Post AXwmli8oQ06b2oePqa by starchturrets@mastodon.social
(DIR) More posts by starchturrets@mastodon.social
(DIR) Post #AXwBi5n4qsEYvgtbfs by mjg59@nondeterministic.computer
2023-07-22T01:45:08Z
0 likes, 0 repeats
My take on the Web Environment Integrity thing: I think this is a bad idea, but I also think people are (understandably, given context and the company behind it!) interpreting it in the worst possible light. There is a clear attempt in the design to mitigate the risk of it being used to enforce browser choice - I don't know that it would *work*, but they have at least attempted to prevent it being easy to block ad-blockers with it.
(DIR) Post #AXwBwDlxyHqhjv75Yu by migratory@jorts.horse
2023-07-22T01:47:32Z
0 likes, 0 repeats
@mjg59 I think it makes sense for us to be pessimistic given how much we have already lost. widevine is pervasive and unfingerprintable browsing is considered a lost cause
(DIR) Post #AXwC6gKQekRjCSDlFA by SnoopJ@hachyderm.io
2023-07-22T01:48:55Z
0 likes, 0 repeats
@mjg59 one of the more thoughtful things I've seen said about it is that it shifts power away from users and towards the orgs that own the servers. Cuts right through the minutiae to the core of what I find objectionable.
(DIR) Post #AXwCH0uMzpTLvFxV7Q by mjg59@nondeterministic.computer
2023-07-22T01:48:57Z
0 likes, 0 repeats
I don't see any way this could be made to work on non-mobile without massive changes to how existing operating systems work. I can't /imagine/ anyone choosing to lock out desktop users while still allowing mobile web, but plausible? It makes selling it as an "open web" solution massively more difficult, though.
(DIR) Post #AXwCUCJ5vXhH2WoHaK by mjg59@nondeterministic.computer
2023-07-22T01:50:13Z
0 likes, 0 repeats
And if it's deployed then the first thing that'll happen is someone will just start selling services to bounce your bot requests through a farm of legitimate Android devices for attestation purposes, so maybe we can argue that Google's attempting to encourage small business development
(DIR) Post #AXwCjCpAHnwKzIy1gm by josh@social.joshtriplett.org
2023-07-22T01:50:26.373447Z
0 likes, 0 repeats
I think it's *entirely* reasonable for any such proposal to not receive charitable interpretations unless it shows a good understanding of the landscape. Anyone working in that area in good faith should be spelling out, extremely carefully, "this area has the potential for abuse and severe damage and here's everything we're doing to prevent that". And this spec just...hasn't.
(DIR) Post #AXwCjDvECkNsOOoNmK by mjg59@nondeterministic.computer
2023-07-22T01:51:49Z
0 likes, 0 repeats
@josh They present a proposal for reducing the potential for abuse. I don't think it's a *good* proposal, but ignoring that they present it doesn't help the conversation.
(DIR) Post #AXwDD8bWXZpaaSrL6W by frumble@chaos.social
2023-07-22T02:01:36Z
0 likes, 0 repeats
@mjg59 When you consider this proposal being a five years project, it sadly gets more realistic. Remember that UHD-BDs and Netflix 4K playback is only possible on Windows with full HDCP 2.2 chain. The availability of locked-down OS' and hardware will be more common in a few years. That’s when they can simply restrict anything above YouTube 480p to this new integrity rubbish.
(DIR) Post #AXwDaaxnGfaPCaSegK by mjg59@nondeterministic.computer
2023-07-22T02:06:06Z
0 likes, 0 repeats
@marcan I don't think it can meaningfully work on desktop Windows - the hardware capabilities just don't exist. Apple have it easier based on being able to certify every actual Mac.
(DIR) Post #AXwEJ0mgcz521eRfii by mhoye@mastodon.social
2023-07-22T02:13:53Z
0 likes, 0 repeats
@mjg59 I don't see a plausible way for attestation to become feasible on the overwhelming majority of android devices already in the world that will never see an update, but it certainly would make it easy to decide that anyone who owns such a device is too unprofitable to be worth serving web pages to at all.
(DIR) Post #AXwET8kbraZ7d4Isfg by mcc@mastodon.social
2023-07-22T02:15:33Z
0 likes, 0 repeats
@mjg59 Not specifically to criticize your posts, but: I think the appropriate, really the *only* way to look at this is to assume the worst possible outcome, because entirely regardless of Google's intent (which I don't think I trust) it's not intent that matters, it's what the most bad-intent entity that exists in computers in ten years would do with the version of the feature that exists ten years after Google (promising good intent and mitigation, at first) introduces it.
