Google’s new remote attestation scheme is every bit as terrible as its old remote attestation scheme
If you'd like an essay-formatted version of this post to read or share, here's a link to it on pluralistic.net, my surveillance-free, ad-free, tracker-free blog:
Long before "agentic AI," we had the idea that software would act as your agent on the internet. That's why the old-fashioned technical term for a browser is a "user agent." Your browser acts on your behalf to retrieve information and then show it to you, in the format you choose. It's your agent:
This is a powerful and profound idea. It is because browsers are our "agents" that we expect them to accept our directives, say, by blocking pop-ups, or by turning off autoplay sound, or by blocking commercial surveillance trackers:
https://privacybadger.org/
Your browser does all that because your browser works for you. The reason your browser can work for you is that the web is an open, standardized technology. In theory, anyone who follows the standards published by the World Wide Web Consortium (W3C) can make a browser, and that web browser can connect to any web server. Browsers and servers are interoperable. It's the same force that means you can put anyone's gas in your gas-tank, or anyone's shoelaces in your shoes, or anyone's milk on your cereal.
But what if manufacturers could dictate those choices to you? What if your light socket refused to use a lightbulb unless it was officially blessed by the socket's manufacturer? What if your dishwasher refused to wash your dishes unless you bought them from one of the manufacturer's "dish partners"? What if your toaster refused to toast "unauthorized bread"?
It's hard to see how a company could win its market with this strategy. After all, if the dishes are really better than the competition's, you'd buy them voluntarily, without any need for law or technology to force the matter. The only reason to make a dishwasher that refuses a rival's dishes is if the manufacturer's own dishes are ugly, expensive, and/or badly made.
But once a company owns the market – once they've achieved dominance by buying out their rivals; by bribing potential competitors to stay out of their lane; and by engaging in deceptive conduct to trap key suppliers and customers – they could cement their dominance by blocking interoperability, keeping out rival dishes, milk, gas, lightbulbs, shoelaces and bread, capturing their whole market and squeezing it.
That's what Google has done, and that's what Google wants to do more of. Google's commercial behavior has been so unethical, deceptive and abusive that the company just lost three federal antitrust cases:
They cheated app vendors, ripping them off with sky-high junk fees and onerous conditions that raised prices while lowering the share of your spending that went to the companies whose products you were paying for:
They cheated advertisers, rigging the ad market to gouge businesses on ad prices and underinvesting to fight rampant ad-fraud, sucking hundreds of billions out of the productive economy for overpriced ads that no one saw:
Google wasn't always this way. The "don't be evil" company owes its very existence to the open web ecosystem. When the company started to index the web in 1998, it was playing on an open field, where any web server could talk to any "user agent," even one whose user was a startup like Google, that was making a copy of every page on the server.
For years, Google thrived on the open web, and built open technologies. Android – the mobile operating system that Google bought in 2005 – was presented as an "open" alternative to existing mobile offerings, and as the mobile market collapsed into two companies – Google and Apple – Google always presented Android as the open alternative to Apple's "walled garden."
There were always ways in which Google's "open" Android wasn't exactly open. The company engaged in illegal "tying" arrangements that forced hardware vendors and carriers to lock out versions of Android that were created by Google's competitors:
In other words, even though Google offered a mobile platform that was (mostly) technically open, they used commercial and legal strategies to choke off the market oxygen for alternative Android versions that tried to capitalize on that technical openness.
But life finds a way. The existence of an open, modifiable, tinkerer-friendly mobile operating system meant Android hackers could create alternatives to Google's (de facto) walled garden, which thrived in the cracks in that garden wall. Operating systems like CalyxOS, PureOS and Graphene offered a more private, more secure Android experience, one that was largely "de-Googled," blocking Google's relentless acquisition of your private data:
https://grapheneos.org/
And Google's data-hunger is relentless. Android exfiltrates a chunk of your personal and behavioral data every five minutes. The "resting heartbeat" of Android surveillance pulses and pulses, irrespective of whether you're using your device, and the instant you unlock your screen, that heartbeat quickens, sending even more data to the company:
All that data has proved irresistible to authoritarian governments. Donald Trump's enforcers have seized on Google data as a vital source of information about the identity of protesters and the location of migrants hunted by ICE:
So there are plenty of reasons why users would seek out these de-Googled alternatives to Android, finding them in spite of Google's illegal commercial tactics to block access to competing technologies. The worse it got, the better those alternatives looked.
