Google Tries to Defend Its Web Environment Integrity as Critics Slam It as Dangerous
Google Tries to Defend Its Web Environment Integrity as Critics Slam It as Dangerous
Google has defended its Web Environment Integrity on the grounds that it aims to make web browsing more private and safe through tokens.
Attacks and doxing make me personally MORE likely to support stronger safety features in chromium, as such acts increase my suspicion that there is significant intimidation from criminals who are afraid this feature will disrupt their illegal and/or unethical businesses, and I don't give in to criminals or bullies
Kick a puppy
Get attacked for kicking a puppy
"These attacks make me MORE likely to keep kicking puppies, as I don't give in to intimidation from criminals and bullies that want healthy puppies for their nefarious ends."
They’re literally burning bridges after crossing them huh. Web scraping is illegal? Their fucking search engine was powered by a web scraper.
WEI is plain anti-competition to me now. Most, if not all, of their stated reasons are now just facade to me.
Fuck Google. I know this isn’t constructive or helpful, but fuck em.
197Google gained control of the web by populating the world with Chrome/Chromium and wants to strong arm the web as a whole through it. Climbing the ladder and pulling it up from underneath them, with their fisted approach to Manifest V3 the beginning salvo.
For Google it's just another day in the office.
49Embrace, Extend, Extinguish.
Google is the new Microsoft.
30
Quick correction: website scraping and ad blocking is not unlawful. It both is a means to make the web more accessible and the latter also reduces CO2 emission through reducing electricity usage from irrelevant ads. The same case could be made for web scraping as a user can make their own feed of news without having to sift through hundreds of pages. This as well can be done in a way that does not disrupt the pages‘ normal function.
That is where the two larger issues come in:
- people can argue that you need to pay for viewing a page/getting information through apps And
- branding powerusers as criminals („unlawful“) is unfair and false
The „pay for information“ is largely a phylosophical problem. It is no problem to pay for someones book or online course but the blanket statement that one has to pay for it is false. As an open source developer I give my work freely to others and in turn receive theirs freely as well (if they use the appropriate license of course).
We really have two sides forming. The „open internet“ crowd that works together for free or maybe accepts donations and the proprietary crowd which is having a huge influence right now.
Google putting in web DRM will cement that situation and make it possible that you can only use vanilla stuff on your browser and ultimately even shutting down any access to open source things completely by making it impossible to run on ubuntu since google will only accept windows clients (this is a possible outcome, not a guaranteed one).
All in all, we are unable to perfectly anticipate the outcome of this but if we see great harming potential, it is fair to weigh it agains the potential benefits (which is the lofty goal of weeding out bots and scammers). I think the cost benefit relation is heavily tilted here.
TL;DR: Tinkering with your browser is not illegal and should be allowed to continue. The cost of (potentially) weeding out bots and scammers is not worth potentially ruining the open source community.
136I work with cultural heritage and have the strong believe, that information should be open and easy accessible. Citizen have a right to access to knowledge and to educate themselves unter their circumstanses. But of course the Infrastructur cost money and this should always be a discurse between all parties. And not been dictated by major companies.
It is a really hard fight for museums, archives and libaries lately. What do you do when your electricity bill jumps up to 5 million during the war in the ukrain?
We need to unite and search for ways to keep the Internet accessible.
50Plus adblocking should be basic security posture these days. Does no one remember pop up ads delivering spy/malware? Still happening today, why should I allow a site to display ads that are intended to cause harm to my person and property. Does the ad service or site using it have no responsibility to safeguard their users against these threats when removing their ability to defend themselves?
4Yes, I remember the malicious popups from the past. In fact, some installers put non hazardous but still unwanted software of your pc while concealing it as just another page of things to accept (like avira for example). It’s all just harvesting that sacred attention and precious data. This is why it needs to stop. We don’t need to accept this. We can actually work together (open source) to advance and improve instead of letting someone use us for their gain while holding a carrot on a stick in our face.
2
Doesn't Google scrape websites? Isn't that the entire purpose of google.com? If that were illegal, then Google would be the biggest offender. The author should probably look where he's pointing his gun before firing it.
2It sounds like the author is getting their points mixed up. It is not unlawful to scrape websites but google kind of makes it look that way which is inherently bad. There’s no two ways about this. Google needs to step back from this.
3
Is it just me or are Twitter, Reddit, and now Google, scrambling to lock their doors to any entities trying to scrape the web for new AI datasets?
All these hugely unpopular decisions, taken on short notice, that may be fatal to their platforms, seem to be more like knee jerk reactions to protect their treasure hoards of possible AI input data.
