GNU social JP
  • FAQ
  • Login
GNU social JPは日本のGNU socialサーバーです。
Usage/ToS/admin/test/Pleroma FE
  • Public

    • Public
    • Network
    • Groups
    • Featured
    • Popular
    • People

Conversation

Notices

  1. Embed this notice
    Dan Gillmor (dangillmor@mastodon.social)'s status on Wednesday, 03-Sep-2025 10:34:00 JST Dan Gillmor Dan Gillmor

    The federal judge let Google off the hook in the antitrust case that the company supposedly lost. He said no to any serious remedy. And he indirectly killed Mozilla (Firefox and Thunderbird).

    A good day for Google, and a terrible day for what's left of the open web.

    https://arstechnica.com/gadgets/2025/09/google-wont-have-to-sell-chrome-judge-rules/

    In conversation about 10 months ago from mastodon.social permalink
    • Embed this notice
      Rich Felker (dalias@hachyderm.io)'s status on Wednesday, 03-Sep-2025 10:34:00 JST Rich Felker Rich Felker
      in reply to

      @dangillmor I think this is probably a relief. Google owning Chrome is awful, but anyone else buying it is even worse. A successful antitrust action would have put *Chromium* under a foundation outside Google's control and forced them to keep shipping Chrome based on that, with no control of the upstream. Not handed it over to someone with a worse mandate to monetize.

      In conversation about 10 months ago permalink
    • Embed this notice
      Rich Felker (dalias@hachyderm.io)'s status on Wednesday, 03-Sep-2025 21:43:21 JST Rich Felker Rich Felker
      in reply to
      • ocdtrekkie
      • Matt Garber

      @ocdtrekkie @matt_garber @dangillmor In some senses you're both right. At least among the ones I've met, the Googlers working on browser security are smart and believe they're doing something good for the public, but it's one of those cases where it's hard to see what's wrong with the model you're working in when your paycheck depends on not seeing it. Google's idea of security is very much not aligned with the interests of the public, and the browser team constantly do things required of them by other parts of the company, with poor justifications they're able to convince themselves to believe, that are extremely harmful to security.

      I don't really deem them a factor tho in this question. Google's control of the browser is harmful, but anyone else who purchased it would want to get orders of magnitude more harm for the price tag they'd be paying.

      In conversation about 10 months ago permalink
    • Embed this notice
      ocdtrekkie (ocdtrekkie@mastodon.social)'s status on Wednesday, 03-Sep-2025 21:43:22 JST ocdtrekkie ocdtrekkie
      in reply to
      • Rich Felker
      • Matt Garber

      @matt_garber @dalias @dangillmor Well privacy = security, so we're already up a creek... The problem is not that Googlers aren't smart, but that they don't understand the core principles of effective security, which is almost exclusively about humans, not cryptography.

      Project Zero is a black hat group sent after companies or projects Google finds inconvenient.

      In conversation about 10 months ago permalink
    • Embed this notice
      Matt Garber (matt_garber@mastodon.sdf.org)'s status on Wednesday, 03-Sep-2025 21:43:23 JST Matt Garber Matt Garber
      in reply to
      • Rich Felker

      @dalias @dangillmor Bingo. I still trust Google’s developer and security teams on Chrome (and by extension, Chromium) far more than any of the trial balloon offers floated by “serious” suitors. Better stewardship under *OpenAI*? No thanks.

      In conversation about 10 months ago permalink
    • Embed this notice
      ocdtrekkie (ocdtrekkie@mastodon.social)'s status on Wednesday, 03-Sep-2025 21:43:23 JST ocdtrekkie ocdtrekkie
      in reply to
      • Rich Felker
      • Matt Garber

      @matt_garber @dalias @dangillmor So I have to express that if you think Google is good at security you are wrong. So wrong, I would argue Google fundamentally *doesn't understand* security. We literally straight up ban Chrome at the office.

      In conversation about 10 months ago permalink
    • Embed this notice
      Matt Garber (matt_garber@mastodon.sdf.org)'s status on Wednesday, 03-Sep-2025 21:43:23 JST Matt Garber Matt Garber
      in reply to
      • ocdtrekkie
      • Rich Felker

      @ocdtrekkie @dalias @dangillmor I’ll clarify because you’re right that Google certainly contains multitudes.

      I believe while it may not be true of everything they ship, that Google also genuinely has world-class security researchers (e.g., Project Zero), engineers on infra, Go devs, and plenty more. I also think it’s reasonable to say that Google has invested a lot in browser sandboxing and other tech over the years, relative to the other engines. Also FWIW, security != privacy wrt Google.

      In conversation about 10 months ago permalink
    • Embed this notice
      Rich Felker (dalias@hachyderm.io)'s status on Wednesday, 03-Sep-2025 22:07:53 JST Rich Felker Rich Felker
      in reply to
      • ocdtrekkie
      • Matt Garber
      • twifkak

      @ocdtrekkie @twifkak @matt_garber @dangillmor Removing EV indicator was good. EV was nothing but a vector for deceiving users.

      In conversation about 10 months ago permalink
    • Embed this notice
      ocdtrekkie (ocdtrekkie@mastodon.social)'s status on Wednesday, 03-Sep-2025 22:07:54 JST ocdtrekkie ocdtrekkie
      in reply to
      • Rich Felker
      • Matt Garber
      • twifkak

      @twifkak @matt_garber @dalias @dangillmor So specifically with Chrome, Google constantly pushes new APIs which enable malware and fingerprinting, over half of which other browsers consider actively harmful. Most of good security is disabling about half of the "features" Chrome has shoved into web browsers. Notifications API, WebUSB, etc. Meanwhile they pioneered removing the EV indicator because Google is committed itself to misunderstanding SSL security.

      In conversation about 10 months ago permalink
    • Embed this notice
      twifkak (twifkak@mas.to)'s status on Wednesday, 03-Sep-2025 22:07:55 JST twifkak twifkak
      in reply to
      • ocdtrekkie
      • Rich Felker
      • Matt Garber

      @ocdtrekkie @matt_garber @dalias @dangillmor Can you explain why you think Chrome doesn't understand security? Specific examples of failure, or a general sense, or...?

      In conversation about 10 months ago permalink

Feeds

  • Activity Streams
  • RSS 2.0
  • Atom
  • Help
  • About
  • FAQ
  • TOS
  • Privacy
  • Source
  • Version
  • Contact

GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.

Creative Commons Attribution 3.0 All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.