Apple already shipped attestation on the web, and we barely noticed

Yesterday, the sentiment on Google&#x27;s early proposal was &quot;company breakups start to make a lot of sense&quot;, &quot;Go f yourself, Google&quot;, &quot;It&#x27;s maddening and saddening&quot;, &quot;[the people involved] reputations are fully gone from this&quot;.<p>Today it turns out Apple not only proposed but implemented and shipped the actual feature last year. &quot;It could be an interesting opportunity to reboot a few long-lost dreams&quot;. &quot;I kind of get both sides here&quot;. &quot;I guess I personally come down to leaving this turned on in Safari for now, and seeing what happens&quot;. Granted, the overall sentiment is still negative but the difference in tone is stark. The reality distortion field is alive and well, folks.

This might be where the internet really gets forked, as it&#x27;s been predicted over and over since the &#x27;90s.<p>On one side, we&#x27;ll have a &quot;clean&quot;, authority-sanctioned &quot;corpweb&quot;, where everyone is ID&#x27;ed to the wazoo; on the other, a more casual &quot;greynet&quot; galaxy of porn and decentralized communities will likely emerge, once all tinkerers get pushed out of corpnet. It could be an interesting opportunity to reboot a few long-lost dreams.

Maybe I&#x27;m wrong but Web Attestation will also be a death knell for Linux devices (not Android&#x2F;Chrome OS) as far as being able to use them as equal clients to use the Web goes. They&#x27;re simply too diverse and &#x27;hackable&#x27; as a plotform for remote attestation to work reliably and thus they&#x27;ll be excluded altogether (except a few &#x27;blessed&#x27; distros that will then become industry controlled, and not Linux in spirit anymore).

&gt; <i>That said, it&#x27;s not as dangerous as the Google proposal, simply because Safari isn&#x27;t the dominant browser. Right now, Safari has around 20% market share in browsers (25% on mobile, and 15% on desktop), while Chrome is comfortably above 60% everywhere, with Chromium more generally (Brave, Edge, Opera, Samsung Internet, etc) about 10% above that.</i><p>I don&#x27;t agree, in fact I think it&#x27;s equally as bad for Apple to do it as Google. Apple has completely let us down. If Google forced it through but Apple refused, it would never be practical to enforce it. The numbers may not be as high, but they&#x27;re plenty high enough that you couldn&#x27;t cut all iDevices out. Apple and Google and Microsoft are the only three that really matter.

It looks like this can be disabled (on iOS)[1]:<p>- Go to Settings<p>- Select your user account at the top<p>- Go to &#x27;Password &amp; Security&#x27;<p>- Scroll down to Advanced and disable &#x27;Automatic Verification&#x27;<p>1. <a href="https:&#x2F;&#x2F;blog.cloudflare.com&#x2F;how-to-enable-private-access-tokens-in-ios-16-and-stop-seeing-captchas&#x2F;" rel="nofollow noreferrer">https:&#x2F;&#x2F;blog.cloudflare.com&#x2F;how-to-enable-private-access-tok...</a>

I actually noticed this (and considered blogging to myself about it) but in practice the only reason why this was not seen as an issue (IMO) is because it being implemented only on Apple platforms meant that there was no possible way you could really limit your services using it. It was just an additional thing people could use as another signal.<p>However, the Google proposal is explicitly concerned with pushing this as an always-on feature.<p>&gt; However, a holdback also has significant drawbacks. In our use cases and capabilities survey, we have identified a number of critical use cases for deterministic platform integrity attestation. These use cases currently rely on client fingerprinting. A deterministic but limited-entropy attestation would obviate the need for invasive fingerprinting here, and has the potential to usher in more privacy-positive practices in the long-term.<p>All Apple implementing it ahead of time is proof of is that anyone hoping Apple will save us is naive.