Opinions?
81scrambling to lock their doors
From a consumer perspective, it seems like all the FANG conglomerates are trying to shut the stable door after the AI horse has bolted, but perhaps from an industry perspective, their just trying to pull up the ladder behind themselves to curb competition, or stall any emerging upstarts, just like most FANGs where themselves only decades ago.
47I my experience the people running large companies are idiots who got their position by brown nosing the right people so it doesn't really surprise me. Google is pretty well known too for coming up with stupid ideas they scrap in a few years
25Reminds me of the CEO saying that they don't play video games but are behind stadia.
I called it in my circle that it would be shut down in roughly 3 years.
7Hopefully this is just another idea they scrap and they don't follow through with it.
4
They want to close the AI market
11Eh... nothing's happening with Twitter outside of Elon being dumb as hell, as per usual.
5
"WEI can potentially be used to impose restrictions on unlawful activities on the internet, such as downloading YouTube videos and other content, ad blocking, web scraping, etc."
WTF. Most of these activities are actual lawful in the country I life in. (Especially with adblockers, the content mafia tried to outlaw it and failed in court, several times.)
69All of them are lawful
29not to mention that every single thing your browser is displaying has actually been downloaded. it's conceptually impossible not to be the case...
12Not a surprise that Google would like to make "downloading content" impossible
1
The proposal is bad enough as it is, but it’s the duplicitous gaslighting BS that really pisses people off.
If they came out and said “We came up with this thing to prevent loss of revenue on ads and prevent LLMs from capturing data” then people would still be against it, but at least it would feel like an honest discussion.
Instead it’s just another page out of Google’s playbook we’ve seen many times already.
- Make up some thinly veiled use cases that supposedly highlight how this would benefit users, while significantly stretching the definition of “users”
- Gaslight every one by pretending that people simply misunderstand what you’re proposing and what you’re trying to achieve
- Pretend that nobody provides reasonable feedback because everyone is telling you not to commit murder in the first place instead of giving you tips on how to hide the body
- Latch onto the few, inevitable, cases of people going too far to paint everyone opposing it in a negative light
- Use that premise to explain why you had to unilaterally shut down any and all avenues for people to provide comment
- Make the announcement that you hear people and that you’re working on it and that all will be well
- Just do what you want anyways with minimal concessions if any and rinse repeat
For what it’s worth I blame W3C as well.
Their relatively young “Anti-Fraud Community Group” has essentially green lit this thing during meetings as can be seen here:https://github.com/antifraudcg/meetings/blob/main/2023/05-26.md
https://github.com/antifraudcg/meetings/blob/main/2023/07-07-wei-side-meeting.md
68W3C is in the palms of Google anyway.
13I did not know this. I always likened them to the EFF, an organization that aimed to make things better. Never in a million years would I have thought they were just shills for Alphabet 🙁
5Google has been the W3C since Chromium
4
WEI can potentially be used to impose restrictions on unlawful activities on the internet, such as downloading YouTube videos and other content, ad blocking, web scraping, etc.
Did the author of the article come from some dystopian parallel universe?
41Yeah, violating TOS or EULA unlawful? Unbelievable bs. Imagine a world where users become criminals for routine and innocuous activities because of shifting TOS that no one reads and is intentionally impenetrable and user hostile.
Sad truth, this is not a new idea. Glad folks are looking out for this and setting precedent against that nonsense. (PDF warning, but a good read)
6Permanently Deleted
1
That's a good initiative from google to put more tracktion behind firefox again. Its userbase and amount of supporters will skyrocket!
39It really won't, but I wish it would.
21You’re right that it won’t. I will say that I switched from Firefox to chrome when it was still in beta (nobody I talk to ever remembers the “goats teleported” metric). Chrome was way faster. It didn’t handle memory well, but it was the best for me for a long time. The extensions were great.
I just downloaded Firefox on all my devices and I’ve been happy so far. Not as fast as chrome or edge, but gets me closer to leaving google.
4
No, it won't.
11
Upvoted to keep attention on this thing, but that really was a vacuous article with almost no real information in it.
37Yeah, I found the discussions on HN and the debates in the Google group mailing list ("Intent to Prototype: Web environment integrity API") much more interesting, but didn't hot link the latter in the OP post to limit brigading. Although that mail list archive is made publicly accessable.
14
Permanently Deleted
34Google must have forgotten when they sued Microsoft for trying to corner the browser market for Internet Explorer. Or maybe they are two faced.
32Companies have only one goal, more profit. Both actions here work to that goal.
