Why do you think they don't have consensus or approval from all the people that matter? This is far too big for that. Google, Apple, Microsoft, Cloudflare, etc, are all working together on this. Governments will like it for 'security', and 99% of users won't care.

i find this comment a bit funny given that you use googletagmanager on your website :)

Good suggestion, did that, thank you.

I like this idea, but has Mozilla said anything about their position in all of this? I'm a Firefox user, but I haven't felt great about Mozilla in quite a while. I'd love to know they are on the right side of this issue before I start promoting them like this.

> It only appears on Chromium-based browsers.

Small anecdote: I am not sure how you're detecting the browser, but this note still appears in Orion (webkit-based browser) while it does not in Safari. Persists even when I change user agent explicitly to Firefox or Safari.

For people who want to put something like this, here is the code snippet:

  <span id='browser' class='hidden'>
    This website is designed for <a target='_blank' rel='noopener noreferrer' href='https://firefox.com/'>Firefox</a>, a web browser that respects your privacy.
  </span>
  <script>
    if (window.chrome) {
      document.getElementById('browser').className = '';
    }
  </script>

  .hidden { display: none; }

I don't think most people know the difference between Chrome or Firefox and if they can still use websites they use with that change, they just won't bother.

Even if you explain what is the difference, 99% they'll forget the next day.

It's just pointless. With this kind of overreach, only government intervention and regulation can help. Google is not something you can go against with your proverbial wallet - they are too big.

The issue with that is that most people here will only have their own website or product, which is already aimed at more tech-savvy people, who will already have made a conscious decision to use Firefox, Chrome, or whichever browser they prefer.

But we / this site only represents a small percentage. 85% market share means there are hundreds of millions, if not billions of users that would have to switch to make any kind of impact.

And you can't do that without being a very large company with an operating system or the most popular search engine or other ways to constantly tell people to use your browser, no matter how good or privacy conscious or whatever your own is.

This advice has strong 1998 vibes.

> Google needs to be broken up.

Not going to happen. Rationally there should be broad political consensus about cutting Google back to size: from rabid libertarians worshiping the miraculous abundance generated by 'competition and free markets' to bleeding-heart socialists keen on pushing back corporate power as the root of all evil.

Alas, these political categories no longer have any meaning. The US political system has mutated into something else (the messenger being a horned man) which will probably require some time to properly characterize and name using terminology that is appropriate to use in good company.

So the fate of Google will be more shaped by actions of external entities than as part of US regulatory efforts. Powerful countries that antagonize the US are simply degoogling and creating their own copycat panopticons.

The question is what will be the course of action of powerful countries that are alies of the US (i.e. Europe and a few others). Will they accept that their digital society will be feudal in nature because the broken US political system cannot deliver on even basic responsibilities?

Don't forget, increasingly transport, you won't be able to get a taxi in SF soon without being monitored / tracked by Google.

What would it mean for Chrome to be spun-off into a separate business? How would it survive?

Google broke itself up in 2015. What are you even asking for here?

Chrome and Android are open source, and there are several forks of both thriving in the ecosystem. Yeah it would be cool if there was a decent open source alternative to GMail and Drive, but no one else seems to have figured out how to get the incentives right for something like that.

Why should the US break up an asset like Google? Would be completely self defeating. This isn't like standard oil or at&t, that mostly had influence and market share inside the US. It would basically be handing power to foreign competitors who would pounce at the opportunity

And I'm not American so it's not even some sort of patriotic comment. If Europe , or anywhere else, had a Google sized Behemoth, they wouldn't mess with it no matter how 'anti tech' they might seem now. If anything they are anti tech because they don't want foreign big tech to have massive influence over them. You'd bet they wouldn't cripple big tech if they were European. On the other hand, as long as they are American that massive power is a feature, not a bug for the US government.

The reaction to Tiktok is a good example of how nationalism/geopolitics shape the reaction to big tech, which is why google is probably safe.

[flagged]

> Google needs to be broken up.

To make it explicit: the only way this happens is by Americans voting for it. The FTC has been more active on anti-trust issues in the past two years than at any time in the past 30. That's a direct result of the 2020 election. Elections matter.

That would be a desirable action but look what happen in the end of 90s to Microsoft. It was about to be broken up and in the very end it didn't. They become dormant and polite only to strike back some 10 years ago with Windows 10, its telemetry, ads and cloud services which are being pushed onto users whether they like or not. And somehow, no regulators decided to step in to clean up this company's behavior - everyone seems to be ok with what MS is doing. Whether it's the US or EU. I take that the business and lobbing goes extremely well in both markets.

And because of this, I don't believe that the US is able to break Google or the other flagship companies despite of reasons existing for such action.

The whole narrative about WEI 'proving' you're a human is completely false (and I'd argue a ruse). It only proves you're using a sanctioned OS and browser binary. It does nothing to stop robots being wired-up to devices w/ emulated inputs.

In fact, WEI will make it easier to use a robot w/ a sanctioned software stack since, hey, it's a 'human' per WEI.

> The web stopped being open when W3C accepted EME

The web was more open when to play those videos you had to use a proprietary Flash or Silverlight plugin?

And what happens when website owners decide supporting Firefox is not worth it?

You mean Brave

Firefox' killer feature on mobile is that it supports uBlock Origin, while Chrome doesn't. Browsing the web without it is horrible -- the screen covered in popups with tiny Xes. There's a decent fraction of the time that you can't even read the content underneath. Firefox solves all that.

However.

Try opening any article from The Guardian on Firefox mobile. Even a good phone will start feeling sluggish and laggy and weird. An old phone will just go catatonic, get hot, and OOM the whole browser.

Surely this is partly The Guardian's fault. (Should it surprise me that the paper that poses 'left' for the upper middle class is also incompatible with any but corporate software from Big Tech?)

But it's also definitely Firefox' fault too. Something is wrong with the implementation. If Chrome can render these sites smoothly, Firefox should be able to.

Firefox would only have an excuse if Google had some special APIs on Android, or were doing something to actively sabotage the Firefox experience. I'm not willing to get quite that paranoid yet.

There are some other browsers, but who the hell wrote them? How much of what you see in the app store is legitimate open source, and how much is OSS that some opportunist put their own trackers into? I'd love a good alternative, but I don't see a lot worth trusting.

So it's Firefox for most things, and Chrome when Firefox gets all slow and laggy. Or, Firefox for news articles, and Chrome for businesses' websites.

Obligatory mention of WebKit/Safari.

[flagged]

Unless you're already using Safari.

Exactly. I use Firefox for everything. It renders all the pages fine and is speedy enough so that I never question its performance. But even if it had some issues, those were minor compared to the danger the web is in now.

I suppose this is more important.

When the usage metrics drop for Chrome based browsers they would need to start respecting other users, instead of just ignoring them.

Currently they can just ignore the users and continue as they do. As the rest would not hint a dent on their bottom line.

We detached this subthread from https://news.ycombinator.com/item?id=36876504 since that thread broke the site guidelines and this one didn't.

Who has been mismanaged for at least a decade and depends on Google to pay their bills..

I'm a FF user since the early 00's and Firefox will mostly not go away because Google has an interest in using it against monopoly accusations but the reality is bleak..

And the reality is these people ( Google in this case ) are so far removed from any moral compass about the Web ( at least what most people here think of 'the Web' ) that it's near impossible to do anything about it. These companies are huge and from top to bottom there are certain groups that are hired guns to do a job, no matter what 'job' it is, they'll do it, achieve those KPIs, get promoted, get paid. Even for their own detriment in the future, it doesn't matter. Big money now, screw the rest.

Btw, this is how every big company operated since forever, the only 'news' here is the disproportionate impact their acts do to the World due to their huge size and influence.

Until Google Search starts punishing sites that don't require a trusted execution environment...

Before doing this, Google was careful to make it as difficult as possible to build a replacement for Chrome. Apple struggles to make Safari capable. Mozilla struggles to make Chrome-first websites work in Firefox. Building a new browser is a Herculean task.

Pragmatically, I'm hoping that a Chromium spinoff like Brave (or Edge!? Could MS be the hero we need?) will turn the privacy switches on, WEI off, and get enough market share to make WEI infeasible.

We already have one, and building a browser is a nightmare.

No, not at all. Search 'remote attestation' and 'safetynet'.

Edge is based on Chromium now, has been for years. Wouldn't be a leap to have TPM enforcement here too.

> That's not to say we shouldn't oppose this feature, I just wouldn't be up in arms about an implementation existing.

People aren't up in arms about the process by which web standards become accepted; they are up in arms about this standard moving forward at all because of its dangerous implications for the web and it's outright user-hostility.

No serious business is going to block the majority of their traffic

If you want to protest the knife we're driving into your stomach, you can do so, but we need to see credentials and civility.

Limiting posting and asking for civility is the only way for individuals to meaningfully engage with even a mere thousand others. Nothing about the human mind was meant for social internet at the scale of the internet, where there are more distinct voices than you have heartbeats in a lifetime.

Also worth noting that this locks reactions (thumbs up, hearts, etc.) - providing plausible deniability that 'only a small number of people raised concerns about specificTopicX.' Journalists should be more aware of this!

On a separate note, for journalists and others who wish to communicate with the spec's author directly, his public website (which lists a personal email) is one of the other repos on the Github profile under which the specification was published. It's painfully absurd that he wrote this sentence in 2022 [0]:

> I decided to make this an app in the end. This is where my costs started wracking up. I had to pay for a second hand macbook pro to build an iOS app. Apple's strategy with this is obvious, and it clearly works, but it still greatly upsets me that I couldn't just build an app with my linux laptop. If I want the app to persist for longer than a month, and to make it easy for friends to install, I had to pay $99 for a developer account. Come on Apple, I know you want people to use the app story but this is just a little cruel. I basically have to pay $99 a year now just to keep using my little app.

[0] https://benwiser.com/blog/I-just-spent-%C2%A3700-to-have-my-...

"Please be civil while we destroy the web as we know it. We also put earplugs in, just in case."

>I realize this sounds like a cop out, and that getting people to use such a thing in sufficient numbers would be extremely difficult.

In the last few days browsing Fediverse platforms I prefer the smaller communities for that old internet spirit anyway.

One problem I find is that all that we do is in a bubble. I can convince a dozen like-minded people about the dangers and actions to take. However, the vast majority of the population is completely oblivious to all this and are negligently complicit in enabling bad behavior. This sort of things need to be discussed on the streets and in mainstream media (not tech media) for regular people to become aware. Remember that during the previous browser wars (IE vs Netscape), it was much more in the open and a lot more people knew.

I do not agree with configuring apache and nginx to do that by default, unless WEI would somehow prevent a server that doesn't understand it from working properly (as far as I can tell, that is not the case). (A system administrator could still change the configuration; this is only about the default setting.)

However, I think the other stuff that you had mentioned would be OK.

Furthermore, a distro maintainer could configure clients by default to disable WEI (or to not include client programs that have WEI).

Yes, because a feature flag shows intent to implement it before any real discussion have taken place with privacy and non-corporate security advocates.

> Is adding a feature-flag really the same as pushing the feature into the browser immediately?

'Don't mind me guys, I'm barely boiling the frog.'

When was the last time you heard Google or anything Google-related backing down from getting their paws in deeper? It's no longer a fallacy when there's a sign next to the slippery slope.

> Is adding a feature-flag really the same as pushing the feature into the browser immediately? It can easily just be part of a SWE needing the flag in place in order to continue work without impacting anything else, even if that thing never ever launches.

Yes, because that's a such anti-consumer issue. It shouldn't exist in the first place, it should never be merged to master. There's no reason to not keep it on a separate branch if you don't intend to use it.

Companies don't usually make a habit of having their employees work on something they don't intend to pursue.

[flagged]

What you think they push the flag without the intention to make it happen?

Break it up. Break them all up. We need more disruption, not this codswallop.

I admire your optimism. Don't know about the others, but I'll be surprised if UK one would lift a finger. They are beyond useless.

A customizable form letter would be nice to have, if anyone wants to jump on that. I'm not a great writer in that respect.

Great suggestion, I did so just now.

Canada: - https://www.competitionbureau.gc.ca/eic/site/cb-bc.nsf/frm-e...

Thank you so much for your call to action; just emailed [email protected].

For any experiencing barriers for writing the email, my method is below; Bing Chat generated an excellent email that only needed a bit of editing.

1. Open https://vivaldi.com/blog/googles-new-dangerous-web-environme... page in (ugh) Edge.

2. Open Bing Chat sidebar (top right corner); it auto-summarizes the article.

3: My prompt: Using the that webpage summary, please write a letter reporting Alphabet for antitrust violation. Please include the following [this language is from the ftc.gov site]:

Q: What companies or organizations are engaging in conduct you believe violates the antitrust laws? A: Alphabet

Q: Why do you believe this conduct may have harmed competition in violation of the antitrust laws? A: [use the article]

Q:What is your role in the situation? A: I'm a user of the Firefox browser

[edit: line breaks for readability]

Thanks, just emailed the FTC. It was a bit cathartic and now I don't have to be angry about this for the rest of the day, I'd encourage everyone else to do the same.

I think https://competition-policy.ec.europa.eu/antitrust/procedures... would be better for contacting EU antitrust.

Here you can specifically create new antitrust complaints.

Even on Windows, you can do practically anything with a signed driver.

There's just no such thing as verifying a 'secure environment' outside of extremely narrow, controlled scenarios.

Unfortunately Firefox doesn't have a good UI/UX after all.

The last time I checked, multiple profiles support is somehow half-baked.

I was just able to finally move my wife back to Firefox. Chrome just stopped working on her Mac. Wouldn't pull up a page. Everything else worked.

She's now happily using Firefox with a non-hobbled version of uBlock Origin.

I do, and I keep having those tiring conversations, but it's really hard to get the point across in layman's terms. I have enough friends in tech who stick with Chrome out of convenience instead of just falling back on it in case something actually doesn't work in Firefox. how do I convince tech illiterate people of doing this?

[dead]

I've put barely any thought into it but I think a "localnet" would be better. Your usage is entirely based on calculated geoposition and the userbase is segmented into regions based on user count. More than X0,000 users in any one region and it splits to keep things small. This would be a limitation for hosting content. If you want to send a message out to another person in a different region you'd have to make a deliberate effort to do so and it will be private such as a letter would be.

Idk if that would achieve my goals and honestly I can't plainly state what my goals are. All I know is I get tired of privileged California snobs telling me how things should be in my back 40

Stop using it altogether. Use Firefox and contribute to it.

> If not for other reasons, I can't see how Google a search company can be allowed to push something that can kill competition using its market dominance in other areas like browsers.

Because antitrust has been dead for a while. Chrome is a tool to drive people to Google and Google ads and nothing more.

I will say, I did appreciate Microsoft having a browser engine with IE and Edge, even if the former was notoriously a pain, it gave competition in the space. Unfortunately, that's not the case anymore and everything is either Chrome (Blink), Firefox (Gecko), or Safari (WebKit). And it's pretty clear what Chrome has done once that have amassed a dominant market share.

I'm sure there are Googlers who think they're legitimately making the web a safer place, but I think the real reason is pretty clear if you take a birds eye view.

> The current players can whitelist/attest their own clients while categorizing every other scraping clients as bots.

Can't they already do this by having scrapers send plain-old client certificates? Or even just a request header that contains an HMAC of the URL with a shared secret?

