The much maligned “Trusted Computing” idea requires that the party you are supposed to trust deserves to be trusted, and Google is DEFINITELY NOT worthy of being trusted, this is a naked power grab to destroy the open web for Google’s ad profits no matter the consequences, this would put heavy surveillance in Google’s hands, this would eliminate ad-blocking, this would break any and all accessibility features, this would obliterate any competing platform, this is very much opposed to what the web is.

    • jarfil@beehaw.org
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      Certs only prevent others from making it look like it was you, they don’t stop someone from exploiting a vulnerable webapp you might be hosting, or using a misconfigured mail server as a relay.

      If you have anything open to the public, then you either have to keep it read only, or stay on it to make sure it’s updated, secured, sanitized, and so on.

      Personally, I’ve switched to using client side certificates, so everything is effectively “not public”.