(DIR) Post #AXwEnzYbEyEjCFd2xs by mjg59@nondeterministic.computer
2023-07-22T02:17:35Z
0 likes, 0 repeats
@mcc I agree! But I think framing it as "Here are some bad outcomes that this enables" rather than "This is an active attempt to cause the bad outcomes" results in a better conversation
(DIR) Post #AXwFA0HRESZHoJ67E0 by mjg59@nondeterministic.computer
2023-07-22T02:19:54Z
0 likes, 0 repeats
@mcc I don't have any real reason to believe that the authors are acting in bad faith when they say that websites are engaging in increasingly intrusive fingerprinting attempts to identify bots, and this is a proposal to achieve that goal without being as privacy compromising
(DIR) Post #AXwFA4W7TogkwzztfE by mjg59@nondeterministic.computer
2023-07-22T02:20:36Z
0 likes, 0 repeats
@mcc …but obviously it potentially enables some other bad outcomes that we may consider to be much worse!
(DIR) Post #AXwFS8dysKSexiHzPc by keithzg@fediverse.keithzg.ca
2023-07-22T02:18:24.266641Z
0 likes, 0 repeats
@mjg59 @marcan Does the Windows 11 hard requirement of TPM 2.0 change that at all? Windows does at least appear to be slouching towards an Apple-like scenario, even if it's far harder for it to get there.
(DIR) Post #AXwFSDEHpHsZBTJ2Ya by mjg59@nondeterministic.computer
2023-07-22T02:21:04Z
0 likes, 0 repeats
@keithzg @marcan At the moment, no, since nothing binds the TPM attestation to the actual system
(DIR) Post #AXwFbJjJ1loJx09mD2 by mjg59@nondeterministic.computer
2023-07-22T02:21:59Z
0 likes, 0 repeats
@keithzg @marcan Want a valid attestation? I can give you one! Avoiding this involves a shitload of infrastructure that doesn't exist and can't (given the nature of the PC market) come into existence quickly
(DIR) Post #AXwGTElLi8nUBPp71E by gourd@retro.pizza
2023-07-22T02:38:16Z
0 likes, 0 repeats
@mjg59 @keithzg @marcan Don't worry I'm sure that'll come with Windows 12 and generate a bunch more e-waste pointlessly like 11 is as well.
(DIR) Post #AXwGo3AnzlegJveenI by gourd@retro.pizza
2023-07-22T02:42:05Z
0 likes, 0 repeats
@mjg59 @mcc I think if they think they can create it without others hijacking it at Google for malevolent purposes they are actively delusional.
(DIR) Post #AXwIbtZi3Vdaz8dSIC by NireBryce@hachyderm.io
2023-07-22T03:02:13Z
0 likes, 0 repeats
@mjg59 i think a big thing informing the reactions is that, well, there's no actual route for accountability for the things that cause huge effects on People In Generalbut i also think people fail to realize that that's... always been the case, for better and worse
(DIR) Post #AXwU4ICvAJB2z9igFc by kmeisthax@pooper.fantranslation.org
2023-07-22T05:09:58Z
0 likes, 0 repeats
@mjg59 Experience from Android is that once you offer turnkey attestation lockout to developers (Play Protect/SafetyNet/DeviceCheck etc), it winds up infecting a lot of things that don't strictly need it.Social networks would be a good example. They can operate without attestation just fine - but they absolutely would tribute 1-5% of their users to get a >50% reduction in spam and abuse.
(DIR) Post #AXwUxjnyGA1EVMUIfw by garrett@mastodon.xyz
2023-07-22T05:20:30Z
0 likes, 0 repeats
@mjg59 A very similar thing happened when Google introduced SafetyNet on Android.It basically rendered third party ROMs useless, as you couldn't run banking apps, metro payment apps, streaming apps, games, and so many other apps that didn't really need it.Background: https://www.androidpolice.com/safetynet-deprecated-for-play-integrity-api/(SafetyNet is currently being replaced by Play Integrity, but it's even more of the same.)What they're suggesting for the Web is much more pervasive. ☹️
(DIR) Post #AXwfRVwPMw0JjgGsvQ by Rairii@haqueers.com
2023-07-22T07:17:47Z
0 likes, 0 repeats
@mjg59 @marcan what do you mean they don't exist? i expect an implementation in VTL1, possibly with some TPM functionality used, which includes the VTL1 root keys which are sealed to some PCRs.
