It doesn’t prove you’re not a bot though, only that the request is coming from a ‘genuine device’. You just need to pipe your malicious requests through a ‘real browser’ to get them approved and you’re set.

Could’ve sworn I saw it in an article or post on here somewhere… but of course now that I actually need the post I can’t find it. Doesn’t really matter though, Chrome can unfortunately push standards through even if others don’t approve, just due to their sheer size alone.

It’s ridiculous how nowadays a lot of hardware car features are locked behind a simple software switch. Feels like both a massive waste of resources for people that don’t buy the upgrades, and like having to pay for a feature that is already physically present in your car. Software-only upgrades like full self driving are understandable, hardware upgrades locked behind a software gate aren’t.

[cross-posted from my reply to the same article on c/news]

Luckily, other browser manufacturers (Mozilla, Vivaldi, Brave, and even the WWWC) have already spoken out against this proposal. Google loves marketing it as ‘optional’, which it obviously won’t be once implemented. A system like this would be very dangerous for smaller browsers, as it’s incredibly vague who decides what authorities would be allowed to verify browsers.

Additionally, this is presented as a way to remove captchas from the web by proving a request is coming from genuine hardware. However, this proves absolutely nothing about a request being genuine or non-spam. The only thing this proves is that it was created by a ‘genuine device’, so all a malicious user would have to do is to (automatically) send the request via a verified device and they’d pass the check.