed to not buy it".
Is this the work you wanted to do? Was this the dream, is this the kind of engineer you wanted to be? Because you have agency too, you can still make choices about who you want to be and how you want the world to be different because you were in it, and maybe they can be better choices than this.
It doesn't take much critical thinking to see the problem with this API. I mean, you even put it in the "open questions" section. None of the possible solutions in the explainer seem very realistic, either. The whole point of an API like this is to allow a site to modify its behavior for certain browsers or operating environments. It'd be surprising if someone didn't use it to exclude some browsers. I can imagine it already. A user wants to browse their favorite website on their favorite browser or operating system. They try to log on, only to be greeted by a (likely very modern and trendy looking) icon of a padlock, followed by some text along the lines of "We only serve secure environments. Please use one of the following browsers." Now they're at a fork in the road: stop going to your favorite site, or start using that site's favorite software. If you truly care about the open web, scrap this idea. Otherwise, stop pretending that you do.
Don't blame google for doing what google does, blame yourself for using their products.
I use Firefox, but that won't help me, when they release this oppressive tech. Either Firefox will be excluded, or, worse, it will have to implement the same oppression and break itself this way.
It's not that easy. If Google had only a small market share, webadmins would say, "we can't use this tech, nobody would use our site". But that's not how it is.
And Firefox already backed down once. They will do it again in no time.
The plan isn't to exclude all other browsers, it's just to create yet another structural imbalance favoring the largest available browsers and platforms.
So, exclude competition but in a way that they can spin in court later.
I found this interesting too.. basically a very weak proposal to add some "open" to this:
https://github.com/RupertBenWiser/Web-Environment-Integrity/issues/16
But even that small concession to a diverse web isn't favored?
https://github.com/RupertBenWiser/Web-Environment-Integrity/issues/5
My goodness, I never thought about that! Let's do internet activism in the github issues for a day to prevent it, just like it prevented manifest v3, mass surveillance and paid reddit API!
Oh, there's no way this changes their minds for a second, there's too much money and too little ethics involved. I just want to help annoy them briefly by making them have to clean up and lock down their GitHub. :P
EDIT: to be clear, I'm pro-posting here and telling them this sucks, I'm just acknowledging the likely results and also enjoy those
What a BS. "Let's implement a means to differentiate, but stop it from discriminating" (as if they didn't know that discriminate MEANS differentiating (with a dark subtext which isn't really relevant, here)
It won't prevent it, but maybe we can at least make the next person who even thinks about advancing this evil set of technologies feel just a little bit of shame, and do so politely, because that's how it hurts the most, we know it from how the corporate speak they use to communicate with us works.
The solution to this is to make it illegal, and I hope at least people who stumble here will know they're not alone in thinking this and know what they have to do.
This is the "site best viewed in internet explorer" of the modern age, taken to its logical, horrendous conclusion.
As many have said before me, if you're putting any trust in the client environment as a web dev, the problem lies with you.
We don't need this.
Thanks for opening my eyes, I totally forgot that the governments (who would never ever get involved in shady dealings with Google) may make this feature illegal.
I thought that they are more likely to make disabling this feature illegal, but I guess I was mistaken.
Luckily, there's the EU.
It's difficult to oppose a system (or change to a system) that has not yet been implemented, outside of screaming that it shouldn't happen.
When they actually build the digital padlocks is the time for the digital boltcutters. Until then, we scream.
what is the point of the "commenting doesn't help" genre of comment except as literally a conservative troll
So how do the EFF and Firefox feel about this?
On the topic of botnets and sockpuppet accounts, I wonder if the authors (all Google employees, of course) are familiar with proposed solutions that put control in the hand of the user, for example Trustnet , or if they came up with this next step in the war on general purpose computing first and then looked for a way to justify it second?
Is this going to be pushed through despite the vocal opposition, just like Manifest v3, because management told you so?
The funniest thing about this is how it's definitely not at all related to them lying about the nature of ad views to their customers
https://www.theguardian.com/technology/2023/jun/28/google-may-have-misled-dozens-of-advertisers-and-violated-its-own-guidelines-report
You assume the teams talk to each other enough for that to be intentional. It turns out management accidentally colludes like this sometimes, and the individual contributors have absolutely no idea. Something something YouTube Shadow DOM v0 polyfill...
This and the Idle Detection API. Why do we trust Chromium anymore? (talking bout the corporate developers, not the hobbyists)
This is a foolish and dangerous proposal that will lead to widescale degradation of the internet as a whole. Don't do it.
Someone should just mass report this repo (harsh and against TOS i know)
but way too dangerous to leave it up
That won't accomplish anything. Even if it gets taken down (which it won't), that just means it won't be public, not that it will disappear entirely.
This is a direct attack on the free and open web and serves only to strengthen Google's abusive position of power over the entire industry.
