this post was submitted on 21 Jul 2023
155 points (98.7% liked)

Privacy

34102 readers
704 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
k_o_t@lemmy.ml
tmpod@lemmy.pt
Yayannick@lemmy.ml
ranok@sopuli.xyz
155
Google engineers want to introduce DRMs for web pages, making ad-blocking near-impossible in the browser (github.com)
submitted 2 years ago by BlackEco@lemmy.blackeco.com to c/privacy@lemmy.ml
220 comments fedilink hide all child comments
 

And since you won't be able to modify web pages, it will also mean the end of customization, either for looks (ie. DarkReader, Stylus), conveniance (ie. Tampermonkey) or accessibility.

The community feedback is... interesting to say the least.

(page 4) 50 comments
sorted by: hot top controversial new old
[–] kool_newt@lemm.ee 0 points 2 years ago (1 children)

All this enshittification lately really inspires me to de-google.

[–] StudioLE@programming.dev 0 points 2 years ago* (last edited 2 years ago) (1 children)

You don't have to look at reducing your Google use as a monumental effort. You can slowly transfer, minimise the number of services you use.

Simple - Switch your default search provider to Duck Duck Go.

Easy - Switch to Firefox

Mid - export your documents from Google Drive

Complex - Transfer your primary email to another provider.

[–] Version@feddit.de 0 points 2 years ago (1 children)

DuckDuckGo results still suck and are not even remotely comparable to Google‘s. The best alternative imo is Qwant, which uses bing and I think also it’s own index.

[–] StudioLE@programming.dev 0 points 2 years ago (1 children)

If the DuckDuckGo result for your search doesn't yield anything then just append it with g! and it'll take you straight to the Google results.

It's a useful trick but very rarely do I find I need it. Only really when researching a very specific error.

load more comments (1 replies)
[–] BranBucket@lemmy.world 0 points 2 years ago* (last edited 2 years ago) (1 children)

This may honestly be it for me.

I quit playing games because of all the greed and hype, I went back to piracy when streaming started to fracture and greed set in, I left non-federated social media because of the enshittifaction and invasiveness, and I go to fairly extensive lengths to block ads and protect my privacy as much as possible...

And instead of moving to any number of fair, non-exploitive business models, they're just going to force ads down my throat like that episode of black mirror.

If this goes through I'll be sorely tempted to wipe everything I can and start over as best I can. Only interact with the Internet when I need to.

You'll find me paying cash at the local used bookstore, at least until all the major publishers make that illegal.

EDIT: It's honestly depressing, I genuinely enjoy technology and the internet, but when companies like Google are able to force garbage like this it just sucks all the joy out of it for me.

It's like everying is becoming a shitty mobile game. Do the toolsheds that develop Candy Crush clones not think we can understand why in app currencies are sold in bundles of 100 but every thing we purchase with them requires amounts that end with a five? Does Google not think we know the real motivation behind a system that strives to prove ads were delivered to your browser either?

I know a lot of people may not see the real driver here, but I'm tired of being underestimated and infantalized by a bunch of dorks trapped in a corporate echo chamber. I think I'd prefer it if they just straight up said they're going to sacrifice our privacy and user experience for a quick bump in stock value.

load more comments (1 replies)
[–] uncapybarable@lemmy.ml 0 points 2 years ago (2 children)

Big fan of the "how dare you don't use professional language" vibe coming from the folks clinically discussing how to ruin what little remains of the open web.

load more comments (2 replies)
[–] Mikina@programming.dev 0 points 2 years ago (2 children)

Is that something that would be solved by Pihole? Or would that just break the webpages?

load more comments (2 replies)
[–] cynetri@midwest.social 0 points 2 years ago (1 children)

Found this lol

load more comments (1 replies)
[–] iegod@lemm.ee 0 points 2 years ago (1 children)

I doubt it's the engineers.

[–] 133arc585@lemmy.ml 0 points 2 years ago

The engineers are writing up the spec, implementing the prototype, and will eventually be responsible for the rollout. The engineers are as much at fault as whoever thought up the idea. Without the engineers being complacent, the idea would be nothing more than an idea.

"Just following orders" has never been a good excuse for doing bad things.

