this post was submitted on 03 Nov 2023
363 points (100.0% liked)

Technology

37742 readers
486 users here now

A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.

Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.

Subcommunities on Beehaw:


This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago
MODERATORS
 

While WEI is thankfully cancelled, it's not entirely cancelled... They're planning on making it available still in WebViews with the intention that websites can check if a malicious Android app is trying to do a phishing scheme.

Seems like such a niche "security" feature... what are they really trying to accomplish here? Something seems fishy to me

you are viewing a single comment's thread
view the rest of the comments
[–] macleod@infosec.exchange 13 points 1 year ago (3 children)

@dean @rysiek For now... they'll bring it back with a new coat of paint and a new name within the next year.

[–] 4censord@unfug.social 8 points 1 year ago* (last edited 1 year ago) (2 children)
[–] macleod@infosec.exchange 6 points 1 year ago

@4censord @dean @rysiek I can see where they could integrate and feature creep to what they really likely want, but in terms of webviews this would likely be beneficial for security.

[–] beefcat@beehaw.org 4 points 1 year ago* (last edited 1 year ago)

They want to put it on the default webview in android, which doesn't seem like a huge deal to me. It would basically let apps that use webview for things like logging in beef up their security.

It's not like the entire concept of this API was bad, it's just that with Google's proposed implementation companies would abuse the fuck out of it to do bad things. Not having it in browsers pretty much eliminates that while still letting things like banking apps enjoy some of the benefits.