🆘

You are viewing a single thread.
View all comments View context
93 points

From my understanding, it allows a website to check if you’re running a Chromium browser, and block your access to the site or to features of the site if you aren’t

permalink
report
parent
reply
54 points

Well then I am a chromium browser. At least as long you need to think that.

What technology they are using I can’t fake on a Firefox?

permalink
report
parent
reply
75 points

It’s the API itself, it’s a little more complicated than just checking if you have a chromium browser. What it’s looking for is special tokens generated by google within chromium browsers. Google is selling this idea as a way to help verify identity of the end user and thus block bots. That’s concerning, because it suggests that google will have some verification method likely involving ID and generate a unique token with that info associated with it. This is a real concern for web privacy for like a million reasons, obviously, and ideally should not be adopted by anyone. If other tech gatekeepers adopt it (and they would love to) it will block giant swathes of the internet from people refusing to use the tech and further googles monopoly over general consumer browser use. Now, could the token be fudged? Possibly. But it will take time to figure out.

permalink
report
parent
reply
83 points

And what’s really fucking infuriating about this is that it honestly has nothing to do with making the internet a better place to be or improving the safety of the internet or protecting children or anything like that.

It’s about ads.

They’re literally trying to fuck the entire internet in broad daylight so that they have a way to guarantee to their advertisers that they are targeting you with the ads the advertisers want you to see.

permalink
report
parent
reply
5 points

🤔 So what happens if you look up porn on a chromium browser and then try to run for office years later? Couldn’t they in principle blackmail whoever they wanted?

permalink
report
parent
reply
36 points

This is why google wanted to deprecate the User-Agent header.

permalink
report
parent
reply
15 points

god that’ll make it impossible to do a bunch of frontend work for anything but their browser. which is another reason they want to do it, i’m sure

permalink
report
parent
reply
4 points

… Oh. Sorry friend, they’re using TEE, trusted execution environment, aka the place where a key is put by the manufacturer and not available to the user without an exploit or taking apart the processor. Faking it isn’t going to be like changing the user agent

Fun how companies came up with a way to run code on our hardware at home without our ability to modify it

permalink
report
parent
reply
1 point

Well then I won’t use it and maybe cut my access to their Services

permalink
report
parent
reply
28 points

Bing for enterprise is already blocking browsers that aren’t Edge. Clicking “Edge” from the list of browser identities in Firefox seems to go around the block.

permalink
report
parent
reply

Soon, we’ll get to “Best viewed with Chrome”, “Best viewed on 1920x1080”, “Google Chrome NOW!” even though other browsers could load the webpages just fine.

Oh, wait.

permalink
report
parent
reply
26 points

On what grounds? I know why google wants this, but why would the average website do this?

permalink
report
parent
reply
45 points

I can already picture Google down-ranking search results for any website that doesn’t implement it because obviously “if they aren’t using the integrity API we can’t guarantee they’re safe for our users”

permalink
report
parent
reply

Which… would just de-value Google Search, no?

permalink
report
parent
reply
22 points

The ‘average’ website wouldn’t but many of the social giants are desperately looking for a way to limit bot use. So Google gives them what they want and simultaneously gets to be the most reliable advertiser, ensuring impressions are viewed by not just a human but the right human.

permalink
report
parent
reply
7 points

How does this limit bot use? Is there something anti bot about chromium? Or does the api do more beyond checking for chromium compatible browsers

permalink
report
parent
reply
18 points
*

This goes with other changes they did to chromium. Google claims it is to prevent bots, but it really is a crackdown on ads blocking and any other “tampering” with their websites.

If you care about keeping web free, you should stop using chrome and its derivatives and switch to Firefox. They are believing that Firefox user base is low and websites can simply exclude FF and force it to implement it as well.

permalink
report
parent
reply
18 points
*
Deleted by creator
permalink
report
parent
reply
10 points

Don’t sites already do this?

permalink
report
parent
reply
27 points

browsers can currently report to be anything. which is why Google is trying to stop it.

permalink
report
parent
reply
7 points

It’s not about whether it’s a chromium browser or not. It’s about whether a browser is “trusted” and installed from a “trusted” source, like the windows store… Basically gatekeeping. Still, Firefox and any browser could still be approved.

permalink
report
parent
reply
13 points

This would be an insane damage to the Linux community since there are many different ways to install programms(including browsers).

permalink
report
parent
reply
1 point

Absolutely! I would wager a guess that something like this would require support on a package manager level, meaning that the biggest like Ubuntu or what not could have access to a functioning “trusted” browser. But good luck on a niche distro, or if you want to compile it yourself, or if you want to use certain extensions or…

permalink
report
parent
reply
8 points

What’s more trusted than source code?

permalink
report
parent
reply
2 points

According to Google - probably source code that can’t block ads and that is known to not block trackers… basically.

permalink
report
parent
reply
4 points

Or the API can die a quick death, like so many other Google products.

permalink
report
parent
reply