zlacker

[parent] [thread] 9 comments
1. CalRob+(OP)[view] [source] 2023-07-25 11:30:37
Is there an option to have a smartphone and avoid this attack? The moribund Ubuntu phone comes to mind.
replies(2): >>daniel+s1 >>kevinc+co1
2. daniel+s1[view] [source] 2023-07-25 11:39:42
>>CalRob+(OP)
Yes, but accomplices can, in this case, refuse to serve the phone in question - receiving sufficient traffic from infected devices to meet their needs.
replies(1): >>ragnes+4H
◧◩
3. ragnes+4H[view] [source] [discussion] 2023-07-25 15:08:39
>>daniel+s1
At some point we just have to be okay with that. Threats and protests and complaints don't matter unless we back it up with something. If that means upgrading/repairing older devices instead of new ones, or not using web services that require DRM nonsense, then so be it.

I remember in the long, long ago, when I actually visited a BUILDING to do some of my banking tasks. And when I bought physical media that took up actual 3D space in my house to watch movies. I suspect we aren't incapable of going back.

replies(3): >>sp332+0I >>CalRob+5V >>JohnFe+DB1
◧◩◪
4. sp332+0I[view] [source] [discussion] 2023-07-25 15:11:37
>>ragnes+4H
We don’t, and TFA is Mozilla rejecting this.
replies(1): >>ragnes+py1
◧◩◪
5. CalRob+5V[view] [source] [discussion] 2023-07-25 15:59:02
>>ragnes+4H
Banks have been closing branches by the hundreds (at least where I live), and buildings where you can rent physical media are dying out (see Blockbuster, though the local library is fighting a valiant rearguard action). If 96% of people will use the bank app on their Approved by Alphabet phone (or browser) then the bank can ignore the few weirdos like us.
replies(2): >>ragnes+ay1 >>JohnFe+VE2
6. kevinc+co1[view] [source] 2023-07-25 17:33:42
>>CalRob+(OP)
Sure. On my phone I run LineageOS. But now I can't run Google Pay, Netflix, by bank's app, the McDonalds app, Snapchat and many more. No big loss for me but as these systems get more pervasive you can only expect that this list grows. These companies want to control us and these APIs given them the possibility to do so.

* I can actually run Google Pay because the original SafetyNet API was software backed. So I can spoof a signature from an old device that didn't support hardware attestation. In particular my Pixel 4a claims to be a Nexus 5 so that Google's servers don't expect a hardware signature. But I'm sure that the clock is ticking until these apps (or Google globally) stop considering software backed validation acceptable. I'm quite sure that this Web Integrity API will be hardware backed from the start.

◧◩◪◨
7. ragnes+ay1[view] [source] [discussion] 2023-07-25 18:06:03
>>CalRob+5V
That's true. So, the question is: Do you protest now and hope there are enough of us to get them to change their minds, or do you just accept it now because it's most likely going to happen either way?
◧◩◪◨
8. ragnes+py1[view] [source] [discussion] 2023-07-25 18:06:52
>>sp332+0I
For now. I'm not a Mozilla hater like many people here seem to be, but they caved on EME, and I'm honestly very skeptical that they won't eventually cave here.
◧◩◪
9. JohnFe+DB1[view] [source] [discussion] 2023-07-25 18:18:59
>>ragnes+4H
> At some point we just have to be okay with that

We don't have to be OK with it, but it seems inevitable that everything is just going to shit. Starting with smartphones. That's why my current smartphone will be my last one. The cost/benefit of them is no longer favorable.

I think that the web itself will be the next casualty.

◧◩◪◨
10. JohnFe+VE2[view] [source] [discussion] 2023-07-25 23:09:34
>>CalRob+5V
> buildings where you can rent physical media are dying out

Yes, in terms of buildings. But I see as many RedBox kiosks around as ever.

[go to top]