This is why we need Firefox.
And Firefox needs to be a market that can't be ignored.
this post was submitted on 21 Jul 2023
35 points (100.0% liked)
Technology
37712 readers
149 users here now
A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.
Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.
Subcommunities on Beehaw:
This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.
founded 2 years ago
MODERATORS
@TheYang Exactly! Came here to say this. Everybody actively using chromium based browsers is a part of the problem.
Stop with this excuse and stop Insulting people. I've been on Firefox for nearly 20 years, but Mozilla has ruined it for me little by little. The last straw has been the horrible UI redesign. So I switched to a Chromium browser. Tell Mozilla to make a better browser and to listen to their community, instead of blaming people for using what serves them best.
What does your UI gripe have to do with this biased tabloid piece you shared?
Firefox is fine and works even better than it ever has. If you cared about the UI so much you'd have tried any of its forks that use different and older designs.
Firefox depends on google for funding though. Google could probably deal a killing blow quite easily.
i think they probably donate so much to make sure they have at least one competitor so they don't get busted up like Standard Oil
They are not donating, if I remember correctly fairly recently Microsoft outbid them and bing was default for a bit.
But maybe I'm not remembering correctly tbh.
I'm skeptical if the government would even do that given how stacked it is with cronies
Don't know what government you're referring to, but if the EU anti-trust regulation kicks in it will affect everyone. EU agencies are slow but they do their job eventually.
load more comments
(3 replies)
Ugh. DRM. I freaking hate DRM. I "buy" a book from Amazon and it's all DRMed. I like the Kindle app so I keep buying there. But when I can I buy physical books at a LBS
It's time for Alphabet to be broken up into separate letters.
THIS IS NOT (just) ABOUT GOOGLE
Currently, attestation and "trusted computing" are already a thing, the main "sources of trust" are:
- Microsoft
- Apple
- Smartphone manufacturers
- Third party attestators
This is already going on, you need a Microsoft signed stub to boot anything other than Windows on a PC, you need Apple's blessing to boot anything on a Mac, your smartphone manufacturer decides whether you can unlock it and lose attestation, all of Microsoft, Apple and Google run app attestation through their app stores, several governments and companies run attestation software on their company hardware, and so on.
This is the next logical step, to add "web app" attestation, since the previous ones had barely any pushback, and even fanboys of walled gardens cheering them up.
PS: Somewhat ironically, Google's Play Store attestation is one of the weaker ones, just look at Apple's and the list of stuff they collect from the user's device to "attest" it for any app.
I started looking at Mac's for my next computer. Due to this amazing project. https://asahilinux.org/
you need a Microsoft signed stub to boot anything other than Windows on a PC
Not necessarily, most motherboards and laptops (at least every single one I've ever owned) allow users to enroll their own Secure Boot keys and maintain an entirely non-Microsoft chain of trust. You can also disable secure boot entirely.
Major distros like Ubuntu and Fedora started shipping with Microsoft-signed boot shims as a matter of convenience, not necessity.
Secure Boot itself is not some nefarious mechanism, it is a component of the open UEFI standard. Where Microsoft comes in to play is the fact that most PC vendors are going to pre-enroll Microsoft keys because they are all shipping computers with Windows, and Microsoft wants Secure Boot enabled by default on machines shipping with with their operating system.
You can't disable secure boot if you want to use your Nvidia GPU :( though. [edit2: turns out this is a linux mint thing, not the case in Debian or Fedora]
Edit: fine, there may be workarounds and for other distros everything is awesome, but in mint and possibly Ubuntu and Debian for a laptop 2022 RTX3060 you need to set up your MOK keys in secure mode to be able to install the Nvidia drivers, outside secure mode the GPU is simply locked. I wasn't even complaining, there is a way to get it working, so that's fine by me. No need to tell me that I was imagining things.
My experience is that Nvidia plays nicer without secure boot. Getting Fedora up and running with the proprietary Nvidia drivers and fully working SecureBoot was quite a headache, whereas everything just worked out of the box when I disabled it.
But this is very much an Nvidia problem and not a SecureBoot problem. There is a reason basically no-one else provides their drivers as one-size-fits-all binary kernel modules.
For now. They're boiling the frog slow.
Microsoft doesn't control the standard, and the entire rest of the industry has no reason to ban non-Windows operating systems.
Widnows doesn't have the stranglehold over the market that it once did.
load more comments
(2 replies)
load more comments
(4 replies)
Yep, that sounds like a very Mega-Corp thing to do.
Can someone explain to me how this is different to the trust system used by SSL Certificates?
I'm working on essentially removing Google from my life.
Alright, I'm kinda slow today, so tell me if I got it right: We, the users, will be "kindly asked" to get one thingamabob signature/identifier of "integrity", so websites "know" whether we're good or bad guys?
Your hardware and OS already gets asked to verify whether it's safe to run an app on it (see: banking apps).
Same thing, but now with web browsers.
