I guess because of the web environment integrity API proposed by Google. It enables your browser to tell the website it hasn’t installed AdBlock or any other undesired add on. This is marketed as improving security, but will mainly be used to block browsers which block adds.
I mean for some rare specific usages it could be usefull like ensuring bank webpages integrity or similar but mostly and the main usage would be for what you said.
It doesn’t though - it basically ensures your device settings.
Is that integrity? Maybe - if the attester code is flawless and handles all situations perfectly, it could theoretically add to integrity, but that’s not a realistic outcome
It’s not designed for that. It can only block the site - it doesn’t add to security, it takes away from it.
Say a bank designs their own attester - suddenly you have code that, if compromised, is always run in the most privileged execution context, in a way the user can’t control right before you enter your bank password
And big plus for google: it can be extended very well. The site sees any extension installed, if the browser is headless. So only google can use bots in the future and can rake in all the ai training profits and sell all the searchengine ads.
It’s not just open to Google and it doesn’t stop there either. Amazon could refuse to work if you’re on a phone and don’t have their app, or it could tell you to uninstall the Alibaba app before using
The possibilities are endless, and all benefits to be had are on the corporate side
Why?
I guess because of the web environment integrity API proposed by Google. It enables your browser to tell the website it hasn’t installed AdBlock or any other undesired add on. This is marketed as improving security, but will mainly be used to block browsers which block adds.
I mean for some rare specific usages it could be usefull like ensuring bank webpages integrity or similar but mostly and the main usage would be for what you said.
It doesn’t though - it basically ensures your device settings.
Is that integrity? Maybe - if the attester code is flawless and handles all situations perfectly, it could theoretically add to integrity, but that’s not a realistic outcome
It’s not designed for that. It can only block the site - it doesn’t add to security, it takes away from it.
Say a bank designs their own attester - suddenly you have code that, if compromised, is always run in the most privileged execution context, in a way the user can’t control right before you enter your bank password
And big plus for google: it can be extended very well. The site sees any extension installed, if the browser is headless. So only google can use bots in the future and can rake in all the ai training profits and sell all the searchengine ads.
Wei is a lot more than ad block control.
It’s not just open to Google and it doesn’t stop there either. Amazon could refuse to work if you’re on a phone and don’t have their app, or it could tell you to uninstall the Alibaba app before using
The possibilities are endless, and all benefits to be had are on the corporate side
I knew there‘d be some people with actual knowledge of the matter. Thanks for mentioning it.