This feels like such a juicy and divisive area to me. There are an immense number of use cases where we&#x27;d like to know we&#x27;re talking to a &#x27;trusted&#x27; hardware and software stack on the web. For many years now, we have just assumed there is little to no trust in the stack, and architected and built accordingly. It adds an amazing amount of complexity and cost, limits features, and makes everything way, way harder than if you could assume a trusted stack.<p>At the same time, as is being pointed out quite vocally right now, &#x27;trusted&#x27; is a very, very difficult concept when large tech monopolies are involved.<p>On the one hand, it&#x27;s difficult because there are only a few companies in the world that can field large tech teams that deal with persistent threat actors, and therefore, it would be very <i>nice</i> to be able to trust the security promises made. And, if those promises are trustworthy, they are better promises than any individual can make for their own software and platfoms.<p>On the other hand, if you&#x27;re a hacker (in the platonic sense), &#x27;trusted&#x27; immediately codes to &#x27;monopoly-backed&#x27;, along with &#x27;probably back-doored by a local government agency&#x27; and we head one more step down the primrose path of control, lack of innovation and finally perhaps a fascistic technology future controlled by a few players.<p>Ultimately, I think the solution here can only be successful if it involves a trustable, open hardware certification technology that&#x27;s not registry based, e.g. can create strong local proofs that are independently verifiable. There are a few tech companies I know of working on this on the silicon side, but it&#x27;s a very difficult problem, and I&#x27;m not clear if there&#x27;s really enough demand to make them viable right now.<p>I guess I personally come down to leaving this turned on in Safari for now, and seeing what happens over the next year or two.

The problem with most of these systems is they can never cope with any edge cases. This means it works fine for 99% of the population but the other 1% can get stuffed.<p>It would be like having a robot deny you access to the office after work hours even though you only need to grab your car keys that you forgot. The system is designed to be secure so you can&#x27;t talk your way past a robot. If it was a human, it would be much easier to reason with them (normally!) and find a solution that works.<p>Techies gonna tech though. &quot;If there was a problem yo I&#x27;ll solve it, check out my tech while the DJ revolves it.&quot;

I kind of get both sides here. If we take the &quot;see the best of others intentions&quot; then a web that is populated by identified humans (and their authorised proxies!) is likely to be the &quot;cleanest&quot;, most ideal web space we can see (a web full of sock puppets and link farms is not ideal).<p>The clearest end point for this is some government issued digital ID that just asserts who you are, acts as a login etc.<p>You can see this as a stepping stone to there. if you squint.<p>Is it the idealism of the 70s coke to life? No. Is it some sane compromise - I think so.<p>What if we cannot trust our government ? Sorry it is pretty sure that no internet is going to solve that. That&#x27;s on the real world.

Remember AllAdvantage? That was a service around the turn of the century that showed you ads on your desktop and paid you for it. But only if you were actively using the PC. People used mouse wigglers to fake it and there was a little arms race.<p>This tech would be their wet dream. You could tell if a request is from a real browser or from a script. You could disable attestation if an untrusted driver is used (to simulate inputs) or the web browser is automated otherwise. Really disturbing tech.

Why can&#x27;t you fake remote attestation? I imagine it&#x27;s a bit more involved than swapping a user agent but is there some magic mechanism that makes it impossible to spoof?

Google&#x2F;Microsoft&#x2F;Apple essentially did this with HTTP&#x2F;3 too. None of their shipped browsers are able to connect to a non-&quot;CA TLS&quot; HTTP&#x2F;3 endpoint. To host a HTTP&#x2F;3 website visitable by a random normal person you have to get continued approval (every 3 months min) from a third party CA corporation for your website.

I think this is less invasive though. The Google proposal runs before content loaded into the DOM. Which means it can be used to do things like programmatically detect and block code injection like ad blockers.<p>PATs are purely a server side thing. They don&#x27;t give this kind of control. And don&#x27;t perform a signature over the content

Some of the takes about why attestation is bad seem purposely false because the author dislikes the feature. If attestation isn&#x27;t triggered then prior behaviour will happen (captcha etc).. this is a progressive feature.. and the point of the attestation isn&#x27;t to prove you&#x27;re using an approved device, it&#x27;s to prove a human is actually present, of which, a verified software stack is needed, otherwise the feature is useless..

Once this goes mainstream, someone will offer a service where a robot arm operates an iPhone for you and streams back the screen video. Like remote desktop into a VM, except that it&#x27;s a real device which passes all of the attestation. And it&#x27;ll be glorious for spammers to finally be counted as &quot;more human&quot; than actual humans (using Android) ...

But signing necessarily is happening on the user&#x27;s device... what is to stop brave&#x2F;etc from also signing their outgoing requests with the same key your local Chrome install is using? On a mobile device I can see how this would work but how would this ever work on (non-apple) PCs without exposing the key to anyone willing to poke around a bit?

