Monopolies aren't a prerequisite for antitrust action, they're the failure state when you should have acted sooner.
Want to check for DBSC? Enjoy not knowing whether the browser vendor decided to just roll a simple software implementation.
Nothing good comes from browser detection over feature detection anyways. It's time to do away with user-agents and other overt identifying markers, and if we're still not in a better place, aggressively start stubbing features.
* to some degree they still are. Firefox still ships with an user-agent override list for certain websites that have outdated user-agent sniffing for feature detection (and other fixes in about:compat).
At the end of the day user-preference is what dictates which browser is used and how it is configured. Developers will have to deal with what users choose to do on their end.
You can only patronize people for so long before they look for a way around silly restrictions. Trying to keep someone safe by putting up walls, whether the threat is real or imaginary, is pointless when it is in the user's power to trivially defeat those walls - and when extension and browser developers are going to line up to sell them demolition tools (see ad blocking).
Advice is going to go much further than roadblocks, long term.
https://knowledge.workspace.google.com/admin/security/create...
The Org admin can put all sorts of restrictions on who can do what based on the client device setup.
Some IT departments just see a “more secure” checkbox and will always check it, even if it doesn’t make sense holistically- sometimes compliance incentivises (or forces) this behaviour.
A common example is forcing intune/device enrolment for mobile devices (including ipads)- but not for the infinitely less secure laptops: because no such endpoint enforcement checkbox exists
Of course Google is going to suggest using Chrome, if they detect that the browser might be out of date.
The issue presented doesn’t seem to be “an up to date browser check” it seems to be a “is it latest chrome” check, which is a very different thing.
If the organization is indeed enabling a specific check for Chrome that seems a little over the top but they're the ones supporting their users and if they want to make their life easier by only dealing with one browser that's their decision to make. It's like saying that everyone has to use Windows, or a specific line of laptops, or any other standardization to simplify the support workload.
And good fucking luck getting the FTC to follow monopoly law.
1. Make it ridiculously easy to install hardware vendor keys and register it with OS of choice. (like a standardized dialog box in UEFI and a standardized/regulated IPMI-like interface)
2. Allow for only measured boot on those devices.
3. Provided facility to verify signatures.
Do this on consumer and enterprise laptops and desktops alike and all of these weird set of conditions just go out of play and replaced by something much much simpler.
I don’t see why I should give affordances of good will to Google here.
They’re not stupid, they know that this is an effective lever to further cement full-fat chrome as the default browser for the internet.
You can make Firefox pass CAA if you want. You take the Chrome "SecureConnect Reporting" (Context-Aware Access) plugin, port it to Firefox with some light changes, and you can report whatever you want to CAA.
Your corporate serfdom is not in question, but I disagree with that notion too.
There is zero problem here guys.
I absolutely see many problems with this and you really ought to as well.
If course the reverse can also be argued, for example that Firefox supports proper adblocking.
coldfloor•2h ago
squidi•1h ago
michaelmrose•50m ago