This CL moves the base::Feature from content_features.h to
a generated feature from runtime_enabled_features.json5.
This means that the base::Feature can be default-enabled
while the web API is co...
I still don’t see why my open source browser can’t just lie when it’s sending a description of itself to the third party. The only way I could see it working is if that description needs to be encrypted by a key that’s compiled in to a closed source browser, and then websites only accept requests from a few closed source browsers.
Is that what you’re saying? That unless I have one of a couple accepted clients which are proprietary and closed source, websites just won’t work?
It seems logical to assume that there would be no point to the whole thing if it was so easily avoided just by modifying your browser. Someone who’s, for example, selling fake engagement (e.g., fake reviews), which is listed as one of the things Ben Wiser at al. want to prevent, will probably have enough technical expertise to use a modified browser that will circumvent WEI, so why would Google even bother?
To make it harder, even if not impossible, for the average user to ad block them.
Are you asking because you’re not sure of the answer, or because you are, and you know that web integrity will require a pre-compiled closed source binary to browse the web?
I still don’t see why my open source browser can’t just lie when it’s sending a description of itself to the third party. The only way I could see it working is if that description needs to be encrypted by a key that’s compiled in to a closed source browser, and then websites only accept requests from a few closed source browsers.
Is that what you’re saying? That unless I have one of a couple accepted clients which are proprietary and closed source, websites just won’t work?
It seems logical to assume that there would be no point to the whole thing if it was so easily avoided just by modifying your browser. Someone who’s, for example, selling fake engagement (e.g., fake reviews), which is listed as one of the things Ben Wiser at al. want to prevent, will probably have enough technical expertise to use a modified browser that will circumvent WEI, so why would Google even bother?
To make it harder, even if not impossible, for the average user to ad block them.
Are you asking because you’re not sure of the answer, or because you are, and you know that web integrity will require a pre-compiled closed source binary to browse the web?
No, I’m not sure. It’s possible that this is a benign technology, but many believe it’s not, including people at Mozilla, people at Vivaldi, Cory Doctorow, Jay Freeman (aka “Saurik”), the developer of Cydia (via The Register), so I’m concerned.
This recent blog post also mentions the intent of disallowing unsigned software to browse the web. Perhaps you’ll find it interesting.
Okay, thanks.