zlacker

[parent] [thread] 1 comments
1. gruez+(OP)[view] [source] 2025-04-13 14:36:43
>What problem do you think Play Integrity solve other than keeping the user's under Google's walled garden?

It ensures requests to your backend are vaguely from actual devices, rather than a bunch of emulators. There's many reasons why developers might want this. It significantly raises the bar for credential stuffing attacks, for instance.

replies(1): >>NotPra+l51
2. NotPra+l51[view] [source] 2025-04-14 01:37:30
>>gruez+(OP)
Yes, developers are of course going to opt for APIs that allow them to be as lazy as possible, forego proper backend security, and reduce costs. But is allowing developers to be lazy worth the cost of destroying user freedom? If so, maybe we should work on bringing back the Web Environment Integrity API. That would really help out web developers and would make web apps a lot more secure. Nobody uses Linux on the desktop anyways besides weird nerds so it wouldn't have any real impact.

Can't wait until we finally kill hacker culture for good. Everyone and everything will be fully secured. It's going to be beautiful. The nerds can cry about it all day long, but they're powerless to stop it.

[go to top]