Back in July, Google's work on a Web Integrity API emerged and many equated it to DRM. The company announced today it's not proceeding...
While WEI is thankfully cancelled, it's not entirely cancelled... They're planning on making it available still in WebViews with the intention that websites can check if a malicious Android app is trying to do a phishing scheme.
Seems like such a niche "security" feature... what are they really trying to accomplish here? Something seems fishy to me
@4censord@dean@rysiek I can see where they could integrate and feature creep to what they really likely want, but in terms of webviews this would likely be beneficial for security.
They want to put it on the default webview in android, which doesn't seem like a huge deal to me. It would basically let apps that use webview for things like logging in beef up their security.
It's not like the entire concept of this API was bad, it's just that with Google's proposed implementation companies would abuse the fuck out of it to do bad things. Not having it in browsers pretty much eliminates that while still letting things like banking apps enjoy some of the benefits.