Perhaps this explains Google's years-long effort to increase the technical barriers to using modified versions of Android, beefing these up to match the commercial restrictions that stand in the way of a de-Googled existence.
Back in 2023, Google floated the idea of "Web Environment Integrity" (WEI), a set of modifications to web standards that would force your computer to disclose its operating environment to the web servers it connected to, even if you objected to this disclosure:
WEI was a form of "remote attestation." That's when your device uses a sub-processor (sometimes called a "Technical Protection Module" or "TPM") or a walled off part of its main processor (sometimes called a "secure enclave") to produce a cryptographically signed description of your device and its configuration: which hardware, software, plug-ins and settings you're running.
When you connect to a server, it demands that your device send this "attestation" before it handles your request. If your device won't provide this data, or if the server doesn't like (or recognize) your device and its details, it can refuse to deal with you. And because the attestation is prepared by a TPM or a secure enclave that you can't modify or override, you don't get to decide which facts about your device it's allowed to see.
Practically speaking, this means that remote attestation lets a server refuse to deal with you until you turn off your ad-blocker and your tracker-blocker. It means that the server can discriminate against users who block auto-play sound and video, who block pop-ups, who put the tab in the background when it's playing a mandatory pre-roll ad.
WEI was especially disturbing in light of Google's efforts to kill ad-blockers and privacy blockers through updates to Chrome, an effort that continues to this day:
These blockers are an important part of the dynamic between web publishers and their users. In the real world, when you get an offer, you can make a counter-offer. That's all an ad-blocker is: a way for users to respond to a server whose opening bid is, "How about you give me all your data and let me take over your computer in exchange for showing you this page?" with "How about 'Nah?'"
We didn't get rid of pop-up ads by making them illegal, or by boycotting advertisers who used them. We got rid of pop-up ads when web users installed pop-up blockers, which made pop-up ads pointless. Take away our ability to block obnoxious digital content and you guarantee that we will be flooded with it.
These kinds of modifications aren't just used to block ads – they're also key to accessibility. People who have photosensitive epilepsy or who (like me) suffer from low-contrast vision problems use add-ons to reformat pages so that we can safely and legibly access them.
WEI's creators said they were only trying to put the web on a level playing field with apps, which routinely rat you out to the companies you connect to. Apps are a source of bottomless enshittification, not least because (unlike the web), they enjoy special, dangerous legal protections that make it very legally risky to modify them:
WEI wasn't an effort to level the playing field between apps and the web – it was a race to the bottom, an attempt to make the web as enshittogenic as the app hellscape.
Public outrage to WEI killed the project, but Google's commitment to augmenting its illegal commercial lockdown efforts with technical lockdowns never ended. Now, Google has rolled out an experimental "reCAPTCHA Mobile Verification" that uses an app, your camera, and your device's TPM or secure enclave to produce an attestation about your Android device:
This will make it much easier for the apps and other services you interact with to block your device if you run an Android alternative, or if you install a mod that overrides the actions of Google's stock Android:
This is a terrible idea – it's every bit as bad as WEI was. In an age in which Big Tech is ever-more tied to authoritarian governments, redesigning our devices to tell strangers things we don't want them to know isn't just shortsighted, it's inexcusable.
Tl;dr: Google provides the grand majority of CAPTCHA services to the web. Now they're experimenting with a CAPTCHA type that's a QR code you have to scan with an iPhone or Android phone. This would make it impossible to use any CAPTCHA-protected website unless you have an iPhone or Android phone.
I designed the QUILTBAG Sun flag a couple weeks ago for my button pins because the rectangular designs descended from the Progress Pride Flag don’t work as circles.
(Anyone can use the design, a just only have the pin blank on hand to show it.)
