It’s not subscription business models that will be affected by this, it’s ad-supported ones.
The problem is you’re running Chrome now*. Google are in the process of severely restricting the mechanism by which adblockers work in Chrome and its derived browsers - so it’s happening now. The only viable alternative left is Firefox, if Google manage to get this proposal past then there’s nothing stopping ad-supported sites from forcing you to use Chrome or another browser they know they can serve you ads with. Those types of sites are already comfortable with aggressive anti-adblock tech so no doubt they’ll be comfortable with this too.
Switch to Firefox!
* statistically speaking!
Problem is the effort to find a vulnerability and exploit it is often higher than the effort required to patch it. Because by its nature a browser and the server it talks to are internet connected, Google will be able to revoke keys for older exploited versions at will. As long as it’s well-engineered I think there’s a good chance they’ll be able to keep that secure.
Though I’m sure there will be some successful approaches to ad blocking etc but if something like this gains traction it could completely change the internet. If enough people are running browsers like this then sites could effectively be able to kill off competing browsers that aren’t restricted.
I think the key is to not let it happen in the first place, and boycott browsers that implement stuff like this.
The point of the proposal is to allow servers to be sure the software (ie browser) running on the device is what it says it is, and take away the ability to spoof what browser you’re running (which is currently fairly trivial).
So if someone makes a browser that doesn’t allow adblockers and always shows ads, the server can do things like only serve content to that browser.
Eh, I don’t think it’s be a big deal. Slap a giant warning on it, all good. Super common on all sorts of platforms. Anyone trying to claim their encryption doesn’t work because they have a (scarily labelled) option to disable it can be easily demonstrated to be disingenuous.
And worst case if someone does disable it but doesn’t implement their own then their email I just falls back to… the same as any other platform.
They might not want to take the time to build it, but I think what this dude is asking for is a totally reasonable thing.
Right, but what the author is trying to implement is what is generally considered best practice for secure email.
You’re right that what Proton are doing is a compromise that’s reasonable for most people, but the author here is annoyed that there’s no way to turn it off so he can implement best practice E2EE himself.
Ironically he could probably do that with the vast majority of providers that aren’t Proton, so to me it seems like a totally reasonable ask that a self described privacy focused email provider has some way to allow you to implement best practice email security.
I use it everywhere but the search results are… variable. However it’s plenty good enough for most situations.
I still switch back to Google if I’m not finding what I want (using DDG’s !g keyword, which is pretty helpful - just add that anywhere in a search and it’ll send you to Google), but at least I’m only doing that when I’m aware of it.
They use data, just not the data from the customers paying them for enterprise licenses.
Honestly fear of leaking customer data is the only thing that’s kept my work from spunking every single byte of data we have at some LLM service a lazy attempt to come up with a product they can sell with minimal effort. They’re gonna love this shit.