zlacker

[return to "Google Chrome Proposal – Web Environment Integrity"]
1. predic+Cf[view] [source] 2023-07-18 22:36:42
>>screen+(OP)
Lots of people doom and gloom here about threats to user privacy and freedom.

This is the one I'd be worried about. Thought it was annoying to not be able to use banking apps on a rooted Android? Think about how annoying it will be when you can't do much of anything, even on the Web, unless it's from a sealed, signed Apple/Google/Microsoft image-based OS...

I realize the way Firefox's user share is going, it might not matter or they might feel they don't have a choice but I really, really hope Mozilla doesn't even remotely consider implementing this.

◧◩
2. Gigach+Fr[view] [source] 2023-07-19 00:19:05
>>predic+Cf
The frustrating thing is that this is both the final nail in the coffin for computing freedom, while also having a legitimate use case. I'm seeing new banks that flat out do not have a web UI at all. The reality is that desktop OSs and browsers have done nothing to stop the fact that it is trivial for a regular person to accidentally install malware which is completely transparent.

Online fraud and theft is exploding right now and the average person is simply not capable of securing a laptop so the companies have decided to only allow secure access through a phone which can usually be trusted to be malware free.

◧◩◪
3. predic+Dy[view] [source] 2023-07-19 01:30:22
>>Gigach+Fr
I agree, sort of -- I still think it's a farce. Unless this is implemented in a way that has a checklist that is updated so frequently as to force Windows users to do what they're often notorious for LOUDLY refusing to do... then it's more theatre.

As long as Windows users are allowed to remain as out of date on patches as they are, and depending on what the browser users as its attestation "source", I don't see how the browser and website can ever meaningfully establish the validity of the statement "the client is trusted to be malware free".

◧◩◪◨
4. Gigach+cD[view] [source] 2023-07-19 02:25:48
>>predic+Dy
I wish the answer was that MS would secure Windows better. Sandboxing applications, and making it a pain in the ass to request high privilege functions. The current state of things is you just get a useless popup to grant admin access which literally every program requests so as a user you have no real tools to combat malware.

It's too hard for even someone who is highly knowledgeable to know if they have malware, let alone the average person.

[go to top]