Google tries to defend its Web Environment Integrity

Permanently Deleted

WEI can potentially be used to impose restrictions on unlawful activities on the internet, such as downloading YouTube videos and other content, ad blocking, web scraping, etc.

Not one of those things is illegal.

Some are against a site’s TOS and some are outright fine.

If you are not using Firefox now is a good time to start.

There is no defense of the move. It's bad for the internet. Pure and simple!

Google has turned into a corporate criminal which is abusing its trusted position in society.

The only solution is to break the company up before it can wreak more havoc on society.

They claim it's to prevent bots, but we all know it'll soon become standard in every WAF out there (Cloudflare, Akamai, etc) to just blanket block browsers failing attestation.

All you need to know what will happen is to root an Android phone. You'd expect Netflix and bank apps and other highly sensitive apps to stop working. Okay, I can accept that, it kind of make sense. But the more you use the phone the more you realize a ton of apps also refuse to work. Zoom complains and marks your session as insecure, the Speedtest app refuses to test your speed, even the fucking weather app won't give you weather anymore. Jira/Confluence/Outlook/Teams also complain about it. It's ridiculous.

Even if it'd trust Google to not misuse the feature and genuinely use it to reduce ad fraud, the problem is the rest of the developers and companies. Those, they absolutely cannot be trusted to not abuse the feature to block everyone. Security "consultants" will start mandating its use to pass security audits, government websites will absolute use it, and before you know it, half the web refuses to work unless you use Chrome, Edge or Safari.

The fraud-fighting project has fired up quite a controversy

fraud-fighting? Even Google's initial pitch was explicitly describing it as a way to sell more ads.

There's an ongoing protest against this on GitHub, symbolically modifying the code that would implement this in Chromium. See this lemmy post by the person who had this idea, and this GitHub commit. Feel free to "Review changes" --> "Approve". Around 300 people have joined so far.

It won't block browsers that spoof their identity? Yeah, sure.

From this github comment:

If you oppose this, don't just comment and complain, contact your antitrust authority today:

• US:
  • https://www.ftc.gov/enforcement/report-antitrust-violation
  • antitrust@ftc.gov

• EU:
  • https://competition-policy.ec.europa.eu/antitrust/contact_en
  • comp-greffe-antitrust@ec.europa.eu

• UK:
  • https://www.gov.uk/guidance/tell-the-cma-about-a-competition-or-market-problem
  • general.enquiries@cma.gov.uk

• India:
  • https://www.cci.gov.in/antitrust/
  • https://www.cci.gov.in/filing/atd

• Canada:
  • https://www.competitionbureau.gc.ca/eic/site/cb-bc.nsf/frm-eng/GHÉT-7TDNA5

It's time to use web integrity against them, by blocking access to your site if they "pass" integrity checks, and telling them to use a freedom respecting browser instead.

Fuck Google 2023

I'm glad the reaction all around seems to be "That's sus as fuck"

Google: Do no ALL evil.

It offers web publishers a way to integrate their websites or apps with a code that checks with a trusted party (such as Google)

Imma stop you right there...

So, how the hell is this supposed to prevent bots? Unless Google are planning to completely lock the browser down to prevent user scripting and all extensions then surely you can still automate the browser?

Just like Trickle Down, “Don’t be evil” has aged well and deserves to be repackaged. /s

*waiting patiently for EU to catch on to this.

Google may not like the outcome…

I stopped trusting google when they decided to remove the "Do not be evil" clause

They don't care about a "safe web environment". That is not making them any more money. Knowing much more about their users and being able to perfectly match everything a user does anywhere with Googles advertising business, though, will.

explain like i'm a developer why wei is bad? ad blocking can already be detected

While you are at it, convince Apple to allow Firefox on iOS, and decline to use WEI in Safari. Otherwise there's no way to avoid WEI on iPhone, and only one mainstream rendering engine free of this insidious malware. Many companies will shy away from it if it breaks mobile apps on the Apple platform.

Well passed time to do some monopoly busting.

Would WEI stop Adblock by DNS? Like pihole or similar ?

There's no way there's a legitimate argument why this is good for us/the internet

it says something about "spoofing identity" which raises a good question. If this does happen, how difficult would it be to just lie about your client environment with a spoofer of some sort?

We do not decide what is right and what is wrong.

But you don't accept our drm do you're wrong.

*its

I ain’t trusting nobody

The word "intend" comes up quite a bit around this topic.

Just like Trickle Down, “Don’t be evil” has aged well and deserves to be repackaged. /s

I'm a bit less worried after reading this comment, which explains things like how they DON'T want it to be "DRM for the web" and the proposed measures to prevent it. https://github.com/RupertBenWiser/Web-Environment-Integrity/issues/28#issuecomment-1651129388

I think we need to start being very realistic here.

Google has ad buying customers who want their ads served, and it's those customers that would probably opt into the SDK and API in the first place. Scope matters.

Next there's a plethora of freeloaders on the Internet who consume mountains of content but who scoff at paying for or contributing to the Internet.

Lastly I'm not seeing anything here that says it will block a site like Lemmy for example.the one thing I do find problematic is this potentially limiting competing browsers