youtube, prime video, netflix, banking, github
none of that for firefox users
I would probably have dropped Firefox back then if it was the only browser that I couldn't watch Netflix in, and I wouldn't be the only one. I don't think Mozilla can bear the loss of userbase.
They now have an interest in limited edition color drops and with their bespoke charactaristic allowing users to select color that best resonates with them.
You and I, as mere mortals, may not know what this means, but rest assured, mozilla does.
It would be trivial for them to build a Chromebook, or Android phone, or browser that you can't flip into dev mode, but they've never done that, even though many of their competitors in the space regularly lock users out of their devices.
In a world with attestation, you can't browse any website unless you are using Chrome or another attested browser. The New York Times would refuse to serve content to unattested user agents. That is what would make everyone use Chrome.
If you are shown a product ad whilst browsing searchengine.example and then later look up the product at reviews.example, then end up making a purchase at shop.example, your browser sends all of these events to an aggregation service that allows shop.example to understand (at least in aggregate, assuming you trust the cartel running the aggregation service) that you were exposed to their product at searchengine.example and further exposed to their product at reviews.example.
Like which one?
You forgot one thing – once a copy of the content is server to AT LEAST one attested user agent – what prevents him from sharing his copy with unattested users?
It is easy to see that if something will make getting the content harder – it will immediately find the path of least resistance. This is the reason any new Netflix title is available for free an hour after the premiere. And the harder Netflix will try to fight this - less time will pass before their content is stolen and re-translated for free. Exactly same will happen to New York Times if they refuse to serve - someone would serve a copy instead of them – because there is now demand created for such copy.
This is already covered by the DRM in all major web browsers today. If your software will allow that, it can't get attested.
Or what prevents me from copying NYT article and re-hosting it? What DRM has to do with it?
I assume it's something like the old Protected Media Path.
For example, if you try to screenshot a Netflix video all you screenshot is a dark-pinkish square, because the video is probably added by the graphics card at the last moment.
Try searching for "only chrome".
The attestation uses a secure enclave in your processor with a secret key you can't access to verify that secure boot is on, you booted a signed OS, the OS is in locked-down mode, etc.
>you can't access
Don't you see how contradictory this is?
No secure enclave of registers or hidden secret keys can help, because a person can utilize the lower-level physical world around the processor to manipulate it (e.g sending electrical currents from a programator device manually). But that is a last resort, there are simple software attacks available already to fake as many "attested" devices as needed (for the same DRM system of Android). It will only bring more jeopardy to the "integrity"
And for tech-minded people it doesn't fundamentally change anything, it just means that it now takes more time to do the same than before