18No no, they sued because they were behind.
Now they are not. Nothing wrong anymore.
9That was for tying IE to Windows, and it was also done while there were paid web browsers competing with them. Then they forced OEM PC makers to bundle IE or get dropped as a customer for Windows licenses.
4Companies never sue because of idealism or values. They sue to get an advantage.
Same as Musk, who is publically harshly against government subsidies for companies. Unless he's the recipent.
4
What exactly is the attestation checking? As far as I can tell it is a TPM assertion possibly that you have secure boot enables and that the browser has not been tampered with. Is there anything else? I looked in the Github page but alls that I saw was placeholders. Is this documented somewhere?
10I think it's up to the attestor. So in theory it could check anything from what you described (most likely) to requiring that all users have a background image of Ronald McDonald (less likely).
7It's TPM based on Android yes from the look of it, their article mentioned the Play Integrity API. So at least on phones it can potentially require a locked bootloader running the vendor's OS completely unmodified.
3That makes a lot of sense. Not sure how that would work on Windows where users typically run with admin credentials. Yes, I cannot modify the boot loader, but with admin credentials I can do many malicious things to your traffic in between the browser and the OS, up to and including attaching a debugger to your browser process to see kernel memory.
I know it is possible for Linux to pass secure boot in some cases, so in theory it could be possible for there to attestation on Linux systems, but this suffers from the same flaw as Windows since users have root access.
In the end the only thing this will do is prevent someone from using curl or cli tools to access a site that requires attestation. Will this prevent bots? I am not certain. You could in effect guarantee a 1-1 relationship of users to TPM/Secure Enclaves. This would slow down bot farmers, but not stop them.
Chinese bot farm with 100's of physical smartphones -> https://youtu.be/aSESD6rm54o
1
Off-Topic: I saw this same exact post in lemmy.world.
Are some posts posted cross-instances? How does that work.
4I think if the local and remote instances are federated - for posts submitted to remote communities that have subscribers from the local instance - posts to the local instance can be annotated with
cross-posted to:links, whenever the local instance is aware of other federated posts that have a matching URL in other OP posts.A single OP can manually cross post to other communities using the
cross-postbutton next to the title of a post, although that will auto populate the body text of the new post with quoted text from the original, as well as an embedded hyperlink to the original.So coss-posts can be both auto detected by Lemmy, or manually created by OP(s).
5
What's this website that you linked to? It seems like Reddit or lemmy
1Hacker news is based on an old version of Reddit. It's a great community for tech & programming news.
3Thanks I had no idea! Seems really simple and clean
2
Kick a puppy
If you have to resort to false equivalences like these, you're not really making the anti-WEI crowd look good.
*Edit: * There's some massive misunderstanding about my comment.
I called it a false equivalency because it's comparing both the measures ("stronger safety") and the thing is supposed to prevent (doxing and bullying) to puppy kicking.
That's just emotional manipulation done badly. We all call it out when politicians use pedophiles to warrant Internet surveillance, and now apply it ourselves? I don't know about you, but when I see bad reasoning, I'll call it out. Even if it's done by "my side".
-59Analogies are inherently false equivalences.
It's illustrating the problem with the argument, not equating DRM technology with puppy kicking.
75Though, for the record, this is one of the few situations where humanity would have been better off if Google had simply paid their web engineers to go out into the world and kick animals all day long instead.
9Both support stronger safety features in chromium and criminals and bullies got equated to kicking puppies. That's why it's a shoddy attempt at illustrating their reasoning.
-2
I think the comment that
the_legois replying to also highlights the false equivalency of calling the anti-WEI crowd as criminals, as was not a good look for Google.They have apologized for using the word criminals & bullies in a broader context and I appreciate that. However, the initial part of the comment is very telling of how they view those who oppose.
51That is an analogy.
The analogy being, do something objectively bad, get called out for it, double down because you don't like getting called out for it.
No one is equivocating anti-wei people to puppies.
18There's some massive misunderstanding about my comment.
I called it a false equivalency because it's comparing both the measures ("stronger safety") and the thing is supposed to prevent (doxing and bullying) to puppy kicking.
That's just emotional manipulation done badly. We all call it out when politicians use pedophiles to warrant Internet surveillance, and now apply it ourselves? I don't know about you, but when I see bad reasoning, I'll call it out. Even if it's done by "my side".
0
This is quite a bit worse than kicking a puppy. Of course, it's horrible when puppies get kicked but ultimately they will be on. This, on the other hand would be a major set back to humanity, potentially permanent as our rights and privacy are erroded day by day.
1Agree
-13