Actually, taking a step further back: why does anyone need to scrape their own properties? They can make up an arbitrary backchannel to access that data — just like the one Google uses to populate YouTube results into SERPs. No need to provide a usefully-scrapeable website at all.

Is it possible for them to implement this API in such a way that it will fail 5% of the time or so, making it impossible for websites to deny individuals based on failing attestation?

https://github.com/RupertBenWiser/Web-Environment-Integrity/...

> The current players can whitelist/attest their own clients while categorizing every other scraping clients as bots.

I hadn't really considered this. In a roundabout way, is there a process for this to be rejected on grounds of 'fair use' limitations?

How would this work against scrapers that are based on driven anpproved browser instances, eg. something like Selenium?

As someone that isn't up-to-date on WEI, can someone provide a TLDR of what it does and why it's bad?

> The whole thing in itself is evil, and it needs to be thrown out.

Not only the proposal, but Google itself. Google desperately needs to be broken up.

> This proposal is just so throughly user-hostile that it's impossible to criticise it based on technical grounds. It's not a bad proposal, it's a dangerous, evil and malicious one, so criticising it in details is futile.

I can't agree more strongly. I sat down to write a letter to the FTC, and I can't even articulate my objections because after reading this spec my only response is encompassed in 'WTF is this shit?'. I've worked in my past with members of the Chromium team and I've generally found them competent and well-meaning, and I can't see any amount of well-meaning (and some lack of competence) in this spec proposal. This feels like a shift in the behavior for Google far beyond their existing slow drive to consume everything, to something far more draconian and direct.

Agreed - if anyone else is curious to see Google's 'side' (motivations, technical or otherwise), here's the explainer:

https://github.com/RupertBenWiser/Web-Environment-Integrity/...

It's nakedly user-hostile. A blatant attempt to invert the 'user agent' relationship such that the agent works for the advertiser/corporation/government to spy on the human behind the screen. The way the intro paragraph tries to disguise this as something users need or want is frankly disgusting:

> Users often depend on websites trusting the client environment they run in. This trust may assume that the client environment is honest about certain aspects of itself, keeps user data and intellectual property secure, and is transparent about whether or not a human is using it. This trust is the backbone of the open internet, critical for the safety of user data and for the sustainability of the website's business.

Ugh. Here's a fixed, honest version:

Corporations like Google often depend on advertisers knowing as much as possible about their users. Their revenue may depend on fingerprinting the client environment, tracking their behavior and history, and attesting that a human with sufficient disposable income is behind the keyboard. This personal data mining is the backbone of Google's business model, critical for their continued dominance of the web and for the sustainability of their enormous margins.

How is this feature hostile to Googles users? There is genuine benefit from websites allowing you to do more things via their website (vs their app). Also: fewer/no Captchas, fewer bots on social media

The platforms most people use will see benefits. Apple users apparently already do.

I understand the argument that the open source experience will get worse. But frankly, google.com will still work for you. It will be other websites that make your experience worse.

Like any technology, there are both positive and negative aspects of it. The positive take would probably be that this technology is already widely used by iOS and Android apps. People use Apple's AppAttest to e.g. ensure that high scores submitted for a game are from a legitimate copy of the game and not just someone calling the SubmitHighScore API.

But it's absolutely fair to argue that the web operates on a different set of expectations than the Play Store/App Store, and I think the concerns that this will create a second-class citizen status for browsers are totally valid. There's a huge difference in character between 'in order to prevent piracy and ensure ad revenue we are only releasing our app on the Play Store' and 'we are only releasing our web app for Chrome'.

It's like having the "I'm not a robot" button embedded in your web browser.

WEI turns non-compliant browsers into second-class citizens. You're perfectly free to use whatever compliant browser engine and OS combo you like today – but in a world with WEI, you'll have to use Approved Chrome on an Approved OS on Approved Hardware with Approved Signing Keys, or you won't be able to sign into your bank.

It's a change to the browser that gives site-owners the ability to require a positive attestation of non-modification before running. The stated goal of this change is to make it more difficult for end-users to block ads. As the spec states, blocking ads violates the deal you make with content creators to use your attention to ads as a form of payment.

In practice, this will make it harder, but not impossible, to run ad blockers. Now instead of just finding and installing a plugin, you'll have to first find and install a forked browser that implements the attestation as something like 'return true'. This will predictably decrease the number of people blocking ads.

Personally, I don't object to this. The easy solution for most people is simply: don't consume the content. Or pay money instead of watching ads. Content creators, it must be said, also have the option of self-hosting and/or creating content as a hobby rather than a career. As someone who has grown more and more despairing of any paid-for speech, especially by ads, I welcome this change.

Far more troubling is the possibility of attestation for 'important apps' like banking or government. In general this mechanism gives the org a way to prevent you from doing what you want with your data. For example, they can prevent you from scraping data and automating end-user tasks. This takes away your degrees-of-freedom, and using a modified browser will certainly become an actionable offense. In my view this is by far the more troubling aspect of this change, since it take away significant aspects of user autonomy in a context where it matters most.

Technically sophisticated users will note that it's not possible to secure a client, and foolish to try. This misses the point. These changes stochastically change behaviors 'in the large', like a shopping center that offers two lanes in and one lane out, or two escalators in and one out. This represents a net transfer of power from the less powerful to the more powerful, and therefore deserves to be opposed.

EDIT: please don't downvote, but rather reply with your objection.

To put it simple, it makes it possible for service provider to reject providing service to clients not running corporate-owned white-listed clients. Thus making it virtually impossible to create independent clients for such services.

It will be swiftly adopted by well meaning but clueless bank and government clerks who will accidentally use to lock all open hardware, open operating system, open browser users out and mandate you need to purchase at least one locked down corporate device to exist.

It's the trusted computing story all along. Eventually you will need permission to run your code on your own device and such 'unlocked' device will be blocked from accessing any digital infrastructure because it might be otherwise used to breach ToS.

ELI5: Server: Are you a real user capable of viewing ads? Client: Hmmm, not sure. Server: 404

This is about WEI, Web environment integrity. The article below sums it up pretty good.

'The proposal suggests that websites should be able to request an attestation from the browser about its "integrity". Such attestations are to be provided by external agents, which – presumably – examine the browser and its plugins, and issue an approval only if those checks pass.

The attestation is sent back to the website, which can now decide to deny service if the agent did not give approval.' [1]

1. https://interpeer.io/blog/2023/07/google-vs-the-open-web

In other words, websites can now force you to comply with their shitty behaviour in order to allow you access, otherwise you get denided access.

The guy seems to have deleted most of his social accounts. Clearly he values privacy for himself, just not for everyone else.

This is especially surprising coming from a Linux user who presumably understands the desire to have a device that runs code one can read, write, compile, execute, and share freely and without needing to receive approval from a Big Tech gatekeeper.

My understanding is that Ben gets his paycheque from Google.

I don't think it's double-think, it's just a lack of consequential thinking. I believe the writers of the spec when they say that they just want to be able to see which ad views are real or not. They even lay out some (far too weak) ideas to keep the system from being mandatory and abusable. But they don't realize just how quickly things will go out of hand once the rest of the organization realizes what they have created.

The road to hell is paved with good intentions.

It's proven that mass marketing works. Tell me how a minority of informed and caring users can avoid on their own that a single large scale bad actor pours millions over millions of dollars to convince the uninformed masses about whatever they want. It even happens in actual elections when some factions use misinformation campaigns to alter the average voter's perception! So not an easy task to solve without help.

One of the things that led to Google's current dominance is folks like us (certainly me, at least) pushing folks to replace their default IE installation with Chrome as soon as they set up a new computer.

I hope, pragmatically, something similar might happen with this: say that Brave (my daily driver) disables WEI in their Chromium build, and a new Chromium-derived browser surges in popularity... like judo, using their own power against them.

That colourful internet of yore coexisted with doing your banking at a bank. Now, banking has largely moved online and banks have eliminated a lot of their physical locations. Ditto for accessing government services in many countries. The concern here is no longer being able to do important everyday things without using a supported browser, even if a small hobbyist internet for nerds, freaks, and outcasts survived out there.

[dead]

Yeah, financial and social pressure is basically the only weapons we have against corporations when regulations don't exist. And honestly, financial pressure doesn't work at this scale or in this case.

All they'll have to do is make a pronouncement of support for some trendy social issue and everything will be forgiven and forgotten. Virtue signaling has turned into the most effective corporate tool for manipulating society into allowing corporations to do almost anything they want. And the public's addiction is so strong that even when this is pointed out and agreed that it is happening, the addiction still must be fed, so corporate sociopathic parasitism on society continues with the joyous approval of society in general.

Indeed. Negotiations have already turned out to be completely ineffective. The next step is war.

Cory Doctorow came up with the phrase 'The War on General-Purpose Computing', which describes the situation perfectly.

Is https://github.com/RupertBenWiser/Web-Environment-Integrity/... the best place to shame?

[flagged]

The battle is already lost legislatively.

Multiple US states, France, Germany and the UK are going to make the web unnavigable unless you type your credit card number or scan your face for age verification in two out of every three sites.

We are going to need to at least try to create ways to secure those credentials in as zero trust model as possible.

(Note that the legislation is a disaster, but it is done. Nobody paid enough attention. It has passed or will pass in weeks.)

It won't do anything. You don't think they've anticipated random angry outbursts going into this? Plus, the people you're harassing are simply implementing a policy that they don't have the power to change.

The only pressure that Google has been shown to consistently respond to is political. Get a couple of senators (... of the right party) to send them a mild rebuke and they will indeed retreat a little (... and try something else later). But that's a lot harder than posting angry comments until the next piece of outrageous news comes along, isn't it?

Has anyone compiled a list of those pushing forward and/or working on WEI?

I don't like Google's grasp on so many vital parts of the web but somehow, it seems like google is actually in trouble.

AI is going to completely change search if it hasn't already, and google is not even close to compete in this space.

Video has some massive competition from the likes of TikTok. Anyway, YouTube isn't the only option on the market.

Gmail is still popular but since google has been pressuring users to pay, it's been easier than ever to find a reason to try another service.

Chromium can always be forked and have some parts removed or added, and as we all know quite a few browsers do this, some are quite popular.

Is google also losing IOS ads like Meta? If they do, that's another reason for alarm for them.

I'm not sure google is in the best position for the future and WEI is not going to be their golden ticket either.

And, if your prediction that web will change actually comes to pass, well then it'll be just another cycle for this space that has changed countless times since the age of dialup. The web is going to change, again and again, but as long as people are still free to set up a server and let the world access it, we can still do what we like with it.

That sounds entirely unhelpful. They can just close the issue tracker + people will obviously just move on. This sounds like the Reddit 'blackout' that did nothing and is already forgotten.

What we really need is for the collective browser vendors to refuse to implement this and, if Chrome pushes forward, to bring Google to court over it. Nothing short of legal intervention is going to help here.

I agree with your overall ideal of free access to information but I disagree that harassment is a necessary or even effective option to push against this. I think the harassment puts us in a category of ineffective, bitter malcontents and that's not what we are.

We are capable of going to elsewhere to free and open access to information, and we would be better off spending our energy on positively influencing others to follow us in that direction. They can't take away tcp, http, ftp, irc and all the other protocols that these megaliths have built their empires on, and we can still use those tools even if it's a demoralizing regression to move back to the basics. Giants like google, Amazon and others depend on our unwillingness to rebuild. Let's use our efforts and our ingenuity to show them that they've underestimated us.

We have the tools, we have the knowledge. Let's be builders instead of petty complainers.

Oh but that would be against the respective projects' code of conduct. /s

> constantly and relentlessly shame and even harass all those involved in helping create it

Not on HN, please. I realize that you're trying to protect something you care about (and that maybe we all care about) but this leads to ugly mob behavior that we don't want and won't allow here.

https://news.ycombinator.com/newsguidelines.html

> constantly and relentlessly shame and even harass all those involved in helping create it

If this ever helped, we wouldn't have absolutely unethical products created. Turns out people's morals have a price tag, that Google and others are willing to pay their employees.

Imo, the idea that this is about selling advertising and maintaining market share is being used as a false justification. This is not about being able to drive users to ads.

The bigger picture is that Google et al are actually part of the control structure. The governance system wants deanonymised Internet. Corporate interests are how this is being promoted - government legislation would be a harder pill for the masses to accept.

But all the recent mega changes tell us (Elon buying twitter, etc) tell us that this is on the way. Apparent anonymous internet will be sandboxed. Knowing everything about everyone all the time, and having that data being crunched by ai's is an amazing, audacious goal, that seems close to being achieved.

Just saw https://github.com/chromium/chromium/pull/187/files

It's even funnier with the auto-reply 'Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).'

what exactly do you want to preserve from the web as we know it today?

let it burn

focus on building something new, new protocols, new networks, new browsers

Corporations will dismiss all of that as asshole Luddites, and do it anyway. You're not Google's customer. The advertisers are.

The only way to stop Google from treating the Web as their own OS is to take that power away from them, by switching to other browser engines.

Ah yes. The 'Uncle Ted' approach, but a bit more mild. At what point do we go full Ted?

Tiktok is literally controlled by the CCP. If consumers don't care about that, they aren't going to care about DRM.

Interesting and it made me try out Vivaldi. Ten minutes later I had lost trust in their claim of privacy.

It uses Microsoft Edge while installing to open links - like the link to their privacy policy - while the OS is set to use Firefox (and every other app use this). Then I found out that it has zero containerization features at all. Don't want Google cookies from one tab read in another tab? Use a new Private Window. No thanks. Uninstall, and then it used Edge to open a page asking why...

Thanks. Let's discuss that article here: https://news.ycombinator.com/item?id=36875940.

Sounds interesting

'Apple already shipped attestation on the web, and we barely noticed'

https://news.ycombinator.com/item?id=36862494

All of the major tech companies are in on this. Google and Apple already deployed it for their phone and desktop platforms (iOS, Android, macOS, ChromeOS, all support attestation already). Microsoft is getting there with Windows 11, and all new devices shipping since ~2015 have the hardware support. Google is now closing the gap on desktop browsers.

Soon the percentage of people supporting it will be high enough to make it mandatory - the last 5% can just get a new device or something like that. They'll do it when their bank website tells them so.

The day Cloudflare flips the switch to require it for all connections is the day the open web dies.

apple is one of the bad guys before the bad guys know they're bad guys..they already implemented this stuff

Careful, with the right arguments from Google the EU might just make this mandatory in the name of 'security'.

The EU is at the forefront of wanting only 'real people' online. So no, if anything digital identity is squarely within what would appease the EU

Actually the free web ended with net neutrality. Didn't you notice when that happened?

Future web will require you to have certified browser - Chrome TM, to access the web. It will require certified OS WindowsTM, running on trusted Hardware TPMTM, running trusted firmware CIATM.

You'll have no choice and your love will be mandatory.

This won't stop malware of course. However a skull clamp will be installed to monitor your thoughts and you will be zapped if undesirable thoughts are detected.

Note: it's a hyperbole but if you want another OS, Browser or hardware you'll be forced to Homebrew it. Or use a compromised app.

In order to have secure client-side storage, it seems like you would need to be able to verify that the client-side application that is accessing it is unmodified -- which is what WEI would allow for.

This is the bait to make it sound reasonable. Of course this hold-back feature will be quietly disabled at some point in the future. The whole proposal is full of weaselly half truths and misrepresentation about their real plans

The attitude from Google towards this has changed significantly over the last few days (unsurprisingly).