[–] cognitive@lemmy.ml 0 points 2 years ago (1 children)

How do Google Employees sleep at night?

load more comments (1 replies)
[–] tenth@lemmy.ml 0 points 2 years ago (1 children)

Can someone give me an easy to understand example of what they are proposing? Assume that I don’t allow them to install any software/tool that helps them track me/my device.

I saw this comment and found it helpful but its still not clear to me

At its core, it establishes software components called "attesters" that decide whether your device and/or browser is "trustworthy" enough - as defined by the website you are trying to visit. Websites can enforce which "attesters" users must accept, simply by denying everybody access who refuses to bow down to this regime; or who uses attesters that are deemed "inappropriate"; or who is on a platform that does not provide any attesters the website finds "acceptable".

In short: it is specifically designed to destroy the open web by denying you the right to use whatever browser you want to use, on whatever operating system. It is next-level "DRM", introduced by affiliates of a company that already has monopolized the browser market. And the creators of this "proposal" absolutely know what they are attempting here.

load more comments (1 replies)
[–] circuitfarmer@lemmy.sdf.org 0 points 2 years ago (1 children)

I guess Do No Harm is going really well

load more comments (1 replies)
[–] lohrun@fediverse.boo 0 points 2 years ago (1 children)

Web 3.0 - users, kindly go fuck yourselves p.s. pay us subscription money and view lots of ads

[–] makingStuffForFun@lemmy.ml 1 points 2 years ago

I feel like lemmy is the real Web 3. I'll die on that little hill gladly

[–] shades@lemmy.dbzer0.com 0 points 2 years ago (1 children)

Can someone explain how the server is going to know whether or not the client browser is showing the ad? A stealthy browser would say, "hey yeah send that ad so I can render it to the user" and the server says, "yeah ok" and then . How is the server going to know whether the ad is displayed or not? Don't current gen adblockers not even retrieve the asset? If the asset was retrieved but not displayed, how (if even) can this be monitored?

[–] dan@lemm.ee 0 points 2 years ago (1 children)

The point of the proposal is to allow servers to be sure the software (ie browser) running on the device is what it says it is, and take away the ability to spoof what browser you’re running (which is currently fairly trivial).

So if someone makes a browser that doesn’t allow adblockers and always shows ads, the server can do things like only serve content to that browser.

[–] float@feddit.de 0 points 2 years ago (1 children)

Imho, without hardware support they won't be able to keep up against the hackers. In the end it's software and it's running on hardware outside of the control of the server. There are millions of possible attacks to break/bypass this.

[–] dan@lemm.ee 0 points 2 years ago (1 children)

Problem is the effort to find a vulnerability and exploit it is often higher than the effort required to patch it. Because by its nature a browser and the server it talks to are internet connected, Google will be able to revoke keys for older exploited versions at will. As long as it’s well-engineered I think there’s a good chance they’ll be able to keep that secure.

Though I’m sure there will be some successful approaches to ad blocking etc but if something like this gains traction it could completely change the internet. If enough people are running browsers like this then sites could effectively be able to kill off competing browsers that aren’t restricted.

I think the key is to not let it happen in the first place, and boycott browsers that implement stuff like this.

load more comments (1 replies)
[–] vox@sopuli.xyz 0 points 2 years ago (2 children)

web env. integrity is not as bad as people make it out to be.
yeah I absolutely agree that it's terrible and also a bad idea (we don't need MORE drm in our browsers, I'm looking at you, Widevine (although firefox worked around it by running drm in an isolated container)), but it's main purpose is to detect automated requests and effectively block web scraping with a drm system (it ensures two things: your useragent can be trusted and you're a real non-automated user), NOT detect ad blockers. It doesn't prevent web pages from being modified like some people are saying.
there's a lot of misleading information about the api as it doesn't "verify integrity" of the web page/DOM itself.

it works by creating a token that a server can verify, for example when a user creates a new post. If the token is invalid, server may reject your attempt to do an action you're trying to perform. (this will probably just lead to a forced captcha in browsers that don't support it...)

Also, here's a solution: Just don't use Chrome or any Chromium-based browsers.

load more comments (2 replies)
load more comments
view more: ‹ prev next ›