💾 Archived View for bbs.geminispace.org › u › Ruby_Witch › 3387 captured on 2024-05-12 at 18:48:25. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2024-05-10)
-=-=-=-=-=-=-
Re: "Well, every big corp in the World Wide Web is closing their..."
This proposal is for DRM for the web. The attestation tokens will be provided by the user's OS or some program with low-level access running on the OS. If you read their explainer, this is said explicitly.
These kinds of DRM schemes have historically come with a multitude of drawbacks, the easiest to see for this being OS compatibility. Jailbroken android versions, your favorite Linux distribution, or even older versions of Windows may never develop compatibility with this "feature" if it is implemented.
DRM is never good for users. The "benefits" described for users are against theoretical harms, while the benefits listed for businesses are actual reductions of privacy for users. This should not be implemented.
2023-07-22 · 10 months ago
☕️ Morgan · 2023-07-22 at 14:09:
Thanks @Sm0key :)
Scepticism is important!
Google can certainly make bad decisions and it's useful if people can argue or otherwise take action against that.
For that to happen, I find it's important for the discussion to be accurate.
As a point of fact, Google does not track and sell everything about you that they can. This is public information because Google's ad products are public; and advertisers have to know what they are paying for, or there is no point in having it. So you can just sign up as an advertiser (it's free) and take a look.
I know a fair bit about online advertising and have written in detail about it on my gemlog (circadian.gemlog.org).
The difference between what people seem to worry about and what actually happens is pretty big. I sometimes wonder if this might be the result of a sneaky propaganda campaign to intentionally cloud the issues; possibly as a result, there does not seem to be any clear distiction made in commentary (e.g. in mainstream media) between tech companies behaving well and tech companies behaving badly. This seems like a win for the badly-behaved companies, which is why I would strongly prefer more accuracy. This stuff matters.
Re: ad blockers, in my post "How Online Ads Work" I explained why "opt-in" ad blockers increase ad value, so they're not something ad companies urgently want to get rid of. This is true except for a special case where ads are not actually ads, they are just there to intentionally annoy you so you want to pay to get rid of them.
Re: "kill off all non-google-approved browsing", that's the same point as the "holdback mechanism" discussion, i.e. exactly what they are discussing to figure out how to <not> do. So, it looks like they are aware of that problem, at least ;) given that it's a top level goal in the proposal I hope they come up with a solution everyone can feel relaxed about.
Thanks.
☕️ Morgan · 2023-07-22 at 14:16:
Thanks @Ruby_Witch.
That again goes to the same point, and what they call the "holdback". They propose to force a portion of browsers that _could_ provide attestation to provide nothing.
That way, they would force website owners to treat clients without attestation as first class citizens, or lose a sizeable number of guaranteed-real users.
I've no idea if that's workable in practice but it seems like a creative solution to the problem.
Re: benefits and harms, I'm not sure I follow you there. If I understood correctly, websites are already using browser fingerprinting to build the equivalent feature. The proposal is to replace this with something less privacy invasive, because it's intentionally minimal to do what's "needed".
It's not an area I know a lot about, but that's what I got on first reading.
Thanks.
🦉 ResetReboot [OP] · 2023-07-22 at 15:07:
That's the thing with everything Google has done back in the Don't Evil era. They were good things, but they gave the company an edge on everything Internet related and they've been turning it into the things we see nowadays about tracking and surveillance capitalism.
Then we get these technologies they have been pushing through claiming better privacy and security... sorry, but I think we have more than enough to just suspect for the worse in anything Google proposes for now, how we have been never able to trust anything Microsoft have been doing at the OS level.
☕️ Morgan · 2023-07-22 at 18:53:
@ResetReboot suspecting the worst is the best way to give engineering input, anyway :) so it's fair enough. It's an interesting idea/feature/misfeature--thanks for posting :)
I dunno, maybe I am too naïve--I kinda feel like the battle has moved on here, as with my post "What dystopia?" and idiomdrottning's response. I mean ... it's open source, discussed in public, open working groups ... there are other browsers that are compatible, also open and well supported ... it feels like the tech part is great.
Now I think it's more a problem of, okay, the tech is great, but are we using it right.
No harm in being vigilant about the tech getting worse, of course--imagine where we'd be if nobody had built a good-enough iPhone rival in time--but it doesn't worry me overly just right now.
🦉 ResetReboot [OP] · 2023-07-22 at 20:28:
@Morgan Yeah, I mean, constructive input regarding the dangers of certain technologies, can help. But in the end, we are seeing a lot of power to decide to put certain technologies into the hands of a corporation (and only one at that) to say "This is what Internet should be like".
Just like the other day, one Geminaut was lamenting how hard is to set up your own email server if you expect it to work with certain provider. And does it have ever deterred spam, all that tech? No, my spam folder keeps getting filled daily and what keeps it usable are the filters. But it has deterred anyone with the know-how to put up their email server if they wish to. I see the same potential here.
☕️ Morgan · 2023-07-23 at 06:10:
Hmm, I haven't had problems with spam for years; but maybe my setup is unusual: my own domains forwarding to free email.
I like this setup because I control the domain and can switch actual email providers if I like. Also, I forward everything @ the domain, so I can give out a different email address to every signup/contact. This means I can tell who leaked the email address I gave them.
The only time I remember it not working well is one company had a problem on their side causing their forwarded emails to be marked as spam ... they could only send successfully direct to the free address.
I use nearlyfreespeech.net for domain management and email forwarding, they also do minimal spam filtering but I never had problems there.
I guess the downside is cost. Email is tied so much into account access and online identity that it seems worth it to have long term control.
Well, every big corp in the World Wide Web is closing their open access to their sites and APIs, so it was only time Google decided the World Wide Web is *their* API and close it to be used the *approved way*. Link to Reddit, beware. [https link] Google's New Web Environment Integrity (read DRM)