I will gladly employ tools to lie to all of your systems. I will not care about the legality or morality of such tools. I will do what I want with my hardware and software.
We are already gagged by Chromium as the de facto browser to target in ways much worse than IE ever could've possibly reached. This'll only serve to make the situation worse.
There's nothing I can say about this that hasn't already been said by others prior. Just know that I will fight tooth and nail against this, and if it one day comes to pass, I will haunt the ones who greenlit and developed this in their sleep.
Don't forget to like, subscribe, and hit that notification bell button to stop a tech giant in its tracks.
Or, you know, you can do something that has real life effect: take steps to degoogle and dezuck yourself and whatever products you're building.
It's cute you think that alone will help defeat Google. Remember they're not alone either, they have the support of their buddies - Microsoft and Apple.
Together these corporations literally dictate what goes into the chips on everyone's devices. They want a TZ inside phones? They get that. Pluton? Sure thing!
And notice I said everyone's, not your specifically. You may run a librebooted thinkpad and this will still affect you.
On the day YouTube starts requiring attestation and a fully encrypted link to your monitor, on a clean locked down install of Windows, or any other mainstream OS, and you'll have no choice but to get another device or wait for someone to (infrequently) upload an analog recorded copy or break another device to temporarily be able to rip it, you'll pull a surprised pikachu face.
The same will happen when your bank requires it, your government, and that random fastfood website, because why wouldn't they? If the exclusion only affects 1% of people and it brings them ad revenue they won't care. Trusted computing is generally benign until 99% of people have it enabled by default, it then becomes impossible to go without it.
Leave the web open.
I don't think I can defeat Google, nor that I have to.
Of course they get that, because they know that you'll pay for that.
I won't notice anything, because I don't use youtube.
This is the only real problem on the list.
Google pulling stuff like this is the reason we can't have nice things.
The web is shite enough with all those cookies, JS frameworks bloat and trackers, let's stop making it even worse maybe, huh? 🤔
I think a lot of people involved here are drastically underestimating how much it would suck to be involved in an antitrust lawsuit even if the target remains google, the corporation. Major litigation like this is regularly life altering for participants, with the stress of depositions (remember, lying to the government is a crime) and demands for document production being major life stressors.
The authors are putting their own quality of life at what I personally would consider an unacceptable level of risk.
Chromium must die. There must be active competition between it and some other browser engine again. That's the only solution I think will work to stop this stupidity.
Lol, you should've acted when bootloader locking came or when Patriot Act was passed, its too late now
I don’t understand how in good conscience you can work on such a project. If my employer made me do that I would simply quit. And I get that it’s easier said than done but if I had a job at Google I wouldn’t be worried about finding something else. Unless you need to be this morally bankrupt to work at Google in the first place.
What a wonderful API, I love it!
I hope this will finally let me quit my adblocking addiction which prevents me from truly enjoying my life by doing what I love the most - watching ads. I understand that initially it will only work on mobile devices, but I hope you will be able to partner with Microsoft to bring this to PCs as well.
I'd like to see more ads SO MUCH, but currently my brain forces me to block all of them. I can't stand it anymore so I'm deeply thankful for this attempt to finally rescue me from this horrible addiction.
Don't listen to what people are saying here. These comments are posted by poor misguided adblocker addicts and I hope you understand very well that people like them need urgent help.
Please implement this ASAP!!
This is a horrific idea in so many ways. Not only does it go against the values of the web, but from an EU side, I don't see it as ever meeting EU competition regulations. This is undoubtedly not something google should pursue.
Yeah, right, de-google YouTube. De-zucking "Threads" would be more probable, by just moving to the Fediverse and letting "Threads" die... And I don't even believe in that.
Until you need those repair instructions that somehow are posted there and nowhere else...
There are governments that are quite a lot more "for the people" than some parts of the US one... Can you spell "GDPR"?
I hoped you were Wiser than that.
laughs in yt-dlp
"If a company claims to give access to the world of information, then presents a filtered view, the Web loses its crediblity." - Tim Berners-Lee
It already feels like we're watching in realtime as the web becomes increasingly constricted and decreasingly democratic. Do the four names at the top of this proposal really want to be the ones to accelerate this to its next milestone? I realize that Google has long been an enemy of the open web, but the callousness of this is somehow still staggering. You should all feel deeply ashamed.
I understand that there are Googlers who believe this is not "the right kind of feedback at the right time," but the only time to address it is now, and the only appropriate feedback is truly: "Don't."
You should be ashamed. Evil.
Tell me your real reason for this proposal is that your revenue is threatened by adblockers without telling me your real reason for this proposal is that your revenue is threatened by adblockers...
Dear Google:
We block ads because they are intentionally obnoxious, deceptive, and are malware vectors, and ad brokers like yourself don't care to do anything about it. Now your solution is not to clean up your act, but to attempt to force everyone to accept the sewage you want to push?