Google’s Plan To DRM The Web Goes Against Everything Google Once Stood For
If you don’t like how Google is able to do this, know it’s because of it’s market share, and you should just use Firefox.
You should use Firefox (or a fork of it), but can we expect them to be an option if Google’s actions make it so most sites only work on Chrome?
Google can’t make websites update.
Websites will only update to Chrome specific things if Chrome is the dominant browser.
How do you stop Chrome being the dominant browser? By not using it.
It’s not going to be that simple. CDNs like Cloudflare are already on board with this, and Safari built a similar feature last year (and virtually no one noticed or cared). This horse has already left the barn and I’m not sure there’s anything we can do at this point.
EDIT - Oh and I didn’t think of this but Google absolutely CAN make websites update. “We’ll improve your SEO ranking if you support this new feature”. They’ve done this before and they’ll do it again.
I’m not sure there’s anything we can do at this point.
Best case might be if we could get EU to ban it.
Google can make websites that use its advertising platform support attestation. I wouldn’t be surprised if that’s their plan.
Unfortunately Chrome is the dominant browser by a long way.
I use Firefox on every PC and device and wish it was more popular but the non geeks don’t understand so use Chrome.
Exactly. We need more people to move away from it.
I typically lead by example and will tell anyone who listens about how good modern Firefox is.
deleted by creator
I use Firefox via the forks LibreWolf (desktop) and Fennec (Android).
My hope is for Gemini browsers to get popular (Gemini is not a web browser, the “sites” are just text and links).
They can make sites to not work on Chrome, not the other way around. Unless you implemented some chrome only features in your site then that’s on you.
I expect businesses to impliment Chrome-only features in their sites…
I recall Edge became Chrome based due in part to Google making needless changes on their own sites (e.g. Youtube) whjch broke functionity in Edge.
Except you’ll have to keep a copy of Chrome handy because this is less about what software you’re using and more about which apps are attested and approved for that website.
Once your bank says “we’re requiring this” it’s kinda over isn’t it?
Your bank will only do it, if, and only if, Chrome is a majority of browsers they see.
How do you stop that? By not using it.
Everyone keeps postulating over a terrible future, but won’t actually do anything now, today, to help prevent it.
The bank already has your money. Asking you to install a free app to use their services would not be seen by regulators as unreasonable. Especially when they play the security argument.
I don’t see how Chrome has to be in the majority for some sectors to start relying on these kinds of attestations. Safari already has a similar mechanism, so that right there is the majority of mobile users when you include Chrome.
Let’s hope not all banks do this so we can switch to the ones that doesn’t
I fear voting with one’s wallet is not enough to prevent any business from doing something in their best interests at the expense of the consumer/user. When it comes to banks we’d have to place our hope the governments… which relies of them actually representing voters.
But Chrome is already the dominant browser, and Firefox has like 2% market share last time I checked.
I’ll be telling my bank I’ll be taking my mortgage elsewhere. I pray that’s still possible.
One does not simply change banks when it comes to a mortgage.
Maybe wherever you live. In first world countries, it’s fairly straightforward.
I’ve never even used a chrome browser except punctually, yet here we are.
I’ve been on Firefox for years. Was never much of a problem, but lately there’s more and more sites that require a Chromium-based browser. Some of them quite crucial. A list from experience:
- My bank’s mortgage page
- Microsoft Teams - only supports Chrome, safari and edge on MacOs.
- Microsoft Office - has weird quirks on MacOs
- The new Adobe Express, requires Chrome or Edge
- Google Meet - after years google still only supports Chromium-based browsers if you wish to use video effects
- Microsoft’s new video editing thing
It’s not uncommon for such sites to work fine in Firefox if you just add a user agent switcher addon, so that is worth trying (can be limited to specific sites so you advertise Firefox usage for others).
AFAIK Netflix limits resolution on every browser but Edge
See this kind of shit is why I pirate, not because I can’t afford to pay $10 a month. When the $10 for a lot of content becomes $10 per month per piece of media you like, and you can’t watch it on your platform of choice, and you can’t watch it on a flight without paying more or not at all, this makes the $5 per month I pay for a VPN sound like a far better service.
is that true? and why would it be?