(DIR) Post #AXwgqhIcNOKI9lERRg by mjg59@nondeterministic.computer
2023-07-22T07:33:57Z
0 likes, 0 repeats
@Rairii @marcan Just proxy the attestation request through to another machine that attests to legitimate state (eg by not having bootguard and just booting an entirely fake chain), there's nothing binding that attestation to you
(DIR) Post #AXwhOi5lw2BKSeRSj2 by Rairii@haqueers.com
2023-07-22T07:40:09Z
0 likes, 0 repeats
@mjg59 true
(DIR) Post #AXwhbkeni4IiBH2qVE by airtower@queer.af
2023-07-22T07:42:17Z
0 likes, 0 repeats
@mjg59 "Lock out desktop users while still allowing mobile web" is already happening, in the clumsy "you have to use our app for that" way. Sure, that's not really "mobile web" any more, but it demonstrates that locking out desktop (and mobile non-Android/iOS) users is something companies are totally willing to do. And then often those apps require ridiculous permissions and won't run on rooted phones. :meowTilt:
(DIR) Post #AXwk1JiIhvxG3R04sC by mjg59@nondeterministic.computer
2023-07-22T08:09:29Z
0 likes, 0 repeats
@airtower Apps can already do platform state attestation - Android and iOS both support that. This proposal doesn't change things in that specific respect, even if it could make things worse in others
(DIR) Post #AXwl0ztAW0nmWVUkiW by mjg59@nondeterministic.computer
2023-07-22T08:20:39Z
0 likes, 0 repeats
@airtower Or, put differently, I feel like anyone who wanted to make that choice has already made that choice
(DIR) Post #AXwlE4MFD9Lc9FKPUe by janl@narrativ.es
2023-07-22T08:22:57Z
0 likes, 0 repeats
@mjg59 *snort*
(DIR) Post #AXwmbzDE5qLP5t4vVg by karim@geiger.ee
2023-07-22T08:38:07Z
0 likes, 0 repeats
@mjg59 given that the proposal comes from Google we just have to assume they are going to build it just so they can once and for all remove ad blockers from the web. We all know this is the main reason behind it. And on desktop, there are attempts to do this, too. Take ChromeOS, or some (failed) attempts from Microsoft with Windows versions that only allow for Windows Store apps to be installed.
(DIR) Post #AXwmli8oQ06b2oePqa by starchturrets@mastodon.social
2023-07-22T08:40:07Z
0 likes, 0 repeats
@mjg59 @Rairii @marcan what if they require bootguard tho
(DIR) Post #AXwyEpmcBRr8dhMFTU by airtower@queer.af
2023-07-22T10:48:34Z
0 likes, 0 repeats
@mjg59 To a degree, yes. Though I fear something like that Google proposal might make it simpler and appear more acceptable.
(DIR) Post #AXx6e278H2gJkvTulM by resuna@ohai.social
2023-07-22T12:22:29Z
0 likes, 0 repeats
@mjg59 @marcan A major goal of Windows XP SP2 and later versions of Windows is to make it increasingly hard to bypass DRM. They quadrupled or more the resource requirements of Vista/Win7 to get DRM in the kernel as "trusted media paths".
(DIR) Post #AXxB4ARgJtqQwPoJQe by gnomicutterance@hachyderm.io
2023-07-22T13:12:23Z
0 likes, 0 repeats
@mjg59 @mcc I agree that they’re probably operating from good intent, but there comes a point when trying to solve a bear-proof trashcan problem (the bear: an android bot farm; the campers: real users with assistive tech or unusual browsers/distros) is such willful ignorance that it’s hard to not to ascribe malice.Developer brain & corporate brain bot are overly primed to want tech solutions to social problems. But folks at google have more, not less, responsibility to think things thorough.
(DIR) Post #AXxLAsgNl99vQ3WhuK by ncweaver@thecooltable.wtf
2023-07-22T15:05:17Z
0 likes, 0 repeats
@mjg59 Those who want to lock out desktop users already have by making their actual infrastructure access app-only...
(DIR) Post #AXzIJUbOkR0VnMWufo by monnier@oldbytes.space
2023-07-23T13:42:53Z
0 likes, 0 repeats
@mjg59 @josh Abuse of who by whom? AFAICT this is about protecting web-sites from being abused by their users!All users should be screaming bloody murder
(DIR) Post #AY0iiHNnxjUUy4HZmS by riking@social.wxcafe.net
2023-07-24T06:13:16Z
0 likes, 0 repeats
@mjg59 I think the only foreseeable outcome of this is cutting Firefox out of the web more than it already is (Cloudflare captchas).
(DIR) Post #AY17QLkpT87EAPbDJA by aaron@ubuntu.social
2023-07-24T10:50:11Z
0 likes, 0 repeats
@mjg59Am I interpreting these links correctly that the original motivations put humans seeing ads as the first example:https://github.com/RupertBenWiser/Web-Environment-Integrity/blob/main/explainer.mdBut the subsequent 'motivation' once people started taking about it moved to highlight cheating in online games etc instead:https://rupertbenwiser.github.io/Web-Environment-Integrity/?
(DIR) Post #AY1WD7MSAWKGcIz7Ue by jason@logoff.website
2023-07-24T15:27:02Z
0 likes, 0 repeats
@mjg59 conversation?Sometimes listening to all parties to arrive at mutually beneficial solutions makes sense.Other times, you don’t need to hear what they have to say, the only important outcome is to stop them by any means.This is the second thing.