From the 'explainer': 'we are evaluating whether attestation signals must sometimes be held back [...] However, a holdback also has significant drawbacks [...] a deterministic but limited-entropy attestation [i.e. no holdback] would obviate the need for invasive fingerprinting'.

From the Google worker's most recent comment on the issue: 'WEI prevents ecosystem lock-in through hold-backs [...] This is designed to prevent WEI from becoming "DRM for the web"'

So, in other words, WEI could be used to prevent fingerprinting, but won't be able to if holdback is introduced -- 5-10% of clients would still get fingerprinted.

Looking at the list of 'scenarios where users depend on client trust', all of them would be impacted by a holdback mechanism:

- Preventing ad fraud: not for the holdback group

- Bot and sockpuppet accounts on social media: not for the holdback group

- Preventing cheating in games: not for the holdback group -- and thus not for anyone playing against someone in the holdback group

- Preventing malicious software that imitates a banking app: not for the holdback group

In other words, if there was holdback, WEI would require places which currently fingerprint to retain and maintain the fingerprinting code and apply it to fewer users, in the best case, or would be completely useless in the worst case (for things like games).

However, it's also quite interesting to look at the implications of successfully attesting a browser which supports arbitrary extensions:

- Preventing ad fraud: install an automation extension

- Bot and sockpuppet accounts: as above

- Cheating in games: install an extension which allows cheating

- Malicious software which imitates a banking app: a malicious browser extension could do this easily.

In other words, unless you attest the browser with its extensions, none of the trust scenarios outlined in the explainer are actually helped by WEI. It's not obvious whether the Google employee who wrote this deliberately didn't think about these things, or whether the 'explainer' is just a collection of unconnected ideas, but it doesn't appear to hold together.

It is not surprising that the first target of WEI -- Chrome on Android -- does not support extensions.

That's a silly proposal that will eventually be turned off as it causes issues. Users will complain that sometime websites are broken for no reason and the first proposed fix would be to turn the failure probability to zero. Then the zero failure setting will become the default.

And what guarantees do you have that the probabilistic failure rate won't be turned to 0 at some point in the future?

Except for Google's pinky swear, I mean.

Here's how this goes:

WEI randomly fails, website sees it, has never implemented any error checking (or fails on purpose without WEI), WEI becomes effectively mandatory.

Google is a gun manufacturer telling people on the other end of it 'don't worry, every one in 20 bullets doesn't fire'.

Workaround: check WEI across 4 domains, P(failure) = 0.000001%

That's currently just an idea in the 'Open questions' section of the spec, but there is already pushback against it from others closely involved in the spec & discussion around this (https://github.com/RupertBenWiser/Web-Environment-Integrity/...) and notably the attestation feature Google already shipped on Android for native apps in the same situation does _not_ do this.

If you have 50% of people having adblock then websites loosing 10% of traffic because of WEI probabilistically fail it still seems like win for big tech if they force user to their approved unmodified OS/browser.

The antifraud company that worked with Google on the WEI proposal is already calling for the removal of holdouts from the spec[0], because:

- Attestation does not work as an antifraud signal unless it is mandatory - fraudsters will just pretend to be a browser doing random holdout otherwise.

- The banks that want attestation do not want you using niche browsers to login to their services.

[0] https://github.com/RupertBenWiser/Web-Environment-Integrity/...

> I was watching a video about nesting in CSS and how it's just in Chrome

Nested CSS is supported in the latest version of all major browsers.

https://caniuse.com/css-nesting

It didn't happen when Apple did it with Safari (and you all were quiet as a mouse as well, with HN actively defending Apple Safari monopoly with this feature enabled)... so why would NOW be any different?

> It is unbelievable that over the course of 3 days, the potential future of the web has been put in such dire straits.

'Move fast and break things.' How many here used to cheer this approach?

Good luck getting anything from Mozilla, Google is their largest source of revenue by far. Over half.

It's far, far too late for this. The W3C is already irrelevant, not that it ever mattered much.

The internet is made by big companies. Not standards bodies. The WHATWG has the actual living standards, and Google, Apple, Cloudflare and Amazon make the actual software. Nobody cares about the W3C. And Mozilla is long past dead.

When Google announced the EME DRM in the semi-public W3C HTML working group, it created a massive backlash. So W3C moved the EME spec under a new, closed, invite-only working group, and then announced that there is a consensus among everyone (there), and it can move forward to become a recommendation. They didn't even fix known bugs in the spec written by Google (e.g. architecture diagram in the EME spec is factually incorrect).

So I don't think this rubber-stamping W3C will do anything. They have no power over Google, and they know it.

Mozilla doing something instead of just talking ? Doubtful

[flagged]

Quite frankly, the W3C stopped having any say on the matter when the WHATWG supplanted the XHTML standard with the HTML5 committee.

They had enough weight at the time to say 'The Web is XHTML2, you can make your own internet if you want ' compared to what they can bargain for these days.

Maybe at the time it was a somewhat reasonable decision to abdicate their responsibility over to big internet companies, but that's what brought us to the current state where we're basically going back to original version of The Microsoft Network[1].

[1]http://www.codersnotes.com/notes/the-microsoft-network/

> If Google can take unilateral action to fundamentally change the basic principles of the web, then the W3C is already useless. This will give Google a clear choice: if they want to maintain the idea that the W3C matters, they should withdraw this implementation.

It's pretty generally accepted that the correct way to do web standardization is for proponents of some new thing to implement that thing and deploy it and then once it has been shown to actually work bring a spec to the the standards folks for standardization.

That usually works fairly well, although sometimes if that first pre-standard implementation does too well the original implementor may have trouble replacing theirs with something that follows whatever standard is eventually approved, because there are often significant changes made during the standardization process.

An example of that would be CSS grid layout. That was a Microsoft addition to IE 10, behind a vendor prefix of -ms-. Nearly everyone else liked it and it was standardized but with enough differences from Microsoft's original that you couldn't just remove the -ms- prefixes from your CSS and have it work great with the now standard CSS grid.

It was 4.5 years between the time Microsoft first deployed it in IE 10 and it appearing in other browsers by default (Chrome had it within a year of Microsoft, and Firefox had it about two years after that, but both as an experimental feature the user had the specifically enable). In that 4.5 years enough sites that only cared about IE were using the -ms- form that Microsoft ended up stuck with that on IE 10 and 11 instead of the standard.

There is no chance Mozilla does anything that actually matters here. They may do some virtue signaling and put out a statement about how they support the open web but nothing more.

As a general rule of thumb, web technology has traditionally separated the content and protocol from the browser ('user agent') in terms of concerns. By which I mean, a user agent needs to be able to handle any possible input without breaking, and a web server needs to be able to handle any possible request without breaking.

WEI tries to shortcut that process by creating a secured sign-off system that would allow the server to only respond to queries from a blessed hardware and software configuration. This wildly constrains the user agents that would be possible. The pro for web developers is that they wouldn't have to concern themselves with whether their server or the HTML they are. Emitting is broadly standards compliant and compatible; they can just make sure it works with the target platforms they care about and rest easy knowing no other platforms can touch their system. But this is bad for anybody who, for whatever reason, can't use the blessed platforms (user agent and hardware combinations).

Immediate practical consequences are that a lot of the screen reader solutions people use would probably break (because the screen readers wouldn't be certified user agents), a lot of clever hacks would be far less feasible (the website somebody hacked together to track whether the ice cream machine was broken at McDonald's restaurants relied upon being able to pretend it was the McDonald's smartphone app well enough to attempt to put ice cream in the shopping bag), and it would basically become impossible to build a new browser or operating system from scratch compatible with the web (they wouldn't work with the websites people wanted to use because they wouldn't be certified as authentic on any of those sites).

This proposal grossly changes the balance of power on how the web works and places most of it in the hands of the incumbent browser and computer hardware vendors.

Basically aims to make desktop browsers work like non-jailbroken iPhones: locked down and outside the user's control, for better and worse. You could also compare it to client-side anticheat in PC games.

You'll need an 'approved' browser and potentially 'approved' hardware to access the web. Since Cloudflare is on this too, most of the web will be locked for anyone who doesn't use mainstream hardware.

From a very top level view, this gives Google, and other websites, the ability to block requests from devices/browsers they don't approve.

This implements device level verification of the code running your browser. If the device identifies as something Google, or other implementing websites, don't approve, you'll get an error similar to how you see 404 errors for missing/wrong links.

Unblockable ads, sites can serve you data that you can't manipulate or copy, micropayments can exist, invasive surveillance.

Surveillance is possibly the worst of the bunch. They say it's just to do a better job of serving ads, but that's only the tip of the iceberg. Governments could easily use it to know and track everything you do online. Just wait till the next elected nut job wants a list of everybody that has ever looked at or searched for a certain type of information, maybe they don't like that you looked up info on abortions or lgbt info, now they can know the full extent of what you saw and when.

Ads will be worse. You think YouTube ads are bad now, just wait till you can't visit any page without the mandatory viewing of their ads. They can require a cam installed to make sure your eyes are on the ad, helpfully pausing the video when you look away.

The Browser application needs to pass a binary image check, and if the browser hash doesn't match Google database, you cannot proceed to the website (since your browser may be corrupted). A major big deal for non main-stream browser, and for non Google browser developers, extension developers (eg. AdBlock), etc. In summary, some websites (like banks, Netflix, etc) will no longer be available for non mainstream browser users. Also, even if you're using Google Chrome, you may need to run the latest version to satisfy the hash check. Every day, the number of broken websites will continue growing until all non Google Chrome users have a blocked internet.

Nothing will happen. People have been making the same complaints about every new crypto standard for decades, and yet here we are. TPMs are a thing, EME has been around for over a decade now, DRM on the web is as pervasive as it's ever going to get, and yet no one's user experience is any worse than it was before these technologies existed.

ENORMOUS fingerprinting potential and capability to disrupt the user's ability to block content. Or access it.

To turn your browser (an agent acting on your behalf) into a proprietary application (an agent acting on behalf of a website) -- i.e. the equivalent of forcing you to install a proprietary application in order to visit a website.

This is essentially a backdoor attempt to TiVoize[0] web browsers. The only difference is that, instead of directly using hardware to prevent you from running a modified browser, the intent is to use network effects to accomplish the same thing.

[0]- https://en.wikipedia.org/wiki/Tivoization

If adopted by publishers, the web will be closed to everyone but allowed browsers on allowed OSes on allowed hardware. No ad blockers, no extensions, no customizations beyond what the few chosen browsers allow explicitly.

[flagged]

Maybe they shouldn't have added the Pocket links if they didn't want the vitriol. Tracking or not (I'm still not 100% convinced that they're not), it doesn't look good when your browser greets you with that stuff. It's like entering a neighborhood and seeing a 'checks cashed' store.

I think it would be interesting to get their views on it. I wouldn't be surprised if a lot think this is a good idea. Not that I agree, but I think it's unlikely that everyone sees it the same way as those outside the organisation.

No personal attacks, please. It's not what this site is for, and destroys what it is for.

You can make your substantive points without that, as most other users in this thread have been doing.

You may not owe web-destroying $MegaCorp better, but you owe this community better if you're participating in it.

https://news.ycombinator.com/newsguidelines.html

Currently development and standardization occurs in the open, on GitHub and elsewhere. When it's decided that's no longer possible, I hope you realize that this kind of targeted harassment is what led to its demise.

Shame on all knowledgeable people that happily keep using Chrome and giving Google money. That make the web more centralized by giving more and more power to entities that benefit from this like CloudFlare.

HN is full of people that are indirectly helping to push these changes forward. You're preaching to the choir, and the choir is too lazy to switch browsers or learn how to configure a web server, so they just shrug and carry on.

Thank you.

> I predict that hardware attestation will in 10-30 years become a requirement to maintain an internet connection.

I fear you're right. But if the current trends keep up, I'll have abandoned the internet entirely before that happens.

I mourn for what we have already lost, and we are poised to lose even more.

> I predict that hardware attestation will in 10-30 years become a requirement to maintain an internet connection.

What you fail to take into account, is that geeks like being able to freely goof around with stuff; and that new disruptive tech evolves precisely in the ecosystems where geeks are goofing around with stuff.

Consider the dichotomy between iPadOS and macOS. macOS still exists — and still has things like the ability to disable Gatekeeper, enable arbitrary kernel-extension installation, etc. — because the geeks inside Apple could never be productive developing an OS on a workstation that is itself a sealed appliance. They need freely-modifiable systems to hack on. And they may as well sell other people those free systems they've developed — with defaults that make the tool appliance-esque, sure, but also with clear paths to turning those safeties off.

The same thing was true in the 90s with the rise of walled-garden ISPs. The average consumer might be happy with just having access to e.g. AOL, but the people who work with computers (including the programmers at AOL!) won't be happy unless they can write a program that opens a raw IP socket and speaks to another copy of that program on their friend's computer halfway around the world. And so, despite not really mentioning as a feature, every walled-garden ISP did implicitly connect you to the 'raw' Internet over PPP, rather than just speaking to the walled-garden backend BBS-style — because that's what the engineers at each ISP wanted to happen when they used their own ISP, and they weren't going to tolerate anything less.

And then, gradually, all the most interesting stuff for consumers on the Internet — all the 'killer apps' — started being things you could only find the 'raw' web, rather than in these walled gardens — precisely because the geeks that knew how to build this stuff, had enthusiasm for building it as part of the open web, and no enthusiasm for building it as part of a walled-garden experience. (I would bet money that many a walled-garden developer had ideas for Internet services that they wrote down at work, but then implemented at home — maybe under a pseudonym, to get out from under noncompetes.)

Even if there comes about an 'attested Internet', and big companies shift over to using it, all the cool new stuff will always be occurring off to the side, on the 'non-attested Internet.' You can't eliminate the 'non-attested Internet' for the same reason that you can't develop an Operating System purely using kiosk computing appliances.

The next big killer app, after the 'attested Internet' becomes a thing, will be built on the 'non-attested Internet.' And then what'll happen? Everyone will demand an Internet plan that includes access to the 'non-attested Internet', if that had been something eliminated in the interrim. (Which it wouldn't have been, since all the engineers at the ISPs would never have stood for having their own Internet connections broken like that.)

I guess they could un-cherrypick this 'feature', but that doesn't mitigate google or publishers requiring a response from this API, in order to serve a request.

> Will OS check if such python lib is installed

Most computers come with a trusted platform module which increasingly runs more and more services related to media handling. On modern Macs the T2 chip is an A8 or A9, meaning it has the same power of a modern iPhone and handles everything from device input (mouse & keyboard), to webcam decoding to media decoding. When you watch netflix on a modern macbook, the video buffer that is displayed is actually a shared memory buffer from the T2 chip, which the main SoC can't actually see. If you take a screenshot you will see that the screen stays black, since audio and video come purely from the chip.

You could run a Browsers Renderer in there and you would never notice.

The term for this is 'cat and mouse'

But MS still bundles IE, and they've gotten more pushy about it lately.

'turn signal not working.' Oh that explains why Tesla drivers never seem to signal! ;-)

Seriously, sorry you've had such a bad experience with Tesla service.

I thought it was just me! Trying to control turn signals is beyond infuriating in a Model Y. You would think that this should be part of the functionality that is largely free of bugs..

A new 'you're holding it wrong' level.

'My wife had to sit at the back of the car for a month while I argued with them.'

She must have enjoyed having a chauffeur for a month...

