Web Environment Integrity Must Be Stopped: Enslavement By “Remote Attestation”

“Web Environment Integrity” is a specification being worked on by Google employees and prototyped into Chromium, the open-source core of Google Chrome on which most modern browsers are based (Microsoft Edge, Brave, Opera, Vivaldi, and many others). The short version of how it works is that your browser gets a permission slip from a big tech company like Google, Microsoft, or Cloudflare that certifies whether or not you’re “trustworthy” which websites can use to gatekeep access. It is supposed to help with spam, bots, and fake ad clicks, but the goals laid out by the project are in direct conflict and not possible to achieve as a result. One such goal is “for the web to be usable without this framework” but the entire point of the framework is to lock down the web, so which half will be the one that Google chooses to not achieve?

Let there be no doubt: if Google manages to get this “remote attestation” framework in use on most websites, they’ll have the power to unilaterally lock people out of most of the internet, and website owners will have no way to know that their users were locked out by the “trusted third party” that maliciously “attested” to the user actually being a spam bot to trick them into locking the user out.

Fortunately, the internet has decided to call them out on their nonsense, and in typical central authoritarian fashion, they’ve locked the thread so no one can keep burning them publicly on their own absurd proposal.

Leave a Reply

Your email address will not be published. Required fields are marked *