Comment on If Google succeeds with the new DRM policy, will that affect functionality of browsers like firefox which uses a different engine?

<- View Parent
joe@lemmy.world ⁨1⁩ ⁨year⁩ ago

I have a weak grasp of this, but a developer working on this responded to some criticism.

If the developers working to implement this are to be believed, they are intentionally setting it up so that websites would have an incentive to still allow untrusted (for lack of a better term) clients to access their sites. They do this by intentionally ignoring any trust check request 5% - 10% of the time, to behave as if the client is untrusted, even when it is. This means that if a website decides to only allow trusted clients, they will also be refusing trusted clients 5% - 10% of the time.

The relevant part of the response is quoted here:

WEI prevents ecosystem lock-in through hold-backs We had proposed a hold-back to prevent lock-in at the platform level. Essentially, some percentage of the time, say 5% or 10%, the WEI attestation would intentionally be omitted, and would look the same as if the user opted-out of WEI or the device is not supported.

This is designed to prevent WEI from becoming “DRM for the web”. Any sites that attempted to restrict browser access based on WEI signals alone would have also restricted access to a significant enough proportion of attestable devices to disincentivize this behavior.

Additionally, and this could be clarified in the explainer more, WEI is an opportunity for developers to use hardware-backed attestation as alternatives to captchas and other privacy-invasive integrity checks.

source
Sort:hotnewtop