this post was submitted on 03 Sep 2023
316 points (95.7% liked)

Technology

58142 readers
4246 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
316
Apple already shipped attestation on the web, and we barely noticed (httptoolkit.com)
submitted 1 year ago by [email protected] to c/[email protected]
86 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 6 points 1 year ago (3 children)

Ok, so I will not use them. This is acceptable to me

[–] [email protected] 25 points 1 year ago (2 children)

You’re using two right now lol.

Both Kbin and Lemmy world use Cloudfare as their CDN.

[–] [email protected] 7 points 1 year ago (1 children)

If an instance enforces this, welp, I'll use a different one.

[–] [email protected] 1 points 1 year ago (1 children)

It wouldn’t be an instance. It would be their CDN. And your browser.

And any instance of significant size is going to have a CDN to help deal with the DDoS attacks and bots. Hell I would bet that outside of very carefully curated instances, all fediverse instances will start using CDNs here soon just because of bots.

And chances are they will use cloudfare or Fastly.

But there’s nothing to “enforce”. It’s not a “you must be attested or you can’t access” it will be “if you’re not attested you will have a captcha shown for most things”.

Cloudfare already does this. If your browser looks suspicious, and the website you’re visiting using cloudfare as a CDN, you’ll be redirected to cloudfare to enter a captcha before they’ll let you into the site.

Attestation removes that captcha part using a token generated by your device and validated by the maker of the browser you’re using. So you’d never even see the redirect at all, it would just take a second or two longer to connect.

People using heavily modified machines or browsers wouldn’t be attested and would have to enter a captcha. That’s about it.

[–] [email protected] 1 points 1 year ago (1 children)

The captcha is a good compromise.

[–] [email protected] 1 points 1 year ago (1 children)

It is. Until you have to enter a captcha for every redirect. Then it will get real annoying.

[–] [email protected] 1 points 1 year ago

Then I won't use those services if I get to that point. Like with the cookies. For the most part, I get out of my way to reject all cookies and "legitimate interest" requests. But sometimes I just don't want to do that and say "fuck it" and go somewhere else.

[–] [email protected] 4 points 1 year ago

I don’t have any problem accessing them, which was my point

[–] [email protected] 10 points 1 year ago (1 children)

If you're gonna make a conscious effort to not use cloudflare and fastly you might as well quit the internet altogether. You use those things all the time, mostly without even realizing it.

[–] [email protected] -4 points 1 year ago

I realize exactly how much I use them, reread what I have written.

[–] [email protected] 3 points 1 year ago

Right. It's sort of like a paywall site. I simply find what I need elsewhere.