I think a lot of people here don’t understand the danger of this fully and dismiss it with “Just use Firefox, problem solved”.
Unfortunately, once this becomes widely available, that is once Chrome ships it, websites will start to use it.
Maybe Amazon will just not sell to you anymore when you’re browsing with Firefox?
Maybe YouTube wont serve any videos if you’re using Linux?
Your bank will certainly implement this and only allow Windows 11 with Edge or some shit like that.
Once this is implemented, we will all suffer, even if we’re using better alternatives right now.
My brother in Christ, it was 2020 before my bank supported passwords longer than 8 characters. We have 30 or 40 years before we need to worry about the banks.
The google SafteyNet Attestation is the precursor to browser DRM. It’s essentially phone DRM.
There are many banks that have apps that require you to pass at least the basic level attestation, if not the CTS profile matching that fails the moment you modify any system level resources, even the bootloader
luckily you can force disable CTS so it falls back on the basic level, for most apps at least. You will never have access to Google or Samsung pay though, as it actually knows your phone model should support CTS and will autofail if it no longer reports that it does.
Alongside that apps like Pokemon GO and Netflix also require at least basic attestation to function - demonstrating the DRM and anticheat capabilities of such a system.
This can help you pass CTS. It worked for me. Funny thing is, I don’t even remember which app I did it for. Whatever it was, I ended up not using it after all the trouble. As for my banking apps, they only care about root, so Magisk’s denylist does the job.
Banks in europe are much more up to date with tech.
They have APIs to sink transactions with external providers like nordigen API.
They have 2FA that is linked to your national identity card which is chipped
Nationally used apps that are universal 2FA linked to national IDs that banks, medical, and government services all tap into
Everything is contactless payment nowadays, the US just recently started contactless cards
Inter-bank transfers without external apps like venmo
There are MANY problems with EU people getting their banks to work on a rooted phone.
They will absolutely implement DRM if someone sells the bullshit to them under the illusion of “safety.”
Hell, the US had handwritten “vaccine cards” for covid while European nations even had open source user spinoffs on nationally funded apps linked to national IDs to manage COVID vaccination and testing passes.
Technically the idea is that if Chrome has barely any market share (will never happen, but let’s pretend), they cannot implement this as it will anger and lock too many users out of day to day life.
However…
With Google Search and YouTube being by far the most 2 popular websites in the world, I think they still could. The vast majority of people would never give those up and if they’re told to use another program to access them, they absolutely will, meaning in an ideal world with a browser competition, they can easily destroy it immediately.
Would apple just roll over on this? Or would they fight to make sure safari is also an option to freely use the internet (or at least severely limiting apples ability to do something similar) And websites that depend on ads, the number of Firefox and safari users have to be greater than the number of users who use ad-blockers. So wouldn’t it negatively affect ad income on websites if they implemented it and cut out all non-chromium browsers?
I think a lot of people here don’t understand the danger of this fully and dismiss it with “Just use Firefox, problem solved”.
Unfortunately, once this becomes widely available, that is once Chrome ships it, websites will start to use it.
Maybe Amazon will just not sell to you anymore when you’re browsing with Firefox?
Maybe YouTube wont serve any videos if you’re using Linux?
Your bank will certainly implement this and only allow Windows 11 with Edge or some shit like that.
Once this is implemented, we will all suffer, even if we’re using better alternatives right now.
My brother in Christ, it was 2020 before my bank supported passwords longer than 8 characters. We have 30 or 40 years before we need to worry about the banks.
Some banks are still running windows 98 internally, admitedly so long as said system isnt connected to the internet it should be fine.
This isn’t true, this can’t be true and I refuse to believe it.
I sincerely hope that your local ATM never crashes and you never have to see the windows xp logo.
Lol, not to mention Cobalt and other horrors that are lurking in Legacy systems no one has looked at in 50 years.
I’m thinking mainframe terminals, where the character has to be in the right place on the screen in order to store something in RAM.
Even worse, how many systems are still using punch cards? How often do those cards need to be replaced?
deleted by creator
I’m glad you’re liking it.
Have you ever rooted an android phone?
The google SafteyNet Attestation is the precursor to browser DRM. It’s essentially phone DRM.
There are many banks that have apps that require you to pass at least the basic level attestation, if not the CTS profile matching that fails the moment you modify any system level resources, even the bootloader
luckily you can force disable CTS so it falls back on the basic level, for most apps at least. You will never have access to Google or Samsung pay though, as it actually knows your phone model should support CTS and will autofail if it no longer reports that it does.
Alongside that apps like Pokemon GO and Netflix also require at least basic attestation to function - demonstrating the DRM and anticheat capabilities of such a system.
https://github.com/Magisk-Modules-Repo/MagiskHidePropsConf
This can help you pass CTS. It worked for me. Funny thing is, I don’t even remember which app I did it for. Whatever it was, I ended up not using it after all the trouble. As for my banking apps, they only care about root, so Magisk’s denylist does the job.
Yes, US banks.
Banks in europe are much more up to date with tech.
They have APIs to sink transactions with external providers like nordigen API.
They have 2FA that is linked to your national identity card which is chipped
Nationally used apps that are universal 2FA linked to national IDs that banks, medical, and government services all tap into
Everything is contactless payment nowadays, the US just recently started contactless cards
Inter-bank transfers without external apps like venmo
There are MANY problems with EU people getting their banks to work on a rooted phone.
They will absolutely implement DRM if someone sells the bullshit to them under the illusion of “safety.”
Hell, the US had handwritten “vaccine cards” for covid while European nations even had open source user spinoffs on nationally funded apps linked to national IDs to manage COVID vaccination and testing passes.
Technically the idea is that if Chrome has barely any market share (will never happen, but let’s pretend), they cannot implement this as it will anger and lock too many users out of day to day life.
However…
With Google Search and YouTube being by far the most 2 popular websites in the world, I think they still could. The vast majority of people would never give those up and if they’re told to use another program to access them, they absolutely will, meaning in an ideal world with a browser competition, they can easily destroy it immediately.
Google search has become very bad and is easily replaced by basically any search engine. YouTube is still unparalleled though.
Doesn’t that also mean they lose customers or possible transactions which could have made them money?
It’s IE6 all over again.
Would apple just roll over on this? Or would they fight to make sure safari is also an option to freely use the internet (or at least severely limiting apples ability to do something similar) And websites that depend on ads, the number of Firefox and safari users have to be greater than the number of users who use ad-blockers. So wouldn’t it negatively affect ad income on websites if they implemented it and cut out all non-chromium browsers?
I think apple would figure out some very creative ways to fuck it’s customers, some more.
Did Firefox even say that they would not implement it as well? Are there any informations on that?
They said they would not: https://github.com/mozilla/standards-positions/issues/852