This is false. Without safetynet users still get Brave's baseline features: ad/tracker blocking, fingerprinting protection, cross-site referer blinding, &c. They even can opt into Brave Rewards and fund their own anonymous donations.
They just can't take 70% ad revshare.
Yeesh!
Conversation
I'm going to reply to my reply. You tweeted that we replace ads in page slots. False. You abused DRM to describe anti-fraud tech that limits only Brave user ads, which are opt in. These are either hugely ignorant errors on your part, or lies. No third way!
1
Replying to
Oh, so it's a problem when I do it, but you can do it. You're trying to make a subtle distinction about what it means to replace ads, and I don't agree with it. It's you that's being incredibly dishonest by misrepresenting my statements as false or dishonest when they're not.
2
I didn't abuse the term DRM. It's the way the term is used among almost everyone that I speak to. I'm hardly the only one using the term to include features like anti-modding / anti-cheat / anti-fraud trying to stop the user from doing something with code on their device...
2
Replying to
This is how I use Twitter. Stop dictating to me how to use the site. You're the one choosing to jump into my feed. If you don't want to talk to me, you have the choice not to engage with me in the first place. If you talk to me, I'm going to use Twitter how I've always used it.
2
Gents, gents - how about scheduling a live recorded discussion on this topic so that we can all learn some useful insights into the world of Brave and DRM without being constrained by Twitter limitations and UX inadequacies?
1
No, I'm sorry. Read eff.org/issues/drm and stop equivocating.
Daniel is mad we use the same native-app-friendly antifraud tech G and FB use and Google and Apple provide. He calls that tech DRM. It does not fit EFF's definition. I'm done.
1
twitter.com/DanielMicay/st
I also certainly don't call attestation features DRM. I'm a fan of using attestation as a security feature to verify and monitor device security. I'm not a fan of using it for DRM. I never said that DRM is evil, but rather that it shows this won't work.
Quote Tweet
Replying to @BrendanEich
That's one form of DRM. It's not the entire picture. Software trying to enforce restrictions on usage and trying to prevent it from being bypassed is what myself and many others refer to as DRM and it includes anti-fraud and anti-cheat mechanisms. To me, that's what it means.
1
SafetyNet attestation is incredibly weak software attestation and easily bypassed, as I pointed out. People have software to bypass it. Eventually, it will likely use the hardware-based key attestation, but that's still not some super strong security feature without pairing.
1
The model of verifying based on chaining to a root of trust is a weak approach. Someone only needs to extract a single batch key from an exploited TEE to bypass it across the board. There are public exploits able to do this.