- cross-posted to:
- [email protected]
- [email protected]
- cross-posted to:
- [email protected]
- [email protected]
There is a discussion on Hacker News, but feel free to comment here as well.
There is a discussion on Hacker News, but feel free to comment here as well.
This is the best summary I could come up with:
When you tried to access some protected content, a browser supporting the Web Integrity API would first contact a third-party “environment attestation” server, and your computer would have to pass some kind of test.
The company says: “We’ve heard your feedback, and the Web Environment Integrity proposal is no longer being considered by the Chrome team.”
Unlike the web version, which would have been a big step “forward” for invasive DRM solutions, Android already has environment attestation, so it doesn’t sound like this is doing that much.
If you are Spotify or YouTube, you could already block modified devices at the app level before the embedded WebView even boots up, via the Play Integrity API.
Netflix famously demands preinstallation of Widevine on devices in order to show HD content, and problems with the DRM are a common support issue.
The blog post notes that while Android’s WebView system brings "a lot of flexibility… it can be used as a means for fraud and abuse, because it allows app developers to access web content, and intercept or modify user interactions with it.
The original article contains 784 words, the summary contains 181 words. Saved 77%. I’m a bot and I’m open source!