• AndrewZabar@lemmy.world
    link
    fedilink
    English
    arrow-up
    64
    ·
    1 year ago

    I use Firefox. If I’m on the web and a site does not work with Firefox, I leave that site.

    Do they think somehow people like me will change our minds? And more to the point, do they think website authors will want to limit their own audience for the benefit of some company?

    Unless I’m misunderstanding this, maybe I need an ELI5

    • Jajcus@kbin.social
      link
      fedilink
      arrow-up
      34
      ·
      1 year ago

      Will you change your bank when it refuses to work with Firefox? What if most other banks do the same?

      This is how things are in Android now – online banking, online games and even subscription media services are mostly unavailable to those who would like to use non-official OS.

      website authors will want to limit their own audience for the benefit of some company?

      Many websites already refuse to work with anything not-chrome-based – so website authors often don’t care.

      Banks see that as ‘security’, so they are ok with ‘losing’ a small percentage of customers who want ‘insecure’ devices. In fact they would hardly lose anything, as their customers usually depend more on the bank, than the bank on any particular customer.

      For media providers, that is another ‘anti-piracy’ measure (DRM) – they will also happily sacrifice Linux users, as insignificant fraction of users, probably less then ‘actual pirates’ on Windows or Mac. Netflix already won’t stream in high quality to Firefox on Linux.

      For online game providers this will be easy anti-cheat measure – they will also not care about that insignificant fraction of user.

      Each of those service providers would loose maybe 5% of their user base (probably less… as most users would eventually accommodate), but the affected users would use major number of services they care about.

      • Rai@lemmy.dbzer0.com
        link
        fedilink
        English
        arrow-up
        18
        ·
        1 year ago

        I see many people on Lenny say “blah blah doesn’t work on Firefox” and have yet to see an example. I’ve been using Firefox since the early or mid 2000s (started when they added extensions) and I SCARCELY have had issues. Only one I can remember, a credit card web site like 11 years ago.

        • comfortablyglum@sh.itjust.works
          link
          fedilink
          English
          arrow-up
          10
          ·
          1 year ago

          After a big Firefox update last year, Chase kept telling me they wouldn’t allow acces via “outdated” web browsers, then redirected me to download another browser which included Firefox. This went on for several months until Chase finally updated themselves. During that time, if I wanted to access my account I had to use a different browser.

          Yes, this was temporary, but another issue I have is Firefox on my Samsung phone. I am not tech savvy; I do my best to protect myself, but past the basic protections I am overwhelmed.

          I would LOVE to use Firefox on my phone instead of Chrome, but every time I have tried, Firefox has been slow as fuck as compared to Chrome; slow enough to be practically unusable. I never found a solution and ended up going back to chrome while trying to adjust all my phone/browser settings to request as much respect and privacy as possible.

          • can@sh.itjust.works
            link
            fedilink
            English
            arrow-up
            4
            ·
            edit-2
            1 year ago

            YIs that factoring in using ublock origin on mobile Firefox? Because surely that speeds things up?

          • Aa!@lemmy.world
            link
            fedilink
            English
            arrow-up
            2
            ·
            1 year ago

            For what it’s worth, I’ve been ride or die for Firefox, and I use Chase’s online banking for years and it never blocked me. I’m not sure what caused the issue for you, but I don’t think that was the typical experience

    • dantheclamman@lemmy.worldOP
      link
      fedilink
      English
      arrow-up
      29
      ·
      edit-2
      1 year ago

      People like you and me are unfortunately a small minority. Most people go along with it, so they set about steamrolling over us through coercion or just not doing business with us

    • kiddblur@lemm.ee
      link
      fedilink
      English
      arrow-up
      5
      ·
      1 year ago

      do they think somehow people like me will change our minds?

      Yeah. I use Firefox too, and when a site doesn’t work, I open it in chromium

    • abhibeckert@lemmy.world
      link
      fedilink
      English
      arrow-up
      3
      ·
      edit-2
      1 year ago

      Apple sold this feature as an alternative to captchas.

      In order to sign up for Lemmy, I had to pass a captcha check to prove I’m human. Now that bots can trivially be better than any human at captchas we have to find something else. Is attestation a good option? We can debate that, but it’s definitely on the table. And I expect Firefox will implement it (even if only via a plugin) if it becomes widely adopted.

    • 2xsaiko@discuss.tchncs.de
      link
      fedilink
      English
      arrow-up
      12
      ·
      1 year ago

      I just wrote a funny script and corresponding web page:

      "use strict";
      
      (() => {
        if (navigator.getEnvironmentIntegrity !== undefined) {
          window.location.href = "https://dblsaiko.net/no-wei";
        }
      })()
      

      If this API actually becomes a thing, I might put it on all my pages.

