This CL moves the base::Feature from content_features.h to
a generated feature from runtime_enabled_features.json5.
This means that the base::Feature can be default-enabled
while the web API is co...
The biggest problem is if Google can influence all the major websites (banks, e-commerce, news sites, streaming services, social media, etc) to adopt this standard.
They won’t even have to force them this time, they’ll do it voluntarily because it would mean they can serve unblockable ads, track users much better, and for banks it would actually increase security for the user (but also force you to consume their content how they want, preventing stuff like accessibility extensions).
If the bank has reasonable confirmation that the environment is not being tampered with (i.e. your session token is safe, you don’t have some malware extension or whatever) then it’s more secure. Definitely better for the average user.
Attestation like this is already a thing on phones and it’s definitely more secure.
The problem is that it can also be used for nefarious uses like locking down user choice, forcing them into stuff they don’t want, etc.
So your OS doesn’t use any proprietary blobs? Your (phone) OS doesn’t pass integrity checks? You don’t ever run any DRM blobs? Don’t use hardware with proprietary firmware? Is it all actual malware? (Hint: it’s not)
Doesn’t matter. Your definition of insecure is irrelevant in this context, I’m talking about security from regular attackers and protection for regular users. As long as your platform is secure and you trust the other end, you will be more secure.
Which, again, doesn’t mean it’s a good idea overall.
How can you know that? Do you know that literally every (even) consumer PC has a firmware chip that has complete access to the system, including networking, and runs even when the PC is off?
You think an OS is an issue compared to this?
Regular users, whose identities get stolen every other week? I’m trying to avoid the same fate.
You won’t get your identity stolen by your bank. If it’s by malware, that’s the exact thing attestation can help prevent. Anything else is irrelevant to this discussion.
Proprietary OSes aren’t secure.
Neither are non-proprietary OSes. But again, irrelevant to the discussion. We’re talking about additional security layers provided by (in this case) a browser, not necessarily the OS (though proper attestation needs to be fully verifiable from the bottom up, from firmware level up to application level).
Partially. The Blink browser engine used in Chromium is a fork from WebKit but it’s diverged quite a bit in some ways I believe. But there’s a lot more that goes into the project. For example, V8, the browser’s JavaScript engine.
Would it be possible to create a fork of chromium to avoid google’s influence?
The biggest problem is if Google can influence all the major websites (banks, e-commerce, news sites, streaming services, social media, etc) to adopt this standard.
They’ve done it before with AMP.
They won’t even have to force them this time, they’ll do it voluntarily because it would mean they can serve unblockable ads, track users much better, and for banks it would actually increase security for the user (but also force you to consume their content how they want, preventing stuff like accessibility extensions).
Banking is less secure when you do it on a proprietary operating system. That’s what scares me the most.
If the bank has reasonable confirmation that the environment is not being tampered with (i.e. your session token is safe, you don’t have some malware extension or whatever) then it’s more secure. Definitely better for the average user.
Attestation like this is already a thing on phones and it’s definitely more secure.
The problem is that it can also be used for nefarious uses like locking down user choice, forcing them into stuff they don’t want, etc.
Proprietary operating systems are malware. If your environment passes WEI, then that is proof that you are not secure.
So your OS doesn’t use any proprietary blobs? Your (phone) OS doesn’t pass integrity checks? You don’t ever run any DRM blobs? Don’t use hardware with proprietary firmware? Is it all actual malware? (Hint: it’s not)
Doesn’t matter. Your definition of insecure is irrelevant in this context, I’m talking about security from regular attackers and protection for regular users. As long as your platform is secure and you trust the other end, you will be more secure.
Which, again, doesn’t mean it’s a good idea overall.
Proprietary firmware. It’s bad, but proprietary OSes are much worse.
It won’t if I replace the stock OS. Which I probably should…
If only that were possible…
False equivalence. Proprietary OSes send telemetry. Firmware doesn’t.
Regular users, whose identities get stolen every other week? I’m trying to avoid the same fate.
Exactly. Proprietary OSes aren’t secure.
I’m not even sure why I’m trying to argue with you, but let me address a few points one last time even if I doubt you’re doing so in good faith.
How can you know that? Do you know that literally every (even) consumer PC has a firmware chip that has complete access to the system, including networking, and runs even when the PC is off?
You think an OS is an issue compared to this?
You won’t get your identity stolen by your bank. If it’s by malware, that’s the exact thing attestation can help prevent. Anything else is irrelevant to this discussion.
Neither are non-proprietary OSes. But again, irrelevant to the discussion. We’re talking about additional security layers provided by (in this case) a browser, not necessarily the OS (though proper attestation needs to be fully verifiable from the bottom up, from firmware level up to application level).
And fuck AMP, it’s a fucking travesty.
Not really, since Google develops Chromium.
FireFox receives most of their funding from Google, even though they’ve come out as opposing this plan. They have next to no market share.
The only other browser engine that can seriously compete with Chromium is Safari.
And Safari also has attestation.
Isn’t Chromium/Blink a fork of WebKit?
Partially. The Blink browser engine used in Chromium is a fork from WebKit but it’s diverged quite a bit in some ways I believe. But there’s a lot more that goes into the project. For example, V8, the browser’s JavaScript engine.
No, because the forks are not blessed and will therefore be denied access.