“...A lone woman could, if she spun in almost every spare minute of her day, on her own keep a small family clothed in minimum comfort (and we know they did that). Adding a second spinner – even if they were less efficient (like a young girl just learning the craft or an older woman who has lost some dexterity in her hands) could push the household further into the ‘comfort’ margin, and we have to imagine that most of that added textile production would be consumed by the family (because people like having nice clothes!).
At the same time, that rate of production is high enough that a household which found itself bereft of (male) farmers (for instance due to a draft or military mortality) might well be able to patch the temporary hole in the family finances by dropping its textile consumption down to that minimum and selling or trading away the excess, for which there seems to have always been demand. ...Consequently, the line between women spinning for their own household and women spinning for the market often must have been merely a function of the financial situation of the family and the balance of clothing requirements to spinners in the household unit (much the same way agricultural surplus functioned).
Moreover, spinning absolutely dominates production time (again, around 85% of all of the labor-time, a ratio that the spinning wheel and the horizontal loom together don’t really change). This is actually quite handy, in a way, as we’ll see, because spinning (at least with a distaff) could be a mobile activity; a spinner could carry their spindle and distaff with them and set up almost anywhere, making use of small scraps of time here or there.
On the flip side, the labor demands here are high enough prior to the advent of better spinning and weaving technology in the Late Middle Ages (read: the spinning wheel, which is the truly revolutionary labor-saving device here) that most women would be spinning functionally all of the time, a constant background activity begun and carried out whenever they weren’t required to be actively moving around in order to fulfill a very real subsistence need for clothing in climates that humans are not particularly well adapted to naturally. The work of the spinner was every bit as important for maintaining the household as the work of the farmer and frankly students of history ought to see the two jobs as necessary and equal mirrors of each other.
At the same time, just as all farmers were not free, so all spinners were not free. It is abundantly clear that among the many tasks assigned to enslaved women within ancient households. Xenophon lists training the enslaved women of the household in wool-working as one of the duties of a good wife (Xen. Oik. 7.41). ...Columella also emphasizes that the vilica ought to be continually rotating between the spinners, weavers, cooks, cowsheds, pens and sickrooms, making use of the mobility that the distaff offered while her enslaved husband was out in the fields supervising the agricultural labor (of course, as with the bit of Xenophon above, the same sort of behavior would have been expected of the free wife as mistress of her own household).
...Consequently spinning and weaving were tasks that might be shared between both relatively elite women and far poorer and even enslaved women, though we should be sure not to take this too far. Doubtless it was a rather more pleasant experience to be the wealthy woman supervising enslaved or hired hands working wool in a large household than it was to be one of those enslaved women, or the wife of a very poor farmer desperately spinning to keep the farm afloat and the family fed. The poor woman spinner – who spins because she lacks a male wage-earner to support her – is a fixture of late medieval and early modern European society and (as J.S. Lee’s wage data makes clear; spinners were not paid well) must have also had quite a rough time of things.
It is difficult to overstate the importance of household textile production in the shaping of pre-modern gender roles. It infiltrates our language even today; a matrilineal line in a family is sometimes called a ‘distaff line,’ the female half of a male-female gendered pair is sometimes the ‘distaff counterpart’ for the same reason. Women who do not marry are sometimes still called ‘spinsters’ on the assumption that an unmarried woman would have to support herself by spinning and selling yarn (I’m not endorsing these usages, merely noting they exist).
E.W. Barber (Women’s Work, 29-41) suggests that this division of labor, which holds across a wide variety of societies was a product of the demands of the one necessarily gendered task in pre-modern societies: child-rearing. Barber notes that tasks compatible with the demands of keeping track of small children are those which do not require total attention (at least when full proficiency is reached; spinning is not exactly an easy task, but a skilled spinner can very easily spin while watching someone else and talking to a third person), can easily be interrupted, is not dangerous, can be easily moved, but do not require travel far from home; as Barber is quick to note, producing textiles (and spinning in particular) fill all of these requirements perfectly and that “the only other occupation that fits the criteria even half so well is that of preparing the daily food” which of course was also a female-gendered activity in most ancient societies. Barber thus essentially argues that it was the close coincidence of the demands of textile-production and child-rearing which led to the dominant paradigm where this work was ‘women’s work’ as per her title.
