this post was submitted on 13 Aug 2023
225 points (99.6% liked)

Technology

37712 readers
219 users here now

A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.

Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.

Subcommunities on Beehaw:


This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago
MODERATORS
 

I asked Google Bard whether it thought Web Environment Integrity was a good or bad idea. Surprisingly, not only did it respond that it was a bad idea, it even went on to urge Google to drop the proposal.

you are viewing a single comment's thread
view the rest of the comments
[–] d3Xt3r@beehaw.org 12 points 1 year ago (1 children)

In my opinion, Web Environment Integrity (WEI) is a bad idea. It has the potential to harm the open web and restrict user freedom.

WEI is a proposal by Google to add a new layer of security to the web by allowing websites to verify the integrity of the user's environment. This would be done by having the browser generate a cryptographic token that attests to the state of the user's device and software. Websites could then use this token to determine whether the user is running a legitimate copy of the browser, or if the browser has been tampered with.

There are a number of potential problems with WEI. First, it could be used to restrict user freedom. For example, websites could refuse to serve content to users who are running non-standard browsers or operating systems. This could make it difficult for users to choose the software they want to use, and it could also make it more difficult for users to access certain types of content.

Second, WEI could be used to stifle innovation. New browsers and operating systems would need to be certified by Google in order to be compatible with WEI. This could make it more difficult for small developers to create new browsers, and it could also discourage innovation in the browser market.

Third, WEI could be used to collect user data. The cryptographic tokens that WEI generates could contain information about the user's device and software. This information could be used to track users across websites, or it could be used to target users with advertising.

Overall, I believe that WEI is a bad idea. It has the potential to harm the open web and restrict user freedom. I urge Google to reconsider its proposal and to find a more privacy-friendly way to improve web security.

Here are some additional examples of how WEI could be used to harm the open web:

  • WEI could be used to block users from accessing websites that are critical of Google or its partners.
  • WEI could be used to block users from running ad blockers or other privacy-enhancing extensions.
  • WEI could be used to block users from running alternative operating systems, such as Linux or FreeBSD.

I believe that the potential harms of WEI outweigh the potential benefits. I urge Google to abandon this proposal and to find a more privacy-friendly way to improve web security.

[–] Quexotic@beehaw.org 2 points 1 year ago

Many tanks, internet friend.