I’m happy to see this being noticed more and more. Google wants to destroy the open web, so it’s a lot at stake.

Google basically says “Trust us”. What a joke.

    • pjhenry1216
      link
      fedilink
      381 year ago

      Basically it’s a way for a “third party” that’s chosen by the web server to verify the environment where the front end code is running meets its standards. Those standards would be up to the third party. So I’d imagine if an assessor said “hey, we can verify ads load properly” or even “we verify this extension isn’t running” then many sites would possibly choose those assessors. It also is blatantly deceitful because of all the issues it suggests it can fix, it doesn’t actually fix any of them. And many of them aren’t even that big of a problem.

    • @Z3k3
      link
      English
      201 year ago

      From my very basic understanding of it yes. It in effect checks what’s loaded against what was served and if there’s a discrepancy it does its thing.

      Note. If I have misunderstood please someone correct me.

      • @BeardedGingerWonder
        link
        English
        21 year ago

        Is there anything that would prevent some kind of proxy stripper? I’m thinking something that loads the page with a clean agent, strips out the shit and serves a nice clean page?

        Definitely beyond pihole as it stands, but doable.

        • @Z3k3
          link
          English
          11 year ago

          It would need something that would trick the checker into reporting an all good when local extensions fiddle with the rendered page. Not impossible IMHO but I’m wayyy to dumb for that shit. I was a sre not a developer.

    • TheEntity
      link
      fedilink
      121 year ago

      Yes and no. They can freely enforce a specific DNS server and reject any browser with a custom one as “tampered with”. Just like they can freely enforce any part of your system being like they want it to be “or else”.

    • takeda
      link
      fedilink
      111 year ago

      All of that can be easily checked via JavaScript, but now if you world use extensions to disable those checks you would not pass the attestation.

      So yeah, essentially you no longer have control over your computer, and need to bend over and accept everything the site owner wishes to do.

      • snooggums
        link
        fedilink
        111 year ago

        bend over and accept everything the site owner wishes to do.

        Including a malicious site owner’s wishes.

    • @[email protected]
      link
      fedilink
      English
      91 year ago

      No, but that only works if the ads are being served by known ad hosts, so you should expect that adtech will get hip to that and proxy their traffic through the same hosts as the content.

      That being said, it’s pretty easy to check if a user has network blackholing going on in clientside JavaScript, you just do a test request to a popular ad network and see if it resolves, no special browser support needed.

    • @[email protected]OP
      link
      fedilink
      English
      21 year ago

      No that should still work. The server will send a page to your browser, and when the browser renders it, it will request the ad. And your pihole will block the request.

      Unless WEI somehow changes how page rendering works but I don’t think so.

      • pjhenry1216
        link
        fedilink
        171 year ago

        Not really. The environment could easily include resolution of an ad server. If a site uses two ad servers and neither resolves, the attestor could decide to fail the environment. The problem is the attestation is left open for the attestor to create. It could check web browser, extensions, operating system, etc. I fail to see how this is at all privacy protecting to begin with.

      • Apathy Tree
        link
        fedilink
        English
        31 year ago

        Yes, it works well. There are some ads, like those built in to apps and pages for self-promotion (Microsoft having an ad for office on their own website, for example), that cant be blocked without disabling the service itself because the ad dns is the same as the content dns, but otherwise it works well.