this post was submitted on 09 Aug 2023
786 points (96.9% liked)
Technology
74055 readers
3450 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related news or articles.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
TL;DW version?
It's basically all the bad things that tech writers have already warned about, except shit just got real. Google is actually shipping WEI in Chrome and large important sites and services are no longer working except in Chrome and with Goggle's blessing.
The author makes a very good comparison with Android, where you need a locked-down device and Google Services installed to be able to use Netflix, or your bank's services.
The rest of the article dives into what WEI claims to achieve vs what it's actually doing, and who it really benefits. Good read if you're still unclear about that.
I was multitasking while watching but I'm pretty sure this is the idea.
Googles "web DRM" makes it impossible (or extremely difficult) to lie to a website about your browser, operating system, and whether or not you're human (or a bot). Websites can then use this info to deny access if they decide not to trust any of the info given.
This could easily be used to suppress the use of open source software which is probably why so many FOSS projects and foundations oppose it.
It doesn’t prove you’re not a bot though, only that the request is coming from a ‘genuine device’. You just need to pipe your malicious requests through a ‘real browser’ to get them approved and you’re set.
WEI could require secureboot, so you could no longer modify the OS or Chrome to "pipe" those requests.
How could I browser not know you're "piping" in commands tho? I don't know what qualifies as a bot but if input doesn't come from a keyboard or mouse they'll probably classify it as such.
DRM is easy to evade by those that want to evade it. I read something on mastodon the other day that was saying some cheater hackers are using direct hardware connections to their machines to cheat.
DRM makes it difficult for Joe six pack to easily pirate, use an ad-blocker, not use one of big brother's approved devices to get a paltry boner from watching Milf Island on Peacock, but it does nothing to people with the ways and means to get around these things...those evasive maneuvers are often illegal though.
DRM is a malignant technology just by its very nature, and this has been fought about for decades. But it's just simply not tenable to protect the content that is being replicated on demand by a customer paying for its replication from being replicated to others.
Seriously, think about how stupid the above is for a minute.
Couldn't agree more. The script kiddies might be out of luck but they'll just have to go back to side channels like torrents or Usenet where the experienced hackers show off the stuff they stole.
I love that bot that goes around and does it. No idea who made it etc but it's great.
The bot works with written stuff so idk if there's a TL;DW bot yet.
Ahh didn't see the youtube link even with the piped link below just the text article lol.
Summon the bot!
The bot works with written stuff so idk if there's a TL;DW bot yet.