(There is some irony that while the men of patriarchal societies of antiquity – which is to say effectively all of the societies of antiquity – tended to see the gendered division of labor as a consequence of male superiority, it is in fact male incapability, particularly the male inability to nurse an infant, which structured the gendered division of labor in pre-modern societies, until the steady march of technology rendered the division itself obsolete. Also, and Barber points this out, citing Judith Brown, we should see this is a question about ability rather than reliance, just as some men did spin, weave and sew (again, often in a commercial capacity), so too did some women farm, gather or hunt. It is only the very rare and quite stupid person who will starve or freeze merely to adhere to gender roles and even then gender roles were often much more plastic in practice than stereotypes make them seem.)
Spinning became a central motif in many societies for ideal womanhood. Of course one foot of the fundament of Greek literature stands on the Odyssey, where Penelope’s defining act of arete is the clever weaving and unweaving of a burial shroud to deceive the suitors, but examples do not stop there. Lucretia, one of the key figures in the Roman legends concerning the foundation of the Republic, is marked out as outstanding among women because, when a group of aristocrats sneak home to try to settle a bet over who has the best wife, she is patiently spinning late into the night (with the enslaved women of her house working around her; often they get translated as ‘maids’ in a bit of bowdlerization. Any time you see ‘maids’ in the translation of a Greek or Roman text referring to household workers, it is usually quite safe to assume they are enslaved women) while the other women are out drinking (Liv. 1.57). This display of virtue causes the prince Sextus Tarquinius to form designs on Lucretia (which, being virtuous, she refuses), setting in motion the chain of crime and vengeance which will overthrow Rome’s monarchy. The purpose of Lucretia’s wool-working in the story is to establish her supreme virtue as the perfect aristocratic wife.
...For myself, I find that students can fairly readily understand the centrality of farming in everyday life in the pre-modern world, but are slower to grasp spinning and weaving (often tacitly assuming that women were effectively idle, or generically ‘homemaking’ in ways that precluded production). And students cannot be faulted for this – they generally aren’t confronted with this reality in classes or in popular culture. ...Even more than farming or blacksmithing, this is an economic and household activity that is rendered invisible in the popular imagination of the past, even as (as you can see from the artwork in this post) it was a dominant visual motif for representing the work of women for centuries.”
- Bret Devereaux, “Clothing, How Did They Make It? Part III: Spin Me Right Round…”
If I may tag onto this: it's really astonishing how much spinning you can get done when you do it in tiny increments. When I'm at a medieval market or music festival (back when that was... a thing), I carry my spindle everywhere and just spin a tiny little bit, constantly. Waiting in line for food. Sitting somewhere waiting for the next band to play, in the early morning when nobody's up yet. I can get through 100 gr of fibre in a day like this without consciously dedicating any extended time periods to it (and I'm not the best with a drop spindle). I would imagine that is roughly the way it worked in pre-modern cultures, too, which means that yes, it was possible to supply the fabric for an entire household this way, if the fabric was also taken care of properly (mended, re-used, recycled ...) and the spinner didn't suffer from illness or had any disabilities (!). It wouldn't be easy, but it also wouldn't be terrifying back-breaking labour.
I would like to amend the above: spinning all day every day in order to keep your family afloat must absolutely have been terrifying back-breaking labour eventually. Or wrist-breaking.
In unrelated news, last year I got a repetitive strain injury from too much spinning, and had never been so grateful in my life that I can simply stop spinning and suffer no financial hardship from it.
In September 1942, a single Japanese floatplane lifted off from a submarine off the coast of Oregon. In the cockpit sat Chief Warrant Officer Nobuo Fujita, carrying two 170-pound incendiary bombs and a 400-year-old samurai sword beside him in the cramped space.
His mission?
Drop the bombs over the forests of the Pacific Northwest, start a massive firestorm, and force the U.S. military to pull vital resources away from the Pacific theater.