One interesting (to me) thought is that while HNers are generally worried about what we can lose here (in the curated world) many non techies are likely to see such a bifurcation in car transport.<p>At some point soon self driving cars are going to get good enough that they can be used on many roads and cities - but I seriously doubt they will be good enough to be used in a mixed environment (pedestrians, human drivers, snow ice etc). So there will be a push to have self driving cars (convenient taxi style) on isolated roads - sort of a weird inversion of pedestrianisation. Maybe Barcelona style super blocks with only 15mph self driving cars allowed? I don&#x27;t know - but the impact will be people who used to drive their petrol manual cars around town find parts of town locked off. And it&#x27;s not anti-car it&#x27;s anti-freedom-car.<p>Just a passing thought

&gt; With Safari providing this, it can be used by some providers, but nobody can block or behave differently with unattested clients.<p>What mechanism prevents websites from blocking or behaving differently for unattested clients? The article doesn&#x27;t make that clear.<p>Also: Apple&#x27;s attestation implementation introduces an external real-time single-point-of-failure, but given that the failure mode is just &quot;show a captcha&quot;, it doesn&#x27;t seem too severe. Is it even possible to implement a broader attestation infrastructure without introducing a similar single point of failure? TLS PKI, for example, does not rely on an external &quot;live&quot; server; the private keys live on the origin.

&gt; limiting access to features or entire sites based on whether the client is approved by a trusted issuer. In practice, that will mean Apple, Microsoft &amp; Google.<p>Wait, does that mean they decide what websites I can visit? That doesn&#x27;t sound dystopic at all.

This article does a pretty good job of explaining what&#x27;s going on.<p>For non-technical folks, think of it as &quot;Papers, please!&quot; for the internet.

I have spent a lot of time working on integrating private access tokens into my project, and I believe I understand how it works. I do not agree with the article’s points on why this bad. PATs are meant to reduce browsing friction, not increase it. Now if you are trying to google something under a spammy vpn node, you get either a captcha or fully blocked. With PAT, your device can guarantee you are not a spammer, and system would let you through without captchas or timing you out. This is all it does. If your device is not capable of signing PAT, then it is supposed to just fallback to default behavior.

A possible difference between private access tokens and the web integrity proposal is the idea of “holdback” which means that for some reasons chosen at random it would fail to work, and any websites that use it would be forced to have alternative fallback mechanisms.<p>Why bother, then? This is for things like captchas and credit card risk scores. It’s useful to be able to know that some users are low risk (not a bot, not being phished) and then to have additional verification for others.<p>It’s listed under “open questions” but I think it would go a long way towards preserving an open web.

It did make me laugh in the other threads when people were saying &quot;Safari will save us!&quot;<p>Like the only chance of Apple not doing this is if they were deliberately trying to sabotage web apps.

As long as the mechanism will be open source standard and isn’t controlled by corporations AND the user browsers are in control to enable&#x2F;disable it, sure.

“Private Access Tokens are a powerful alternative that help you identify HTTP requests from legitimate devices and people without compromising their identity or personal information. We&#x27;ll show you how your app and server can take advantage of this tool to add confidence to your online transactions and preserve privacy.”<p>—- That doesn’t sound the same as what Google’s proposing. Am I wrong?

Really hard to have a normal discussion about this.<p>It&#x27;s about not seeing captchas on iOS devices. There is a lot of thought that went into the privacy of this solution, just read up on it.<p>Yet, everyone in the comments I have read so far discuss how bad it would be if a system would personally identify them while denying access to the web for users refusing to be personnally identified.<p>It&#x27;s about *captchas* not denying access, and there is no personal identification. Sure you can say &quot;I think it&#x27;s dangerous and the tech could evolve in the future into something dystopian&quot;, but don&#x27;t immediately start discussing this dystopian solution as if it was the actual proposal, that is simply disingenuous and confusing.

A lot of the push for these things come from fraud, and a lot of fraud comes from badly designed payment systems that allow more fraud in exchange for connivence. How could we reduce this fraud cost by designing a payment system that isn’t so fraud prone and reducing the economic incentive for these things to exist?

In practice we depend on attestation via federated login and a series of captchas for some indicator of humanness for services that are freely available to avoid significant abuse and attacks.<p>With captchas no longer being practical there is some need of federated attested value of a network actor?<p>Maybe there is a use for Blockchain after all :P to anonymously bucket human actions like buying something or device registration chain sourced from manufacturer or cell phone service provider in such a way that it has a short TTL and has to be regularly revalidated.<p>It need not be perfect but we are entering new territory with LLMs that can easily represent human agency short of some web of trust or signed identity mapped back to something.

Can somebody explain how this is any different to only running in a certain browser, with a certain user agent, or DRM, or with certain authentication etc? Surely it&#x27;s up to companies to choose who they want to segregate, it&#x27;s not a democracy?

