Google's new remote attestation scheme is as terrible as old scheme
2 days ago
- #digital-privacy
- #enshittification
- #remote-attestation
- Google's new remote attestation scheme, like its old one, threatens user privacy and control by requiring devices to disclose configuration details to websites.
- Remote attestation allows web servers to deny service to users based on their device setup, potentially blocking ad-blockers, tracker-blockers, and accessibility tools.
- Google's history includes antitrust cases for monopolistic behavior, such as bribing Apple and imposing restrictive practices on app vendors and advertisers.
- Android, initially marketed as open, has faced criticism for surveillance practices, with data collection occurring frequently, even when devices are inactive.
- Alternative Android versions like CalyxOS and GrapheneOS offer privacy-focused, de-Googled options but face technical and commercial barriers from Google.
- The public backlash against Web Environment Integrity (WEI) halted that project, but Google's new reCAPTCHA Mobile Verification continues similar attestation efforts.
- Blocking technologies like ad-blockers are essential for user counter-offers against intrusive web practices and for accessibility needs.
- The article links Google's actions to broader issues of enshittification, where platforms degrade user experience to extract more value.
- Cory Doctorow promotes works on enshittification and AI, with upcoming books and events discussing digital rights and interoperability.