> My wife had to use the back seat for a month

Is the back seat safer than the front seat, even if the front seat airbag doesn't deploy? I know recent tests show the back seat is a good bit less safe, and I think it's primarily due to most manufacturers not using the same seat belt technology as they do in the front, but maybe some of that is the lack of a front airbag.

The airbags needing a software update in the first place is terrifying.

I had an uber driver that said his 3 had less than half the range when temperatures got over 100F (38C). I imagine that is just the increased load from the cooling system. My Y sounds like a combustion car the ac runs so loud the past couple months. I leave the display on battery percentage because the range counts down very quickly in this heat. But it doesn't when it is nice out. Cold decreases the range because the battery heater has to work hard.

My point is that it isn't as simple as an average due to the massive temperature sensitivity. It applies to ICE cars too, but it certainly isn't as noticeable as the engine allows a wider range of temperatures. Ironically the EV is proposed as something to battle climate change, but it is much more susceptible to it's effects.

That gets affected by the kind of people driving the car, and just because I buy a certain car doesn't mean I'm like the other people who bought it. Also, too easy to hack that.

Tesla has more lawyers than you do. Bringing a lawsuit for fraud, which you may not win, will cost you $10-20k cash out of pocket up front.

Tesla advertises the EPA rated range. The car not actually achieving that range in real world conditions (which are more varied than the test conditions) is not necessarily defective or false advertising.

Now I do think that the EPA ratings are inadequate and inconsistent. Those could use some improvement to better reflect real world driving conditions.

Most normal Tesla owners I'm familiar with just come to accept that the website range claim is complete horseshit. They go on with their lives and just don't worry about it. For around town, it'll get somewhat close to rated range anyway, and road trips aren't that common for most people. The supercharger network is pretty good, and if you have to stop every 200 miles instead of the rated 358, then so be it.

Personally I think the EPA should revamp the rating system. I want to see every manufacturer forced to admit what range to expect if we use 90% of the battery capacity, at 70 mph, in 32F ambient temperature with climate control set to 68F. The only time people really care deeply about range is on the interstate, so the range numbers really ought to reflect that.

Thanks Tesla, but I'll stick to a car that doesn't try to work around my emotional problems.

> Tesla doesn't let you get you stranded on the side of the road

Unless you don't use their nav, the conditions are bad, or you need to take a detour. To drive 40mi, I want 60mi range to cover my bases, considering the consequences of getting stuck vs just charging a little longer.

I was trying to interpret what that means. I'm guessing they aren't factoring current conditions above 50% and instead rely on average conditions. I'd be surprised if this is actually worse than what the EPA views as average given the truth-in-advertising requirements they put on Tesla.

This isn't entirely unreasonable. Most people whose battery is at 80% aren't going to be depleting it in the next few hours, so say factoring the present cold morning might produce overly pessimistic guesses.

They are being aggressive for sure, but this article strikes me as pretty biased against Tesla. The article concedes that most of these customers have no range problems -- they are probably driving in cold at 80 MPH blasting their heat to 70 degrees wondering why their range is so poor -- even though it is entirely expected behavior.

When you market cars need on known false numbers, it sounds a lot like criminal fraud

I just hope some car manufacturers continue to not hire UX designers and have everything not related to the actual operation of the car (controlled by physical switches) just be a dumb screen for my phone to control.

I think that reputation already died in the last 2-3 years.

It's now pretty common in my circle to hear people say they'll pay a premium to not own a Tesla. Primarily because of lots of bad experiences with build quality/repairs, but also because there are now lots of high quality alternatives. Namely Rivian and Lucid, but also the legacy automakers (two friends bought mach-es recently and there's a smattering of F-150 lightnings.)

The fact that Musk has adopted the public persona of a crazy uncle who doesn't get Thanksgiving invites -- and is heavily associated with the Tesla brand -- doesn't help either.

I'd like to see more data...

For example, if you get 10 tesla cars of the same model, do the ranges differ?

If you get 1 car and 10 different drivers, do some drivers get the advertised range while others don't?

If you disassemble the battery packs, do you find some bad/degraded cells in cars with reduced range, or is this a design fault?

Do drivers that have trouble have inefficient mods, like roof racks, big wheels, etc?

>agencies start to act

Uber is still a publicly traded company, despite explicitly starting up by just ignoring and bypassing existing regulation.

The US is so anti-consumer it will never relevantly punish a business making money.

Thats the crux of the complaint tho, if the number requires education the number should not be used without context and something more realistic should be used. If on average the car does 250 miles it should not be advertised as 400. Either a range or a disclaimer should be present.

I think the 'number decreasing' complaint seems to be related to the fact that you would drive 10 miles and lose 30 on the dash. The article also claims the number becomes more realistic when it crosses bellow 50% charge so I expect this difference to be noticeable.

This might help but requires you do some cross referencing and math: https://ev-database.org/cheatsheet/range-electric-car

This is better as it shows the claimed range, and the actual range: https://insideevs.com/reviews/443791/ev-range-test-results/

I mean, I realise that reading the article is considered most improper on this website, but it _is_ addressed.

I frequently drive a Skoda Enyaq. The 'official range' figure is 330 miles, but we actually get 250-290 miles in real life usage depending on temperature. When you turn the car on with a full battery, the range estimate for us reflects actual distance not 'official' distance and seems extremely accurate and trustworthy.

It's a bit average. It's not crazy optimistic like some Chinese brands or a bit pessimistic like some German brands.

Here is a Norwegian winter test in real conditions: https://nye.naf.no/elbil/bruke-elbil/test-rekkevidde-vinter-...

You can use a translator (Google, DeepL, chatGPT...) but the Arabic numbers are easy to spot.

One datum: our 2014 BMW i3 (ev, no range extender) consistently outperformed its rated range.

> How does the Tesla advertised range compare to the advertised range of other EV makers: less accurate, or similarly inaccurate?

Read the article. This is covered in depth and it's quite informative.

Don't you think if there was an intentional conspiracy to do this they would make it a little less obvious by not activating battery self destruct the day after the warranty ended? I'd have made it wait at least a month afterwards...

That's because, even today, gas stations are far more ubiquitous than charging stations. People who own IC cars don't pay that much attention to range because there's rarely a question that they'll find a gas station within their last remaining gallon. With electric, that's a bit of a different story, especially when you're driving a long distance, and to somewhere that's not a major metropolitan city with thousands of Tesla owners.

> It's not a real issue.

+1, I was worried about range before I bought a Model Y, but charging at home and trip planner I never even think about range anxiety at all.

> You just need to know what you're getting into when you do your research.

If only they didn't have a secret team to suppress the kind of things you would really want your research to turn up.

I had a Mazda 3 once which would routinely beat its EPA estimates, especially highway driving. You are too forgiving of Tesla's business gimmicks

I drove a Tesla for over a month and it was a relief to go back to my Honda Civic. The range (both miles and %) was wildly inaccurate. If I had to drive anywhere that wasn't a few miles within the city, I was under constant anxiety. No thank you.

It's a wonder to me that anyone would ever trust anything Elon Musk ever says about anything. He's a proven liar and creates an openly hostile, negative culture wherever he goes. I feel sorry for people who are caught up in his lies, either customers or employees or people who work closely with him and have to suffer his tantrums. There was a point I admired him, but that is long past.

>Wind resistance increases EXPONENTIALLY with speed.

And the power required to move against the air is the cube, not the square!

FWIW Our Audis (Q5, A6 allroad) have significantly better MPGs than the advertised ones

The Q5 advertises 28mlg on the highway but i consistently hit 30+ here

And the wagon hits 35mpg on the highway very often even though it only advertises 26. It actually turns off 2 of the 6 cylinders when it senses that it can.

Both cars I've owned have had better efficiency and thus range than advertised (a Honda and a Subaru). I'm often shocked at how I can get 38-40mpg + on a car that is supposed to be getting 29mpg.

> We've never owned a gas vehicle that met it's EPA range and the Tesla is no different. No one takes EPA MPG * GALLONS of gas and expects it to be a real life estimate of range.

Because gas stations are still far more common than fast chargers. We'll get there with EV charging, but right now range does matter, especially if you routinely see half of what was advertised.

I think this is a problem because a lot of what people use to shop an EV is the headline range number, which you are declaring is not accurate. This is false advertising.

I think the difference is that a gas-powered car will keep driving when the gas indicator hits zero. You can still get a couple dozen miles at that points, and those are so important. Tesla is really doing you a disservice by not considering that.

Aerodynamic drag increases as a square as a function of velocity, not exponentially.

https://en.wikipedia.org/wiki/Drag_(physics)

My 2021 Honda CR-V doesn't get close to EPA MPG but the range calculator is still accurate to within maybe 15%. I've tested it a few times driving from Oakland to LA which is right around the full range of the car and it gets pretty close- even with a whole mountain range to drive over north of LA. It doesn't appear to use EPA MPG for its estimates and it makes for a better experience.

> We've never owned a gas vehicle that met it's EPA range and the Tesla is no different. No one takes EPA MPG * GALLONS of gas and expects it to be a real life estimate of range.

Why is this exactly? It's been true - MPG is lower than estimated - of every vehicle I've owned too except for my most recent, a '23 MX-5 (i.e. a sports car, which I tend to drive at higher RPMs and in lower gears.) I'm getting spot-on or a little above the EPA estimated on the car I'd least expect it.

(edited to clarify 'it's been true')

The article says that Tesla knowingly overestimated their numbers. Tesla even switches the range algorithm to be more accurate when mileage gets to 50%.

> We've never owned a gas vehicle that met it's EPA range and the Tesla is no different

Car and Driver's EPA range versus real world highway tests:

https://www.caranddriver.com/news/a43657072/evs-fall-short-e...

EVs are quite different to ICE when it comes to EPA range ratings.

My EPA highway mile rating is lower than I see in actual driving in my ICE. City is about accurate unless I've been in a lot of traffic's with its look back range for live mpg estimates. Lots of owners of other EV brands and the article itself said they're much better than Tesla's estimate as well. It's difficult to see how the issue is anything but specific to Tesla and its method of presenting info to consumers. They were even force to lower their previously stated range, per the linked article.

Last I checked, small claims court in more than one state tops out at well under $10K. Hence the adjective "small".

IOW, you ain't getting $20K out of small claims court.

They come up w/ the range under absolute perfect driving conditions that don't actually exist. The driving conditions should reflect normal driving conditions.

> Driving through the Rocky mountains will reduce mpg significantly for an internal combustion engine as well.

Do you mean it will reduce the mpg because of reduced air density, or because of temperature as well? I thought the efficiency of an ICE was dependent on the difference in temperature it creates between the combustion and the coldest part of the cycle. It seems efficiency would improve in cold temperatures because less energy would be wasted cooling the engine since the incoming air is doing that.

Sure, but the system continues to make extremely optimistic (and unrealistic) estimates about your range until you hit 50% battery, at which point it tries to be more realistic so that it doesn't strand you in the middle of nowhere.

It should be giving you the more realistic estimate as soon as possible, so that you can plan better, rather than misleading you for half your trip.

Perhaps the range advertised should call out the variance, or use a more pessimistic number?

Much like MPG is denoted as city vs highway.

Most people never leave their city.

For those of us who do, the small number that do road trips can easily get by with one ICE and one EV.

Most people's EV need to get to the grocery store or to work and back.

Maybe it's more important to have more/faster EV charging stations. I'm not buying an EV until I can go to any regular gas station (or at least half of them) and charge it up in a similar timespan as an ICE. That should be doable.

How many miles do you think the average person drives per day?

I'd like to be able to go 200 miles at 85mph, and do it between 80% and 20% of charge (so I can supercharge quickly and not worry about range at the bottom end) That would equate to a single stop on my typical family road trip. That's 333miles at 85mph. My Model 3 can't do that. Hoping the high end Cybertruck can get close.

I think you're wrong. The vast majority of 'trips' are well below current ranges afforded by today's technology. Most electric car users are plugging in when they get home and never have to charge elsewhere.

Furthermore battery technology is actually improving and the trajectory seems to indicate that there will be cars that will be able to hit the 1000km range within the next 5 years for those who would need it.

Is there some huge percentage of people that road trip every week? I commute to/from work, run errands, go around town, and my car is back in my garage about 340 days a year. I drive over 250-300 miles in a day maybe 4 times a year. If I am plugging my car in every night or every other night, I'm only going to need to think about Fast Chargers a few times a year. Either people are treating EVs like ICE cars and 'filling up' at a Fast Charger instead of just plugging their car in at the end of the day, or people are taking way more road trips than I realize.

can you expand on how ICE vehicles have the same issue with range?

Battery tech has changed a lot since 2008.

You drive 400miles without access to charging?

I was confused too. Title and first part suggested they were trying to suppress discussion about range issues. Then the rest was about cancelling service appointments. I'm pretty sure this is just a hit piece.

What you say about the reduced range makes sense but I don't fully trust the decision on what range to show to have all the right motives in this case when many other manufcaturers (also in ICE vehicles) adjust their shown range based on recent drives. Tesla does do this if you plan a route so they are certainly capable but unlike the mentioned toyotas, bmw's, etc they choose to use the unchanging unrealistic estimate that gets a lot of people in trouble. Given that they also stonewall when its about issues that people can't affect with their driving style or can be a matter of opinion I don't feel inclined to give them the benefit of the doubt and say maybe people should adjust their behaviour and expectations. If they are given more accurate mileage by default then it's after all much easier for them to make those considerations and realisations about what affects it.

I have a mental model which goes something like this:

When 80% of your energy goes to waste than all the incidentals like AC and especially heating just does not surface as a contributing factor.

When however 80-90% of energy goes to driving, then speed and all the accessories start having a real impact.

It also shows how energy dense gasoline/diesel are that a 50kg tank will outperform 400kg batteries even with the 4-5x efficiency difference.

> Here is a minor list of things which will reduce range pretty significantly:

Bit of a sarcastic take: apparently also use of indicators.

Actually, gas cars have the best range on highways because the engine can stay at peak efficiency, electric cars are best in the city because they only use energy when moving and can recover energy from slowing (i.e. stop and go). And others mentioned that heating is free in gas cars (in fact it might improve your cooling and thus efficiency).

What does any of this have to do with the fact that Tesla is lying to its customers and the other EV manufacturers are not.

> - Driving on the highway rather than around town (see the 50 MPH comment)

That would greatly depend on the town one is picturing. In pretty much any neighborhood in LA, there's no way you're going to sustain a speed of 50 mph for any reasonable period of time without frequently stopping at intersections, your usual traffic congestion, pedestrians wandering into the street, other drivers making idiotic maneuvers, etc. No way is your mileage going to be better on surface streets even if you do your best to reach 50 mph but not exceed it. Frequently braking and accelerating requires more gas than will be eaten up by driving at a constant speed of 65 mph.

Why a xylophone and not a bell? Seems like an odd choice for an instrument other than it's name also starts with an x...

> I really just reflected on how the fans conduct themselves regularly

Reminds me of that youtube video (by a fan) almost having an accident on autopilot and his first reaction was 'we're gonna have to cut that out'.

This is standard Weird Sales Culture stuff, but it's a bit odd for customer support.

Just like a scene out of The Wolf of Wall Street. This company appears to be fraudulent to the very core.

[dead]

You should have higher expectations of your vehicle.

My 2016 ICE car's 'miles left' meter is accurate to +/- 2 miles from the moment I top up the tank (80% highway driving, 20% hilly city and rolling country roads).

IMO, accurately telling the vehicle operator how many miles of juice you have left is a KPI, as it informs when you'll need to plan for refueling.

