• Obi@sopuli.xyz
    link
    fedilink
    arrow-up
    29
    arrow-down
    1
    ·
    1 year ago

    Right. I mean there’s always going to be a way. Your open source browser can run a spoof of an “official” browser, present itself as a valid user, load the page with all the ads and tracking in a sandbox in between, strip all of it out and serve you the actual content.

    Or maybe people will eventually be fed up and we’ll start our own internet completely out of corporate control.

    • cley_faye@lemmy.world
      link
      fedilink
      arrow-up
      16
      ·
      1 year ago

      Your open source browser can run a spoof of an “official” browser

      Not if the server requires the digital signature of a challenge to be produced by a key whose certificate is signed by a “trusted” third party, said third party only providing that key at runtime, if your browser can also provide the same kind of authorization from the OS, itself being only able to produce it if it can safely determine that it’s running on completely locked-down hardware AND having online-activated DRM tells him he can provide such key; the hardware itself requiring constant online connexion to ensure it’s “authorized”, and including yet another layer of keys in hardware.

      There’s been progress toward this kind of things. At every step, people warning about the risks are seen as lunatics. SecureBoot preventing booting a custom kernel? No problem, microsoft will sign your keys. TPM not delivering keys to non-trusted kernels? No problem, just don’t use it (and don’t get the keys, obviously). UEFI requiring digital signature to be flashed? It’s for your safety, but we won’t give you the keys or it would defeat the purpose. Embedded CPU inside your CPU running opaque code on every operation you do? Trust me bro, there’s no problem here.

      Sure, opensource (or even just open at this point) alternative will most likely remain available as a niche, but once all major services that people want requires such a chain of control, the vast majority of people will gladly flock to locked-down system. Heck, it’s already happening. Nowadays I can’t even log into my bank website without a trusted iOS or Android device. The “free, open” alternative will be rare, expensive, and only work for people that cares. Which is not too much sadly.

      • cley_faye@lemmy.world
        link
        fedilink
        arrow-up
        16
        arrow-down
        1
        ·
        1 year ago

        The web is already decentralized. Always was. It’s the people that want centralized services for convenience, and some of these services have valid reasons to be centralized. Web3 have nothing to do with any of this.

        • JackGreenEarth@lemm.ee
          link
          fedilink
          arrow-up
          4
          ·
          1 year ago

          Domains aren’t, and that’s a large part of the web. ICANN, a single company, controls all domains, and you have to apply to be a registry with that one company, and don’t get me started on ‘premium’ domains.

          • Caoldence222@lemmy.world
            link
            fedilink
            arrow-up
            1
            ·
            1 year ago

            ICANN is at least a nonprofit, and theoretically controlled by multiple stakeholders. And it doesn’t really hold all the power from a technical perspective, their power only works as long as all the global network operators comply with what they ask. They are a coordinating body more than anything

        • MajorHavoc@lemmy.world
          link
          fedilink
          arrow-up
          2
          ·
          edit-2
          1 year ago

          They’re talking about piracy.

          And if the only choice becomes between privacy and piracy, well, I can’t be saying which I would choose, matey. Avast!

          Edit: To be clear, I be a sailor of the highest moral fibre - not inclined to pillaging, or looting. But each new DRM thingamajig sets me a wee bit more sympathetic to them what do.