And the very significant aftermath: the EFF leaves the W3C. The web is now, absolutely without doubt, failing to be open.
Fuck!
We could always hope for a new, more backend-friendly standard to come along (true web applications), but yes, why the fuck W3C…
My biggest issue with all this isn’t the security implications, though, but all this focus on decentralizing websites and pulling in external (and in this case, proprietary) resources to even display the basic content of a webpage.
Install umatrix and try viewing any of these webpages. This is what we’ll be seeing with EME - more third party connections and tracking. (also try to count how many third party failure points they have, alternate domains, fallbacks, and load balancing discounted):
https://www.forbes.com/
http://time.com/
https://slashdot.org/
There are alot of sites who “hotlink” react.js, css style sheet and other, making them completely unrenderable from the main domain alone.
Whats that and how relevant that W3C is?
I assume they do rules, so mainly I’m after, does anyone follow them?
This relevant:
https://en.wikipedia.org/wiki/World_Wide_Web_Consortium
The World Wide Web Consortium (W3C) is the main international standards organization for the World Wide Web (abbreviated WWW or W3).
Things you may have heard of, in which they have the final say:
CSS
DOM
HTML
SOAP
SVG
XHTML
XML
XML Schema
I don’t have time to spare to watch Lunduke, but there is a fundamental dichotomy with the W3C privacy standards within the EME framework.
Firstly, the W3C accept that user-identifiers can and will be used for tracking users, whether they be permanent or unique identifiers. So even with W3C policies on EME, user-identifiers can not be prevented altogether and so user-profiles will be built from device fingerprinting etc.
Secondly, With or without the W3C standard, any industry-based (proprietary) EME modules will continue to inherit the same CDM constraint. Thereby leaving user privacy protections in the hands of company ethics or a percieved user assurance from public trust ie; brands like Netflix who generally try and do the right thing by its users.
There is no need for the EME specification besides lining the pockets of those involved.
"Votes kept secret"
Which means we’ll just fault them all and crucify all equally. Simple.
Well ? Not completely secret.
https://www.w3.org/2017/09/pressrelease-eme-recommendation.html.en#testimonials
A partial list of the shit storm coming our way. Know thy enemy…
It would of been a smarter move if someone would of stayed in and found an alternative method to leak info for the greater good of the people.
Well, time to make a whole lot of disposable virtual machines then.
All hail Qubes!
time to go dark with our own private mesh networks. We’ll create a better internet.
Seconded
Now is the time to buy tinfoil stocks; we’re going to need a lot of hats…
Actually though, it’s about time we took matters into our own hands. Sitting around waiting for someone else to solve our problems isn’t going to help. Just think, we can be revolutionaries without running around in the jungle with AKs!
I guess its time, we try and make a project like this a reality.
OR ? Just refuse to use or deploy the standard. You treat it like the malware it is and block it.
How many of the browsers in widespread use today do you think will be willing to become non-standards-compliant?
That is a very good question and what would happen should such a thing came into common use.
And so the end begins…