looks like rendering adblockers extensions obsolete with manifest-v3 was not enough so now they try to implement DRM into the browser giving the ability to any website to refuse traffic to you if you don’t run a complaint browser ( cough…firefox )
here is an article in hacker news since i’m sure they can explain this to you better than i.
and also some github docs
Google Chrome (v42.12.0183, MULTi5) [FitGirl Repack]
It’s going to be very annoying to find new cracks every week
Just google it.
Excuse me but would you happen to have the link to the 100% real ONE LINK no-fake MegaUpload version?
–>since everyone is confused about this i’m gonna try to explain as best as i could and also clearing some misconceptions:
1# why this is such a big deal ?
if this gets implemented AND it gets widely adopted websites now can refuse to give you content if you are running a non complied browser, remember those website that say “oh you are using an ad blocker so disable it to access our site” they can detect this by various methods but ultimately all of them rely on running a JavaScript into your browser. which you guessed it, its easy to modify and tamper with manually or using extensions
now what WEI-API does is that it can verify the integrity of the web page ( JavaScript/HTML/CSS has not been modified ) and even tell the website what extensions - ad blocker detected no content for you - you are using and what browser you are using - firefox or brave detected no content for you - and do not be fooled into thinking that this can be spoofed. and website owners who think that they are running a business not a charity will implement this.
2#will using firefox save me?
if this gets widely adopted and you inevitably encounter a website that require this ( for your job ,school or your bank ) you have no choice but to use chrome just like when your banking apps refuse to work because your phone is rooted which means that SAFETY-NET is broken
3#why this is a threat to begin with?
this is only viable if the web adopt it so why bother?, well guess what google is famous for making its services very easy to integrate and well documented just look on how easy it is to integrate google analytics and google adsense* into websites and how many of them use it in the internet.
4#what can we do to prevent this?
this is my personal opinion but i think we simply can’t, this not like the reddit incident were very large portion of the user base was upset most people don’t know/care/give-a-fuck about web technologies and how they work.
#and Finally “but google said they don’t plan to use this to fingerprint you (Device ID) or track your browser history or interfere with the work of extensions”
do you really believe that a company like google whose bread and butter is advertising would not make it easier for themselves, a company who has been exposed time and time again for lying and having ulterior motives ( you don’t need to look far just look into what manifest-v3 did )
remember those website that say “oh you are using an ad blocker so disable it to access our site”
I can easily imagine this not being a necessary, anymore. Just let the website using this WEI API automatically disable all browser extensions on a WEI-enabled site. Why not, after all? Why should you dictate the traffic you receive on your computer? Why should you own anything?
I will happily stop visiting any website that demands I use an approved browser.
Well, those of us who care all say that but I for one have to access government and banking websites in several countries, if they implement this I have no choice. This abomination must be prevented in the first place.
You can use Chrome for those websites if they completely break, and Firefox for everything else.
Banks and government websites don’t tend to have adverts.
Do you require ad blockers with these? This use case sounds like the intention of the feature, not like the perversion we’re headed for now.
Agreed.
We can criticize the EU, but they would not allow or force people to install Chrome in order to access government web sites.
You won’t have a choice if it’s a bank or your job. This is the truly insidious thing, if enough important websites start demanding the standard, you might just end up forcing yourself off of the internet with that attitude
There would have to be very significant reasons for a bank to do that.
Like what? The only reason I’ve seen is laziness. Several banks in my area still require IE for some of their more elaborate online services. It’s typically limited to business users, but they’re still requiring it; to the point where they have a team of support agents that remote connect and reconfigure edge to run an IE-mode tab to the site, and install all their malware on your PC to make the service work. With the proper effort the whole thing could be reduced to little more than a chrome/firefox/opera/edge/safari/whatever extension…
But they don’t. because they’re lazy.
What Banks do this? USAA doesn’t, and that’s what I use.
I’ve zero issues swapping banks if needed.