Unsupported browser, please install Chrome.
You are logged out, please log in or sign up for an account.
To verify your identity, please enter your phone number, a text message will be sent, please enter verification code.
Error, your account has been flagged for further review, please submit 3 different government IDs, with at least 2 containing your photo, and 2 containing your address.
Error, name doesn't match, if you have changed you name, please submit proof of name change.
Error, no citizenship status detected, please submit birth certificate or naturalization certificate
Please wait 7-14 bussiness days. A phone call will be made to the number you've submitted.
Error, missed call. Please wait 30 days for another call.
Error, unsupported operating system, please use Chrome OS, Android, or Google Smart TV OS
Error, Google Smart Home assistant not installed, please purchase one within the next 3 days to avoid losing signup process.
Error, could not confirm identity, please purchase Google 360 cameras to verify identity.
Error, server maintenance in progress, please retry signup at a later time.
Thank you for using Google!
I would just move on at step 3
Please drink verification can
I'm a non-techie and don't understand half of this, but from what I do understand, this is a goddamn nightmare. The world is seriously going to shit.
My ELI5 version:
Basically, the 'Web Environment Integrity' proposal is a new technique that verifies whether a visitor of a website is actually a human or a bot.
Currently, there are captchas where you need to select all the crosswalks, cars, bicycles, etc. which checks whether you're a bot, but this can sometimes be bypassed by the bots themselves.
This new 'Web Environment Integrity' thing goes as follows:
- You visit a website
- Website wants to know whether you're a human or a bot.
- Your browser (or the 'client') will send request an 'environment attestation' from an 'attester'. This means that your browser (such as Firefox or Chrome) will request approval from some third-party (like Google or something) and the third-party (which is referred to as 'attester') will send your browser a message, which basically says 'This user is a bot' or 'This user is a human being'.
- Your browser receives this message and will then send it to the website, together with the 'attester public key'. The 'attester public key' can be used by the website to verify whether the attester (a.k.a. the third-party checking whether you're a human or not) is trustworthy and will then check whether the attester says that you're a human or not.
I hope this clears things up and if I misinterpreted the GitHub explainer, please correct me.
The reason people (rightfully) worry about this, is because it gives attesters A LOT of power. If Google decides they don't like you, they won't tell the website that you're a human. Or maybe, if Google doesn't like the website you're trying to visit, they won't even cooperate with attesting. Lots of things can go wrong here.
load more comments
(2 replies)
Why do people have a problem with this? It explicitly says browser extensions, like ad blockers, will still work. It says cross site tracking won’t be allowed. It all sounds pretty good.
It sounds like most are not liking it because of some potential future abuses rather than what it actually is?
load more comments
(4 replies)
Note of amusement: The GitHub issues tracker for that proposal got swamped with tickets either mocking this crap or denouncing it for what it is, this morning the person who seems to be the head of the project closed all those tickets and published this blog post, in essence saying "Shut up with your ethical considerations, give us a hand in putting up this electric fence around the web". Of course that didn't stop it.
Also somebody pointed out this gem in the proposal, quoted here:
6.2. Privacy considerations
Todo
Quick edit: This comment on one of the closed tickets points out the contact information of the Antitrust authorities of both US and EU, i think i'm gonna drop the EU folks a note
Edit: And they disabled commenting on the issues tracker
We developers should stop just looking at the technical side of our work only. There's social, economic and values to be taken into account when we put our minds to solve a problem. We tend to go blindly into it, without thinking what it can cause when it is released into the world.
It's like if we put a bunch of developers into a secret project to develop an Internet World Wide Nuclear Bomb a là Project Manhattan... the leaders shouldn't really have to hide what they were about to do, just throw the developers and engineers troubles to solve and they wouldn't mind what it will be used for. It's just tech, right?
At least this guy seems to fit the type: I want to do this technology I've been tasked for, I'm trying to solve a technological problem. The rest of the world is telling him «Man, this is a bad idea to implement.» and he whines saying «I want solutions to this technology, not what is wrong with it!»
(And if you aren't one of those developers, congratulations, we need more of you!)
My favorite part is when they ask you to give them the benefit of the doubt, but also anyone who disagrees with them in a way that doesn't fit their expectations is "noise."
Wow, that blog post is truly nauseating and infuriating to read, knowing the context.
Fuck Google. They're the Nestlé of tech.
I don't think Google has recently insisted that child slavery is just a thing we all have to be OK with if we want chocolate, or starved millions of babies by convincing their mothers that their breast milk is dangerous. But I also wouldn't be shocked to learn that they had...
No, but they accepted to publish political fake news ads for one of the running parties (the fascistoid one, of course) in the last elections here in Brazil.
That party has lost, but it was too close. In the 4 last years, during their mandate, hunger, violence, discrimination rape, and other problems rose to the highest levels in the century.
Google and other big tech companies have been influencing elections in a lot of places, and the consequences are enormous.
load more comments
(5 replies)
view more: next ›