> How does this affect browser modifications and extensions?
> Web Environment Integrity attests the legitimacy of the underlying hardware and software stack, it does not restrict the indicated application’s functionality: E.g. if the browser allows extensions, the user may use extensions; if a browser is modified, the modified browser can still request Web Environment Integrity attestation.
Then what's the point? I can make modified bot browser that commits ad fraud as long as I don't use a rooted Android phone?
I don't believe they're being honest with how this will be used. We need to legally regulate remote attestation.
> As new browsers are introduced, they would need to demonstrate to attesters (a relatively small group) that they pass the bar, but they wouldn't need to convince all the websites in the world.
It speaks for itself. Horrid.
Yeah, this just incentivizes spammers to copy the parts of Chromium that do the attestation (or whatever browser has source available), and use that to pretend they're Chromium. There will always be workarounds. This seems to kill innovation and allow spammers to flourish.
I suppose I can understand an argument that they want to prevent scraping, but this is absolutely not going to stop that.