On the consumer front, almost everything has a web interface layer over the grotesque monster that actually runs the services.
For any business accounts, banks are an entirely different monster. If you’ve only ever used consumer services, you’ll never know the disgusting mess underneath it all. Banks have only done this much for consumers because if they didn’t, they would have either lost, or never attracted any of the modern generations to their services, namely millennials, and all those who came after.
The older generation for the large part, is happy to continue using IE, and walking into a bank to do whatever they need to… But starting with millennials, having browser agnostic web based services to do simple things like bill payments, account to account transfers, balances and transaction records, and most don’t need much more than that.
One of the more recent, and possibly most egregious examples was a cheque scanner for a business, which was a USB attachment to a client’s workstation for bringing in payments in bulk, rapidly. Think about it like the mobile cheque deposit in your favorite banks app, but on steroids. The bank provided the cheque scanner, and a business login page for the service. The way it operated, from what I could see, is that it required special drivers from the bank for the device, and a series of custom ActiveX plugins, which, as expected, only work with IE. The entire process was essentially to take a high resolution scan of the cheque, and dump the image into the website (I presume, securely), to submit the payment to the bank. This process would be complete in a matter of seconds when it’s running correctly. From what I saw from what the bank technician did, remotely, was to load the site in edge, force it to display in an IE tab, then adjust the drivers and signing of ActiveX control to validate and submit the scans.
The mobile deposit does the same but much slower, potentially taking minutes to capture the cheques image and fill in all the details, per cheque. Meanwhile this process could literally process a dozen cheques in the same amount of time. What kills me is that mobile deposit is basically the same thing and they have the structure for it already. It should be relatively trivial to adapt the process to use the cheque scanner to submit the images of the cheque, compared to basically having to registry hack each client computer to work with the antiquated system instead; but they do it anyways.
I was asking for a list of Banks, not multiple paragraphs I’ve no interest in reading.
All of them.
So you’re taking your experience, with banks only local to you, and extending that as a blanket statement for all banks…
Please list all these banks near you that require IE?
I’m a totally separate person, and I can also verify that forcing business users to use IE for certain services is definitely a thing.
I’m not sure what your point is? It’s not necessarily going to apply to ALL banks, but it’ll probably apply to SOME of them, and that will suck if it happens to be your/my bank.
oh, I also want to point out that you completely ignored my question; you said “There would have to be very significant reasons” and I asked what that was, and instead of responding with a clarification on what is required as a reason for a bank to actually do the thing, you attacked my position asking for more clarity on which banks were actually doing this, I’m sure in an effort to minimize the scale at which my experience is relevant, yet other lemmings have already chimed in to say that they have also witnessed the same lazy behavior.
Classic misdirection. So, what justification is required for banks to actually innovate? The only thing I’ve seen from banks is them trying everything they can not to; so I’m genuinely curious what justification is required to actually make a bank do something.
Please list all these banks near you that require IE?
yes.
I used to work at a credit union in IT. I can confirm financial institution laziness knows no bounds. Separate from their laziness is the vendor compatibility. I can’t count how many vendors do not update their software to run on modern browsers and relied on specific IE instances. Adding to all that is just the institution itself having decades old hardware and software because modernizing things can be incredibly expensive. The core my company used was incredibly outdated Unix and required a ton of different middleware just to make sure we were compliant where absolutely necessary. If it wasn’t necessary nothing got done. And that’s better than a lot of banks that could be running on some COBOL based core. Completely redoing the core will affect every middleware crap solution they’ve patchworked together to keep running over the past few decades and will be insanely resource, cost, and time intensive.
Even these days at my current company I run into this shit. Huntington bank requiring IE for check processing, or SAGE DB software requiring 2013 Access or else it won’t work. These are huge companies still utilizing outdated piles of garbage.
You won’t have a choice if it’s a bank
Time to find a new bank.
your job
I’m self employed so I aint worried about that.
They don’t need everyone to comply, just the vast majority.
