this post was submitted on 26 Jul 2023
2177 points (99.9% liked)

Technology

59676 readers
3102 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] eth0p@iusearchlinux.fyi 3 points 1 year ago* (last edited 1 year ago)

In other posts, I've tried to point out how some of the articles and comments around WEI are more speculative than factual and received downvotes and accusations of boot-licking for it. Welcome to the club, I guess.

The speculation isn't baseless, but I'm concerned about the lack of accurate information about WEI in its current form. If the majority of people believe WEI is immediately capable of enforcing web page integrity, share that incorrect fact around, and incite others, it's going to create a very good excuse for dismissing all dissenting feedback of WEI as FUD. The first post linking to the GitHub repository brought in so many pissed off/uninformed people that the authors of the proposal actually locked the repo issues, preventing anyone else from voicing their concerns or providing examples of how implementing the specification could have unintended or negative consequences.

Furthermore, by highlighting the DRM and anti-adblock aspect of WEI, it's failing to give proper attention to many of the other valid concerns like:

  • Discrimination against older hardware/software that doesn't support system-level environment integrity enforcement (i.e. Secure Boot)
  • The ability for WEI to be used to discriminate between browsers and provide poor (or no) service to browsers not created by specific corporations.
  • The possibility of WEI being used in a way to force usage of browsers provided by hostile vendors
  • The ability for it to be used to lock out self-built browsers or forked browsers.
  • The potential for a lack in diversity of attesters allowing for a cartel of attesters to refuse validation for browsers they dislike.

I very well could be wrong, but I think our (the public) opinions would have held more weight if they were presented in a rational, informed, and objective manner. Talking to software engineers as people generally goes down better than treating them like emotionless cogs in the corporate machine, you know?