163
submitted 1 year ago by wolf@lemmy.zip to c/technology@beehaw.org

Found on hacker news.

you are viewing a single comment's thread
view the rest of the comments
[-] fsniper@kbin.social 28 points 1 year ago

Here it is. Another nail in the open web coffin.

[-] Lmaydev@programming.dev 8 points 1 year ago

Or it will help develop a new open web that doesn't include these sort of things.

I have been using Firefox since forever so this sort of stuff doesn't bother me.

I'm happy to avoid websites that require it.

[-] argv_minus_one@beehaw.org 24 points 1 year ago

Will you be happy when your doctor/bank/government's website requires it? When health or law obligates you to comply?

This is much, much darker than just some replaceable entertainment sites being off-limits.

[-] TheOakTree@beehaw.org 3 points 1 year ago

There are a lot of test proctoring services that only work on chrome that are required by schools/universities too. I hate the services, but I don't want to fail my exams, and these online tests/proctoring services are getting more and more common post-pandemic-isolation.

[-] argv_minus_one@beehaw.org 3 points 1 year ago* (last edited 1 year ago)

Ah yes, proctoring malware, because human teachers are just too expensive (but legions of highly-paid administrative staff, mysteriously enough, aren't too expensive).

At least you can confine the malware in a virtual machine right now, but that won't be the case for much longer. I'm glad I don't have any children…

[-] fsniper@kbin.social 7 points 1 year ago

I am using Firefox too. However I also consume lots and lots of general purpose websites which in time probably become not consumable if you are not compliant. Which in turn either render FF not usable, or adopt the unfortunate standards.

[-] argv_minus_one@beehaw.org 2 points 1 year ago* (last edited 1 year ago)

Even if it does implement WEI, it still won't pass validation. Each website will have its own list of approved software configurations, and you'll be lucky if your bank/doctor/government even allows you to use a Mac, let alone your favorite distro's builds of Firefox and Linux.

[-] fsniper@kbin.social 1 points 1 year ago

I rechecked the current spec. It does not fully cover what a user agent can ask to the attestor ( "content binding" to be defined). So we can assume this attestation spec is defined at the attestor.

Of course this does not mean attestor can not have different profiles to attest for.

So your comment even though is possible, just not defined yet. Which we can - I believe - rightfully assume will be in the final spec or implementation.

[-] argv_minus_one@beehaw.org 2 points 1 year ago

That's even worse. Websites will trust only Microsoft, Apple, and Google. Those of us who value our security enough to install Linux will be left out in the cold. We'll be such a small minority that no one ever cares enough to give up on attestation. The pressure will cause our numbers to dwindle to nothing as people flee to proprietary platforms in order to avoid losing access to their bank/doctor/government. All hail the eternal compulsory corporate triopoly.

[-] fsniper@kbin.social 2 points 1 year ago

For now spec calls "holdbacks", which are designed for this purpose. Attestors will fail randomly for a set percentage of the requests so this can't be used as a whitelist. Surely this "holdbacks" will either be not implemented or dropped in no time by attestors.

[-] argv_minus_one@beehaw.org 1 points 1 year ago

Surely. Remote attestation is only useful if it always succeeds on an approved device.

this post was submitted on 26 Jul 2023
163 points (100.0% liked)

Technology

37702 readers
81 users here now

A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.

Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.

Subcommunities on Beehaw:


This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago
MODERATORS