I'm really sorry, I usually respect your opinion, and I really want to keep it this way. But this is FUD and conspiracy theory level of thinking. You've convinced yourself of a narrative and are literally grasping at straws to try and make the reality fit that narrative.
-
-
Reality: Google and Microsoft aren't pushing for App Store like solutions on Windows. Google has literally no stake in that argument, Microsoft has an App Store and it's basically abandoned.
1 reply 0 retweets 0 likes -
Reality: Even *if* they were trying to push for an App Store solution, wtf, do you really think the way they would go at it is "add a bypassable warning when downloading bins that have never been seen on the internet"? Look at Apple for how companies with that aim operate.
1 reply 0 retweets 0 likes -
Apple wants to push an App Store on MacOS, so they: 1. Started requiring developer registration, annual fee, and code signing. Years ago. 2. Started mandating binaries pre-upload (notarization) and stamping by Apple. Why would Microsoft follow such a long winded road?!
1 reply 0 retweets 0 likes -
You've also convinced yourself that it's a "they want us to pay, to take a fee!" Reality: code signing doesn't help the problems you've been having. All sources on the internet say so, and you've told me before you're doing it basically to feel like you're doing something.
1 reply 0 retweets 1 like -
There is an obvious interpretation of facts you're refusing to see, even though multiple people have told you about it before. Client side security is hard, and the cost of a false positive on a mostly technical population (like emu users) is nothing compared to false negatives.
1 reply 0 retweets 1 like -
You're not seeing the thousands of infections/cryptolockers/identity theft malware being prevented every *day* by the technical measures you're complaining about. I have seen these numbers, they are absurd.
1 reply 0 retweets 4 likes -
Are there better solutions that could be implemented? Maybe. I'm not sure. Microsoft and Google are pretty much the state of the art in terms of "what works" -- you can't really study this in experiments very well, it's an adversarial game with billions of users at the center.
1 reply 0 retweets 0 likes -
Replying to @delroth_
Running binaries should be less dangerous than it is, but fixing these problems leads to other issues perceived as conflict of interest. Manifest v3 and webRequestBlocking are a perfect illustration of why it’s an uphill battle, in my opinion.
1 reply 0 retweets 0 likes
I'm still not completely sure how I feel about these. I get the intent, but they're also not really trying to work very closely with the impacted developers/extensions to close the coverage gap (or maybe it's the other way around?). The current situation is insane though.
-
-
Replying to @delroth_ @septajohn
Chrome Extensions are a one-click install of a remote-updateable software component that can: - Intercept and log network requests - Read your cookies (!) - Send that information to the internet. I'm kind of amazed at the Chrome T&S folks for keeping that under control so far.
1 reply 0 retweets 2 likes -
Replying to @delroth_
The optics of v3 were undoubtably poor, but I suspect it was taken a bit out of hand - if i am not mistaken, the change would’ve put request blocking on par with Safari, although I think it had less proposed block rules (same order of magnitude.)
0 replies 0 retweets 0 likes
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.