If you are Spotify or YouTube, you could already block modified devices at the app level before the embedded WebView even boots up, via the Play Integrity API.
That’s a pretty serious misconception. Regardless of whatever they do with the Play Integrity API, YouTube cannot currently stop me from installing ReVanced or some other app from F-Droid on my LineageOS phone. The idea of this new API is to prevent anything not Google-approved from playing Youtube videos, in a cryptographically secure way.
Nothing that isn’t Chrome will be allowed to use Youtube without implementing this API, nothing that isn’t Google-approved will be allowed to do so, and if it doesn’t make it into Chrome that just means they have other plans for dealing with the problem in Chrome.
… and come to think of it, if this does make it into Chrome (and why wouldn’t it, really? WebView is just another brand name for Android Chrome) it’s going to be difficult to stop any random website using it to refuse service for things that have nothing to do with the intended use case of preventing “media playback” simply by adding some otherwise irrelevant embedded media to any web page and refusing to operate if it doesn’t load. Any site that wants to will be able to verify that you don’t have unauthorized browser extensions, just like the original “Web Environment Integrity.”
They have simply taken “Web Environment API”, changed its name to “Media Environment API”, and launched a massive press campaign to fool half the world into thinking it’s not exactly the same damn thing.
It could. In fact it will make that part of the Web yet another step closer to a bot-populated SEO-infested graveyard where a living human will find nothing useful.
If only my friends would stop using VK to communicate, and my family FB for the same.
SEO-infested graveyard where a living human will find nothing useful.
Hate to say it. But we’re already here.
It’s impossible to find information through search anymore without writing some specific queries. It’s actually getting easier to just ask a chat AI.
the most frustrating part is when I search for a result I know exists, and I know that Google knows it exists, but it floods me with pages and pages of things it thinks I “should” see instead.
Try using DuckDuckGo. It’s not perfect, but I like it a lot more that Google.
I’m too young, but I think I’ve read that we’ve already been there, when expert systems written in Lisp were all the rage, and you would write them questions. Of course, the percentage of humanity to ever see such a system was slim.
This is the best summary I could come up with:
When you tried to access some protected content, a browser supporting the Web Integrity API would first contact a third-party “environment attestation” server, and your computer would have to pass some kind of test.
The company says: “We’ve heard your feedback, and the Web Environment Integrity proposal is no longer being considered by the Chrome team.”
Unlike the web version, which would have been a big step “forward” for invasive DRM solutions, Android already has environment attestation, so it doesn’t sound like this is doing that much.
If you are Spotify or YouTube, you could already block modified devices at the app level before the embedded WebView even boots up, via the Play Integrity API.
Netflix famously demands preinstallation of Widevine on devices in order to show HD content, and problems with the DRM are a common support issue.
The blog post notes that while Android’s WebView system brings "a lot of flexibility… it can be used as a means for fraud and abuse, because it allows app developers to access web content, and intercept or modify user interactions with it.
The original article contains 784 words, the summary contains 181 words. Saved 77%. I’m a bot and I’m open source!
digen
