Most users (at least in my observation, in the instances and communities i’m on) on Lemmy are privacy minded, open source fans, linux enthusiasts
, etc.
Google is evil and will suck up any data they can find on you and sell it to anyone that will give them a buck. Lemmy users don’t like that. (me either)
Google also makes a lot of money selling ads that are crafted for your likes based on the data they steal from you. Lemmy users also don’t like that (me either).
Ad blockers will hamper some (not much) of google’s ad revenue so they don’t like them. many users use Ad Blockers ( I use an ad blocking DNS server)
Recently Google announced that their Chrome browser would not allow ad-blockers because it’s changing the functionality that ad-blockers use (Google sucks, don’t use Google stuff)
So that is why it’s showing up an Lemmy a lot right now.
You’ve already got some answers, but the recent drama is specifically about a Chromium-centered API, called Web Environment Integrity.
It has been found on a Google engineer’s Github account, and iirc it’s being tested on Chrome.
It’s basically web DRM.
The idea is that the API allows websites to require browsers to guarantee they are unmodified through a “third-party” attester, like Google SafetyNet (or whatever the fuck it got rebranded as) does.
Imagine if you were trying to access a mobile-only website on your PC, by changing your HTTP user agent string;
the website would refuse to serve you the page, and tell you “I don’t trust you, are you really a Google Pixel?”.
A real Pixel’s browser would ask Google Play to vouch for it, and the website would trust Google Play (due to cryptographic shenanigans and whatnot); your browser, however, would not have an attester that:
is (claiming to be) universally accepted as trustworthy;
answers “yes, I’m a Google Pixel” on a PC;
has the necessary cryptographic secrets to work.
That doesn’t sound too bad.
But, what if the attester can check your browser’s extensions, and tell the website that you’re running an adblocker (which is WEI’s explicit goal)?
What if it also checks your system’s running processes or applications?
What if you ran a debloater script for Windows, and the attester decided that a lack of ads in the start menu was sus?
What if it detected VPN usage? I know some governments that wouldn’t like that, I bet they would like it if VPN users would be denied access to half the web…
It’s “true” in the sense that it could happen in theory, Google is (allegedly?) planning to use WEI for forcing people to see ads rather than China-firewalling the web; also, WEI was still under development last time I checked.
Whether the attesters that end up being universally trusted will poke around to check for VPNs is up for speculation, for now.
Even then, this is just an API for websites. If you use other means of communication, you’ll be fine.
Guilty, I’m ootl. Can someone explain why my Everything feed is all about browsers?!
Here’s the TLDR version:
Most users (at least in my observation, in the instances and communities i’m on) on Lemmy are privacy minded, open source fans, linux enthusiasts , etc.
Google is evil and will suck up any data they can find on you and sell it to anyone that will give them a buck. Lemmy users don’t like that. (me either)
Google also makes a lot of money selling ads that are crafted for your likes based on the data they steal from you. Lemmy users also don’t like that (me either).
Ad blockers will hamper some (not much) of google’s ad revenue so they don’t like them. many users use Ad Blockers ( I use an ad blocking DNS server)
Recently Google announced that their Chrome browser would not allow ad-blockers because it’s changing the functionality that ad-blockers use (Google sucks, don’t use Google stuff)
So that is why it’s showing up an Lemmy a lot right now.
You’ve already got some answers, but the recent drama is specifically about a Chromium-centered API, called Web Environment Integrity.
It has been found on a Google engineer’s Github account, and iirc it’s being tested on Chrome.
It’s basically web DRM.
The idea is that the API allows websites to require browsers to guarantee they are unmodified through a “third-party” attester, like Google SafetyNet (or whatever the fuck it got rebranded as) does.
Imagine if you were trying to access a mobile-only website on your PC, by changing your HTTP user agent string;
the website would refuse to serve you the page, and tell you “I don’t trust you, are you really a Google Pixel?”.
A real Pixel’s browser would ask Google Play to vouch for it, and the website would trust Google Play (due to cryptographic shenanigans and whatnot); your browser, however, would not have an attester that:
That doesn’t sound too bad.
But, what if the attester can check your browser’s extensions, and tell the website that you’re running an adblocker (which is WEI’s explicit goal)?
What if it also checks your system’s running processes or applications?
What if you ran a debloater script for Windows, and the attester decided that a lack of ads in the start menu was sus?
What if it detected VPN usage? I know some governments that wouldn’t like that, I bet they would like it if VPN users would be denied access to half the web…
If the comment about VPNs is true, I will lose touch of half of my friends and families that live in Iran. This is truly evil…
It’s “true” in the sense that it could happen in theory, Google is (allegedly?) planning to use WEI for forcing people to see ads rather than China-firewalling the web; also, WEI was still under development last time I checked.
Whether the attesters that end up being universally trusted will poke around to check for VPNs is up for speculation, for now.
Even then, this is just an API for websites. If you use other means of communication, you’ll be fine.