this post was submitted on 08 Aug 2023
603 points (98.1% liked)

Technology

59689 readers
3922 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
 

Summary

  • Google's proposal, Web Environment Integrity (WEI), aims to send tamper-proof information about a user's operating system and software to websites.
  • The information sent would help reduce ad fraud and enhance security, but it also raises concerns about user autonomy and control over devices.
  • The authors argue that implementing WEI could lead to websites blocking access for users not on approved systems and browsers.
  • They express worries about companies gaining more control over users' devices and the potential for abuse.
  • The authors emphasize that users should have the final say over what information their devices share.
  • Remote attestation tools, like WEI, might have their place in specific contexts but should not be implemented on the open web due to potential negative consequences.
  • The authors advocate for preserving user autonomy and the openness of the web, emphasizing that users should be the ultimate decision-makers about their devices.

Joke:

Two pieces of string walk into a bar. The first piece of string asks for a drink. The bartender says, “Get lost. We don’t serve pieces of string.”

The second string ties a knot in his middle and messes up his ends. Then he orders a drink.

The bartender says, “Hey, you aren’t a piece of string, are you?” The piece of string says, “Not me! I'm a frayed knot.”

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 38 points 1 year ago (4 children)

Your computer should say what you tell it to say - so if I want to spoof my browser and OS I can do that right? Right?

[–] [email protected] 43 points 1 year ago

Yes. And you should be able to retain that ability.

[–] hoshikarakitaridia 19 points 1 year ago

The magic words are "user-agent header in http protocol"

Also the goal is not for everyone to spoof everyone else, but the goal is to not trust any information you are given by a browser. A good developer would always find ways to bypass any limits with that so it would be useless anyway.

[–] HootinNHollerin 9 points 1 year ago* (last edited 1 year ago) (1 children)

Yes Theres browser extensions that do this. I tried one and didn’t work but then today tried chameleon and it worked for a site I need for work that only allows chrome.

[–] [email protected] 5 points 1 year ago

That's because they check your user agent.

This API aims to break those kinds of extensions, making it impossible to spoof a user agent or certain kind of machine.

[–] [email protected] 1 points 1 year ago

If this comes live it won't be so easy. Many operating systems will probably not allow to turn this garbage off or spoof it. Especially android.