Which is why it’s important to encourage and educate as many about it as possible now.
… Until all the sites you absolutely need to use in order to *function in society *require approved devices with proper tracking.
So you fight it now by switching away from Google as much as you can.
Stop using Google products I don’t know how else to fucking say it.
Chrome -> Firefox Drive -> sync or Dropbox or any number of options Sheets and productivity tools > libre office or Apache open office YouTube -> Invidious or even better, odysse Google search -> duck duck go, SearXNG, StartPage, etc Gmail -> not a ton of great options. I’d probably recommend proton mail but the FOSS email world is definitely lacking, or gets blocked or goes down, harder to self host etc.
deleted by creator
helped with formatting:
Chrome -> Firefox
Drive -> sync or Dropbox or any number of options
Sheets and productivity tools > libre office or Apache open office
YouTube -> Invidious or even better, odysse
Google search -> duck duck go, SearXNG, StartPage, etc
Gmail -> not a ton of great options. I’d probably recommend proton mail but the FOSS email world is definitely lacking, or gets blocked or goes down, harder to self host etc.
And I agree for sure. In order I use firefox (and brave sometimes), Proton Drive, Apple Productivity suite (pages, numbers etc), and either startpage or qwant, and proton mail. I do still use use YouTube Premium, but the point is Google doesn’t need to have its fingers in every aspect of my digital life.
While I get your spirit… Dropbox belongs to google too 😂 they are everywhere! Worse than the plague.
For many people, Google controls the entire network stack from their ISP, router, OS, DNS, their browser, all the way down to the platform hosting the content they watch.
Google has captured such a wide part of the Internet that any changes they make will have at least a moderate effect on our lives. Even if we don’t use any Google services.
The only thing that can stop them is probably the EU at this point. And I’m sure Google has a plan for that.
i didn’t write the quoted list, just helped the OP with his formatting. I use proton drive, not dropbox.
I had no idea Proton Drive was a thing. I’ll switch to it, Dropbox is becoming incredibly obnoxious with the advertising popups and notifications.
YouTube -> Invidious or even better, odysse -> or even, even better, PeerTube
Nextcloud technically does much of what Drive does, but my instance is buggy lol
Still, costing me nothing to run for now, AWS 12 month free tier. Will move to a VPS somewhere not-aws before that’s over.
deleted by creator
Immich is getting pretty darn close, close enough that you could genuinely have a think about what features really matter to you, vs the cost of privacy lost continuing to use Google Photos.
Proton mail for sure!! Great great great! Cant stop recomending
Yea i love Protonmail. I haven’t had one issue with it.
FYI, you need two new lines (hit Enter twice) to actually get a new line in Lemmy.
Two new lines One new line.
Can also add two spaces at the end of line to force line break
Is there a reason behind this?
It’s standard markdown afaik. Two new lines creates a new paragraphs, two spaces and one new line creates just a new line.
Markdown treats single newline breaks as being a line wrap in a long text flow
Because Reddit does it? 🤷♀️
Nah its part of the markdown specification
That’s actually a bit of a relief to learn. I didn’t want to believe it was simply because Lemmy was trying to copy Reddit, but I just didn’t know enough to see any other reason.
Wait. Sync offers file storage? I thought it was just to sync up your Firefox sessions across multiple devices.
Or am I confusing services with similar names?
I think they’re referring to the storage service at sync.com, not Firefox Sync.
Correct
How do you like it? Would you prefer it over dropbox, or not really?
I’ve been migrating to sync from Dropbox after hearing too many reports of Dropbox scanning user content for things they deem objectionable. I like the end to end encryption, but I have found the mobile experience on iOS to be lacking. It seems to have trouble integrating with Files and uploading files directly via the iOS share menu. Annoying but not a dealbreaker.
I prefer it to drop box, it’s a better service and I believe not owned by Google like drop box it
Gawd damn, I didn’t know Google acquired Dropbox in 2010. Ok. Time to move.
But what makes Sync a better service? A better UI?
