• @AndrewZabar
    link
    English
    681 year ago

    I use Firefox. If I’m on the web and a site does not work with Firefox, I leave that site.

    Do they think somehow people like me will change our minds? And more to the point, do they think website authors will want to limit their own audience for the benefit of some company?

    Unless I’m misunderstanding this, maybe I need an ELI5

    • dantheclammanOP
      link
      English
      35
      edit-2
      1 year ago

      People like you and me are unfortunately a small minority. Most people go along with it, so they set about steamrolling over us through coercion or just not doing business with us

    • Jajcus
      link
      fedilink
      311 year ago

      Will you change your bank when it refuses to work with Firefox? What if most other banks do the same?

      This is how things are in Android now – online banking, online games and even subscription media services are mostly unavailable to those who would like to use non-official OS.

      website authors will want to limit their own audience for the benefit of some company?

      Many websites already refuse to work with anything not-chrome-based – so website authors often don’t care.

      Banks see that as ‘security’, so they are ok with ‘losing’ a small percentage of customers who want ‘insecure’ devices. In fact they would hardly lose anything, as their customers usually depend more on the bank, than the bank on any particular customer.

      For media providers, that is another ‘anti-piracy’ measure (DRM) – they will also happily sacrifice Linux users, as insignificant fraction of users, probably less then ‘actual pirates’ on Windows or Mac. Netflix already won’t stream in high quality to Firefox on Linux.

      For online game providers this will be easy anti-cheat measure – they will also not care about that insignificant fraction of user.

      Each of those service providers would loose maybe 5% of their user base (probably less… as most users would eventually accommodate), but the affected users would use major number of services they care about.

      • @[email protected]
        link
        fedilink
        English
        181 year ago

        I see many people on Lenny say “blah blah doesn’t work on Firefox” and have yet to see an example. I’ve been using Firefox since the early or mid 2000s (started when they added extensions) and I SCARCELY have had issues. Only one I can remember, a credit card web site like 11 years ago.

        • comfortablyglum
          link
          fedilink
          English
          91 year ago

          After a big Firefox update last year, Chase kept telling me they wouldn’t allow acces via “outdated” web browsers, then redirected me to download another browser which included Firefox. This went on for several months until Chase finally updated themselves. During that time, if I wanted to access my account I had to use a different browser.

          Yes, this was temporary, but another issue I have is Firefox on my Samsung phone. I am not tech savvy; I do my best to protect myself, but past the basic protections I am overwhelmed.

          I would LOVE to use Firefox on my phone instead of Chrome, but every time I have tried, Firefox has been slow as fuck as compared to Chrome; slow enough to be practically unusable. I never found a solution and ended up going back to chrome while trying to adjust all my phone/browser settings to request as much respect and privacy as possible.

          • @[email protected]
            link
            fedilink
            English
            4
            edit-2
            1 year ago

            YIs that factoring in using ublock origin on mobile Firefox? Because surely that speeds things up?

          • Aa!
            link
            English
            31 year ago

            For what it’s worth, I’ve been ride or die for Firefox, and I use Chase’s online banking for years and it never blocked me. I’m not sure what caused the issue for you, but I don’t think that was the typical experience

            • @AndrewZabar
              link
              English
              21 year ago

              Most likely user error. I’ve been doing tech support for nearly 30 years and 99% of the time when something “doesn’t work” or is “broken,” it’s user error. 99.9% not to suggest all users are stupid, sometimes it’s not an easy fix, not an obvious issue, but nevertheless, the tech works perfectly when used properly and maintained.

        • @AndrewZabar
          link
          English
          21 year ago

          I, too, have been using Firefox for decades and can think of no sites that have any problem other than very very old sites I used that were IE-only, built with Frontpage, and that was also early 2000-ish. I think most of the complaints about Firefox are nonsense and explainable as user based problems rather than tech.

    • @[email protected]
      link
      fedilink
      English
      61 year ago

      do they think somehow people like me will change our minds?

      Yeah. I use Firefox too, and when a site doesn’t work, I open it in chromium

      • @AndrewZabar
        link
        English
        11 year ago

        In 20 years I haven’t had a website not work in Firefox. With the exception of some that had nothing to do with compatibility and was because of being stuck committed to frontpage or some shit where it’s easy for a moron to do but at the cost of being married to MS applications. Whole other story.

    • @abhibeckert
      link
      English
      4
      edit-2
      1 year ago

      Apple sold this feature as an alternative to captchas.

      In order to sign up for Lemmy, I had to pass a captcha check to prove I’m human. Now that bots can trivially be better than any human at captchas we have to find something else. Is attestation a good option? We can debate that, but it’s definitely on the table. And I expect Firefox will implement it (even if only via a plugin) if it becomes widely adopted.

    • 2xsaiko
      link
      fedilink
      English
      141 year ago

      I just wrote a funny script and corresponding web page:

      "use strict";
      
      (() => {
        if (navigator.getEnvironmentIntegrity !== undefined) {
          window.location.href = "https://dblsaiko.net/no-wei";
        }
      })()
      

      If this API actually becomes a thing, I might put it on all my pages.