    • PixelAlchemist@lemmy.world
      link
      fedilink
      English
      arrow-up
      7
      ·
      1 year ago

      If an internet giant like Cloudflare has already implemented and adopted this, there won’t be a lot that individual web developers can do unless this gets shot down as anti-competitive behavior (which it is). The alternative is not using CDNs and paying for servers and storage to self-host content, which will be prohibitively expensive for smaller businesses or individual hobbyists.

    • IHeartBadCode@kbin.social
      link
      fedilink
      arrow-up
      19
      ·
      1 year ago

      It wasn’t super secret, it’s just that the HTTP protocol standard is getting quite large. HTTP standard site.

      Same with HTML, the standard for HTML 5 is just so massive no one person can know all of it. It is completely unknowable to a single person at this point (without referring back to the standard).

      The protocols and standards underpinning the Web have become over engineered in my opinion. I’m sure it was with “best intention” but I recommend gemini protocol at this point for “fun” and http for “business”. Corporations owns HTTP at this point and there’s little that can be done to change it. It has become the modern Adobe flash with the veneer of openness to satiate the causal observer.

      But that’s my two cents.

        • abhibeckert@lemmy.world
          link
          fedilink
          English
          arrow-up
          5
          ·
          edit-2
          1 year ago

          It was part of the same keynote speech where Apple announced their virtual reality headset… so the media largely didn’t cover it.

          But Apple absolutely did announce it, and as loudly as they possibly could with a high profile executive standing on stage before a live (online live, but still live) audience of millions of people and every tech journalist in the world to demo the feature. There’s also extensive documentation and whitepapers covering how the crypto works, and I expect it was discussed on public mailing lists ahead of time (I don’t follow those mailing lists - they’re too busy, so not sure about that one).

  • LibertyLizard@slrpnk.net
    link
    fedilink
    English
    arrow-up
    9
    ·
    1 year ago

    Is there a way to address the problems outlined by the proponents of these technologies without placing too much power in anti-democratic and anti-user organizations like Apple and Google?

    • Jajcus@kbin.social
      link
      fedilink
      arrow-up
      13
      ·
      1 year ago

      But the problem they try to solve is: user’s device is not under full control of the service provider. The only solution to that problem is to take away the control from the device owner. You cannot have both.

    • Overspark@feddit.nl
      link
      fedilink
      English
      arrow-up
      10
      ·
      1 year ago

      Which problems? As far as I can tell this solves zero problems for users of websites. Wanting to replace captchas with this is just another arms race that normal users will suffer from.

      • LibertyLizard@slrpnk.net
        link
        fedilink
        English
        arrow-up
        1
        ·
        edit-2
        1 year ago

        Well, captchas seem likely to become useless in the near future, and are currently a key feature used to prevent unwanted bot activity on many if not most websites. What can replace them?

        Would this technology work better if there were a coalition of attesters that granted access to newer and smaller browsers and os makers?

        • Jajcus@kbin.social
          link
          fedilink
          arrow-up
          8
          ·
          1 year ago

          The point of the attestation is to show that given browser won’t do some things. If the browser is open source on open source operating system the user can modify it in any way he wants, so not such attestation can be given to such browser.

          Even if we are ok with attested browser being official builds never modified by users, then user could still fake it if they have full control of their operating system. So the operating system must also be attested, so it cannot be freely modified. And what is a point of open source then? You can see, but you cannot touch?

        • conciselyverbose@kbin.social
          link
          fedilink
          arrow-up
          4
          ·
          1 year ago

          Nothing. Nothing should replace them.

          You, as a website, unconditionally have zero right to know anything about what a user is doing on their computer.

          Block behavior, not devices.

        • Zeth0s@lemmy.world
          link
          fedilink
          English
          arrow-up
          2
          ·
          1 year ago

          How can the attester attest that a bot is not using a valid browser on a valid os?

          • YourAvgMortal@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            ·
            1 year ago

            It’s up to the attester to decide. Maybe it needs to run some verifications every so often. There’s nothing preventing it from refusing you attestation too, if your device is out of date, or is too old and won’t receive future updates

    • sloppy_diffuser@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      7
      ·
      edit-2
      1 year ago
      • Alice gives Bob a Secret Note.
      • Alice and Bob agree on a way for Bob to scramble the Secret Note so that Alice can unscramble it.
      • Bob scrambles the Secret Note.
      • Bob gives Carol the Scrambled Secret Note.
      • Carol gives Alice the Scrambled Secret Note.
      • Alice descrambles the Scrambled Secret Note.
      • Alice tells Carol the Secret Note came from Bob.

      Now, Carol trusts Alice and Alice trusts Bob. By passing this note around, Carol can trust Bob since Alice trusts Bob and she trusts Alice.

      Passing the note around tells Carol (Web Server) that Bob (Web Browser) has trust from Alice (Attestation Server) and is not some imposter just claiming to be Bob.