What’s the replacement for Android?
Look, it’s an unpopular opinion and many will disagree with me, but while Apple does certain things to restrict you from customizing your experience, they’re doing far less to destroy the open Internet than Google. So if you need a fully featured OS (which degoogled custom Android ROMs might not be, if you need banking for an example), it’s still an alternative for now, until Linux mobile experience gets better.
On iOS, there’s no browser extensions (for e.g. ad blocking), no alternative browsers, and no FOSS apps of any kind. That platform is extremely hostile to the ideals of computing freedom.
Like I said, it’s a better (for privacy) alternative to stock Android when you need a fully functional operating system. If you can stand to lose the oppressive Google functionality, you can go degoogled Android or preferably Linux (if you don’t care about battery life or app availability).
Linux, but that’s not a viable option. I would use degoogled Android OSs. GrapheneOS, CalyxOS, e/os, and LineageOS are some of the popular ones.
Question, I use Google docs a lot cause I like the sync and it’s convenient when I write something like a book on my computer and then can add more on my phone and it syncs. Does Apache open office do that? I would like to switch if all this chrome stuff is bad but I use all of it all the time
look into syncthing paired with local-first notes application (obsidian or similar), or simple text editor. work like a charm in my case.
Alright, thanks, I’ll try those out!
Ok I really like Obsidian! The interface is really clean! I might still need to look for a proper word processor (I guess I could use libreoffice) but I also use geany as a notepad++ substitute and it’s really nice too. I still gotta look into setting up syncthing though
I generally would recommend Libreoffice over AOO but not sure about cloud sync options
Interesting. Well, I did find Gnumeric in my search for a simple spreadsheet app for making flashcards with, so TIL something new I guess my “cloudsync” can be using syncthing or just backing up to a flash drive lol
I really really want to move from google workspace, google photos and google drive. I used it all to backup a 16TB archive, sharing photos with family and friends and keeping my personal files in the cloud and synched across computers. I used a Synology to backup the archive from the computer locally to the Synology and offsite to google drive. But here’s the thing, I’m a somewhat PC and Mac-savvy technical guy, but purely GUI. Is moving to Nextcloud on my synology going to be as easy as moving to google drive? I’m a little scared TBH. There are so many ways of installing next cloud and doing 3-2-1 backups and I don’t have time to handle a little error on a Synology destroying my whole workflow for days… Someone give me hope.
How is the worlds biggest ad distributor also the worlds biggest browser maker without it being an anti-trust violation?
Because it is legal in the US to bribe politicians and this company has a lot of money
Also doesn’t help that half the people supposedly in charge of cracking down on this kind of thing in the US belong in an old folks home. Most of them don’t even comprehend the issue.
I’m surprised I haven’t heard any pushback on it from the EU though.
Well anti-trust would get in the way of profits, you see
deleted by creator
Yeah, sure, it’s always the same story:
- Chrome adds a shitty anti-user “feature”
- Firefox users say “no come to firefox we don’t have that!”
- 3 months pass
- Firefox adds the same “feature” because it’s the standard now!!
I’m a Firefox user myself but I really hope something new comes along that actually cares about its users
You’re saying this like Firefox is adding the shitty standard because they want to, and not because Google used their monopoly to force adoption of the shitty standard forcing Firefox to follow suit if they don’t want their users to have a broken experience.
If Google introduces a shitty standard to YouTube and Firefox doesn’t adopt it, do you honestly think users are going to care or understand and blame Google? No, they’ll get pissed because they think Firefox broke YouTube and they’ll move to Chrome.
This exact situation played out with shadow DOM, Google implemented it into YouTube while it was still a draft standard, so all non-Chrome browsers ran worse because they had to use a polyfill.
That is why we’re telling people to stop using Chromium. If they didn’t have this monopoly none of this would be possible. Mozilla has some issues as an organization, but do honestly you think the better choice is letting an advertising company decide how the web works?