    • HousePanther
      link
      fedilink
      English
      111 year ago

      As an aspiring web developer, I shall refuse to use it once I learn.

    • @PixelAlchemist
      link
      English
      81 year ago

      If an internet giant like Cloudflare has already implemented and adopted this, there won’t be a lot that individual web developers can do unless this gets shot down as anti-competitive behavior (which it is). The alternative is not using CDNs and paying for servers and storage to self-host content, which will be prohibitively expensive for smaller businesses or individual hobbyists.

  • HousePanther
    link
    fedilink
    English
    151 year ago

    The fact that this was done relatively in secrecy really bothers me. I mean it really tweaks my tail.

    • IHeartBadCode
      link
      fedilink
      191 year ago

      It wasn’t super secret, it’s just that the HTTP protocol standard is getting quite large. HTTP standard site.

      Same with HTML, the standard for HTML 5 is just so massive no one person can know all of it. It is completely unknowable to a single person at this point (without referring back to the standard).

      The protocols and standards underpinning the Web have become over engineered in my opinion. I’m sure it was with “best intention” but I recommend gemini protocol at this point for “fun” and http for “business”. Corporations owns HTTP at this point and there’s little that can be done to change it. It has become the modern Adobe flash with the veneer of openness to satiate the causal observer.

      But that’s my two cents.

      • HousePanther
        link
        fedilink
        English
        71 year ago

        I consider myself a rather avid technology reader and try to stay up on the trends and this one completely escaped me, I am sorry to say.

        • @abhibeckert
          link
          English
          4
          edit-2
          1 year ago

          It was part of the same keynote speech where Apple announced their virtual reality headset… so the media largely didn’t cover it.

          But Apple absolutely did announce it, and as loudly as they possibly could with a high profile executive standing on stage before a live (online live, but still live) audience of millions of people and every tech journalist in the world to demo the feature. There’s also extensive documentation and whitepapers covering how the crypto works, and I expect it was discussed on public mailing lists ahead of time (I don’t follow those mailing lists - they’re too busy, so not sure about that one).

  • @[email protected]
    link
    fedilink
    English
    71 year ago

    Is there a way to address the problems outlined by the proponents of these technologies without placing too much power in anti-democratic and anti-user organizations like Apple and Google?

    • Jajcus
      link
      fedilink
      151 year ago

      But the problem they try to solve is: user’s device is not under full control of the service provider. The only solution to that problem is to take away the control from the device owner. You cannot have both.

    • @[email protected]
      link
      fedilink
      English
      111 year ago

      Which problems? As far as I can tell this solves zero problems for users of websites. Wanting to replace captchas with this is just another arms race that normal users will suffer from.

      • @[email protected]
        link
        fedilink
        English
        1
        edit-2
        1 year ago

        Well, captchas seem likely to become useless in the near future, and are currently a key feature used to prevent unwanted bot activity on many if not most websites. What can replace them?

        Would this technology work better if there were a coalition of attesters that granted access to newer and smaller browsers and os makers?

        • Jajcus
          link
          fedilink
          91 year ago

          The point of the attestation is to show that given browser won’t do some things. If the browser is open source on open source operating system the user can modify it in any way he wants, so not such attestation can be given to such browser.

          Even if we are ok with attested browser being official builds never modified by users, then user could still fake it if they have full control of their operating system. So the operating system must also be attested, so it cannot be freely modified. And what is a point of open source then? You can see, but you cannot touch?

        • conciselyverbose
          link
          fedilink
          41 year ago

          Nothing. Nothing should replace them.

          You, as a website, unconditionally have zero right to know anything about what a user is doing on their computer.

          Block behavior, not devices.

        • @Zeth0s
          link
          English
          21 year ago

          How can the attester attest that a bot is not using a valid browser on a valid os?

          • @YourAvgMortal
            link
            English
            11 year ago

            It’s up to the attester to decide. Maybe it needs to run some verifications every so often. There’s nothing preventing it from refusing you attestation too, if your device is out of date, or is too old and won’t receive future updates

  • @moistclump
    link
    English
    51 year ago

    Can someone eli5 “shipped attestation”?

    • @[email protected]
      link
      fedilink
      English
      9
      edit-2
      1 year ago
      • Alice gives Bob a Secret Note.
      • Alice and Bob agree on a way for Bob to scramble the Secret Note so that Alice can unscramble it.
      • Bob scrambles the Secret Note.
      • Bob gives Carol the Scrambled Secret Note.
      • Carol gives Alice the Scrambled Secret Note.
      • Alice descrambles the Scrambled Secret Note.
      • Alice tells Carol the Secret Note came from Bob.

      Now, Carol trusts Alice and Alice trusts Bob. By passing this note around, Carol can trust Bob since Alice trusts Bob and she trusts Alice.

      Passing the note around tells Carol (Web Server) that Bob (Web Browser) has trust from Alice (Attestation Server) and is not some imposter just claiming to be Bob.