Google's Web DRM is Worse than I Thought... - eviltoast
  • BrianTheeBiscuiteer@lemmy.world
    link
    fedilink
    English
    arrow-up
    45
    arrow-down
    1
    ·
    1 year ago

    I was multitasking while watching but I’m pretty sure this is the idea.

    Googles “web DRM” makes it impossible (or extremely difficult) to lie to a website about your browser, operating system, and whether or not you’re human (or a bot). Websites can then use this info to deny access if they decide not to trust any of the info given.

    This could easily be used to suppress the use of open source software which is probably why so many FOSS projects and foundations oppose it.

    • Noah@lemmy.federated.club
      link
      fedilink
      English
      arrow-up
      26
      ·
      edit-2
      1 year ago

      It doesn’t prove you’re not a bot though, only that the request is coming from a ‘genuine device’. You just need to pipe your malicious requests through a ‘real browser’ to get them approved and you’re set.

      • BrianTheeBiscuiteer@lemmy.world
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        How could I browser not know you’re “piping” in commands tho? I don’t know what qualifies as a bot but if input doesn’t come from a keyboard or mouse they’ll probably classify it as such.

        • aesthelete@lemmy.world
          link
          fedilink
          English
          arrow-up
          3
          arrow-down
          1
          ·
          1 year ago

          DRM is easy to evade by those that want to evade it. I read something on mastodon the other day that was saying some cheater hackers are using direct hardware connections to their machines to cheat.

          DRM makes it difficult for Joe six pack to easily pirate, use an ad-blocker, not use one of big brother’s approved devices to get a paltry boner from watching Milf Island on Peacock, but it does nothing to people with the ways and means to get around these things…those evasive maneuvers are often illegal though.

          DRM is a malignant technology just by its very nature, and this has been fought about for decades. But it’s just simply not tenable to protect the content that is being replicated on demand by a customer paying for its replication from being replicated to others.

          Seriously, think about how stupid the above is for a minute.

          • BrianTheeBiscuiteer@lemmy.world
            link
            fedilink
            English
            arrow-up
            3
            arrow-down
            2
            ·
            1 year ago

            Couldn’t agree more. The script kiddies might be out of luck but they’ll just have to go back to side channels like torrents or Usenet where the experienced hackers show off the stuff they stole.

      • fishhf@reddthat.com
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        WEI could require secureboot, so you could no longer modify the OS or Chrome to “pipe” those requests.