Having driven an EV for a few weeks in identical conditions, this inaccuracy is probably the major contributor to 'range anxiety'. I have no idea whether I'll need to recharge in 60 miles or in 25 miles, and that's totally unacceptable in most parts of the US (where there aren't available chargers every 5 miles of your trip).

You are extremely biased. I have both owned a Tesla and non Tesla EV. Non Tesla EVs are way more conservative in their range estimates and you can actually beat their estimates. People routinely beat BMWs advertised EPA range - something you will never hear for a Tesla

I've owned EVs from different brands, including Tesla. In my experience so far, only Tesla uses the naive and wildly optimistic EPA number for the range display. My wife drives a Bolt and it uses your moving average to calculate the range estimate, and it's pretty much dead-on accurate.

Tesla -could- do it but chooses not to. Put it in trip mode and it's pretty close to dead-on. Look at the consumption page and it's pretty accurate there too. Tesla elects not to use this already available information, because it would consistently show people a lower number than what the web page did when they ordered the car.

What this article describes, if true, is actionable fraud. I'm not seeing this as a "hit piece."

Literally the first paragraph of the piece:

> He expected to get something close to the electric sport sedan's advertised driving range: 353 miles on a fully charged battery.

> He soon realized he was sometimes getting less than half that much range

We're not talking about a couple of miles here or there.

And if Tesla discovered that range issues (even if entirely based around customer perception) were a widespread enough issue to set up a team specifically to address it, that team said nothing publicly and instead cancelled service appointments without explanation... that's absolutely newsworthy, whether you consider it a "hit piece" or not.

> Inside the Nevada team's office, some employees celebrated canceling service appointments by putting their phones on mute and striking a metal xylophone, triggering applause from coworkers who sometimes stood on desks. The team often closed hundreds of cases a week and staffers were tracked on their average number of diverted appointments per day.

I mean... c'mon.

But the example from the article wasn't about a sub 1% delta. It was someone getting less than half the estimated ranged.

This isn't a hit piece. As someone that formerly owned a Tesla, all of this rings true and I was so glad to finally ditch the vehicle back to the second hand market.

Of course, since Tesla doesn't need, nor have, a PR department (unless they silently re-established one again after closing the first one down in a rather public manner).

No, it's all the same and should be extremely illegal (read felony with mandatory minimums approaching life without parole) as such behavior is antithetical to democracy.

Just curious, did you ever own a high end vehicle before your teslas?

> There are so many people out to get Tesla right now it's hard to process stories like these: the legacy auto makers, their supply chains, their unions, their dealers, the shorts, the elon haters, the ev haters, and on and on. > There are also a ton of click bait faux outrage articles in general about every subject you can imagine.

I can't help but be disheartened at the financialization (?) of everything. Can't tell who's real and who's shorting.

> There are so many people out to get Tesla right now it's hard to process stories like these

I have no dog in this fight. Never owned or thought about buying a Tesla. The details described in the story, if true, are very serious. Are you suggesting the story is made up?

I'm a firm believer in the idea that people can be brilliant in one way and dumb in many others. Elon seems hellbent on showing us all the ways he's dumb.

Sounds like you're an American who's either a Tesla employee or only owned American cars before. Their quality is mid-tier at best but the software appears to be so dangerous that I avoid driving behind/in front of a Tesla (in Europe).

> Each one of them has been the best car I've ever owned and better than the one before it.

If you buy a new car chances are it will be the best car you've ever owned and better than anything you've driven before.

'I like X, therefore any negative information about X is lies propagated by their enemies' is a dangerous position to take.

An example of his 'engineering' skills. He's an anti-engineer.

It doesn't help that the Bolt is the worst EV on the market besides the Leaf, mostly due to price point. You also wouldn't notice the charging being slow as much if you had a charger installed in your garage, cheaper too.

All that being said, having driven both, it's no competition a Tesla is far better in every conceivable way. The Model 3 is more efficient with its energy as well.

It sounds like a terrible solution to an easy problem. And calling it an 'algorithmic solution' is being generous, considering that our dead simple decade old Mazda 2 gives us a closer than 25% range estimate just based on the mpg for the previous X number of miles driven. That's not an algorithm, that is a simple math calculation with only two inputs; gas consumption rate and miles driven. Tesla, with thousands of data points on previous usage and driver behavior, could give you an almost dead accurate estimate, but chooses to give a basically useless estimate because it looks better. Then people come around and make ridiculous excuses for it and why its actually a "decent solution" (it isn't) to a "hard problem" (its not).

Hum... ICE vehicles have given their range in litters for decades, and nobody every had a problem with it.

They recently stated giving estimates in distance, but it's clearly marked as an unreliable estimation.

Looks like Tesla has another huge communications and UX issue, and not a mechanics (electric?) one. They have to get their designers in a room, fire the management, and ask them to actually design stuff for humans.

That only makes sense if there's strong correlation between the first 50% of a charge and the second 50% of a charge, but NOT an equally strong correlation between the previous charge cycle and the current charge cycle.

That can be the case (eg on road trips) but usually isn't.

Why not just always give the more precise estimates?

I didn't watch the whole video, but found the summary to be helpful. You can see it at 37m21s: https://youtu.be/fvwOa7TCd1E?t=2241

spoiler: Of the 6 cars they tested, Tesla Model Y had the best performance in terms of miles per kWh and total range. But it still clocked in at only 81% of claimed range.

What does this have to do with OTA updates? It could come with the same software "built to lie" from the factory as well, couldn't it?

Are you happy with them?

> "We're looking at the range, and you literally see the number decrease in front of your eyes," he said of his dashboard range meter.

From the third paragraph

The EPA tests are poorly implemented, and there are two flavors of tests and the maker chooses which to run. Has to do with the number of 'cycles'. One of these tests tends to return fairly optimistic results, and is the one Tesla chooses for the EPA to run.

Further, EPA only tests at default settings. Some makers (ahem Tesla) default everything to the most range maximizing settings.

Next, car makers can market UP TO the EPA range, but can also market below. Tesla clearly advertises every mile they can, while the Germans undersell their range. You can see this across the board in the real-world range tests by InsideEVs, etc.

Holistically I think having a single EPA range number is wrong given how different highway & city range is for EVs. Just like ICE cars report highway & city MPG, EVs should report range in these 2 buckets.

Since the only real use of the EPA range is to make relative comparisons between cars, and since it will be very wrong for any car outside of the specific speed, geography, and season the EPA tests in, the EPA should choose some arbitrary number that is not miles. Then no one will feel misled when they buy electric, and we'll still be able to make range comparisons between cars.

General range barely ever matters anyway. ICE drivers thinking of going electric always ask about range, but over a certain minimum level of range what really matters is the estimation accuracy for a specific drive and the confidence that a planned charging location will be working as expected. If both of these are very good, the GPS travel time estimates will always be accurate and you don't really need to think about anything, which is how most people approach driving these days anyway: just follow the GPS.

The next thing that matters are the distance of chargers from the average route (we need more at interstate rest stops!) and the availability of 220V chargers at any place you will spend the night. The latter is the weakest right now, IMHO, but it's improving as more people go electric.

I think the range is inflated, but I can get close to it by driving like an absolute grandpa. I think it's possible, but not realistic.

The solution is to not show miles on the basic battery meter, just percentage. Maybe show a rage next to it - 130-160 miles. But that too honest.

ICE cars all show a percentage, and maybe additionally a mileage on newer cars. The fact that they threw that away is a little silly.

We rented one on a trip recently, super annoying to realize the dozen or so chargers in this beach town were actually incompatible or just too slow for real life.

On the way back to the drop off autopilot tried to slam us into the Bentley next us! It had been traveling the same direction as us for like 20 minutes and when we passed through an intersection it just jerked hard left and I had to correct it manually. Possible injuries notwithstanding I'm sure that would have surpassed my insurance coverage, which I've intentionally gone way above minimums on.

I know someone who bought an early Leaf to get to work and back. The stated range was 107 miles and their commute was 35 miles each way. The problem was that there was >2000 feet of elevation change.

I also have a Model Y- it's our family's only vehicle. We love almost everything about it.

Tip: tap the range estimate to switch it to percent. The EPA estimate is meaningless. Yes, that should be improved.

Seems like it's common across all EVs for the range to be inflated by around 20%, at least for freeway driving.

In a recent review, a Tesla did a slightly better job than most of the cars tested, as far as portion of stated range achieved.

https://youtu.be/fvwOa7TCd1E&t=36m15s

There is a reason why the mileage estimate on EVS are called GOMS (guess o meters). They are like laptops, totally unreliable. They should really just stick to percentages. I don't think anyone really relies on the mileage left in gas cars, that mentality should be carried over to EVs. The number is really the fault of the EPA which uses a synthetic tests and allows manufacturers to just run with that.

This is my experience too. If you plan your trip, it's really good about predicting the % battery remaining. I never put it on miles display anymore; that's evidently going to be inaccurate because it doesn't take into account many other factors. But if I enter in a route, now it actually has something to go on and can do a good job.

ICE vehicles have lower range as well when going uphill or exceeding the optimal speed and increasing air drag.

The estimates are based on driving on a flat road at the speed limit.

Even my Lexus SUV can get 24mpg driving on 35-45mph roads vs 16-19 in the city or going to the mountains where elevation increases.

People's understanding of range is just not quite there yet whether it's for an ICE vehicle or an EV.

If I hate something I would try to sell it immediately. Did you sell it?

Otherwise it looks to me that your rant is just for karma collecting.

'I hate almost everything about it.'

Not owning a car only using rentals, I still think Tesla has the best and most intuitive UI. I can find everything easily, whereas in a SUVs from Skoda/VW/Audi/BMW/Renault/... it's hard to find things - at least for me.

What I do hate about the Model Ys we rented is the noise! Wind/wheel noise is as loud at 100km/h as a BMW at 150km/h - I guess they do this to safe weight and increase range, but it makes the trips very unpleasant.

Also how it randomly breaks in self driving (at least on a German Autobahn).

I make EVs at a different company, and I'm not a fan of Tesla's range indicator. It's misleading because miles don't map directly onto battery charge. The range that that indicates is miles on flat level ground with no wind at 55mph which you will never experience in real life. At 80mph you're going to get 2/3 of that range every time. At 35mph you can get significantly higher range, but no one is ever going to drive 300+ miles at 35mph. If you just tap on the range icon it will change to percent, which is less misleading. ICE vehicles have all the same problems, but most ICE vehicles always just show gas level, rather than range.

Waited for 2 years for the new long range Tesla Model X and sold it within 3 months for exactly this reason. The range was a total fabrication - actual range for city driving was closer to 180 miles, not the claimed 300+. Complete sham.

> It'll display a the battery in miles, but it's at least 25% inflated.

Worth noting this is also common in ICE cars. Mine has it.

Rented a MY a couple months ago and was surprised how much I, and more surprisingly, my wife, hated it. Now, I despise Elon and the risky safety decisions of Tesla engineers, so I'm biased, but I wanted to give them a shot.

Range was horrible. We drove about 100 miles and spent a couple hours over several sessions at superchargers. The handling and turning radius sucked. The controls were frighteningly distracting and confusing. Sound in the cabin seemed very weird, probably due to the glass roof and noise cancelling system. Finally, for a dual motor, I expected a lot more acceleration. I drove a Chevy Bolt for a year and was surprised how heavy and sluggish the MY felt.

I find the range numbers on my Model Y to be fairly accurate, when I choose and am able to drive at optimal speeds on level ground (which is the situation on some trips). 60-65 MPH is the commonly sighted range for the dual motor Model Y. The range does attempt to factor in heat pump usage, and I am unclear how accurate those adjustments are.

For what it's worth, I have a Nissan standard petrol car and it's pretty much the same. Every time I fill it up, it says I have 400 miles of range, then by the time I've driven about 300 miles, I've only got a few miles of range left.

Interestingly the accuracy seems to get a lot better by the time I'm down to half a tank. I don't know if it's a sensor issue, or maybe my driving habits just change a lot when I have a full tank versus when I'm running low.

The type of driving and time I'm driving can also make a huge difference to my trip MPG - some trips I average about 10MPG, others closer to 40MPG. Generally speaking, low speed but clear rural roads get the best, followed by motorway, followed by pootering around the city. The absolute worst mileage is during the winter, when I might only be driving lots of short trips around town on a very cold engine, with the headlights on, in the rain. In that case, I might only get around 200 miles out of a tank.

Anyway, my point is that knowing the specifics of this trip's fuel consumption is a much easier problem than knowing how many miles it'll be until you next need to refuel.

Bummer to hear you all don't like it. I drove a RWD Long Range Model 3 for 4.5 years. Absolutely loved everything about it. But the range was no where near 310 miles like stated. But I couldn't have really cared less once I knew that fact. The few times a year I needed more than 200 miles, I used superchargers on my route just like I would if I had 250-300 and had to wait an extra 2 minutes at the charger. I averaged ~300-325 wh/m going 80-90mph on the highway (wind speed/direction obviously makes a big difference). 75kwh battery. 230 mile range. Every other day was charge to 80%, incredibly convenient to never think about it or gas and have more torque, speed than any other car you're around. And low to no maintenance.

I now own a Long Range Model X. It is MUCH closer to the EPA mileage. I average ~330wh/m but I have a 100kwh battery, so much closer to a legitimate 300 mile range. Once again, doesn't really make a different unless you happen to have an exact 275 mile trip. Either way, you'll be stopping at a halfway supercharger to stay in optimal charge range (15-85%).

It is true that it's very accurate. I was on a trip that predicted 22% battery on arrival, and I had 21%. The last 5-10km were mostly descending down a valley, so lot of regeneration. Thus, when I arrived, 22%, as predicted.

It's very easy to see how favorably or unfavorably Tesla's claimed range compares to competitors based on independent tests of multiple EVs in the same conditions:

https://www.youtube.com/watch?v=6LWL90paufE

https://www.youtube.com/watch?v=ynCaTDR4rDQ

https://www.youtube.com/watch?v=eFB6hsYXDiA

https://www.youtube.com/watch?v=fvwOa7TCd1E

Spoiler alert: Tesla models fare about as well, if not better, than their EV cousins, hitting around 80% of the stated range in the wild.

The obvious question is why don't you sell the car if you hate everything about it.

Sunk cost and all that

Not defending Tesla but battery range is really hard without context. Kinetic energy is velocity^2, which means moving twice the speed takes 4X the energy. They probably can get the right estimate for a destination because it knows the speed limit for the route and using that as your velocity can give you a better answer.

This is not a hard concept, and it's rather surprising that this of all things is what you have issue with.

The battery icon is Miles of rated range, where "rated" means flat windless road at 60MPH and 70 degrees. Call it "standard" range if you will. The car has no idea where you're going so it uses the standard calculation.

When you set a destination it can now (and does) factor in elevation change, speed on given roads, wind speed, wind direction, temperature along the route, etc etc etc and is more accurate.

So your least favorite feature is one you openly admit to not using properly? If you want laser precise range estimation set a destination ffs. Or, if you're like most drivers you start every day with 200-300mi of range and unless you're going out of state you don't even think about range.

It's the same problem as displaying the battery percentage on your phone. you're more inclined to look at it, and will be more anxious when that number drops.

I wish Tesla would allow you to hide the battery percentage entirely (unless it drops below a threshold).

My EV6 reports a range that it also a loose estimate, but it seems based on recent driving behavior (ie, I was driving free and loose recently, so I may end up getting way more miles than it says, and vice versa)

Switch to %.

