zlacker

>>jakobd+(OP)
> Google's plan is that, during a webpage transaction, the web server could require you to pass an "environment attestation" test before you get any data.

There is no value in this "attestation" for me as a user. I want to be able to do whatever I want with the browser (for example, remove ads or block access to canvas and webgl) and I want sites to be unable to know this. And probably this attestation will provide additional fingerprinting signals which is what I don't want.

>>codedo+rg
Ehhh, it depends.

In theory one could imagine a scenario like a bank website refusing to be accessed unless the entire OS & browser stack pass attestation - as that would rule out things like keyloggers, malicious browser extensions, and session hijacking.

In practice it'll just be used to lock down content and force unskippable ads on users, of course.

>>crote+hn
But that's not a direct value. I'm aware that reducing fraud for banks will potentially (bank behavior makes me doubt this) increase interest rates/decrease fees since they'll have less stolen money. I'm also aware that the current internet is built on free-as-in-beer services due to ads typically covering costs.

I'm not interested in being hobbled for either of those problems. I remember when banks used to reject my browser because it wasn't IE in Windows. I remember when I had to look at webpages that were 50% advertising.

Screw that.