this post was submitted on 07 Nov 2023
45 points (95.9% liked)
DeGoogle Yourself
8482 readers
51 users here now
A community for those that would like to get away from Google.
Here you may post anything related to DeGoogling, why we should do it or good software alternatives!
Rules
-
Be respectful even in disagreement
-
No advertising unless it is very relevent and justified. Do not do this excessively.
-
No low value posts / memes. We or you need to learn, or discuss something.
Related communities
!privacyguides@lemmy.one !privacy@lemmy.ml !privatelife@lemmy.ml !linuxphones@lemmy.ml !fossdroid@social.fossware.space !fdroid@lemmy.ml
founded 4 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
This is the best summary I could come up with:
When you tried to access some protected content, a browser supporting the Web Integrity API would first contact a third-party "environment attestation" server, and your computer would have to pass some kind of test.
The company says: "We’ve heard your feedback, and the Web Environment Integrity proposal is no longer being considered by the Chrome team."
Unlike the web version, which would have been a big step "forward" for invasive DRM solutions, Android already has environment attestation, so it doesn't sound like this is doing that much.
If you are Spotify or YouTube, you could already block modified devices at the app level before the embedded WebView even boots up, via the Play Integrity API.
Netflix famously demands preinstallation of Widevine on devices in order to show HD content, and problems with the DRM are a common support issue.
The blog post notes that while Android's WebView system brings "a lot of flexibility... it can be used as a means for fraud and abuse, because it allows app developers to access web content, and intercept or modify user interactions with it.
The original article contains 784 words, the summary contains 181 words. Saved 77%. I'm a bot and I'm open source!