Fujita released his bombs over Brookings, Oregon. But the mission failed. Recent rain had soaked the forest, and alert park rangers put out the small fires almost immediately. The war continued, and the strange, isolated attack slowly slipped into the margins of history.
Until 20 years later.
In 1962, a civic group in Brookings came up with an extraordinary idea. They found Fujita and invited him back as the guest of honor at their local festival.
The invitation caused national controversy and split the town. But the deepest conflict was inside Fujita himself. Deeply ashamed of what he had done during the war, Fujita accepted the invitation with a dark private promise. He packed his family’s ancient samurai sword in his luggage. Later, he admitted that if the Americans put him on trial for war crimes or publicly humiliated him, he planned to use the sword to commit seppuku, ritual suicide, right there.
But when he stepped off the plane, he was met not with hatred, but with handshakes, applause, and a town offering real forgiveness.
Overwhelmed by the mercy of the people he had once attacked, Fujita stepped to the podium and did something no one forgot. He knelt and gave the town his most treasured possession, his family’s 400-year-old samurai sword, as a lasting promise of peace.
For the rest of his life, Fujita helped fund student exchange programs between Japan and Oregon. He even returned to the exact place he had bombed and planted a redwood “peace tree.” When he died in 1997, Brookings named him an honorary citizen, and his daughter later returned to the forest to scatter some of his ashes on the land he had once tried to burn.
Today, that 400-year-old sword is displayed inside the Brookings Public Library, not as a trophy of war, but as a masterpiece of peace.
Why not just use a real picture of Fujita, which this AI(?) is seemingly copying? Or it's a very enhanced and edited photograph.
(Photo source)
The other details of the story are real, there are a lot of articles in legitimate sources about Nobua Fujita. It's a touching story of international reconciliation and friendship.
I hate when pop history social media has to juice up a story with an AI image.
Hey you know what's super funny about the idea of "good bi rep"?
For a character to be canonically bi you have to make sure and establish that they're attracted to multiple genders. Not all mediums allow you to get inside every character's head or show what they're thinking. Flirting can be read ambiguously, and god forbid they flirt with a character who's not into them and be read as pushy or predatory. So it can be super handy to just mention an ex or two! But you better not mention too many exes because that would make them a slutty bisexual which is (checks notes) bad, and you definitely better be careful about making them poly, because that might make them, uh... greedy. Oh, and those exes? They better be perfectly amiable breakups with no conflict or drama, because it's bad to represent queer people in toxic or abusive relationships (especially queer women! very bad), and you definitely can't have them have lost a partner if the partner was queer because that's "bury your gays..." You should probably also eliminate all trauma from their backstory, just to be safe. You should probably also make sure they're not involved in crime, deception, or anything of the sort, because that would make them "deviant" and a stereotype.
But don't worry! Once you've carefully crafted your nice, monogamous, experienced-but-not-too-experienced Lawful Good bi character, you will be rewarded with your audience deeming them "boring" and quickly passing them over for other characters. :)
love how the gay couple from Sesame Street and the gay couple from the Muppets have opposite relationship dynamics, while both somehow embodying the Romantic Ideal
everyone is sayin "Bert, obviously" but I think there's a 15% chance Statler and Waldorf would recognize him as a baby fellow hater and adopt him on sight
#agreed with the last point#statler and waldorf would love him#and ernie would be thrilled bert made some new friends#this would be an all-around win for everyone imo
— @clevermanka is too accurate to leave in the tags
I'm really enjoying Ladies, Wives and Women: British Army Wives in the Revolutionary and Napoleonic Wars 1793-1815 by David Clammer, a little over half-way through. Chapter 3, "Before the Mast," addresses women on troop transport ships and other Royal Navy vessels, and my goodness there were a lot of them. I already knew this, because of my familiarity with Captain Marryat's works—I even compiled a Google doc of references to women aboard ships in Marryat's novels.
Of course women were a small fraction of the total number of people aboard a ship: Clammer gives the example of one troopship carrying an entire battalion of 1,200 men "and about 100 women." Yes, the great majority of the ship's company was male, but ONE HUNDRED WOMEN! People have some nerve pretending that warships (and merchant ships) were all-male affairs. I really think that "women are bad luck aboard ship" is a more modern invention.