This is exactly why everyone should use fully idenpendted browser like Firefox
Users like visiting websites that are expensive to create and maintain, but they often want or need to do it without paying directly. These websites fund themselves with ads, but the advertisers can only afford to pay for humans to see the ads, rather than robots.
Won’t you think of the poor poor ad companies?
Half the internet now seems to be bots creating content purely for the enjoyment of other bots. Typing any kind of difficult question into a search engine will now have you dodging a minefield of AI generated articles, none of which contain any useful information other than what they’ve scraped from other AI generated pages.
Wait, is this google basically admitting they’ve been scamming advertisers by taking their money to show ads to bots?
Nobody considers the plight of the humble sprawling multinational corporation and their army of lobbyists.
Users like visiting websites that are expensive to create and maintain
Do they actually, or is that just all they have to visit anymore? Would users not be happier visiting a bunch of cheap geocities pages with blink tags instead of tracking cookies?
It’s all about how far we can push the user and how much the user is willing to pay. Gotta squeeze and close all avenues of escape, so they tolerate some more.
Time for me to start donating to Firefox. Need to do my part to make sure Chrome doesn’t complete its monopoly
You can’t legally donate to Firefox, as it is developed by a Corp (Mozilla Corp.). Donations go to Mozilla Foundation, which does… other things with you money. In other words, your money don’t go towards FF development.
However in theory the more self sustaining the Foundation is, the less the Corp needs to support it.
I don’t think it works like this. Anyway, your money, your choice.
I believe under US laws, it’s the opposite. The more donations a nonprofit receives, the more money it can earn though for-profit subsidiaries. I.e. the more donations, the more money the foundation can take out of the corporation.
Ofc both are interested in a sustainable relationship though.
Good to know
Except websites can just drop support for incompatible browsers.
So then stop going to those websites. It’s a viable way to protest.
Yeah, but be realistic. They aren’t going to miss us, the 7% who already block ads and mostly don’t pay for anything, anyways.
Unfortunately they will also have to adapt to this. Or some popular websites will stop working and most common users won’t care and leave firefox.
Giving into this billionaire blackmail won’t help. We have to come together and crush google.
Ad Blocking is cyber security
Every once in a while I help a family member or friend out with their machine and am stunned when I see the web without an adblocker. It honestly reminds me of the malicious early 2000s porn and “free downloads” sites… but it’s everywhere now, like cnn and eBay and shit. First thing I do is install Firefox and ublock origin, and mostly for their security.
Youtube has also been running basically porn ads on “for kids” youtube channels as well and my kindergarten aged niece and nephew have been exposed to that shit. Adblock is 100% cyber security AND for kids safety.
100% agree. The few times I have to turn off uBlock because it is breaking some obscure website it is always an awful experience. Auto-playing videos, ads taking up half the screen, and those annoying as fuck cookie banners. I can’t imagine using the internet without an ad/cookie blocker. I accidentally turned it off on Lemmy for a while and it was the only site that I didn’t immediately notice.
It’s always nice when you look at uBlock Origin and it says
connected: 1 out of 119/19 right here on lemmy.ca
Huh? When I visit lemmy.ca, it also shows me 1/1
Opening the debug console shows that it connects to other lemmies, like the originating one here, lemmy.dbzer0.com.
Yeah okay, that makes sense. Federated network with dozens of different servers and all that
I said this in another thread, but a lot of the internet is unusable without uBlock Origin IMO.
It’s the shadowy lands run by bots that only unsuspecting bots go to.
You remember browser toolbars? People would have 3 of them at once, having no clue where they got it from nor how to remove it.
Good times.and am stunned when I see the web without an adblocker.
True, True, it’s damn near unusable. You take it for granted what a job your blocker is doing for you.
I installed uBlock Origin on clients computers when I worked at Geek Squad, even.
It kinda makes sense. All the people who know better already use an ad blocker so they don’t know what it’s really like and all the people who don’t know to use an ad blocker don’t know any better and that’s just what the internet looks like.
