Apple has deployed a system called Private Access Tokens that allows web servers to verify if a device is legitimate before granting access. This works by having the browser request a signed token from Apple proving the device is approved. While this currently has limited impact due to Safari’s market share, there are concerns that attestation systems restrict competition, user control, and innovation by only approving certain devices and software. Attestation could lead to approved providers tightening rules over time, blocking modified operating systems and browsers. While proponents argue for holdbacks to limit blocking, business pressures may make that infeasible and Google’s existing attestation does not do holdbacks. Fundamentally, attestation is seen as anti-competitive by potentially blocking competition between browsers and operating systems on the web.

  • Scrubbles@poptalk.scrubbles.tech
    link
    fedilink
    arrow-up
    142
    ·
    1 year ago

    “Sorry, your device appears to be running Linux, please only use approved Apple or Windows devices to log in, with our required surveillance system pro installed. Thanks.”

  • Neato@kbin.social
    link
    fedilink
    arrow-up
    47
    ·
    1 year ago

    Expect corporations to be lazy. Just look at how every website handles cookies now. They could do it smartly, limit their cookie exposure, or only send the messages to IPs in the EU. But they just put an “accept all cookies or get out” OK box on your screen. And that’s what they’re going to do once attestation gets popular.

    Sites will just require an attestation token and likely only accept ones from Safari and Chromium browsers since those are the ones pushing it. That will effectively make Firefox, Opera and other browsers incompatible with those websites. And once it catches on or becomes law somewhere, it’ll be the entire internet. It’s an extremely anticompetitive measure and it’s internet-wide DRM. Fuck. that.

    • HeartyBeast@kbin.social
      link
      fedilink
      arrow-up
      17
      ·
      1 year ago

      But they just put an “accept all cookies or get out” OK box on your screen.

      Which doesn’t comply with GDPR

      • blindsight@beehaw.org
        link
        fedilink
        arrow-up
        16
        ·
        1 year ago

        Which only affects companies doing business in the EU. Granted, that’s most of the big players.

        Very grateful for the EU to unfuck most of the world from a lot of American regulatory capture.

    • BubblyMango@lemmy.wtf
      link
      fedilink
      arrow-up
      4
      ·
      1 year ago

      Opera is chromium based though.

      You dont even need this DRM bullshit to become law. Chrome will simply put a warning before entering websites without it that goes “this website doesnt use name of a technology the user doesnt understand and therefore might be dangerous”. Thats it. Every and all websites will immediatly implement this DRM bullshit or die.

  • theneverfox@pawb.social
    link
    fedilink
    English
    arrow-up
    16
    ·
    1 year ago

    I’m with you there, but that seems like a reason to fight

    This would very likely be added to cloudflare by default (it would lower their costs), and that would put a solid chunk of the Internet behind the blackwall

  • vacuumflower@lemmy.sdf.org
    link
    fedilink
    arrow-up
    6
    ·
    1 year ago

    Actually I like this.

    All those people who’ve been trying to keep corporate technologies “open” were, in fact, working for the corporations to make people come to them. Most unknowingly, maybe. It’s just, well, litany of Gendlin case. You rely on corporate power, even if you are trying to hide it and talk about “open Web”.

    The most important thing is that we take ideologically corporate technology where it’s not needed (there’s been plenty of hypertext systems in history, some kinda successful, and all that JS and AJAX stuff and various frameworks on top are so complex not because of any usefulness, but because of the corporate goal of backward compatibility, lumping everything together and even intentional complexity to cut off competition, and a single space).

    We’d be just fine with a bunch of incompatible between themselves Hypercard-like things working over network. That’s what I think.

    I really dislike Apple for what they’ve been in my somehow conscious years (born 1996), but things like Hypercard and Hotline (or KDX) from their older time seem to be just the right way to use personal computers.

    Any single space with propaganda of “fragmentation being bad” is either not immune to what has happened to the Web, or already compromised.

  • sin_free_for_00_days@lemmy.one
    link
    fedilink
    arrow-up
    1
    ·
    1 year ago

    If a website doesn’t want me to see their shit, then I guess i won’t see their shit. I already have some sites that don’t work because of my aggressive use of lists on my pihole, in addition to the usual browser plugins. If a site doesn’t work now, I just move on. I don’t give a shit about any site enough to put up with this type of bullshit.

    • kent_eh@lemmy.ca
      link
      fedilink
      arrow-up
      3
      ·
      1 year ago

      If a website doesn’t want me to see their shit, then I guess i won’t see their shit

      That’s how I react to Twitter and Facebook requiring login to even view most things.

      Whatever you’re showing isn’t important enough to be worth me making an account.

    • esaru@beehaw.org
      link
      fedilink
      arrow-up
      0
      ·
      edit-2
      1 year ago

      To see how your approach works, try using the Internet with Javascript turned off for reading text. You will realize you can’t organize your life nowadays without bowing to what websites do technically.

      • Big P@feddit.uk
        link
        fedilink
        arrow-up
        0
        ·
        1 year ago

        You can’t use websites when you disable a major piece of functionality? Shocker

        • esaru@beehaw.org
          link
          fedilink
          arrow-up
          1
          ·
          edit-2
          1 year ago

          Why would Javascript be a major piece of functionality for a website that is based on text articles?

    • Amju Wolf@pawb.social
      link
      fedilink
      arrow-up
      0
      ·
      1 year ago

      What if it’s your bank’s website? Or email provider? Or literally anything else you actually have to choose and can’t pick? “It’s okay because I don’t think it affects me / I can ignore it” is always a bad reason to allow a bad thing happen.

  • qwertyqwertyqwerty@lemmy.one
    link
    fedilink
    arrow-up
    0
    ·
    1 year ago

    Back to the days of using a different web browser for each website. I remember the acid test, IE 5.5, etc. Not fun as a user or web developer.