It’s true. Edge is the only browser with 4K support. They claim it’s due to improved HTML5 support, but who knows really. I suspect their content delivery network uses some kind of Microsoft proprietary compression or somesuch. I know old Netflix was Silverlight-based due to their DRM.
They use an Edge-exclusive DRM for 4K video on the web. You can just download the Netflix app from the Microsoft Store instead.
Yep, I’m aware. I was just answering the person above me.
Installing an app also makes it able to collect much more information than constrained in a proper web browser.
Ok, I got it wrong guys
Chrome has won
Let’s all go home, install a Chromium-based spyware-laced browser and bow down to our Google overlords.
Google needs to be broken up. It needs to separate in at least 5 different companies:
- Admob/Adsense
- Ads/Adwords
- Search
- Android
- Chrome
Okay then… How do 3/4/5 make money? Ist currently everything but 1/2 loosing money in support of propping up the ads?
Charge a fee, advertising is a scourge and needs to be removed from all societies with extreme prejudice.
That’s not very socially inclusive
AdSense and AdWords are essentially the same thing. AdWords is how they monetize AdSense.
They dropped the “don’t be evil” a while ago.
“The slogan was also a bit of a jab at a lot of the other companies, especially our competitors, who at the time, in our opinion, were kind of exploiting the users to some extent”
- Paul Buchheit, the creator of Gmail
Subtext: now that we have the market share, it’s our turn to exploit the users.
It’s sick.
Luckily, other browser manufacturers (Mozilla, Vivaldi, Brave, and even the WWWC) have already spoken out against this proposal. Google loves marketing it as ‘optional’, which it obviously won’t be once implemented. A system like this would be very dangerous for smaller browsers, as it’s incredibly vague who decides what authorities would be allowed to verify browsers.
Additionally, this is presented as a way to remove captchas from the web by proving a request is coming from genuine hardware. However, this proves absolutely nothing about a request being genuine or non-spam. The only thing this proves is that it was created by a ‘genuine device’, so all a malicious user would have to do is to (automatically) send the request via a verified device and they’d pass the check.
Maybe it’s just Google search (ironic), but I couldn’t find anything about the W3C speaking against the proposal. If W3C is against it then I think it’s even more likely the entire thing would be shot down.
Could’ve sworn I saw it in an article or post on here somewhere… but of course now that I actually need the post I can’t find it. Doesn’t really matter though, Chrome can unfortunately push standards through even if others don’t approve, just due to their sheer size alone.
The problem is that Google is able to more or less dictate how the web works at that time. Apart from Firefox and Safari, which both only have a minor market share, pretty much everything is Chrome based.
If Google wants to push some silly idea just to ensure that their silly ads are not blocked, then they’ll do it. I fear that noone really can stop this stupid idea.
We need to hope some governing body steps in and slaps Google with antitrust, because this is a pretty clear abuse of monopoly
I’m sure our octogenarian leaders who are oh so internet savvy will fully understand the nuances associated with browser market share will craft laws to resolve this issue.
/s unfortunately.
Truth be told… Google applies $$$ to our aged elected officials who don’t understand what a browser is much less the nuances behind chrome and chromium based browsers. And will vote by what their campaign donators say… :(
Hot take: the narrative that politicians do not understand technology due to their age is giving them too much credit. They have entire offices full of staffers whose entire job is to explain these things to them in ways they understand, as I am sure they have for some of the more important things. They just don’t care because their purpose is to serve corporations, not the public.
They just don’t care because their purpose is to serve corporations, not the public.
Sadly… This is probably pretty accurate for most of our modern politicians. I’m sure there’s the odd official who cares… But they are a vast minority.
The EU may be our only reasonable hope.
Chromium based forks (e.g. Brave) can disable or remove the features they don’t want. For example, if Google adds a feature that always shows their ads, Brave can disable that feaure or remove it. Being Chromium-based is not as bad as people usually seem to think.
In this proposed DRM-like feature it is slightly different case because Chrome browser is so widely used.
Governmental regulators need to be involved. But I don’t have my hopes up.
the problem is that this is a malignant feature that can only be used for evil
On the other hand, I don’t really have a fundamental problem with it. I don’t use Chrome and am not going to use this. My approach to websites using it will be the same as programs not running on my operating system: I’ll simply ignore them, same as I already ignore websites today that don’t serve me because of GDPR.
