×
Login Register an account
Top Submissions Explore Upgoat Search Random Subverse Random Post Colorize! Site Rules
14

Google’s nightmare “Web Integrity API” wants a DRM gatekeeper for the web

submitted by dosvydanya_freedomz to technology 9 monthsJul 25, 2023 09:15:51 ago (+14/-0)     (arstechnica.com)

https://arstechnica.com/gadgets/2023/07/googles-web-integrity-api-sounds-like-drm-for-the-web/

Google's newest proposed web standard is... DRM? Over the weekend the Internet got wind of this proposal for a "Web Environment Integrity API. " The explainer is authored by four Googlers, including at least one person on Chrome's "Privacy Sandbox" team, which is responding to the death of tracking cookies by building a user-tracking ad platform right into the browser.


11 comments block

sort by: hot new top old low

[ - ] deleted -1 points 9 monthsJul 30, 2023 12:20:18 ago (+0/-1)

deleted

[ - ] Crackinjokes 2 points 9 monthsJul 27, 2023 13:14:34 ago (+2/-0)

So basically they want to get rid of AD trackers and cookies and replace it with something that's twice as bad and intrusive

[ - ] SithEmpire 1 point 9 monthsJul 26, 2023 03:13:58 ago (+1/-0)

Wait, so all the way at the end:

Google's plan is that, during a webpage transaction, the web server could require you to pass an "environment attestation" test before you get any data. At this point your browser would contact a "third-party" attestation server, and you would need to pass some kind of test. If you passed, you would get a signed "IntegrityToken" that verifies your environment is unmodified and points to the content you wanted unlocked. You bring this back to the web server, and if the server trusts the attestation company, you get the content unlocked and finally get a response with the data you wanted.

Those stupid fucks... that is literally just JWT, a common system for separating the duties of login/auth and token management from the service being accessed. The only difference is that the service is any/every website and the auth check rapes your device and helps to train their neural nets.

Websites should be free to ignore this, although I imagine many will need to stop relying on goOgle components. Source their own analytics, search function, sponsors and such.

[ - ] PotatoWhisperer2 2 points 9 monthsJul 26, 2023 03:52:20 ago (+2/-0)

They want their own version that they control. It's yet another "communist card" or "number of the beast" creation attempt.

[ - ] Crackinjokes 0 points 9 monthsJul 27, 2023 13:15:17 ago (+0/-0)

The thing is most people will just download a new version of the browser without understanding any of this and they'll just use it.

[ - ] Sheitstrom 2 points 9 monthsJul 25, 2023 10:05:51 ago (+2/-0)

Holy shit it's SafetyNet for the PC. That's a fucking terrible idea.

[ - ] dosvydanya_freedomz [op] 1 point 9 monthsJul 25, 2023 10:09:24 ago (+1/-0)

yep its a digital prison or plantation. their rules or nothing

[ - ] shitface9000 1 point 9 monthsJul 25, 2023 12:03:40 ago (+1/-0)

Sounds like something for blockchain to handle.

[ - ] GrayDragon 1 point 9 monthsJul 25, 2023 11:33:29 ago (+1/-0)

So, a DRM API is solved by ... oh, I don't know, maybe an IP check?

I call myself a problem solver. Hire me Google for 400K per year.

[ - ] Osmanthus 1 point 9 monthsJul 25, 2023 17:13:36 ago (+1/-0)

This is ignorant.

[ - ] Prairie 1 point 9 monthsJul 25, 2023 10:15:18 ago (+1/-0)

When the user is treated as the threat.