this post was submitted on 22 Jul 2023
2603 points (99.2% liked)

Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ

54500 readers
896 users here now

⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.

Rules • Full Version

1. Posts must be related to the discussion of digital piracy

2. Don't request invites, trade, sell, or self-promote

3. Don't request or link to specific pirated titles, including DMs

4. Don't submit low-quality posts, be entitled, or harass others



Loot, Pillage, & Plunder

📜 c/Piracy Wiki (Community Edition):


💰 Please help cover server costs.

Ko-Fi Liberapay
Ko-fi Liberapay

founded 1 year ago
MODERATORS
 

looks like rendering adblockers extensions obsolete with manifest-v3 was not enough so now they try to implement DRM into the browser giving the ability to any website to refuse traffic to you if you don't run a complaint browser ( cough...firefox )

here is an article in hacker news since i'm sure they can explain this to you better than i.

and also some github docs

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 10 points 1 year ago* (last edited 1 year ago) (10 children)

Question: Firefox renders certain DRM content in containers. Would that be applicable here? (Run unmodified site in container in background, load site content from that to user, and direct the attestor to the container so that the user can modify the site on the front end)?

[–] [email protected] 5 points 1 year ago (3 children)

The point of this is so that the user can't modify the site at all, despite what the proposal might say. Their goals and non-goals are contradictory.

Running this content in a container will not protect you. Just don't even try to adapt to it. Reject it completely.

[–] [email protected] 4 points 1 year ago* (last edited 1 year ago) (2 children)

NO, that's not the case.

it doesn't prevent that. did you read that misleading post? All it checks is thay you're running a drm-compilant browser by providing a special token (signed by your device's id and real name from google account) which can be verified by the server.

of course that means that Firefox users will get a worse experience (more captcahas, or get completely blocked) on websites that use this new api.

[–] [email protected] 6 points 1 year ago (1 children)

okay, but what's the idea of a "DRM" compliant browser to you?

because with that vague language, it may be one that the DRM basically blocks out any third-party plugins, extensions, apps or systems from reading, modifying, or changing any website code (which is how most adblocks work); setting the DRM flag may nullify any adblocks ability to even see what is going on with the site as it loads, making it useless - essentially turning the web code into a black box (at least to the extensions) that it cannot interact with, modify, read or even may not know exists at all.

It's security that slowly robs people of their freedom to run whatever they want on their system and interact with the information they receive on any level. It's one step for corporations profits, one giant leap backwards for freedom.

[–] [email protected] 0 points 1 year ago* (last edited 1 year ago) (1 children)

no, the "drm" doesn't actually run 100% of the time, invoked only once to generate the key for server to verify. there's no flag or mode to switch into like with widevine.

[–] [email protected] 3 points 1 year ago

I didn't say it does. But for the subject websites, which will be almost all of them eventually, all adblocking or code interactive plugins will be useless.

I can easily see news sites, especially those with any video content, will be impossible to use, because if you look at them without Adblock enabled, they're a mess of ads, it's almost doubtful you can find an article in the page.

This is just laying the groundwork for more unblockable ads.

[–] [email protected] 4 points 1 year ago

you’re running a drm-compilant browser

They also don't want users to be able to use adblockers, that isn't all they're checking for. So this absolutely is the case. Their entire proposal is contradictory.

[–] [email protected] 1 points 1 year ago (1 children)

What I mean is, if the attestor checks the integrity of the site, why couldn’t the unmodified site be ran in a container to trick the attestor?

[–] [email protected] 1 points 1 year ago

Possibly, but it sounds like a pain to work with, if I understand the technical details correctly.

[–] [email protected] 1 points 1 year ago* (last edited 1 year ago) (1 children)

Doesn't not being able to modify it would also imply that the information can not be parsed? Thus this consept falls apart immediately as the information would need to be able to be parsed so that it can be rendered?

[–] [email protected] 2 points 1 year ago

The browser would need to be allowed to parse it, as they're the ones displaying the content; it would imply, however, that adblockers and other extensions would no longer be allowed.

load more comments (6 replies)