zlacker

[return to "Google engineers want to make ad-blocking (near) impossible"]
1. Adverb+T5[view] [source] 2023-07-26 10:56:52
>>pabs3+(OP)
It isn't just "make ad-blocking (near) impossible" as the current title of the submission suggests. It is:

Make browsing the internet possible only on Chrome, Safari or Edge (with no modifications or extensions). No competition allowed in browsers.

Make browsing the internet possible only on macOS, Windows, Android or iOS (no custom Android distributions, definitely no LineageOS or GrapheneOS or whatever). No competition allowed in Operating Systems, especially no open source operating systems.

Make crawling the internet possible only to Google. No private crawling and no competing search engines.

Let me know if I've missed anything...

◧◩
2. mozbal+S8[view] [source] 2023-07-26 11:14:33
>>Adverb+T5
iirc remote attestation is reliant on hardware attestation, which means these websites will only run on authorized DRM-enforcing hardware and architectures. Only Intel, AMD, Qualcomm and the like. No open-source firmwares, architectures or hardware.
◧◩◪
3. jeroen+Ld[view] [source] 2023-07-26 11:44:33
>>mozbal+S8
What attestation the website accepts entirely depends on the configuration. There's nothing in the spec that will prevent attestations for Linux computers. Linux already works perfectly fine with secure boot and such, I don't see why a signed bootloader starting a signed attestation engine wouldn't be trusted by third party websites.

It'll kill open platforms like the rare open source RISC-V implementations, but for almost any platform in use today this can be implemented.

The real question is "but will it", and in practice websites will probably only whitelist Chrome, Edge, and (reluctantly) Safari.

◧◩◪◨
4. codedo+Eh[view] [source] 2023-07-26 12:07:44
>>jeroen+Ld
> I don't see why a signed bootloader starting a signed attestation engine wouldn't be trusted by third party websites.

Do you mean a kind of Linux where root cannot do anything he wants? Like Android?

◧◩◪◨⬒
5. jeroen+Zm[view] [source] 2023-07-26 12:38:55
>>codedo+Eh
Yes, a kind of Linux like Ubuntu or Fedora that already boots with secure boot enabled with full support of TPMs and similar technologies. The kind of Linux 99% of Linux users are running today.

More secure variants like Android, leveraging SELinux and such, help with sandboxing but I don't think that SELinux is a struct requirement.

◧◩◪◨⬒⬓
6. codedo+ys[view] [source] 2023-07-26 13:05:37
>>jeroen+Zm
I mean if root can do anything then such system is not "trusted" from corporations point of view. Therefore, it won't be able to pass the attestation or play DRM content.
[go to top]