- cross-posted to:
- degoogle@lemmy.ml
- privacy@lemmy.ml
- cross-posted to:
- degoogle@lemmy.ml
- privacy@lemmy.ml
The much maligned “Trusted Computing” idea requires that the party you are supposed to trust deserves to be trusted, and Google is DEFINITELY NOT worthy of being trusted, this is a naked power grab to destroy the open web for Google’s ad profits no matter the consequences, this would put heavy surveillance in Google’s hands, this would eliminate ad-blocking, this would break any and all accessibility features, this would obliterate any competing platform, this is very much opposed to what the web is.
My ELI5 version:
Basically, the ‘Web Environment Integrity’ proposal is a new technique that verifies whether a visitor of a website is actually a human or a bot.
Currently, there are captchas where you need to select all the crosswalks, cars, bicycles, etc. which checks whether you’re a bot, but this can sometimes be bypassed by the bots themselves.
This new ‘Web Environment Integrity’ thing goes as follows:
I hope this clears things up and if I misinterpreted the GitHub explainer, please correct me.
The reason people (rightfully) worry about this, is because it gives attesters A LOT of power. If Google decides they don’t like you, they won’t tell the website that you’re a human. Or maybe, if Google doesn’t like the website you’re trying to visit, they won’t even cooperate with attesting. Lots of things can go wrong here.
And the attester will know where you’re navigating, always.
Your final paragraph is the real kicker. Google would love nothing more than to be the ONLY trusted Attester and for Chrome to be the ONLY browser that receives the “Human” flag.
Too late.
Microsoft, Apple, and most hardware manufacturers have been the ONLY trusted attester on their own hardware for years already.
Also Microsoft on most PCs.
The rest already works like that.
You can replace Google with Apple, Microsoft, any other hardware manufacturer, or any company hardware attestation software.