Google’s Plan To DRM The Web Goes Against Everything Google Once Stood For

If you don't like how Google is able to do this, know it's because of it's market share, and you should just use Firefox.

You should use Firefox (or a fork of it), but can we expect them to be an option if Google's actions make it so most sites only work on Chrome?
- Google can't make websites update.
  
  Websites will only update to Chrome specific things if Chrome is the dominant browser.
  
  How do you stop Chrome being the dominant browser? By not using it.
- Unfortunately Chrome is the dominant browser by a long way.
  
  I use Firefox on every PC and device and wish it was more popular but the non geeks don't understand so use Chrome.
- They can make sites to not work on Chrome, not the other way around. Unless you implemented some chrome only features in your site then that's on you.
Except you’ll have to keep a copy of Chrome handy because this is less about what software you’re using and more about which apps are attested and approved for that website.

Once your bank says “we’re requiring this” it’s kinda over isn’t it?
- Your bank will only do it, if, and only if, Chrome is a majority of browsers they see.
  
  How do you stop that? By not using it.
  
  Everyone keeps postulating over a terrible future, but won't actually do anything now, today, to help prevent it.
- I'll be telling my bank I'll be taking my mortgage elsewhere. I pray that's still possible.
I've never even used a chrome browser except punctually, yet here we are.
I've been on Firefox for years. Was never much of a problem, but lately there's more and more sites that require a Chromium-based browser. Some of them quite crucial. A list from experience:

My bank's mortgage page

Microsoft Teams - only supports Chrome, safari and edge on MacOs.

Microsoft Office - has weird quirks on MacOs

The new Adobe Express, requires Chrome or Edge

Google Meet - after years google still only supports Chromium-based browsers if you wish to use video effects

Microsoft's new video editing thing
- It's not uncommon for such sites to work fine in Firefox if you just add a user agent switcher addon, so that is worth trying (can be limited to specific sites so you advertise Firefox usage for others).
- AFAIK Netflix limits resolution on every browser but Edge
- Ok, I got it wrong guys
  
  Chrome has won
  
  Let's all go home, install a Chromium-based spyware-laced browser and bow down to our Google overlords.

Google needs to be broken up. It needs to separate in at least 5 different companies:

Admob/Adsense
Ads/Adwords
Search
Android
Chrome

Okay then... How do 3/4/5 make money? Ist currently everything but 1/2 loosing money in support of propping up the ads?
- Charge a fee, advertising is a scourge and needs to be removed from all societies with extreme prejudice.
AdSense and AdWords are essentially the same thing. AdWords is how they monetize AdSense.

They dropped the "don't be evil" a while ago.

"The slogan was also a bit of a jab at a lot of the other companies, especially our competitors, who at the time, in our opinion, were kind of exploiting the users to some extent"

Paul Buchheit, the creator of Gmail
- Subtext: now that we have the market share, it's our turn to exploit the users.
  
  It's sick.

Luckily, other browser manufacturers (Mozilla, Vivaldi, Brave, and even the WWWC) have already spoken out against this proposal. Google loves marketing it as ‘optional’, which it obviously won’t be once implemented. A system like this would be very dangerous for smaller browsers, as it’s incredibly vague who decides what authorities would be allowed to verify browsers.

Additionally, this is presented as a way to remove captchas from the web by proving a request is coming from genuine hardware. However, this proves absolutely nothing about a request being genuine or non-spam. The only thing this proves is that it was created by a ‘genuine device’, so all a malicious user would have to do is to (automatically) send the request via a verified device and they’d pass the check.

Maybe it's just Google search (ironic), but I couldn't find anything about the W3C speaking against the proposal. If W3C is against it then I think it's even more likely the entire thing would be shot down.
- Could’ve sworn I saw it in an article or post on here somewhere… but of course now that I actually need the post I can’t find it. Doesn’t really matter though, Chrome can unfortunately push standards through even if others don’t approve, just due to their sheer size alone.

The problem is that Google is able to more or less dictate how the web works at that time. Apart from Firefox and Safari, which both only have a minor market share, pretty much everything is Chrome based.

If Google wants to push some silly idea just to ensure that their silly ads are not blocked, then they'll do it. I fear that noone really can stop this stupid idea.

We need to hope some governing body steps in and slaps Google with antitrust, because this is a pretty clear abuse of monopoly
- I'm sure our octogenarian leaders who are oh so internet savvy will fully understand the nuances associated with browser market share will craft laws to resolve this issue.
  
  /s unfortunately.
  
  Truth be told.. Google applies $$$ to our aged elected officials who don't understand what a browser is much less the nuances behind chrome and chromium based browsers. And will vote by what their campaign donators say... :(
- The EU may be our only reasonable hope.
Chromium based forks (e.g. Brave) can disable or remove the features they don't want. For example, if Google adds a feature that always shows their ads, Brave can disable that feaure or remove it. Being Chromium-based is not as bad as people usually seem to think.