I know how far % will go. Very simple.

The miles is a PR stunt.

I actually got stranded once for some hours because of the mileage indicator!

Was driving back from a campsite that I turned out to not have charging compatibility with, but thought I had plenty of margin to get to the nearest charger. As I drove through the mountains however, I began noticing that a.) my battery was depleting much faster than expected and b.) I wasn't seeing any houses and very few motorists. I watched with increasing dread as the trip miles began converging with the battery miles, as my friends in the car got more and more quiet. We reached the inflection point, and the best I could do was hope we'd encounter somewhere with a plug that might be able to get us the rest of the way. Eventually though the milage indicator reached zero, and I pulled off the road to what I thought was a campsite but turned out to be a sort of rest stop with no power plugs in sight. To make matters worse I was in a mountain valley and had no phone signal, and hiking wasn't an option as it was pretty hot and we had no water. We were there for hours until I was able to flag down a nice older couple and get a ride to a place with cell signal, where I was able to get a tow truck capable of transporting my car (turns out you need one that has a full bed because of the regenerative breaking, and tesla's service doesn't have infinite coverage) to the charger I was trying to get to.

Ironically that last part was probably the most frustrating. The charging spot was full save one spot in the back, which my tow truck guy Mel couldn't get back to. No sweat I thought, I'll just try asking someone to swap, but people in their cars pretended to ignore me, and one couple leaving theirs just walked away, as I asked if they could move so we could unload my dead car. Had a sudden wave of empathy for the people I usually walk away from who ask me for spare change lol. Eventually someone left and I was able to charge and resume the 6 hour road trip home. Biggest lesson learned was that slow is fast, keep it at 60 if you want the milage meter to not die as quick.

Battery meter at the top is EPA range - ie. the official range measurement method, in basically ideal conditions.

The routefinder 'learns' from your previous driving habits. Driving style easily has a 50% impact on range between 'drives 50 mph slipstreaming behind a truck' and 'drives 90 mph and brakes aggressively at every corner'.

https://www.fueleconomy.gov/feg/browseList.jsp

Judging by this the EPA numbers it gives are accurate on average.

I had a Tesla Model 3 which was very optimistic with the range. My BMW iX3 however is quite conservative and I can usually drive longer than the display states.

I recommend tapping the battery meter to put it into percent instead of EPA miles (useless, misleading) and only estimate range using the trip planner, which is usually quite good.

Shenanigans like that is how you end up with regulations on what car can display in terms of range. This is similar to how we ended up with strict rules on MPG when purchasing.

While there are things to hate on with Tesla cars, range is not one of them. I have a Model Y and for the most part I like it. I plug it in when it needs charging. What's so hard about that? I've been on several 6000+ mile journeys across the country and never had a problem, even out west where charging is more sparse.

The thing I hate most about my car is that I spent $10K on 'Full Self Driving' and rarely use it. It totally sucks and is definitely the worst $10K I've ever spent on anything. That money could have gone to a nice vacation somewhere and I would be happy about that. But no, every time I try out the FSD, I come away disappointed.

> I have a model Y. I hate almost everything about it.

Can you tell more about this? I'm curious.

This has been my experience as well. When there's a disparity, the Energy app gives additional details why the estimate was wrong (driving speed, climate control, etc).

It's what drives me nuts about '300 miles is more than enough'.

Consider:

- batteries lose, best case, about 10-20% of max range over a typical car ownership period

- not charging to the max is very often important to not getting bad degradation, so take another 10% off

- winter can take 10-20% range off

- driving at typical speed as opposed to the alleged ratings is probably another 10-20% reduced range

- headwinds, air conditioning/heating, and other factors can remove another 10-20%.

So suddenly, some 300 mile rated range is actually 150 miles of real world range. So here in the midwest, with underinvested charging infrastructure and biiiiiiggggg states and rural density, a 400 mile range really is pretty much required for any functional long distance driving.

What does the regular display claim to represent?

Coasting on a flat surface at 35mph with a positive tailwind?

[dead]

[flagged]

> I hate almost everything about it.

By convention, you are required to phrase this as 'I love my Tesla, but...'

Shareholder disdain and lying on estimates made the stock price go up. They couldn't be happier.

I think it's also an opportunity for each of us to appreciate the frailness of the human condition. In particular, how plastic our minds our, how susceptible to 'narrative' and social pressure (particularly when connected to income) we are. I imagine those employees are pretty normal people, and they were just responding to incentives. They didn't feel they were harming anyone, and in fact were doing a good job according to their bosses. They work at a famous, respected company and surely if the bosses were wrong that would not be the case, right?

This is the utility of the cynic, the questioner, the doubter, the non-conformist. It is an uncomfortable position, at all times, but you need people among you who constantly fear being inadvertently, mindlessly immoral. Because it's a constant threat and more of a threat, I daresay, than overt evil.

Google's GCS as well, and I haven't used Microsoft, but it'd be weird if they didn't also have an 'S3 compatible' option.

Edit: I looked it up and apparently no, Azure does not have one :-/

The standing joke is that Americans love strange units of measure but this is one is so outre that it deserves an award.

https://en.m.wikipedia.org/wiki/IBM_305_RAMAC has the likely source of the error: 30M bits (using the 6 data bits but not parity), but it rented for $3k per month so you didn't have a set cost the same as buying a physical drive outright - very close to S3's model, though.

oh shoot. good catch, thanks!

Must've put a decimal point in the wrong place or something. I always do that. I always mess up some mundane detail.

As someone in this area: we very much want to make your EiB of data to feel local. It's hard and I'm sorry we only have 3.5 9's of read availability.

Some of the best HN indeed. Would love to see any links to HN posts that you think are similarly good!

It also explains some of the cost model for cloud storage. The best possible customer, from a cloud storage perspective, stores a whole lot of data but reads almost none of it. That's kind of like renting hard drives, except if you only fill some of each hard drive with the 'cold' data, you can still use the hard drive's full I/O capacity to handle the hot work. So, if you very carefully balance what sort of data is on which drive, you can keep all of the drives in use despite most of your data not being used. That's part of why storage is comparatively cheap but reads are comparatively expensive.

Unfortunately many tools in genomics (and biotech in general) still depend on local filesystems- and even if they do support S3, performance is far slower than it could be.

This is also why reorgs tend to be pretty common at large tech orgs.

They know they'll almost inevitably ship their org chart. And they'll encounter tons of process-based friction if they don't.

The solution: Change your org chart to match what you want to ship

Straight from The Mythical Man Month: Organizations which design systems are constrained to produce systems which are copies of the communication structures of these organizations.

something something Conway's law

I'll take the metaphor one step further. The architecture will, over time, inevitably change to resemble its org chart, therefore it is the job of a sufficiently senior technical lead to organize the teams in such a way that the correct architecture emerges.

I was disappointed too, this article was very light on details about the subject matter. I wasn't expecting a blue-print, but what was presented was all very hand-wavy.

In large systems (albeit smaller than S3) the way this works is that you slurp out some performance metrics from storage system to identify your hot spots and then feed that into a service that actively moves stuff around (below the namespace of the filesystem though, will be fs-dependant). You have some higher-performance disk pools at your disposal, and obviously that would be nvme storage today.

So in practice, it's likely proprietary vendor code chewing through performance data out of a proprietary storage controller and telling a worker job on a mounted filesystem client to move the hot data to the high performance disk pool. Always constantly rebalancing and moving data back out of the fast pool once it cools off. Obviously for S3 this is happening at an object level though using their own in-house code.

I don't mean this to be cynical, but I do think that it's worth acknowledging that describing the problem is also, in itself, a tool to guide people towards a solution they want. After all, people often disagree about what 'the problem' even is!

Fortunately not every problem is like this. But if you look at, say, discussions around Python's 'packaging problem' (and find people in fact describing like 6 different problems in very different ways), you can see this play out pretty nastily.

There's a saying that I'm often told, and I'm sure we've all heard it at some point 'don't bring me problems, bring me solutions'. It's such a shit comment to make.

I interpret it as if they are saying 'You plebe! I don't have time for your issues. I can't get promoted from your work if you only bring problems.'

Being able to solve the problem is being able to understand the problem and admit it exists first. <smacksMyDamnHead>

this only works if your team are made up of smart competent people.

I strongly agree with this perspective but I wish it could be generalized into techniques that work in everyday life, where there isn't already this established ranking of expertise that focuses attention on what is being said and not whether you have the clout or the authority to say it.

Because absent preestablied perceived authority or expertise, which is the context that most day to day problems surface within, holding forth and hogging the entire two-way discussion channel with your long detailed and carefully articulated description of the problem is going to make you sound like someone who wants to do all the talking and none of the work, or the kind of person who doesn't want to share in finding a solution together with others.

That section really stood out to be as well.

If Andy Warfield is reading, and I bet he is, I have a question. When developing a problem how valuable is it to sketch possible solutions? If you articulate the problem that probably springs to mind a few possible solutions. Is it worth sharing those possible solutions to help kickstart the gears for potential owners? Or is it better to focus only on the problem and let the solution space be fully green?

Additionally, anyone have further reading for this type of "very senior IC" operation?

Apache Iceberg is kind of this, but more oriented around large data lake datasets.

Most apps, however, assume POSIX-like data access. I would love to see a client-side minimally dependent library that mounts a local directory that is actually the user's S3 bucket.

You can get close with a Cognito Identity Pool that exchanges your user's keys for AWS credentials associated with an IAM role that has access to the resources you want to read/write on their behalf. Pretty standard pattern.

https://docs.aws.amazon.com/cognito/latest/developerguide/co...

edit: I think I misread your comment. I understood it as your app wanting to delegate access to a user's data to the client, but it seems like you want the user to delegate access to their own data to your app? Different use-cases.

We're building this at https://puter.com

Such a system would be amazing. It would really force companies whose products are UIs on top of S3 to compete hard because adversarial interoperability would be an ever present threat from your competitors.

It really is such a shame that all the projects that tried/are trying to create data sovereignty for users became weird crypto.

Absolutely this. I would LOVE to be able to build apps that store people's data in their own S3 bucket, billed to their own account.

Doing that right now is monumentally difficult. I built an entire CLI app just for solving the 'issue AWS credentials that can only access this specific bucket' problem, but I really don't want to have to talk my users through installing and running something like that: https://s3-credentials.readthedocs.io/en/stable/

It's just low powered hard drives that aren't turned on all the time. Nothing special.

HSM is a neat technology, and lots of ways it has been implemented over the years. But it starts with a shim to insert some other technology into the middle a typical posix filesystem. It has to tolerate the time penalty for data recovery of your favored HSM'd medium, but that's kind of the point. You can do it with a lower tier disk, tape, wax cylinder, etc. There's no reason it wouldn't be tape though, tape capacity has kept up and HPSS continues to be developed. The traditional tape library vendors still pump out robotic tape libraries.

I remember installing 20+ fully configured IBM 3494 tape libraries for AT&T in the mid-2000's. These things were 20+ frames long with dual accessors (robots) in each. The robots were able to push a dead accessor out of the way into a 'garage' and continue working in the event one of them died (and this actually worked). Someone will have to invent a cheaper medium of storage than tape before tape will ever die.

Are there any public details on how Azure or GCP do archival storage?

Glacier is a big 'keep your lips sealed' one. I'd love AWS to talk about everything there, and the entire journey it was on because it is truly fascinating.

Amazon engineer here - can confirm that Glacier transcodes all data on to the backs of the shells of the turtles that hold up the universe. Infinite storage medium, if a bit slow.

Never officially stated, but frequent leaks from insiders confirm that Glacier is based on Very Large Arrays of Wax Phonograph Records (VLAWPR) technology.

It's honestly super impressive that it's never leaked. All it takes is one engineer getting drunk and spouting off. In much higher stakes, a soldier in Massachusetts is about to go to jail for a long time for leaking national security intel on Discord to look cool to his gamer buddies. I would have expected details on Glacier to come out by now.

Glacier was originally using actual glaciers as a storage media since they have been around forever. Bu then climate change happened so they quickly shifted to tiered storage of tape and hard drives.

Blueray disks are thought to be the key: https://storagemojo.com/2014/04/25/amazons-glacier-secret-bd...

Some people disagree though. It's still an unknown.

I don't expect high salary engineers leak it, but random contractor at datacenter or supplier would eventually leak if they use special storage device other than HDD/SSD. Since we don't see any leaks, I suspect that it's based on HDD, with very long IO waitlist.

Just look at other clouds. I doubt amazon is doing anything special. At least they don't reflect any special pricing.

Personally I'd love working in that kind of environment. That one in a billion hole still itches at me. There's also a slightly-perverse little voice in my head ready with popcorn in case I'm lucky enough to watch the ensuing fallout from the first major crypto hash collision :-).

Ever see a UUID collision?

Was an SDM of a team of brand new SDEs standing up a new service. In a code review, pointed to an issue that could cause a Sev2, and the SDE pushed back 'that's like one in a million chance, at most'. Pointed out once we were dialled up to 500k TPS (which is where we needed to be at), that was 30 times a minute... 'You want to be on call that week?'. Insist on Highest Standards takes on a different meaning in that stack compared to most orgs.

James Hamilton, AWS' chief architect, wrote about this phenomena in 2017: At scale, rare events aren't rare; https://news.ycombinator.com/item?id=14038044

I think Ceph hit similar problems and they had to add more robust checksumming to the system, as relying on just tcp checksums for integrity for example was no longer enough

> daily occurrence when you're operating at S3 scale

Yeah! With S3 averaging over 100M requests per second, 1 in a billion happens every ten seconds. And it's not just S3. For example, for Prime Day 2022, DynamoDB peaked at over 105M requests per second (just for the Amazon workload): https://aws.amazon.com/blogs/aws/amazon-prime-day-2022-aws-f...

In the post, Andy also talks about Lightweight Formal Methods and the team's adoption of Rust. When even extremely low probability events are common, we need to invest in multiple layers of tooling and process around correctness.

Also worked at Amazon, saw some issues with major well known open source libraries that broke in places nobody would ever expect.

To think that when Andy's Coho Data built their first prototype on top of my abandoned Lithium [1] code base from VMware, the first thing they did was remove "all the crazy checksumming code" to not slow things down...

[1] https://dl.acm.org/doi/10.1145/1807128.1807134

Daily? A component I worked on that supported S3's Index could hit a 1 in a billion issue multiple times a minute. Thankfully we had good algorithms and hardware that is a lot more reliable these days!

Keep in mind that S3 predates IAM by several years. So part of the reason that access to buckets/keys is special is because it was already in place by the time IAM came around.

Its likely persisted since than largely since removing the old model would be a difficult taks without potentially breaking a lot of customer's setup

There was a time when S3 was getting resilient. Today it is excellent. Pepridge Farms remembers.

> There seems not much activity in the Hadoop community

There is apache ozone https://ozone.apache.org/

@dang, is it possible to get the title corrected?

I didn't notice it because I, just like a majority of internet users worldwide, do not own any Apple products and therefore I was never affected and probably never will be.

I do, however, routinely interact with websites that implement Google Analytics and/or Google ads. If those sites start rejecting my browser of choice I will most certainly be locked out of a significant portion of the internet. And the remaining 60% of all internet users would be essentially forced to accept this technology or else. That's an order of magnitude or two more users, and seems to me like a good reason to raise the alarm.

> As usual, a thousand word essay on Google's WEI without ever mentioning that Apple sailed that ship silently

The 'look! there's a bigger asshole over there' defense.

