This CL moves the base::Feature from content_features.h to
a generated feature from runtime_enabled_features.json5.
This means that the base::Feature can be default-enabled
while the web API is co...
That will work until websites start requiring it. At that point browsers like Firefox have to either capitulate and implement Google’s DRM or become unusable for the majority of websites.
And then we’ll have a web where the corporations have complete control over what you can view and how. Ad blocking and anti-tracking will be things of the past, and corporate websites will have a unique key from your browser to help them track you around the web. And no more hiding your identity behind anonymous browsers over Tor or VPNs.
So we found out about this about 4 days ago, and when people objected they shut down people’s ability to log issues or comment on the GitHub repo. And now they’re already cramming it into their browser. This is strong evidence that Google knows it’s unpopular and tried to keep it under wraps as long as possible so they could get it into the browser before people had time to react.
Let them require it. Search engines like DDG should really begin maintaining their own index, and they should exclude sites that use the tech from the index.
I can also see Apple taking a stand against this. They have a competing (and much more reasonable) implementation that respects user privacy.
Search engines like DDG should really begin maintaining their own index, and they should exclude sites that use the tech from the index.
If this gets implemented, it would ruin the ability for competitor search engines (such as DDG) to exist. If Google convinces site operators to require attestation, then suddenly automated crawlers and indexers will not function. Google could say to site operators that if they wish to run ads via Google’s ad network they must require attestation; then, any third-party search indexer or crawler would be blocked from those sites. Google’s ad network is used on about 98.8% of all sites which have advertising, and about 49.5% of all websites.
Even if the effects didn’t go this far (which I agree they quite probably will), it wouldn’t be feasible for other search engines to just exclude sites that implemented Google’s DRM. If Google makes it attractive enough to the owners of major sites to implement this (and it will be attractive if it ensures they get ad views), then no one will use a search engine that omits all the most popular websites. The same goes for non-Google browsers. This is really a shocking attempt by Google to use its own browser’s popularity to seize an effective monopoly of the web.
No. The only way “around it” is to give up and use Chrome.
Everything else will have to dance to Google’s tune to access any website that implements this, and that will at very least include Google’s own websites.
Okay then, then I don’t use it, stick to Safari and phone call anyone who requires me using their site with Chrome. Or I’ll go elsewhere. I’ve been down this road with IE before…
Web dev here. It enforces the original markup and code from a server to be the markup and code that the browser interprets and executes, preventing any post-loading modifications.
That sounds a bit dry, but the implications are huge. It means:
ad blockers won’t work (the main reason for Google’s ploy)
many, if not most, other browser extensions won’t work (eg.: accessibility, theming, anti-malware)
people are going to start running into a lot of scam ads that ad blockers would otherwise prevent
malicious websites will be able to operate with impunity since you cannot run security extensions to prevent them
web developers are going to be crippled for lack of debugging ability
These are just a few things off the top of my head. There are endless and very dangerous implications to WEI. This is very, very bad for the web and antithesis of how it’s supposed to be.
TBL is probably experiencing a sudden disturbance in the force.
Wouldn’t it be possible to create some kind of “post-browser” that takes input from the web browser and displays it after passing it through ad blockers and whatever else?
Such an abstraction, while unnecessary, should be possible, providing that Google doesn’t forcibly prevent access to the final markup that coalesces (ie.: view source and web dev tools)
DRM for the web, think “you must disable your adblocker to use this site” except it actually works, and can do much more like a site can make it where you can only open it on x specific version of Google Chrome, refusing access to Firefox or MS edge users if they wanted. Or it could refuse to work if any extensions are enabled (people using lesser known accessibility extensions for vision difficulties etc. may be refused access to sites).
Well-intentioned sites hopefully won’t abuse this, but the large chunk of sites, like 80% of the internet, likely will.
It is, but for this it could still be considered separate depending how sites implement it because this is checking how the page is loading itself on the browser, not an is-chromium checker.
Presently web servers send data to your browser, which can arrange the content however you wish, because it’s your browser on your device. Excluding content you don’t like is fairly trivial.