I also do see a problem in adblocking. It’s just that it’s the lesser of two evils for me and as such, I opt into it. Google, being on the other side of the situation, for good reasons comes to a different assessment.
All in all I don’t think this is a good development, but OTOH, if someone doesn’t want me to visit their site, that’s ok.
What about when your banking site or the site your landlord wants you to pay with doesn’t work because of this shit?
It’s gonna be a pain in the ass to switch browsers every time you run into one of these sites, and it’ll eventually make its way into most services just because they feel like it.
There are already way too many Android apps that refuse to work on rooted phones just because they feel like not working on rooted phones after they made safety net. It will be pervasive and at some point you’ll have no option but to comply.
I am really hoping some regulatory body strikes this down. Where’s the EU when we need them?
Have you tried to talk to a local EU representative about it?
I don’t live in the EU. I have contacted my local representatives in the US, but we all know they are useless and won’t do a damn thing about it.
deleted by creator
Google became what it is because they had the best search results. Today, other like qwant and sometimes even bing are better. If it was not for Android, the reasons for remaining stuck with Google would have become sparse already. And I daresay Apple is now the less evil option.
I don’t know about that. Google is evil for sure, but I haven’t read anything about their factory workers leaping from buildings to escape life.
Who knows at this point? With this level of advanced capitalism, it’s getting kind of difficult to identify truly ethical corporations.
Google is evil for sure, but I haven’t read anything about their factory workers leaping from buildings to escape life.
Try again. This is from 1 month ago.
Google is still one of the better ones for sure… Apple has gone majorly down the route of proprietary tech, not contributing upstream to OSS they use, not updating OSS they used to regularly ship, and vendor lockin games.
i mean this is like working on the nuclear bomb except you’re eager to drop it on yourselves in the name of corporate profits and ad revenue. virulently disgusting
Fine, I’ll make my own web, with blackjack, and hookers!
Fuck Google, I guess we’re going back to the days of BBS’.
Everyone, please reach out to your local anti-trust government organization to ensure they are aware of this issue. They cannot do anything about something that they are unaware of. It’s easy to forget that the internet is a bubble and not everyone is clued into it’s issues.
Sure, bring that shit to Europe and let’s see how it goes…
Question: Would Pi-holes get around this or would websites still recognise that there’s traffic being blocked?
Removed by mod
Piholes don’t actually block the traffic. The ads still make it from google to your home network. Pihole just intercepts them and sends them off to nowhere before they get to any of your devices. So I believe they won’t be affected by this.
That’s not true. Pihole voids DNS requests, not the actual HTTP responses. When trying to look up an ad, it tells your devices to look at an unassigned ip address which will then not respond with anything.
I stand corrected. Appreciate you setting the record straight. Apologies if my response misled anyone.
I don’t know which one of you is correct so I’m upvoting all of you because I fucking love Pihole.
The rebuttal is correct.
DNS response from pihole makes it so your browser doesn’t even make the request to the server providing the AD. A blocked ad via DNS doesn’t make it to your device, and doesn’t even get downloaded from the remote server.
Nothing new here.
Same old shit.
They’re gonna do what they’re gonna do.
There will be ways around it.
It will be difficult to get around this on smartphones. Those are walled gardens already.
But I wonder how Google plans to make this “feature” for desktop PCs? Won’t work at all on Linux and Mac and requires a kernel level always on spy driver to watch the Chrome process to prevent tampering with it?
You already can’t get around this on smartphones. So many companies force you to use their app and only their app if you’re not in front of a desktop.
and requires a kernel level always on spy driver to watch the Chrome process to prevent tampering with it?
That would be one method, yeah. The attester supplies a kernel driver and uses that to generate the auth tokens communicating with it via some protocol or via scanning memory.
The driver is just chilling in the machine, perhaps even evasive to lsmod, such that the only way to detect it is to have your own driver monitoring for some specific signal before the attestor driver gets installed, and then using that signal to track its installation.
There’s always a way. But, as you say, with phones it’s not as simple.
GrapheneOS or some other ROM on an unlocked Android phone is probably going to be the only way of bypassing it.
Removed by mod
Unironically: Ad blockers.
A lot of fraud happens online via ads which are hosted by Google and Facebook.
This is a power grab by Google. Nothing more.