zlacker

[return to "Mozilla Standards Positions Opposes Web Integrity API"]
1. howint+Zk[view] [source] 2023-07-25 05:31:55
>>danShu+(OP)
There is a long history of hackers—in the classic sense—using computers to do things other people don't want them to do, and those other people unable to do anything about it (or, at best, engaging in an arms race with the hackers). This has been bad for those other people but overall very good for society. It is what birthed GNU, "IBM Compatible", ad blockers, Firefox, BitTorrent, YouTube ReVanced/youtube-dl, and so much more.

The goal of device attestation for consumer software is to put an end to that. Originally pioneered by Apple on iOS, now making its way to all of computing thanks to the forces of capitalism, device attestation means that the hackers lose. It is the bad ending.

The other twin threat, and I hate to say it, is the software industry sorting its security story out. In the past iOS jailbreaks used to be common, but there hasn't been an iOS jailbreak in a year. Rust isn't helping.

We are hurtling towards a world where producers and IP holders have complete control over the content they produce, and use leading-edge cryptography and ultra-secure consumer-hostile software to keep it that way. This is one of the most dangerous developments to ever happen in all of history, and once it's real there's no going back.

Stallman was right.

◧◩
2. klabb3+zG[view] [source] 2023-07-25 08:48:34
>>howint+Zk
Well put. In practice, all this attestation crap is just DRM, as far as I can tell. It’s of course being marketed as an opt-in thing which can “improve your experience”. Similar to how giving your wallet away at gunpoint can improve your happiness.
◧◩◪
3. pydry+Ia1[view] [source] 2023-07-25 12:57:47
>>klabb3+zG
Functionally it's a protection racket. In exchange for protecting your devices from small, low frequency risks like evil maid attacks or whatever, you are uniquely identified for the purposes of DRM and advertising.

It's not really optional. At least, not unless you consider online banking to be optional.

◧◩◪◨
4. Avaman+NL1[view] [source] 2023-07-25 15:34:51
>>pydry+Ia1
You personally get protected from low frequency massive impact risks.

Website owners get protected from an ever increasing amount of malicious content. Now nearly impossible to detect thanks to LLMs. In theory you should be able to see the appeal that has.

[go to top]