Apropos of nothing, TIL some Apple iOS devices have a “Lockdown Mode” to be used in critical circumstances.<p><a href="https:&#x2F;&#x2F;support.apple.com&#x2F;en-ca&#x2F;HT212650" rel="nofollow noreferrer">https:&#x2F;&#x2F;support.apple.com&#x2F;en-ca&#x2F;HT212650</a><p>“Lockdown Mode is an optional, extreme protection that’s designed for the very few individuals who, because of who they are or what they do, might be personally targeted by some of the most sophisticated digital threats. Most people are never targeted by attacks of this nature.”<p>However evil they are, privacy&#x2F;security appears to be a case of putting their money where their mouth is. Interesting.

Oh, it&#x27;s not only on iOS [1]. It&#x27;s Android too [2].<p>1. <a href="https:&#x2F;&#x2F;developer.apple.com&#x2F;documentation&#x2F;devicecheck&#x2F;validating_apps_that_connect_to_your_server" rel="nofollow noreferrer">https:&#x2F;&#x2F;developer.apple.com&#x2F;documentation&#x2F;devicecheck&#x2F;valida...</a><p>2. <a href="https:&#x2F;&#x2F;developer.android.com&#x2F;google&#x2F;play&#x2F;integrity" rel="nofollow noreferrer">https:&#x2F;&#x2F;developer.android.com&#x2F;google&#x2F;play&#x2F;integrity</a>

<p><pre><code> This proposal amounts to attestation on the web, limiting access to features or entire sites based on whether the client is approved by a trusted issuer. In practice, that will mean Apple, Microsoft &amp; Google. </code></pre> I&#x27;m afraid that it doesn&#x27;t mean <i>Apple, Microsoft &amp; Google</i> but the ruling party of <i>governments</i>. In other words, the mix of propaganda and censorship controlled by the party. Truly dystopian.

Called it out a year ago: <a href="https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=32282305">https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=32282305</a>

Cannot attestation in Chrome be &quot;fixed&quot; by patching an attestation function so that it always returns true (even if there is an adblocker)?

I have a genuine question: why is this worse than normal captchas which the human must interact with directly? Or is any mechanism that attempts to prevent certain methods of “unattested” web access (e.g. curl or screen readers) bad for the same reasons?<p>And if the answer to the second question is “yes,” it makes me wonder why we’re even okay with (non-personal) content in the web being login-walled or pay-walled.

Which websites would be interested in this? For online shopping, not so much, if it decreases sales, it is bad for them. Social media? Perhaps, but I can go without that if it comes to that. What I fear most is access to banks, tax office and similar. I need to access that and I currently use Linux. I am not keen on switching.

The author is referring to this standard: <a href="https:&#x2F;&#x2F;privacypass.github.io&#x2F;" rel="nofollow noreferrer">https:&#x2F;&#x2F;privacypass.github.io&#x2F;</a><p>Apple uses it for its iCloud Private Relay service. The blind token is used so that Cloudflare can verify that a given device pays for iCloud Private Relay without revealing their identity.<p>Attestation is when such a blind token is proving the integrity of the software running on the device, not proving arbitrary properties. Privacy Pass could actually enable a fast, semi-decentralized system of anonymizing proxies.<p>If Apple exposed the “is System Integrity Protection enabled” bit to the web, then that amounts to attestation to me. But yes, Apple can do this whenever it wants, and companies want Apple to do it, and it’s scary. They’ve already done this for Apple Pay, Widevine and HDCP.

&gt; Attestation blocks users&#x27; control of their own devices, by design. A key goal is that users using modified software should not be attested as legitimate. I would like to be able to browse the web on my rooted Android phone please. There&#x27;s no way any fully user-modifiable OS or hardware can ever be attested in the way these proposals intend.<p>Oh so <i>that</i> shit is why I regularly run into Cloudflare issues on my rooted Android tablet. Not enough that I have to fight cat and mouse with Play Store, Netflix, Google Pay and my banking apps, but now half the Internet. Seems like they ramped up the bullshit silently at the same time for everyone on mobile but <i>not</i> on an expensive iOS device.<p>I used to respect Cloudflare. Not a single second longer. Fuck you all for being complicit.

Its flat out bad business to exclude customers period. Figure out a way to have your customers not fight in line sure, but never shorten the line unless it is absolutely necessary (ie criminal)

Interesting. Makes puppeteer and friends hard. Perhaps also makes it hard to have an alternative browser. Doesn&#x27;t sound good.

Okay, so it&#x27;s gonna upset how many users? 20% of 1% of desktop users on Linux and BSD at best?