The FBI recommends using an ad blocker: https://www.ic3.gov/Media/Y2022/PSA221221
Malvertising (a portmanteau of “malicious software (malware) advertising”) is the use of online advertising to spread malware.
It typically involves injecting malicious or malware-laden advertisements into legitimate online advertising networks and webpages.
Because advertising content can be inserted into high-profile and reputable websites, malvertising provides malefactors an opportunity to push their attacks to web users who might not otherwise see the ads, due to firewalls, more safety precautions, or the like.
Malvertising is “attractive to attackers because they ‘can be easily spread across a large number of legitimate websites without directly compromising those websites’.”Just as noscript and pop-up/new tab blockers are.
A better quote
I quit the internet before I quit Firefox.
Same. I feel like this will just push me offline. I refuse to relinquish control over my system.
I work at a vpn/adblocker company and we just finished releasing an updated mv3 extension that does block ads effectively (among other things) but the feature set is limited vs mv2 because of the changes. Furthermore, google has actually pushed back their mandated release schedule for mv3 compliance because something less than 30% of the extensions on their store are anywhere close to ready for it (which if they pushed ahead with mv3 they would effectively break 70% of what’s on there overnight).
The DRM shit is just next-level bad though. Enshitification 101.
The thing is mv3 is not needed nor wanted by anyone, they are actively shoving an unnecessary product down our throats to show us more ads.
I will keep on using Firefox and Librewolf until the web goes back to webpages that load in text only browsers in less than 2 secs
Guess why I don’t use the Chrome ecosystem and don’t depend on Google.
Unfortunately, you don’t have much of a choice. If a lot of websites start using this implementation, Firefox will have no choice but to implement this, otherwise a lot of websites will be broken.
I have a choice of not using these sites nor enabling antifeatures like DRM support in Firefox now or likely its libre future forks.
Sticking to free/libre has been good to me in the last 30 years. I don’t intend to change that.
I personally switch between IceCat and LibreWolf occasionally which I believe will cut out this feature, but if Chrome implements this feature, expect Firefox to follow suit within a couple of months once usage ramps up on platforms like Nflx etc
I will not back down, as the fight for a free internet is important to me, but it is not important to Firefox, before everything else, Firefox wants higher userbase to earn more money.
Yes, Mozilla has been slowly taken over, so the time where I could stick to stock Firefox is drawing to a close. I think a useful community supported fork will emerge by that time.
The tor browser itself should just do ehat you want (without connecting to tor itself)
Yes, that is also an option I’m aware of.
This would include YouTube, mail, drive, maps, search which I use daily. And it will be baked into android, and possibly Mac os so it supports the latest standard.
My guess is that sooner or later google chrome will show scary warnings “this site does not support dem, here is a link why this is bad!!!” In the browsers address bar to get users and webmaster to adopt the DRM.
I rarely use Youtube, but this would help boost free/libre alternatives. I use Gmail web, which means Thunderbird-only or switching back to my own mailserver. Drive, there is Nextcloud. Maps, I mostly use Osmand. Search, I use ddg but here’s good point to use p2p and speciality search engines. Android, guess why I’m using Lineage OS. OS X, guess why I’m using Linux, or could switch to *BSD.
Google can continue to devolve into a shittier version of a walled garden that is Apple.
Front ends might not be classified as approved environments, though…
Other poster is right, those aren’t the only applications around that do those things. If you know its wrong why do it?
Yeah looks like I’m going to have to start moving off as best as I can as well.
Don’t think I can do it completely but I’ll try my best.
