Request for Mozilla Position on an Emerging Web Specification Specification Title: Web Environment Integrity API Specification or proposal URL (if available): https://rupertbenwiser.github.io/Web-E...
Google (The company behind Chrome) wants to create a type of DRM for web pages. Google claims that this will help with things like bot traffic, spam, etc.
Mozilla (The company behind firefox) is opposed to creating this DRM because it has no benefit to the end user and is likely to be harmful to the openness of the internet.
Google tried to exert control on the internet with web manifest v3 and now again here. Letting google dictate web standards is a mistake. Using Firefox shows companies they need to support more than chrome.
If it wouldn't be good at proving users are human, there are probably other motives at work, like putting Google in charge of approving or blocking every piece of web content and every browser for viewing it, and removing the user's control over how the content is presented.
Google wants to add a feature to the browser where a website can (in a fairly confident and secure way) ask about key facts about the browser environment in the name of security. The kinds of details may be like: What is the browser in use? Has the browser been altered? Are certain plugins active? What kind of OS is in use?
The exact details aren't really defined yet, but the idea is to be able to provide confidence via answers to these types of questions to the website so they can make decisions based upon these details.
People are (very much rightly) strongly against this since it will only really result in locking down web functionality to environments in the name of security, and there will be a lot of collateral damage in the process while helping browser monopolization.
Using this, websites could lock their use to certain browsers (much more than what's already possible). Websites could prevent access if certain plugins are enabled (think privacy or adblocking plugins). Websites could prevent access to linux users because "they're probably hackers".
Ultimately, this represents a big change into the insight & power a website has in regards to the user browser environment, and is a big risk to the open web, hence why Mozilla are against it.
Blocking ad blockers has to be the real reason behind this convoluted bullshit. Google gets the lion’s share of its revenue from ads. The whole thing is a Trojan horse destined to make things better for them at our expense. The mere proposal is already accelerating my shift away from their products.
Google wants to implement a system that will check if the version of the website that you have loaded on your computer is identical to the one that was intended. They say this will prevent fraud and improve security, but the most relevant impact for end-users is that ad blockers and any other customization you do to websites will prevent you from accessing critical Internet services. The fear is that Googles massive share in the browser will allow them to push this through regardless of consumer opposition.
Mozilla opposes a proposal because it goes against their principles and vision for the Web.
They believe that any browser, server, or publisher that follows common standards should be considered part of the Web.
Standards are designed to be independent of specific hardware or software, allowing for a wide range of devices, operating systems, and browsers to access the Web.
This diversity of choices promotes accessibility and overcomes personal obstacles.
Mechanisms that restrict these choices harm the openness of the Web and are not beneficial for users.
The proposal's use cases rely on the ability to detect non-human traffic, which could hinder assistive technologies, automatic testing, and archiving and search engine spiders.
These tools require access to content intended for humans in order to transform, test, index, and summarize it.
The proposed safeguards are unlikely to be effective and fail to address these concerns adequately.
Mozilla acknowledges the importance of addressing fraud and invalid traffic but finds the proposal lacking in practical progress for the listed use cases and highlights clear downsides to its adoption.
Basically, the proposal will allow websites to check if there is a real user on the other end, instead of a robot. It uses a DRM style token system to do it. The problem is that this would restrict the web to just those browsers that have an implementation of the DRM. The only implementations of the DRM available are from Google, Apple, and Microsoft. Anyone not on a browser approved by the big 3 would no longer be able to use the web.
It won't check people are a real user, only that they are using the enforced software. Many bot farms will use the correct software. One was recently found in Ukraine and it had shed loads of sims and hardware. They will easily meet and pass the tests.
I don't know how technical you are but it looks likes this is a security token api to validate the trust of the environment. I believe that google is trying to propose a universal standard for everyone to use.
I think Firefox is standing negative because they want choice not 1 standard. This is the best I can do without going down a rabbit hole
Google is so big that it can't be avoided. They shouldn't have a monopoly on the internet. I am surprised they haven't been hit by anti trust laws along with the other big tech.*
They get hit by anti trust every day but for Google its just cost of doing business. Google is bigger and powerful than some government so Googs don't give 2 shits about anti trust.