looks like rendering adblockers extensions obsolete with manifest-v3 was not enough so now they try to implement DRM into the browser giving the ability to any website to refuse traffic to you if you don’t run a complaint browser ( cough…firefox )
here is an article in hacker news since i’m sure they can explain this to you better than i.
and also some github docs
–>since everyone is confused about this i’m gonna try to explain as best as i could and also clearing some misconceptions:
1# why this is such a big deal ?
if this gets implemented AND it gets widely adopted websites now can refuse to give you content if you are running a non complied browser, remember those website that say “oh you are using an ad blocker so disable it to access our site” they can detect this by various methods but ultimately all of them rely on running a JavaScript into your browser. which you guessed it, its easy to modify and tamper with manually or using extensions
now what WEI-API does is that it can verify the integrity of the web page ( JavaScript/HTML/CSS has not been modified ) and even tell the website what extensions - ad blocker detected no content for you - you are using and what browser you are using - firefox or brave detected no content for you - and do not be fooled into thinking that this can be spoofed. and website owners who think that they are running a business not a charity will implement this.
2#will using firefox save me?
if this gets widely adopted and you inevitably encounter a website that require this ( for your job ,school or your bank ) you have no choice but to use chrome just like when your banking apps refuse to work because your phone is rooted which means that SAFETY-NET is broken
3#why this is a threat to begin with?
this is only viable if the web adopt it so why bother?, well guess what google is famous for making its services very easy to integrate and well documented just look on how easy it is to integrate google analytics and google adsense* into websites and how many of them use it in the internet.
4#what can we do to prevent this?
this is my personal opinion but i think we simply can’t, this not like the reddit incident were very large portion of the user base was upset most people don’t know/care/give-a-fuck about web technologies and how they work.
#and Finally “but google said they don’t plan to use this to fingerprint you (Device ID) or track your browser history or interfere with the work of extensions”
do you really believe that a company like google whose bread and butter is advertising would not make it easier for themselves, a company who has been exposed time and time again for lying and having ulterior motives ( you don’t need to look far just look into what manifest-v3 did )
I can easily imagine this not being a necessary, anymore. Just let the website using this WEI API automatically disable all browser extensions on a WEI-enabled site. Why not, after all? Why should you dictate the traffic you receive on your computer? Why should you own anything?