They want to go back to the days of websites requiring internet explorer… just this time with their browser. Even though getting away from that culture is most of the reason people ever switched to chrome. I will say though, just using firefox for everything you can isn’t enough of a protest. If this goes the way Google (Alphabet I guess) wants it to, you bank will require you to use a browser with DRM. You will be forced to use a browser whose source code you can’t verify as secure, to access your bank. And that is where the protest lines need to be drawn. If your bank does that? Send your message. Close the account. Take back your money. Now I’d personally do this for everything possible, but that would be a looooot of time spent getting very little across to companies that don’t care if you visit their site. Taking money from banks though? Yeah it might be a whole process where you gotta request it, verify in person, wait a week to get the cash, and THEN close it, but so what? A couple hours of doing stuff and then a week of business as usual before a couple more hours opening a new bank account. That’s more than worth doing to send a REAL message.
Why would my bank care which browser I use? Their business model isn’t based on showing me ads.
Why do banks require "safety"net on their apps now? The safest roms specifically don’t have the security nightmare that is google play services, and banking apps are always the hardest to get working.
It is a symbiotic relationship. Regulators hear about the next wave of compromised online banking, add some law requiring whatever, banks are stuck having to comply and in comes google with “Hey this great webDRM/safetynet/playprotect totally complies with this”, which it doesn’t really but google has the capabilities to lock up any legal processes about it for years when they bring in the next thing and repeat. Banks in large part know it’s bullshit but don’t care, they’re off the hook (They are the ones doing 2 factor by making the banking app on your phone require a confirmation in your tan app on your phone to make a transaction, they don’t give a rats ass about the safety of their systems).
Banks get someone shielding them from regulations for cheap, google gets partners that can help them lock you in their proprietary system, and you get extra work on your rooted phone and can’t fully remove play services.
I notice the big American banks’ apps don’t care, as long as a compatible implementation of Google Play Services is available. Nor does my American bank seem to care that I do my desktop banking in Firefox on Linux. Is this an issue only in specific countries?
making the banking app on your phone require a confirmation in your tan app on your phone to make a transaction
I’m afraid I don’t know what you’re talking about here. I don’t have to give any kind of confirmation to make a transaction. What’s a “tan app”?
I could go into the conspiratorial 4D chess I’m sure google is playing, but let me ask this instead: Does you bank not have any captchas, anywhere in the flow of accessing/using their website? Cause if they do, I hope you know google is absolutely going to advertise DRM requirements as the best tech for fighting bot traffic. Even if Google wasn’t doing anything like offering cheap training to their standards to influence the future of the cybersecurity space, that would be PLENTY to get a looooot of big corporations, including banks, to use it.
No captcha’s for any of my banking services. I don’t know how effective captcha’s are anyways. I suspect slow cooldowns are probably more secure.
Huh, neat. Regardless, I think google will find a way to sell it or they wouldn’t be invested in it so much, but point taken. I just saw a lot of people commenting on other places about how this is hopeless and there’s no way to protest and wanted to give a solid example of how it could be done effectively.
Criminals will crack the DRM in short order—they always do—so that idea won’t last long.
And no, the DRM can’t be updated to fix the vulnerability if it’s implemented in firmware. Not without shutting out absolutely everyone whose computer/phone is more than 3 years old, and there’s not a snowball’s chance in hell that banks will do that when half of their customers are old farts with decade-old computers and an “if it ain’t broke, don’t fix it” attitude.
Wait were they seriously looking to implement it at a FIRMWARE level? jesus that’s just stupid.
If they implement it in hardware, then fixing vulnerabilities is completely impossible instead of only mostly impossible.
I was just expecting it to be something built into chrome, similar to how drivers need to be signed to run in windows, they’d force you to use browsers Signed By Google to be verifiably compliant with the DRM. It seems like the easiest option for them and the most well understood since it’s been used for drivers for so long
If they implement it in pure software, then it’s easy to crack.
They’re not going to wrap Chrome in Denuvo because that would ruin its performance. The last thing they want is for Firefox to be not only faster but dramatically faster. Performance is a big part of how Internet Explorer lost its market share. And even if they do wrap it in Denuvo, Empress will no doubt show them the error of their ways.
So yes, I expect they will use firmware/hardware, presumably TPM or Microsoft Pluton, to implement this.