Never a winning strategy.

Personally I don't think PATs are nearly as bad as WEI. PATs just bypass CAPTCHAs while WEI will presumably lock people out of sites completely.

Clearly it should have gotten more attention.

The post states it. This is not a problem because Safari is not the leading web browser. Apple has very limited power over what they can do with it.

There are obvious benefits here. The ability to remove captchas is one, the ability to ensure that clients are running the latest updates before accessing sensitive content, etc.

But the power is too significant. If it were some small subset of positive assertions I'd be ok with this, but the ability to perform arbitrary attestation is beyond what is required and is far too abusable.

> I think this benefits the vast majority of users by allowing them to bypass captchas.

I don't think it does that. Nothing about this reduces the problem that captchas are attempting to solve.

> i could see that this tool would be abused by certain websites and prevent users from logging in if on a non standard browser, especially banks.

That's not abusing this tool. That's the very thing that this is intended to allow.

how often do normal users see CAPTCHAs these days? I seldom see one anymore.

Most captchas these days are already only there to enforce Google's monopoly. If you use and 'approved' browser and let them track you, you don't get one, browse anonymously and you can't get past. That ship has already sailed and it's already evil, anticompetitive behavior.

> Unfortunately people who have rooted phones, who use nonstandard browsers are not more than 1% of users

Depends on what you count as 'nonstandard', but various estimates put non-top 6 browser usage at between 3-12% (https://en.wikipedia.org/wiki/Usage_share_of_web_browsers#Su...) and non-Windows/macOS/iOS/Android usage at ~4% (https://en.wikipedia.org/wiki/Usage_share_of_operating_syste....) These also don't take into account traffic on older operating systems or hardware that would be incompatible with these attestations, or clients that spoof their user agent for anonymity.

In an ideal world, we would see this number grow, not shrink. It's not good for consumers if our choices dwindle to just one or two options.

  > We can not let a tyranny of 1% of users steer the ship.

> We can not let a tyranny of 1% of users steer the ship.

Normally I'd agree with you on that the tyranny of the minority is a bad thing, but sometimes the minority actually has a point and this is one of the cases where the minority is _objectively_ correct and letting the majority decide would end up in a complete dystopia. Democracy only works if everyone is informed (and able to think logically/critically, not influenced (either by force or by salary), etc.) and in this case the 99% simply do not have any clue on the effects of this being implemented (nor do they care). This entire proposal is pure orwellian shit.

WEI acts as proof that 'this is a browser', not 'this is a human'. But browsers can be automated with tools like Selenium. I'd guess that with the advent of complicated, JS-based captchas, browsers under automation are already the major battleground between serious scrapers and anti-bot tools.

I also don't understand how WEI does much to prevent a motivated user from faking requests. If you have Chrome running on your machine it's not gonna be too hard to extract a signed WEI token from its execution, one way or another, and pass that along with your Python script.

It looks like it basically gives Google another tool to constrain users' choices.

That is not controversial at all, but rather a plain fact about the short term incentives! If adoption of this technology weren't an attractor, then we'd have nothing to worry about. But the problem is the functionality of this spec, supported by the fundamental backdoor of corporate TPMs, is set up to facilitate power dynamics that inevitably result in full corporate control over everyone's computing environment.

Add one more related:

Apple already shipped attestation on the web, and we barely noticed https://news.ycombinator.com/item?id=36862494

I had one but it got flagged, ah well:

- "I don't know why this enrages folks so much." Googler re Chrome anti-feature https://news.ycombinator.com/item?id=36868888

I think that just meant some users with sufficient karma flagged it, but I was a bit confused because for a while it didn't say '[flagged]' but didn't show up in the first several pages or continue to get upvotes. Is there a delay in saying '[flagged]'?

Basically, you build up a set of cryptographically verified computing primitived (like secure enclave) that are enforced by a hardware component with baked in from the manufacturer keys. Basically it's setting up an 'owned by vendor computing channel' and baking it into the Silicon.

You won't get the chance to refuse this feature. There'll be too much money at stake for manufacturers to not retool for it. It'll be the only thing they make to sell, so take it or leave it chump.

> let's do as follows: We implement code in our websites that checks whether the user agent implements this API. If the check passes, we tell the user that their browser is not welcome and why that is.

I am sympathetic, I agree let's all do that....

...I cannot imagine any of the money people I work with agreeing

Tell that to your boss.

Also if google wants to, I'm sure they can obscure it

I asked a similar question:

Can someone send attlestation requests from the range of residential ips with such frequency that the attlestation sequence is forced to captcha users, thus defeating it? You don't need the token response back from an attlestation, so you could spoof your ip and not worry about getting a response.

>It will actually be very positive for the web overall and you'll see the benefits soon enough.

What might those benefits be? Not being snarky here, but AFAICT the only folks who gain any benefit seem to be Google and their customers (advertisers).

What am I missing here?

What are 200X and 201X internets?

If you can identify bots more accurately, you get less 'GPT SEO trash'.

I agree with the first. The second I think is missing the target. This really doesn't have anything to do with search. Instead this is Google (The largest ad seller) using it's market position (as the maker of Chrome/Chromium, the most popular browser) to prevent users from not seeing its ads on any website where they're displayed.

While I believe that the idea of splitting Search and Ads could be a game changer, how would Search become profitable without Ads, and without compromising the rank algorithm?

It's never going to be against the economic interest of search engines to show ads, they can sell spots on their front page which are always going to be valuable.

This should be against their tactical interests, because it hurts their accuracy driving away users, but absent a significantly more accurate competitor they'll get away with it for a long time.

Regarding Google search there are some hopeful signs. For one some people report Google's accuracy dropping, and Google keeps switching up its idiosyncrasies to avoid spam but in doing so they devalue the effort people put into SEO and into refining their Google-fu. These might be the same thing however.

Well, it's making me finally kick my Chrome habit. My work machine runs Firefox and it's fine, but my personal stuff is all on Chrome because it's also my password management, etc. etc.

I tried once before, when I quit working at Google and was trying to de-Google a bunch, and I never succeeded.

I plan to move everything over over the next few days. Wish me luck!

Next up: getting my photos out of Google Photos.

Well... I stopped watching Twitch after ublock stop blocking its ads, so maybe...

Fantastic point.

'The term cognitive distortions has often been used as a general umbrella term to refer to pseudo-justifications and rationalizations for their deviant behavior, and pro-criminal or offense-supporting attitudes (Maruna & Copes, 2004; Maruna & Mann, 2006; Ciardha & Gannon, 2011).' Helmond et al., Criminal Justice and Behavior, 2015, Vol. 42, No. 3, March 2015, 245-262

It seems that almost any software/website can be framed as having a legitimate benefit for users, e.g., increased convenience and/or security.^1 The more pertinent inquiry is what benefit(s) does it have for its author(s). What does it do (as opposed to 'what is it'). Let the user draw their own conclusions from the facts.

1. Arguably it could be a distortion to claim these are not mutually exclusive.

We can use web clients that do not leak excessive data that might be collected and used for advertising and tracking by so-called 'tech' companies. Google would prefer that we not use such clients. But why not. A so-called 'tech' company might frame all non-approved web clients as 'bots' and all web usage without disclosing excessive data about the computer user's setup^2 as relating to 'fraud'. It might frame all web usage as commercial in nature and thus all websites as receptacles for advertising. This 'all or nothing' thinking is a classic cognitive distortion.

2. This was the norm in the eary days of the web.

And speaking of user-hostile, locked-down phones...

a galactic irony that Ben Wiser, the Googler who posted this proposal, has a blog where his most recent post is a rant about how he's being unfairly restricted and can't freely run the software he wants on his own device.

https://benwiser.com/blog/I-just-spent-%C2%A3700-to-have-my-...

https://github.com/RupertBenWiser/Web-Environment-Integrity

This is especially rich coming from google's, who's 'safetynet' for android results in a significant reduction in security (contrary to its stated purpose): it locks out 3rd-party up-to-date and secure ROMs while allowing horrificly insecure manufacturer-provided ROMs to still pass, because to disable those would cause a massive user outcry.

That's not the case with GrapheneOS:

https://grapheneos.org/articles/attestation-compatibility-gu...

SafetyNet is deprecated anyway:

https://developer.android.com/training/safetynet/deprecation...

You're using it wrong. SafetyNet is able to assert that the build the device asserts is what it claims. After you know that, it's up to you to decide whether you trust communications from that build or not. If it's a known-insecure build, you can say that you don't. SafetyNet cannot assert that a third party ROM is what it claims to be, so you have to decide whether you trust communications from that device or not based on not knowing at all what build is on the device.

Exactly! Ironically it's a possible reduction in security on custom roms as well if one chooses to bypass it, which is trivial, but requires rooting the device.

Are you aware of any websites that have tried to implement payments, but failed or chose not to because they couldn't verify which users have paid? It's an incredibly easy problem to solve without WEI.

There is no reason that can't be done with existing web technology, WEI does not advance that use case in any meaningful way.

Why are we in debt to them? Google has become stinking rich from everything that they've done. That's payment enough.

> It won't make them cancel the feature but don't forget to remember that they aren't above anti-trust law.

They can buy government many times over with their vast resources. This may be too late for that. What ideally should happen is that corporations this big should be split until each of the new entities meet the definition of SME. That's what is broken in the current iteration of capitalism. There is no real competition any more, so it no longer works.

I can see it being useful to have a feature which could validate if another user on a website is a human. e.g: on reddit or twitter, the user you're talking to has a little checkmark (not the blue checkmark) next to their name if they've been WEI validated. Rather than refusing to let a user use the platform, just letting other users know that the person you're talking to isn't a bot

Yes, we need to protest. And I don't mean protest by slamming Google's github repositories with comments. That's not a protest. Go tell the media. Go tell your elected officials.

I also think web developers getting together like we did with SOPA/PIPA and raising awareness on our web properties can also help. How do we organize that?

Actually, absent a full chain-of-trust from boot, which I believe Android/iOS do provide, and possibly the proprietary desktop environments can provide, it should be possible to fake the 'I'm a legitimate browser' exchange. Which is what the 1% that care will do. But it sucks to have to go to deep underground 'crack' type stuff where before there was an open web. Not to mention the risk of getting hit by the banhammer if detected.

This will probably be implemented by every streaming service very quickly to try to prevent piracy (which won't work), and will only end up harming people who just want to watch on more freedom-respecting browsers or operating systems

Banks are not the target of this. If Banks do something that inhibits people with disabilities, corporate account managers with disabilities, or senior citizens, they will get skewered. They will tread carefully.

Depends on the company size, really.

Large companies will invest significant resources with us to achieve AAA compliance with WCAG 2.1

Smaller companies will spend SOME additional budget to achieve AA.

Tiny companies will spend nothing until they get a demand letter.

I agree, I think a third party attribution service makes a lot of sense, similar to how https has trusted CAs there could be different trusted attributors that can verify that a user has some account with some kind of verification, and these pluggable attributors could then be trusted by sites. You'd still need to integrate with a trusted authenticator, which some people might find objectionable, but it's probably better than the current proposal in that regard.

This of course only covers half of the use cases discussed (the half about preventing bots, not to say anything about the more DRM-ey aspects).

A concern is that websites vital to people's lives, such as banks and government services, will adopt this to mimic the control they have on mobile platforms. With few brick-and-mortar branches remaining, it leaves few options open.

>Why does everything need to be secure now?

>I can understand shopping. And reporters of hot news. But why everything?

So Google can capture more ad revenue by refusing to 'attest' clients who run ad blockers?

And so other attestors can dictate the 'approved' software that can be used.

What could go wrong? /s

The usual argument is that vanilla HTTP makes it possible for a man-in-the-middle (your ISP, presumably?) to tamper with data payloads before they're delivered.

Requiring HTTPS means you require clients to have up-to-date TLS certificates and implementations. This provides a ratchet that slowly makes it harder and harder to use old computers and old software to access the web. Forced obsolescence and churn is highly desirable for anybody who controls the new standards, including Google.

> Why does my http site, which has nothing important on it at all, get flagged by chrome as 'insecure'?

Because an attacker can inject JavaScript code on it, and use it to attack other sites. The most famous example of that is 'Great Cannon', which used a MITM attack on http sites to inject JavaScript code which did a distributed denial of service attack on GitHub. Other possibilities include injecting code which uses a browser vulnerability to install malware on the computer of whoever accesses your site (a 'watering hole' attack), without having to invade your site first.

It's insecure because someone on path (or actually off-path but harder) could replace the contents of your website with whatever they want, including taking payments 'on your behalf' and then just pocketing them. The main original point of HTTPS, and why I assume it does not use starttls or similar, is so people in the late 1990s and early 2000s could figure out what websites they were allowed to put their credit card numbers into.

Google can just down-rank sites that don't implement this API. Voila, full adoption across the entire web and unapproved browsers are shut out.

> This is true of any contentious browser feature.

Makes me recall Flash.

Once was a time when very large parts of the web were dark to me because I would not install Flash

Not an exact comparison, but we've been (near) here beforehand

Well hold on. The problem with attestation is you're damned if you do and damned if you don't.

If you use a browser which supports attestation you will be denied service by companies who disapprove of what you run on your computer.

If you don't use a browser which supports attestation you will be denied service by companies who disapprove of what you run on your computer.

So everyone loses. If this goes live everyone in the world loses.

It is an utterly heinous proposal. It is perhaps the worst thing Google has ever produced. I use Firefox and will never use any browser that implements attestation, even if I have to stop using most of the WWW one day.

But unfortunately individual action is not going to be enough here, because no matter what you do, you lose.

This change is about what's best for advertisers and publishers, not customers.

This point in the blog post saddens me. Chrome's market share is huge, but Chrome is not ubiquitous. There was public outcry when Google was suspected of making youtube have 'bugs' on non-Chromium browsers - having them just straight up disable services for more than a third of users would result in an actual shitstorm, more than any of us could hope to drum up with an explanation of why this change is bad.

It would also drive the point home to the very same legislators that the author is deferring to.

If browsers now start pre-emptively folding, Google just straight up won. It's great that the Vivaldi team is against this change, but a blog post and hoping for regulation just won't cut it. You have actual leverage here, use it.

> If your only hope of not going along with this is having the EU come in and slapping Google's wrist, I'm concerned that you aren't willing to take a hard stance on your own.

I take umbridge at this implication. When a monopoly like Google takes anti-competitive actions it's not fair or just to expect individuals to stand up to it. Governments exist to counter anti-competitive behavior like this and governments have been doing a terrible job chopping down companies with too much vertical integration lately.

Since Google also controls the most popular search engine and ad network, they can exert very significant pressure on web developers by refusing to place ads or drive traffic to websites that don't comply.

I already block all ads so I'm obviously not totally sympathetic to developers who make decisions based on what will maximize ad revenue, but it still is not fair to put the burden on developers here and say 'it's your choice, just say no'.

Can't they just return random number for attestation each time.

Google has been beat-down before trying to do these kinds of things. 2 ones I can think of:

1) FLoC: https://www.theverge.com/2022/1/25/22900567/google-floc-aban...

2) Dart: Google wanted this to replace javascript, but Mozilla and MS both said no way, as they had no part in it. So that project ended up dying.

Google tries lots of things. Mozilla, MS, and Apple are still strong enough (especially outside the US) to push back on things that they think are a bad idea.

> Choosing not to implement it means your users will sometimes be presented with a worse UX if a website's developers decide to require that feature.