This drm stuff will basically make the browser refuse to display anything unless the whole page is unaltered.
Does unaltered include things like colorblind extension that change colors to more easily differentiate between some red/green for example? Or stuff like reddit enhancement suite? Sounds like a good way to kill other possible useful extensions.
That’s exactly what it will do. Don’t believe the bullshit in their “non-goals” section, they don’t give a fuck. If accessibility extensions happen to continue working (at least temporarily), it will be by accident, because they for damn sure aren’t going to spend even a second on compatibility.
Shit man, this would ruin even the small internet. I won’t even be able to cheat on dragcave. And most of what I was doing was keeping a tally of my collection since the site doesn’t do that. But there’s no way page modifications wouldn’t be caught and punished no matter what they actually do.
Imagine you’re a builder and you build a store (website). People can come into your store through the door or window. WEI will make sure you come through the door just as the builder intended.
At face value, that sounds fine, but now imagine that builder puts a maze (all of the ads littered on a webpage) on the other side of the door. It’s a pain in the ass to get through and someone (adblock) has told you about the window that lets you skip the maze. You can get what you want and the store gets to sell a thing. Everyone’s happy except the maze builder (Google), so they’re trying to force the entire world to go through the maze.
There might have be a time when Google tried not to be evil, but they’ve been Satin himself for a good number of years now. It just took them a while to realize the irony of their mission statement. It’s funny I used to get mad at Microsoft for being evil, but they’ve got nothing on Google.
Don’tbe evil.Be Evil, Do Ads
Can you explain this to a layman what this does?
It’s DRM, but for the whole web.
https://arstechnica.com/gadgets/2023/07/googles-web-integrity-api-sounds-like-drm-for-the-web/
So is the only way around it to not use Chromium-based browsers? Or does it pollute everything??
That will work until websites start requiring it. At that point browsers like Firefox have to either capitulate and implement Google’s DRM or become unusable for the majority of websites.
And then we’ll have a web where the corporations have complete control over what you can view and how. Ad blocking and anti-tracking will be things of the past, and corporate websites will have a unique key from your browser to help them track you around the web. And no more hiding your identity behind anonymous browsers over Tor or VPNs.
So we found out about this about 4 days ago, and when people objected they shut down people’s ability to log issues or comment on the GitHub repo. And now they’re already cramming it into their browser. This is strong evidence that Google knows it’s unpopular and tried to keep it under wraps as long as possible so they could get it into the browser before people had time to react.
Let them require it. Search engines like DDG should really begin maintaining their own index, and they should exclude sites that use the tech from the index.
I can also see Apple taking a stand against this. They have a competing (and much more reasonable) implementation that respects user privacy.
If this gets implemented, it would ruin the ability for competitor search engines (such as DDG) to exist. If Google convinces site operators to require attestation, then suddenly automated crawlers and indexers will not function. Google could say to site operators that if they wish to run ads via Google’s ad network they must require attestation; then, any third-party search indexer or crawler would be blocked from those sites. Google’s ad network is used on about 98.8% of all sites which have advertising, and about 49.5% of all websites.
Even if the effects didn’t go this far (which I agree they quite probably will), it wouldn’t be feasible for other search engines to just exclude sites that implemented Google’s DRM. If Google makes it attractive enough to the owners of major sites to implement this (and it will be attractive if it ensures they get ad views), then no one will use a search engine that omits all the most popular websites. The same goes for non-Google browsers. This is really a shocking attempt by Google to use its own browser’s popularity to seize an effective monopoly of the web.
The idea is that service providers would only trust chromium browsers
No. The only way “around it” is to give up and use Chrome.
Everything else will have to dance to Google’s tune to access any website that implements this, and that will at very least include Google’s own websites.
Okay then, then I don’t use it, stick to Safari and phone call anyone who requires me using their site with Chrome. Or I’ll go elsewhere. I’ve been down this road with IE before…
Web dev here. It enforces the original markup and code from a server to be the markup and code that the browser interprets and executes, preventing any post-loading modifications.
