- cross-posted to:
- programming@programming.dev
- technologie@feddit.de
- cross-posted to:
- programming@programming.dev
- technologie@feddit.de
The much maligned “Trusted Computing” idea requires that the party you are supposed to trust deserves to be trusted, and Google is DEFINITELY NOT worthy of being trusted, this is a naked power grab to destroy the open web for Google’s ad profits no matter the consequences, this would put heavy surveillance in Google’s hands, this would eliminate ad-blocking, this would break any and all accessibility features, this would obliterate any competing platform, this is very much opposed to what the web is.
Can someone explain to me how this is different to the trust system used by SSL Certificates?
I think that the main difference is that with SSL you only encrypt the data, and then you can modify at will(as in making changes to every page your browser renders - ad block, grease monkey like extensions etc. With DRM, you won’t be able to modify the pages at all
I was meaning more in the “trusting Google” sense, how is this different to trusting VeriSign?
This is only my opinion, but basically you cannot trust no one. Having that said, certificate providers make their money by ensuring you will get the page from the server you asked for, and also for the encryption. Ignoring the certificate is possible, since it is the browser’s choice. My point is, SSL providers have a lot to lose by exploiting the certificates for malicious intents(such as modifying the data, or changing to a different host etc) while the DRM of google is by design meant to allow us less freedom with how we use the web.
So i think that you can choose who is less trust worthy by figuring out what they will gain