IIRC the proposal includes some crypto-handshake verification to make sure the attestor is who it claims to be, so no, apps can't just fake it. Or, if some of those secret keys leak and apps use it, sites won't accept it anymore.
BrioxorMorbide
joined 1 year ago
It still doesn't matter. A website can choose which attestors to trust (if they had to trust all of them the whole thing would be useless), so Youtube can just deny access to the video streams to anything that isn't a trusted browser environment, and anything third party like Invidious, Piped, Newpipe, Freetube... won't be able to work anymore.
eventually there will probably ba a certificate authority alternative to Google
Which won't matter (for access from third-party apps), because to be accepted by websites they need to prove their trustworthiness, so you can't just use a different one to circumvent it.
Unless people mass-migrate away from Chrome-based browsers (basically everything expect Firefox) Google will at one point enable their Web Environment Integrity thing, force all other browsers to enable it too because otherwise a lot of websites will stop working in them, and no alternative frontend will have access to the video streams anymore.
There are some versions on archive.org as well, not sure how well streaming works from there though.
Well, if they implement their web integrity DRM thingy in Chrome and Youtube then that will prevent anything that's not a real approved browser from accessing the website, and with that the video streams. Not only Piped/Newpipe, but anything automated trying to access any website will be automatically locked out unless the website approves of it. New search engine bot? Archiving crawlers? Any type of third party program that accesses some website's content without approval? Dead.
become complacent about solving the primary problems
We have been complacent about solving the primary problems for decades. At this point we should be doing all we can, and if a way to combat the symptoms gives us more time to finally get our shit together and do something useful before everyone turns into doomers giving up because it's too late anyway then I think that's a good thing.
Nice anti-AMD framing so shortly after that latest Zen2 vulnerability.
Somewhat shortened translation:
This mainly refers to jawg.io, the commercial cloud service that serves the basic map. The map itself is 100% OSM data, but the service isn't free. OSM themselves don't offer a vector tile server, not even for editors.
Also, F-Droid gives every app with a hard-coded network dependency the NonFreeNet flag, including e.g. api.openstreetmap.org.
They're discussing a new anti-feature like SiloedNet for such cases, because at the moment NonFreeNet is pretty useless, e.g. a Wikipedia reader gets that flag too.
Can it show each core's frequency? Or is there anything other than htop that can do that?