That sounds a bit dry, but the implications are huge. It means:
These are just a few things off the top of my head. There are endless and very dangerous implications to WEI. This is very, very bad for the web and antithesis of how it’s supposed to be.
TBL is probably experiencing a sudden disturbance in the force.
Wouldn’t it be possible to create some kind of “post-browser” that takes input from the web browser and displays it after passing it through ad blockers and whatever else?
Such an abstraction, while unnecessary, should be possible, providing that Google doesn’t forcibly prevent access to the final markup that coalesces (ie.: view source and web dev tools)
The only acceptable browser would obviously be ones that restrict that access, how else are they going to force people to see all their ads?
Perhaps, but it’s not as simple as it sounds.
Most of the Web requires js to work. I don’t think the js will work without the DRM.
So the proxy would need to be running the js, and emulate your clicks and so on.
Would this impact web proxies at all? If so, that would entail a pretty huge security change for a lot of corporations.
If it’s something like a proxy server that pre-modifies the markup/code, then yes, I can see WEI interfering with that.
DRM for the web, think “you must disable your adblocker to use this site” except it actually works, and can do much more like a site can make it where you can only open it on x specific version of Google Chrome, refusing access to Firefox or MS edge users if they wanted. Or it could refuse to work if any extensions are enabled (people using lesser known accessibility extensions for vision difficulties etc. may be refused access to sites).
Well-intentioned sites hopefully won’t abuse this, but the large chunk of sites, like 80% of the internet, likely will.
If this becomes heavily used, I will probably go back to reading books for entertainment instead of browsing the web.
deleted by creator
My books aren’t digital at all. How can they have DRM?
I only buy books that don‘t have a DRM requirement or pirate them so no issues for me.
Sad but true 😢
So basically, anyone consuming the internet in any shape or form other than the intended by corporate owners is automatically dead in the water.
Man, I can’t go back to ad-full, sponsor-skipless youtube… It’s too awful.
Edge is Chromium
It is, but for this it could still be considered separate depending how sites implement it because this is checking how the page is loading itself on the browser, not an is-chromium checker.
It’s a way to disable ad blockers.
Presently web servers send data to your browser, which can arrange the content however you wish, because it’s your browser on your device. Excluding content you don’t like is fairly trivial.
This drm stuff will basically make the browser refuse to display anything unless the whole page is unaltered.
Does unaltered include things like colorblind extension that change colors to more easily differentiate between some red/green for example? Or stuff like reddit enhancement suite? Sounds like a good way to kill other possible useful extensions.
That’s exactly what it will do. Don’t believe the bullshit in their “non-goals” section, they don’t give a fuck. If accessibility extensions happen to continue working (at least temporarily), it will be by accident, because they for damn sure aren’t going to spend even a second on compatibility.
Shit man, this would ruin even the small internet. I won’t even be able to cheat on dragcave. And most of what I was doing was keeping a tally of my collection since the site doesn’t do that. But there’s no way page modifications wouldn’t be caught and punished no matter what they actually do.
Yes.
Imagine you’re a builder and you build a store (website). People can come into your store through the door or window. WEI will make sure you come through the door just as the builder intended.
At face value, that sounds fine, but now imagine that builder puts a maze (all of the ads littered on a webpage) on the other side of the door. It’s a pain in the ass to get through and someone (adblock) has told you about the window that lets you skip the maze. You can get what you want and the store gets to sell a thing. Everyone’s happy except the maze builder (Google), so they’re trying to force the entire world to go through the maze.
Wait Google can place ads on my website without my permission?
You’re the builder, and thus the one who can choose to put a maze there or not.
There might have be a time when Google tried not to be evil, but they’ve been Satin himself for a good number of years now. It just took them a while to realize the irony of their mission statement. It’s funny I used to get mad at Microsoft for being evil, but they’ve got nothing on Google.
They removed ‘don’t be evil’ from their code of conduct 5 years ago.
https://time.com/4060575/alphabet-google-dont-be-evil/