Ho letto il paper: https://github.com/RupertBenWiser/Web-Environment-Integrity/blob/main/explainer.md
Sarà un mio problema, ma non mi è chiaro come tecnicamente si possa assicurare che la funzione navigator.getEnvironmentIntegrity() dica la "verità" all'attester senza cooperazione da parte del dispositivo su cui gira il browser, e non mi sembra che il paper entri nel dettaglio. Lo stesso paper ha un capitolo intitolato "Open Questions" dedicato proprio ai rischi che stanno venendo paventati e - a parole - sostiene di voler tutelare l'Open Web: https://github.com/RupertBenWiser/Web-Environment-Integrity/blob/main/explainer.md#open-questions Concordo sul fatto che la cosa sia potenzialmente problematica, e si fa bene a tenere gli occhi aperti, ma tutto ciò che ho letto fino ad ora in merito mi appare fumoso. Ad ogni modo, i regolamenti UE non vietano pratiche come quelle che si pensa verrebbero messe in atto? Fabio Il giorno mar 1 ago 2023 alle ore 09:55 Giacomo Tesio <giac...@tesio.it> ha scritto: > > Using a free browser is now more important than ever. > We've written recently on this topic, but the issue we wrote > about there was minor compared to the gross injustice Google > is now attempting to force down the throats of web users > around the world. > The so-called "Web Environment Integrity" (WEI) is the worst > stunt we've seen from them in some time. Beginning its life > as an innocuous, if worrying, policy document posted to > Microsoft GitHub, Google has now fast-tracked its development > into their Chromium browser. At its current rate of progress, > WEI will be upon us in no time. > > By giving developers an API through which they can approve > certain browser configurations while forbidding others, WEI is > a tremendous step toward the "enshittification" of the web > as a whole. Many of us have grown up with a specific idea of > the Internet, the notion of it as a collection of hyperlinked > pages that can be accessed by a wide variety of different > machines, programs, and operating systems. > WEI is this idea's antithesis. > > Compared to its staggering potential effects, the technical > means through which WEI will accomplish its ends is relatively > simple. Before serving a web page, a server can ask a third-party > "verification" service to make sure that the user's browsing > environment has not been "tampered" with. A translation of the > policy's terminology will help us here: this Google-owned server > will be asked to make sure that the browser does not deviate in > any way from Google's accepted browser configuration, precluding > any meaningful use of the four freedoms. It is not far-fetched > to imagine a future in which sites simply refuse to serve pages > to users running free browsers or free operating systems. > If WEI isn't stopped now, that future will come sooner than we think. > > While Web Environment Integrity has a policy document that attempts > to explain valid ways in which it could be used, these are all > non-issues compared to the way that we know it will be used. > It will be used by governments to ensure that only their officially > "approved" (read: backdoored) browsers are able to access the > Internet; it will be used by corporations like Netflix to further > Digital Restrictions Management (DRM); it will be used by Google > to deny access to their services unless you are using a browser > that gels with their profit margin. > > Once upon a time, Google's official policy was "don't be evil." > With the rapid progress they've made on Web Environment Integrity > in such a short time, we can say very safely that their policy > is now to pioneer evil. > As we write this, talented and well-paid Google engineers and > executives are working to dismantle what makes the web the web. > Given that Google is one of the largest corporations on the planet, > our only hope of saving the Internet as we know it is a clear and > principled stance for freedom, a collective upholding of the > communal principles on which the web was based. > > Let us repeat: there is absolutely no legitimate justification for WEI. > The use cases that the policy document highlights are nothing compared > to its real use case, which is developing a method to obtain complete > and total restriction of the free Internet. > > We urge everyone involved in a decision-making capacity at Google > to consider the principles on which the web was founded, and to > carefully contemplate whether Web Environment Integrity aligns > with those principles. > We hope that they will realize WEI's fundamental incompatibility > with the free Internet and cease work on the standard immediately. > > And if they don't? Well, they ought to be ashamed. > > > https://www.fsf.org/blogs/community/web-environment-integrity-is-an-all-out-attack-on-the-free-internet > > Dopo tutti questi anni di Google, sperare che gli sviluppatori di > Google si vergognino di ciò che stanno facendo è estremamente ingenuo. > > Può però essere utile a chi legge i suoi lobbisti più o meno > insospettabili, sapere a cosa Google sta puntando da anni. > > > Ma come con ChatGPT e Microsoft/OpenAI, anche in questo caso vedremo > spuntare come funghi allucinogeni diversi utili idioti pronti a difendere > a spada tratta la povera Google che non vuole altro che proteggere > i poveri utenti... dalla propria libertà. > > Loro non si vergogneranno, ma noi potremo indignarci disgustati. > > > Giacomo > _______________________________________________ > nexa mailing list > nexa@server-nexa.polito.it > https://server-nexa.polito.it/cgi-bin/mailman/listinfo/nexa _______________________________________________ nexa mailing list nexa@server-nexa.polito.it https://server-nexa.polito.it/cgi-bin/mailman/listinfo/nexa