In this proposed DRM-like feature it is slightly different case because Chrome browser is so widely used.
Governmental regulators need to be involved. But I don't have my hopes up.
the problem is that this is a malignant feature that can only be used for evil
On the other hand, I don't really have a fundamental problem with it. I don't use Chrome and am not going to use this. My approach to websites using it will be the same as programs not running on my operating system: I'll simply ignore them, same as I already ignore websites today that don't serve me because of GDPR.

I also do see a problem in adblocking. It's just that it's the lesser of two evils for me and as such, I opt into it. Google, being on the other side of the situation, for good reasons comes to a different assessment.

All in all I don't think this is a good development, but OTOH, if someone doesn't want me to visit their site, that's ok.
- What about when your banking site or the site your landlord wants you to pay with doesn't work because of this shit?
  
  It's gonna be a pain in the ass to switch browsers every time you run into one of these sites, and it'll eventually make its way into most services just because they feel like it.
  
  There are already way too many Android apps that refuse to work on rooted phones just because they feel like not working on rooted phones after they made safety net. It will be pervasive and at some point you'll have no option but to comply.

I am really hoping some regulatory body strikes this down. Where's the EU when we need them?

Have you tried to talk to a local EU representative about it?
- I don't live in the EU. I have contacted my local representatives in the US, but we all know they are useless and won't do a damn thing about it.
Permanently Deleted

Google became what it is because they had the best search results. Today, other like qwant and sometimes even bing are better. If it was not for Android, the reasons for remaining stuck with Google would have become sparse already. And I daresay Apple is now the less evil option.

I don't know about that. Google is evil for sure, but I haven't read anything about their factory workers leaping from buildings to escape life.

Who knows at this point? With this level of advanced capitalism, it's getting kind of difficult to identify truly ethical corporations.
- Google is evil for sure, but I haven’t read anything about their factory workers leaping from buildings to escape life.
  
  Try again. This is from 1 month ago.
  
  https://www.theinformation.com/articles/googles-darkest-days-after-three-deaths-a-workforce-reckons-with-a-changed-company
- Google is still one of the better ones for sure... Apple has gone majorly down the route of proprietary tech, not contributing upstream to OSS they use, not updating OSS they used to regularly ship, and vendor lockin games.

i mean this is like working on the nuclear bomb except you're eager to drop it on yourselves in the name of corporate profits and ad revenue. virulently disgusting

Fine, I’ll make my own web, with blackjack, and hookers!

Fuck Google, I guess we’re going back to the days of BBS’.

Last time they did with Web 3.0 and it didn't went well

Everyone, please reach out to your local anti-trust government organization to ensure they are aware of this issue. They cannot do anything about something that they are unaware of. It's easy to forget that the internet is a bubble and not everyone is clued into it's issues.

Sure, bring that shit to Europe and let's see how it goes..

Question: Would Pi-holes get around this or would websites still recognise that there's traffic being blocked?

Chrome will eventually switch to DNS over HTTPS.
Piholes don’t actually block the traffic. The ads still make it from google to your home network. Pihole just intercepts them and sends them off to nowhere before they get to any of your devices. So I believe they won’t be affected by this.
- That's not true. Pihole voids DNS requests, not the actual HTTP responses. When trying to look up an ad, it tells your devices to look at an unassigned ip address which will then not respond with anything.

Nothing new here.

Same old shit.

They're gonna do what they're gonna do.

There will be ways around it.

It will be difficult to get around this on smartphones. Those are walled gardens already.

But I wonder how Google plans to make this "feature" for desktop PCs? Won't work at all on Linux and Mac and requires a kernel level always on spy driver to watch the Chrome process to prevent tampering with it?
- You already can't get around this on smartphones. So many companies force you to use their app and only their app if you're not in front of a desktop.
- and requires a kernel level always on spy driver to watch the Chrome process to prevent tampering with it?
  
  That would be one method, yeah. The attester supplies a kernel driver and uses that to generate the auth tokens communicating with it via some protocol or via scanning memory.
  
  The driver is just chilling in the machine, perhaps even evasive to lsmod, such that the only way to detect it is to have your own driver monitoring for some specific signal before the attestor driver gets installed, and then using that signal to track its installation.
  
  There's always a way. But, as you say, with phones it's not as simple.
  
  GrapheneOS or some other ROM on an unlocked Android phone is probably going to be the only way of bypassing it.

I support Google on this one. Digital fraud is out of control. If you guys have a better idea to stop fraud and sustain the web ecosystem, let's hear it.

Unironically: Ad blockers.

A lot of fraud happens online via ads which are hosted by Google and Facebook.

This is a power grab by Google. Nothing more.