Skip to content
This repository has been archived by the owner on Nov 2, 2023. It is now read-only.

It is impossible to achieve the stated goals. #108

Open
duesenklipper opened this issue Jul 21, 2023 · 6 comments
Open

It is impossible to achieve the stated goals. #108

duesenklipper opened this issue Jul 21, 2023 · 6 comments

Comments

@duesenklipper
Copy link

This is basically the DRM problem all over again.

The overview claims that a goal is to increase security by knowing the clients, but that has never worked, and I don't think it can. You have to ensure the security of your service on the system you run, server-side. Relying on the client for security is bad practice.

The overview itself admits that this can lead to lockout of unfavored clients. Given the history of the web ("best viewed in IE6") and the massive dominance of Chromium/Blink, I think it is inevitable that this kind of lockout will happen. Especially for "niche" OSes outside of Mac, Windows, iOS and Android.

Since it relies on the client software being a particular known thing, it also significantly impacts any open source clients where users might want to run custom versions. This is directly against the spirit of the open web and I don't see how that could ever be reconciled.

The only use case for this that I can see is to make adblocking impossible. Because that is the only goal that actually can only be done client-side, unlike all other stated goals.

So, while I'm trying to be friendly and professional, I don't see a real way to be constructive on this, because the proposal can never meet the stated goals. This should simply not be done.

@zb3
Copy link

zb3 commented Jul 21, 2023

The stated goals are so vague it's even impossible to constructively discuss about them. The authors dismiss users' concerns, but since the term "abuse" was not defined, it could as well include the use of ad blocking software, why not? What defines abuse?

Actually, I don't mind security as long as it acts in my interest, and I think most users would feel the same. But we all know that what can be used for security is also actively used against users and this can be seen in the Android ecosystem.

I don't see why U2F / biometric authentication with dedicated devices wouldn't solve problems like bot traffic, malware intercepting requests, bruteforce and so on.
It's just that users'd never want to use it when clicking on advertisements, and I suspect this is why Google wants attestation instead...

@zb3
Copy link

zb3 commented Jul 21, 2023

Dedicated "trusted" devices are not a bad thing, it's just that Google abuses them to shove ads and tracking which is why users are so opposed to them.

@Gladox114
Copy link

The stated goals are so vague it's even impossible to constructively discuss about them. The authors dismiss users' concerns, but since the term "abuse" was not defined, it could as well include the use of ad blocking software, why not? What defines abuse?

I see Ads very abusive because they track you on a dangerous level and are sometimes very disturbing and unappropriate. Ad blocking is a fundemental security feature and a must to be used.

The only way ads would be not abusive is when they are filtered from disturbing content and don't track you at all.

Besides disturbing ad content, I see ads that show a "Download here" button and similar also as something that is abusing its place as ad and be banned.

So adblocking is in most situations not abusive and even a standard feature someone should use to not get into trouble.

@duesenklipper
Copy link
Author

I wouldn't actually mind ads if they weren't all over what I'm actually interested in, and if they weren't tracking me. Show me ads without keeping me from what I want to do, and without mining my personal information, and I won't have to use adblockers in self-defense.

Taking this away means I won't want to use your services or your software any longer. That would be okay if it were just some random company trying to compete, they would just fold like all the other failed DRM experiments of the 2000s. But through Chromium, Google has such a massive amount of control in today's web that they could actually pull it off, and do irreparable damage.

As said in #116, the only plausible goal for this is gatekeeping/forcing ads. I'm trying to comment with the assumption of good faith on behalf of the authors, but between that and the heavy tone-policing, it's increasingly hard to keep that assumption alive.

@adryzz
Copy link

adryzz commented Jul 21, 2023

This is basically the DRM problem all over again.

yeah, whitebox encryption is a scam and is fundamentally flawed

@kepstin
Copy link

kepstin commented Jul 21, 2023

A particularly interesting contradiction here comes from the Non-goals section of the explainer. This states that it is not a goal to "Enforce or interfere with browser functionality, including plugins and extensions."

Browser extensions are commonly used to modify the appearance or functionality of sites. Some examples include accessibility reasons (adjusting colour contrast or click target sizes for accessibility), functional reasons (adding additional shortcut buttons to a site to support an uncommon workflow), privacy reasons (preventing network accesses to third party tracking services), and of course blocking advertisements (combination of preventing network accesses, and altering appearance of sites).

If it is not a goal of this specification to interfere with browser functionality, including plugins and extensions, then it is necessary to enforce that attesters cannot refuse to attest, and cannot give a worse rating to, browsers which support fully featured extensions - regardless of which extensions are installed or in use. Also, if a page uses attestation apis, this must not prevent a browser from running extensions on that site.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

No branches or pull requests

5 participants