I think this makes a category error. Most browser features/APIs are indeed treated as progressive enhancements by web developers, at least until an overwhelming number of the users have access to that feature. And even then, even if the developer makes assumptions that the feature/API is present, often the result is a degraded experience rather than an all-out broken experience.

The same is not true of web attestation. If a website requires it and a browser refuses to implement it, in at least some cases (probably a concerningly high number of cases though) the result will be that the user is entirely locked out of using that website.

It's also worth noting that _even if_ Vivaldi implements WEI, there's a solid chance that the attestation authority (Google, Microsoft, Apple) or possibly the website itself[1] will not accept it as a valid environment at all! After all, what makes Vivaldi not a 'malicious or automated environment' in their eyes? What if Vivaldi allows full ad blocking extensions? User automation/scripting? Or any example of too much freedom to the user. Will the attestation authority decide that it is not worthy of being an acceptable environment?

[1] if this ends up spiralling out of control by allowing the full attestation chain to be inspected by the website

>But as a software creator, it's up to you to determine what is best for your customers.

Absolutely zero large web properties do anything based on what's best for users. If this gains traction, Google will simply deny adsense payments for impressions from an 'untrusted' page, and thus all the large players that show ads for revenue will immediately implement WEI without giving a single flying shit about the users, as they always have and always will.

The author should have asked 'Can we just implement it then?' because in some cases you literally can't implement the proposed API. That's the core issue with it. Unlike other contentious browser features, even if you wanted to implement attestation, it may be impossible to do so. More precisely, attestation may be impossible to implement on some platforms to the de facto standard that would develop over time. The de facto standard I refer to is the list of attestors web servers will accept. If your platform can't be attested by an approved attestor, you're screwed. That's why it's not that simple this time. The proposed attestation API is literally unimplementable in general. You can't implement it and you can't not implement it.

> If your only hope of not going along with this is having the EU come in and slapping Google's wrist, I'm concerned that you aren't willing to take a hard stance on your own.

This is indeed concerning. I'd like to see Brave's response to this, and we already know how Firefox has responded.

Someone argued yesterday that in instances like this users are choosing what to use of their own free will. At the micro scale sure, at the macro scale I disagree. Users want their shit to work and if you play these shenanigans it's less of a choice and more of a ransom.

Insects in a swarm can choose where to go but they can't choose where the swarm goes.

What sets WEI apart is that it, in a way, exerts power over your choice on how to implement other web features, for example whether you're allowed to block elements, or even just show a developer console.

Other than Encrypted Media Extensions (and these are much more constrained than WEI!), I don't know of any other web standard that does that.

It will, but curl and others will likely simply be upgraded with a puppeteer of sorts that plugs into your chrome runtime. So this will have prevented nothing (except force not technical users to adopt chrome and thus kill all new browser incumbents, offering the chance to force feed even more google ads)

Yes it will

Yes and no.

The attestation API will allow websites to verify certain things about the user agent which they then may use to either deny access or alter the access for the requested resource. This is similar to existing methods of checking the 'User-Agent' header string but is much more robust to tampering because it can rely on a full-chain of trust from the owning website.

So will existing tools work with this?

Websites that do not require attestation should work fine. This will probably be the vast majority of websites.

Websites that require attestation may or may not work depending on the results of the attestation. Since programs like curl do not currently provide a mechanism to perform attestation, they will indicate a failure. If the website is configured to disallow failed attestation attempts, then tools like curl will no longer be able to access the same resources that user agents that pass attestation can.

My opinion is that it is likely that attestation will be used for any website where there is a large media presence (copyright/drm), large data presence (resource utilization/streams), high security, or any large company that is willing to completely segment its web resources into attested and non-attested versions. Tools like curl will no longer work with these sites until either a suitable attestation system is added to them, or the company changes its attestation policy.

> Remember when Apple killed Flash? I heard it was because they wanted people to use their app store more instead of us playing games in the browser, so they could make more money.

Even without the incentive of "moar profit$" they never entertained Flash because fundamentally, it sucked. When it landed in Android, it was a bloated mess that sucked the battery dry and was slow as molasses. On every platform it existed on, it was a usability and security nightmare. No, Apple "killed" Flash by making a sane decision not to allow it in their fledgling platform because Flash outright sucked, informed largely by the abhorrent performance on all platforms.

> And Microsoft installing IE and setting it as the default browser?

SMH. There was never an issue with Microsoft providing IE as a default initially - that came later with the EU. The biggest issue was that if an OEM (a Dell or an HP) struck a deal with Netscape to provide that as default, Microsoft threatened to remove the OEMs license to distribute Windows. In the late '90s and early '00s that would have been the death knell of an OEM. And that is the anti-trust part. They abused the position as the number 1 desktop os ( by a significant margin) to take control of the then nascent browser market.

> Remember when Apple killed Flash? I heard it was because they wanted people to use their app store more instead of us playing games in the browser, so they could make more money

The original iPhone which killed flash didn't even ship with the App Store. They assumed we'd only be using web apps.

It's in the original Steve Jobs presentation when he announced the iPhone.

> Remember when Apple killed Flash?

Yes. Every SECOPS person let out a collective sigh of relief when the weekly p0 patches for flash stopped coming. Apple may have been trying to push towards 'native' apps but that was almost certainly secondary; safari was leading the way on html5 APIs.

Let's not pretend that the death of Flash was a tragedy.

SSL is in practice only used for server certificates. It was kinda shit and a lot of people complained because of CAs but then we got let's encrypt etc which alleviated the situation. And the identity is only tied to domain control, unlike eg code signing certs which are orders of magnitude more invasive and frankly a racket.

In either case, WEI has the potential to be proper DRM, like in the "approved devices" fashion. It's deeply invasive, and can be used to exclude any type of usage at the whim of mega corps, like screen readers, ad blocking, anti-tracking/fingerprinting, downloading copyrighted content, and anything new they can think of in the future. It's quite literally the gateway to making the web an App Store (or at best, multiple app stores).

> What's the alternative solution?

To what problem? Bots specifically or humans who want to use the web in any way they want?

If bots, then elaborate. Many bots are good, and ironically the vast majority of bot traffic comes from the very corporations that are behind this stuff. As for the really bad bots, we have IP blocklisting. For the gray/manipulative bots, sure, that's a problem. What makes you think that problem needs to be addressed with mandatory handcuffs for everyone else?

WEI is really about denying the user full control of their own device. If you give people full control of their devices, you will have bots. Do you believe eliminating bots is more important than general purpose computing?

A bot is just some computer doing what its owner wants. OP is happy because WEI will eliminate bots. OP is inconvenienced by other people using computers in ways they don't like, and wants to take control of the computer away.

As strong AI is knocking on the door, we see people wanting to take general purpose computing away. All the worst outcomes involve people losing the ability to control their own computers.

WEI is like requiring people to get their brain scanned before you let them visit your house. 'Sorry, I require a valid attestation from Google that you are a real human,' you say. Your friend now needs to drive down to the local Google® Privacy Invasion CenterTM and have all of their personal secrets exposed so Google can prove they are, in fact, not a robot. Except, oh no, Google found Linux in their brain scan! The horror! How dare they value their own freedom! Anyone who opposes spying from Chrome and/or Google Play Services is obviously a bot. Nothing to hide, nothing to fear, right? Your visitor, who is clearly not a bot, fails to obtain a valid attestation from Google. You deny them entry to your house.

You have lost an acquaintance.

SSL doesn't demand that some third party approve your software and hardware in order for it to work for you.

WEI and SSL/TLS are completely different.

TLS does not facilitate preventing you as a web site visitor from inspecting or modifying the web content served over it, e.g. by blocking ads or auto-playing videos. WEI does.

Maybe mTLS/logging in.

TLS* does not allow websites to restrict users from using the tech stack (hardware, OS, browser) that they want to use. This does.

SSL is the client verifying the server, and the client can thusly opt to skip or alter that in any way it sees fit. WEI is the reverse: the server validating the client, so the client has no choice to opt-out.

WEI won't even stop the bad bots. They will simply use 'legitimate' devices.

Yeah, sure, let's implement this dystopian nightmare technology to solve our little engineering problem.

> Anyone who's run a site knows the headache around bots. Sites that don't care about bots can simply not use WEI.

So is it a headache for all/most sites or is it not?

How would this prevent bots? It's very easy to set up a bot that's running Chrome on Android, or whatever environment is required. Bots can do whatever you tell them without complaining. This only prevents actual humans who want to use a non-mainstream browser, or use add-ons to help them browse, or use a non-mainstream operating system or device.

Anyone using a browser without this feature will end up becoming second class citizens who must jump through (extreme) hoops to use the web...

Or they're just walled off from most of the web entirely.

I use a variety of personally developed web scraper scripts. For instance, I have digital copies of every paystub. These will almost all become worthless. My retirement plan at a previous employer would not let me download monthly statements unless I did it manually... it was able to detect the Mechanize library, and responded with some creepy-assed warning against robots.

No one would go to the trouble to do that manually every month, and no one was allowed robots apparently. But at least they needed to install some specialty software somewhere to disallow it. This shit will just make it even easier for the assholes.

I also worry about tools I sometimes use for things like Selenium.

This isn't SSL.

Bots will get sophisticated.

This all seems to me that in a decade we'll be having the same discussion, with the same excuse, but eventually the proposal from big corporations will be to require plugging-in a government-issued ID card into a smartcard reader in order to access pre-approved websites with pre-approved client portals running in pre-approved machines.

WEI doesn't prevent bots. Bots would just need to script an attested browser via tools like AutoHotKey -- the only way WEI would prevent bots would be by preventing you from running the browser on an operating system without 3rd party software installed. WEI is a 2 or 3 month roadbump for bot builders.

WEI does prevent any customization.

I think your comparison to SSL is actually important, because encryption is a discrete problem with a discrete solution. But this WEI proposal is designed to detect botting, which is a cat and mouse problem without a clear end game.

...and then you get to the verification can...

Sony already owns a patent on that exact scenario from Black Mirror.

https://www.creativebloq.com/sony-tv-patent

> In it, TV viewers are only able to skip an advert by shouting the name of the brand. Yep, crying 'McDonald's!' is the only way to make the Big Mac disappear.

Companies will do the most insane, terrible things if not stopped. This will happen.

Can't wait till we've added another turtle to the stack with a full browser engine implemented in WASM running in a host browser that is mandatory for all media sites.

On android, some video ads will even pause if you pull down the notification bar.

>it's barely useful to websites since they still need the backup mechanisms to detect fraud that they have anyway.

Remember, this was never for individual websites. It's strictly a measure to protect Google's ad business.

The attestation is about the device, not the website.

I think just from a security perspective it makes most sense for the device or os manufacturer to handle attestation for that device.

I believe he was the one who open-sourced protobufs.

Given that it's billed as a 'cerealization protocol', I always assumed it was a reference to Cap'n Crunch cereal.

Huh, that reference actually never occurred to me.

The name Cap'n Proto actually originally meant 'Capabilities and Protobufs' -- it was a capability-based RPC protocol based on Protocol Buffers. However, early on I decided I wanted to try a whole different serialization format instead. 'Proto' still makes sense, since it is a protocol, so I kept the name.

The pun 'cerealization protocol' is actually something someone else had to point out to me, but I promptly added it to the logo. :)

I don't work at Cloudflare but follow their work and occasionally work on performance sensitive projects.

If I had to guess, they looked at the landscape a bit like I do and regarded Cap'n Proto, flatbuffers, SBE, etc. as being in one category apart from other data formats like Avro, protobuf, and the like.

So once you're committed to record'ish shaped (rather than columnar like Parquet) data that has an upfront parse time of zero (nominally, there could be marshalling if you transmogrify the field values on read), the list gets pretty short.

https://capnproto.org/news/2014-06-17-capnproto-flatbuffers-... goes into some of the trade-offs here.

Cap'n Proto was originally made for https://sandstorm.io/. That work (which Kenton has presumably done at Cloudflare since he's been employed there) eventually turned into Cloudflare workers.

Another consideration: https://github.com/google/flatbuffers/issues/2#issuecomment-...

To summarize something from a little over a year after I joined there: Cloudflare was building out a way to ship logs from its edge to a central point for customer analytics and serving logs to enterprise customers. As I understood it, the primary engineer who built all of that out, Albert Strasheim, benchmarked the most likely serialization options available and found Cap'n Proto to be appreciably faster than protobuf. It had a great C++ implementation (which we could use from nginx, IIRC with some lua involved) and while the Go implementation, which we used on the consuming side, had its warts, folks were able to fix the key parts that needed attention.

Anyway. Cloudflare's always been pretty cost efficient machine wise, so it was a natural choice given the performance needs we had. In my time in the data team there, Cap'n Proto was always pretty easy to work with, and sharing proto definitions from a central schema repo worked pretty well, too. Thanks for your work, Kenton!

Here's a blog post about Cloudflare's use of Cap'n Proto in 2014, three years before I joined: https://blog.cloudflare.com/introducing-lua-capnproto-better...

To this day, Cloudflare's data pipeline (which produces logs and analytics from the edge) is largely based on Cap'n Proto serialization. I haven't personally been much involved with that project.

As for Cloudflare Workers, of course, I started the project, so I used my stuff. Probably not the justification you're looking for. :)

That said, I would argue the extreme expressiveness of Cap'n Proto's RPC protocol compared to alternatives has been a big help in implementing sandboxing in the Workers Runtime, as well as distributed systems features like Durable Objects. https://blog.cloudflare.com/introducing-workers-durable-obje...

The lead dev of Cloudflare workers is the creator of Cap'n Proto so that likely made it an easy choice

If your goal is to serialize an arbitrary Python object, Pickle is the way to go. Cap'n Proto requires you to define a schema, in Cap'n Proto schema language, for whatever you wan to serialize. It can't just take an arbitrary Python value.

I find MessagePack to be pretty great if you don't need schema. JSON serialization is unreasonably fast in V8 though and even message pack can't beat it; though it's often faster in other languages and saves on bytes.

fbthrift is still alive and kicking.

I do agree that the API required for zero-copy turns out a bit awkward, particularly on the writing side. The reading side doesn't look much different. Meanwhile zero-copy is really only a paradigm shift in certain scenarios, like when used with mmap(). For network communications it doesn't change much unless you are doing something hardcore like RDMA. I've always wanted to add an optional alternative API to Cap'n Proto that uses 'plain old C structures' (or something close to it) with one-copy serialization (just like protobuf) for the use cases where zero-copy doesn't really matter. But haven't gotten around to it yet...

That said I personally have always been much more excited about the RPC protocol than the serialization. I think the RPC protocol is actually a paradigm shift for almost any non-trivial use case.

You mean flatbuffers, not protobuf.

It has established itself as the de-facto standard, with a few other places using SBE instead.

In any case the main problems with binary serialization are:

- schemas and message version management

- delta-encoding

If you ignore these, flat binary serialization is trivial.

No library provides a good solution that covers the two points above.

I'm using Cap'N Proto in a message broker application(LcuidMQ) I'm building for serialization. It has allowed me to created client applications rather quickly. There are some quirks can be difficult to wrap your head around, but once you understand it is really solid.

There are some difference between the language libraries and documentation can be lacking around those language specific solutions. I'm hoping to add blog articles and or contribute back to the example of these repositories to help future users who want to dabble.

Check out my repo here for how I use it across Rust and Python, with Golang coming soon: https://github.com/lucidmq/lucidmq