The most important section of this article:<p>&gt; This feature is largely bad for the web and the industry generally, like all attestation (see below).<p>&gt; That said, it&#x27;s not as dangerous as the Google proposal, simply because Safari isn&#x27;t the dominant browser. Right now, Safari has around 20% market share in browsers (25% on mobile, and 15% on desktop), while Chrome is comfortably above 60% everywhere, with Chromium more generally (Brave, Edge, Opera, Samsung Internet, etc) about 10% above that.<p>&gt; With Safari providing this, it can be used by some providers, but nobody can block or behave differently with unattested clients. Similarly, Safari can&#x27;t usefully use this to tighten the screws on users - while they could refuse to attest old OS versions or browsers, it wouldn&#x27;t make a significant impact on users (they might see statistically more CAPTCHAs, but little else).<p>&gt; Chrome&#x27;s usage is a larger concern. With 70+% of web clients using Chromium, this would become a major part of the web very quickly. With both Web Environment Integrity &amp; Private Access Tokens, 90% of web clients would potentially be attested, and the &quot;oh, you&#x27;re not attested, let&#x27;s treat you suspiciously&quot; pressure could ramp up quickly.<p>----<p>It&#x27;s bad that Safari is shipping attestation, but a big reason why Safari often gets a pass on negative features that Google doesn&#x27;t get a pass on[0] is because Chrome has a 60% market share, many sites are tested only in Chrome, and Chrome&#x27;s marketshare is only likely to grow in the future once we finally get Apple to finally allow alternate browsers on iOS. In contrast, Safari&#x27;s marketshare is pretty much tied only to iOS and Mac, and they don&#x27;t even have a monopoly on Mac.<p>Like it or not, it matters more when Chrome breaks the Internet.<p>I&#x27;m not saying we should ignore Safari (we definitely shouldn&#x27;t), but if that &quot;double standard&quot; makes anyone upset, perhaps that&#x27;s a good reason to break Google up and introduce more browser diversity. If Chrome didn&#x27;t have a 60% marketshare over the entire web, it would be possible to extend more grace to the people proposing experimental features within Chrome.<p>The extra scrutiny and tougher standards, and even the lower leeway to make mistakes are partially consequences of being the dominant browser in the marketplace. I&#x27;m sorry, but the standards are higher when you&#x27;re in a position where it&#x27;s possible for you to break everything.<p>----<p>[0]: see Manifest V3, which is also based heavily on Safari&#x27;s own adblocking restrictions, which are similarly harmful to adblockers but tend to get a lot less attention.

This protocol is private because “trust me”.

what even is the reasoning they have for proposing and implementing this?

basically they are deplatforming us from the web.

Rip internet

Does Microsoft already do this with Edge,Safari, and Chrome?<p><a href="https:&#x2F;&#x2F;learn.microsoft.com&#x2F;en-us&#x2F;azure&#x2F;active-directory&#x2F;conditional-access&#x2F;concept-conditional-access-conditions#supported-browsers" rel="nofollow noreferrer">https:&#x2F;&#x2F;learn.microsoft.com&#x2F;en-us&#x2F;azure&#x2F;active-directory&#x2F;con...</a>

Paranoia has become the norm.<p>(He says from his securely anonymous account).

im gonna remove even https from my server. gotta go http in protest against this nonsense.<p>i&#x27;m already pissed off that firefox warns people that my site is unsafe for them when i dont even stick a cookie on them and yet provide useful Free software.

I am actually rooting for the web to die, so I say bring on all the competition-killing features Google can muster. It&#x27;s only in the face of an extreme and impossible choice that people will finally wake up. Giving up the entire user-facing compute ecosystem to a hypertext markup viewer has held back technological advancement for nearly two decades. Computer chips are now 4 nanometers and solid state storage is reaching the speed of RAM. But we&#x27;re still churning out platform content line-by-line, <i>by hand</i>, like digital punch cards, because apparently it&#x27;s technologically impossible to invent the equivalent of PowerPoint for web pages, or, god fucking forbid, not using HTML, CSS, and JS to create customer-facing applications.<p>Yes, the web is a great success story. But it&#x27;s also backwards and ancient, and has been limping along by stuffing an entire operating system into a program made for viewing hypermedia. Are we going to wait 20 years to advance past these limitations? 40 years? 100 years? At what point will people finally fucking say &quot;hey, maybe let&#x27;s not kill ourselves jumping through hoops just to show pictures of cats and tax prep programs?&quot;