266
Android 14 blocks all modification of system certificates, even as root
(httptoolkit.com)
Welcome to the main community in programming.dev! Feel free to post anything relating to programming here!
Cross posting is strongly encouraged in the instance. If you feel your post or another person's post makes sense in another community cross post into it.
Hope you enjoy the instance!
Rules
Follow the wormhole through a path of communities !webdev@programming.dev
Google: wants to push their browser based DRM, to which they would inevitably be the ultimate controller of, in the name of "safety".
Also Google: intentionally kneecaps the existing certificate system which is the main safety system of the web.
Gee, I wonder if the two are connected.
I heard this on the radio yesterday. Secretly ruthless is a good way to describe Google.
https://www.npr.org/2023/09/04/1197548359/the-verges-nilay-patel-talks-googles-legacy-and-its-future-on-its-25th-anniversa
I freaking love the new updates!!
I love it when I can't manage my own SSL certificates, even as root
I love not being to use the fucking McDonalds app on a rooted device
Web environment integrity is so great! It's incredible that my rooted tablet will be locked out of lots of websites since I'm not using AUTHORIZED chrome on an AUTHORIZED device
It's so awesome that adblock will stop working in most Chromium-based browsers
LIKE WTF I JUST GOT A PIXEL NOW YOU NEED TO RUIN IT?
This is very true, although from what I’ve seen both sides are correct. They give very little guidance to any of the stuff they put out, see killing off stadia or how badly they have been messing up chromeOS and just let their engineers do what they want until they lose their way then it falls off. They just don’t care about that because the ad money keeps coming regardless. It seems almost like a result of the fact that google just hires talent so no one else can have it and then they just let them do whatever they want. It’s almost like there are two googles.
Intellectual Property.
That is it.
You can’t protect a product or service will never reach customers. But you sure can protect a sold and failed product or service.
Honestly the entire certificate system is a fraud. You can see just how vulnerable it is with the recent Microsoft vulnerability
I'm ootl on this one - what happened?
Microsoft has been signing stuff that is being used maliciously.
Plus they have has their keys stolen to create malicious stuff...
I was referring to the latter
Never said it wasn't flawed.
But Google itself is flawed. Their search results have been a joke for years now, top results are almost always malware now, no matter what you search for.
And there we go. I was trying to figure out the "why?" beyond "think of the children it's secure!" and that's the part that makes it make sense.