I’m getting here too late for this to be visible, but fuck it.
The difference is Apple doesn’t pass any information on to the website. It just tells the website whether or not it passes their integrity check. Your web environment gets the Apple stamp of approval or it doesn’t, that’s all the sites will know.
Googles shit is going pass actual information about the browser state, add-ons, and the device to the site so they can restrict access based on any criteria they choose. That creates endless more avenues for abuse by giving the websites the ability to judge you for themselves and micromanage how you are allowed to visit their site.
Apple’s is the equivalent of a metal detector before walking into a building. It will go off but it doesn’t violate your privacy or enable targeted screening by telling anyone what it detected.
Google’s is the equivalent of a strip search, where it will drop your clothes and pictures of your junk onto the property managers desk so they can decide if you’re worthy to enter. Maybe they don’t like your brand of underwear, or a tattoo you have, and refuse to let you in.
It’s hardly OK for Apple to be doing even that either, you know. Who the fuck does Apple think it is, to be entitled to “attest” to a goddamn thing?!
The notion that anyone can “attest” to users’ caputured-by-DRM status is fundamentally toxic to the Internet as a whole and must be resisted at all costs and by any means necessary, legal or illegal.
Your comment was on the top for me, Lemmy’s default “hot” sorting brings fresh takes to the front, so don’t worry too much about your answers always getting buried.
The entire problem with this proposal is that it limits client choice, similar to how Google Play integrity API on Android restricts some apps from running on rooted/unlocked phones.
That same problem obviously also exists in Apple’s implementation.
I’m getting here too late for this to be visible, but fuck it.
The difference is Apple doesn’t pass any information on to the website. It just tells the website whether or not it passes their integrity check. Your web environment gets the Apple stamp of approval or it doesn’t, that’s all the sites will know.
Googles shit is going pass actual information about the browser state, add-ons, and the device to the site so they can restrict access based on any criteria they choose. That creates endless more avenues for abuse by giving the websites the ability to judge you for themselves and micromanage how you are allowed to visit their site.
Apple’s is the equivalent of a metal detector before walking into a building. It will go off but it doesn’t violate your privacy or enable targeted screening by telling anyone what it detected.
Google’s is the equivalent of a strip search, where it will drop your clothes and pictures of your junk onto the property managers desk so they can decide if you’re worthy to enter. Maybe they don’t like your brand of underwear, or a tattoo you have, and refuse to let you in.
It’s hardly OK for Apple to be doing even that either, you know. Who the fuck does Apple think it is, to be entitled to “attest” to a goddamn thing?!
The notion that anyone can “attest” to users’ caputured-by-DRM status is fundamentally toxic to the Internet as a whole and must be resisted at all costs and by any means necessary, legal or illegal.
Your comment was on the top for me, Lemmy’s default “hot” sorting brings fresh takes to the front, so don’t worry too much about your answers always getting buried.
Can you post any source at all that would back your claims? Or any technical details at all?
Neither the actual proposal https://github.com/RupertBenWiser/Web-Environment-Integrity/blob/main/explainer.md#what-information-is-in-the-signed-attestation, nor the article itself seem to show that there would be a difference when it comes to privacy.
The entire problem with this proposal is that it limits client choice, similar to how Google Play integrity API on Android restricts some apps from running on rooted/unlocked phones.
That same problem obviously also exists in Apple’s implementation.
i love seeing comments like this at the top for some reason on here
Transmitting that info to Apple is still a problem. Why do you trust Apple, but not Google?
Google’s version will likely ask you first, and you’ll know which sites are asking for it. Apple’s won’t.