this post was submitted on 22 Jul 2023
2627 points (100.0% liked)

Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ

54716 readers
285 users here now

⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.

Rules • Full Version

1. Posts must be related to the discussion of digital piracy

2. Don't request invites, trade, sell, or self-promote

3. Don't request or link to specific pirated titles, including DMs

4. Don't submit low-quality posts, be entitled, or harass others



Loot, Pillage, & Plunder

📜 c/Piracy Wiki (Community Edition):


💰 Please help cover server costs.

Ko-Fi Liberapay
Ko-fi Liberapay

founded 1 year ago
MODERATORS
 

looks like rendering adblockers extensions obsolete with manifest-v3 was not enough so now they try to implement DRM into the browser giving the ability to any website to refuse traffic to you if you don't run a complaint browser ( cough...firefox )

here is an article in hacker news since i'm sure they can explain this to you better than i.

and also some github docs

you are viewing a single comment's thread
view the rest of the comments
[–] ReversalHatchery@beehaw.org 9 points 1 year ago (1 children)

It doesn't prevent web pages from being modified like some people are saying.

In itself it does not, yes. What it will do is tell the server if the user runs a "non-approved" system configuration. That could mean anything from using addons that were installed from outside of the chrome addon store, through running a custom chromium build, to running an unapproved operating system or an approved operating system but unapproved state (driver signature enforcement disabled, TPM not present or says the system is "not trusted").

Just like on Android with SafetyNet for the past few years. If you rooted your phone (perhaps to remove datamining bloatware from facebook and such) or straight out installed an alternative android system that respects you, then your phone is "not trusted" anymore, and a couple of apps wont work now.
We know it exactly how it will work, and with this it wont stop at the smartphone, it will spread to affect any kind of PCs too.

This will have nothing to do with the security of users. This is solely about the security of web service providers, that you won't even try to filter the content that they want to push to your device when visiting their website.

This has no place outside of the strictest of corporate environments, at all.

NOT detect ad blockers

Sure, except that by this the server will know it exactly if your browser even allows effective adblockers (firefox) or not (chrome), and may as well decide to refuse to work if there is a possibility that the user has an ad blocker.
No, as you have written later, just using a non-chrome web browser will not be a solution, just as using banking apps and others is not possible on alternative android systems like LineageOS or GrapheneOS, not because actual incompatibility, but because of the device not being "trusted" (by google, as they run the verification system over there too).

[–] vox@sopuli.xyz 2 points 1 year ago (2 children)

tbf safetynet attestation can be faked

[–] ReversalHatchery@beehaw.org 2 points 1 year ago

If you mean with obscure, closed source Magisk modules that can break any moment then yes, it can.

[–] nintendiator@feddit.cl 1 points 1 year ago (1 children)

Not in Stock Android, which is what it matters.

[–] vox@sopuli.xyz 1 points 1 year ago

it always succeeds in stock android