Like many other marginalized groups, it's easy to erase and ignore the substantial numbers of women who accompanied their husbands to war in the late 18th and early 19th centuries. The women weren't fighting (with rare exception), and they were officially discouraged. You catch glimpses of them here and there in primary sources, which Clammer does an excellent job compiling.
I find myself comparing the conditions that soldiers (and their wives) experienced in Napoleonic Europe to what I know of North America during the War of 1812 era. I had assumed that Europe would be less rough, with more towns and villages and farms and better logistics, but it seems like the troops were still starving and clothed in rags. The women also raided corpses on the battlefield for clothing and shoes; one officer described a group of wives with "many dressed in soldiers' jackets, battered bonnets, and faded ribbons, with dishevelled locks hanging over their weather-beaten features."
I WAS FUCKING WONDERING WHAT THOSE DIGITAL PRICE TAGS WERE ABOUT SUDDENLY i had hoped they were so the workers didn't have to finagle those little papers into the slider part anymore 😭
Hi, yes, that is the OFFICIAL excuse made to me by the guy replacing the paper tags with digital ones at my local Walmart, but the end goal is to remove the numbers off the shelf entirely, replacing them with QR codes that you have to scan with the app…. Which requires your login information….. and also stores your card information so even if you didn’t use your Walmart account at the physical checkout, if you used a card they recognize, they assign that purchase to your Walmart account purchase history.
I explained very clearly to the manager my issue with the meat section not having the price tags listed, and they claimed it was only going to be for the meat, since meat is by weight, and the price of each item is printed on the packs of each item.
Sure. That’s how they get their foot in the door. Fast forward not even two weeks, and here we are:
Bar codes. No prices, no item descriptions. No price stickers on the individual items. Heck, not even the name of the item that is SUPPOSED to be there.
No. The only way to see the price is to scan it on your phone app, which is also recording what you looked at recently, as a way of gauging what you might be looking for in the future.
So here’s what we’re gonna do gang:
Every time you go into a store that has implemented these price-less tags:
Take 1-3 items up to the cash register. Ask the cashier for the price, or hit the price check item on the self checkout, which will likely call over the attendant.
Express that you didn’t actually want it, you just couldn’t see on the shelf how much it was.
POLITELY, AND WITH A THANK YOU FOR THE PRICE CONFIRMATION, Give the items to the cashier or attendant to put back.
When they inevitably try to push the app, politely decline. If pressed for why not, say you don’t want to have to carry your phone in-hand the whole time you are shopping in order to see how much things cost. (Not having cell service or data to use the app is NOT a valid excuse, as stores already often have complimentary WiFi AND more stores will provide WiFi rather than give up on this push for surveillance pricing)
If it’s a shelf-stable item, the cashier will have to set it aside, taking up room in their limited operating space, and eventually pass it off to someone to put in a holding area to put back later. If it’s a fridge/freezer item, it might have to get tossed due to food product sale regulations.
In either case, you are making it a pain in the ass for them to have these digital bar codes. Tie up the checkouts. Give the employees more busywork that the company has to pay them to do. Hurt their bottom line having to toss the pint of ice cream you carried around in your cart for 20 minutes before giving it back to the cashier.
Yes, call your reps. Yes, push for more legislation like this in more places. But also take an extra minute out of your shopping trip to MAKE IT HURT for companies to pull this shit.
I've seen some people in the notes express (very fair) concern that this is only going to inconvenience already under-paid laborers, and not have any impact on corporate. While I can't speak for every company or every store, I do work in a grocery store and I can tell you this is precisely the kind of thing that would have an impact, especially if people are doing it en masse. Stores absolutely track their shrink numbers, and they do draw distinctions between what gets stolen, damaged, or wasted for other reasons. If people are making it clear that the reason they're bringing things to the cashier is that the prices are not adequately represented on the displays, and rather than improving business it's wasting product, slowing down transactions, and causing confusion and mistrust in customers, that is a language that shareholders speak.
