AMP “Real” URL: encouraging browsers to deceive us
CloudFlare and Google teamed up to develop a standard way to let your browsers lie about who’s behind your URL.
CloudFlare was already a master at impersonating websites by terminating TLS connections on their servers, but now they’re proposing that browsers connecting to an AMP cache (Google or CloudFlare) should lie about the URL, i.e. display https://tilde.news/foo instead of https://google.com/amp/….
They hide behind some crypto to make it look secure, but the problem is deeper. If we can’t trust our browsers to display the URLs we’re talking to, what can we trust? Hopefully this will be one more reason for people to drop out of Chrome and Google reach.
They saw a problem (people not being able to check that the site they’re reading is actually the site and not what Google says) and they fixed it, and now you’re complaining that the problem’s fixed? I swear, some people…
Well it only partially addresses the problem, following Google’s best interests. AMP was only a problem for website operators when it came to advertisement. Apart from such commercial concerns, AMP was just another web proxy, with its own dialect (because cooperating on advancing web standards would not advance Google specifically).
The culture of centralized gateways that AMP promotes is actually mostly a problem for end-users, for both censorship and surveillance concerns. I don’t know if it’s a problem where you reside, but for most of the world political repression and censorship are very real problems.
Google and Facebook have both tried in their way to create their private walled garden. And they’ve been very successful at that so far. Tying discovery to delivery in a centralized manner is a very subtle form of total control.. this is one of the possible futures of the internet, but for sure a scary one.
CloudFlare and Google teamed up to develop a standard way to let your browsers lie about who’s behind your URL.
CloudFlare was already a master at impersonating websites by terminating TLS connections on their servers, but now they’re proposing that browsers connecting to an AMP cache (Google or CloudFlare) should lie about the URL, i.e. display
https://tilde.news/fooinstead ofhttps://google.com/amp/….They hide behind some crypto to make it look secure, but the problem is deeper. If we can’t trust our browsers to display the URLs we’re talking to, what can we trust? Hopefully this will be one more reason for people to drop out of Chrome and Google reach.
…Really?
They saw a problem (people not being able to check that the site they’re reading is actually the site and not what Google says) and they fixed it, and now you’re complaining that the problem’s fixed? I swear, some people…
Well it only partially addresses the problem, following Google’s best interests. AMP was only a problem for website operators when it came to advertisement. Apart from such commercial concerns, AMP was just another web proxy, with its own dialect (because cooperating on advancing web standards would not advance Google specifically).
The culture of centralized gateways that AMP promotes is actually mostly a problem for end-users, for both censorship and surveillance concerns. I don’t know if it’s a problem where you reside, but for most of the world political repression and censorship are very real problems.
Google and Facebook have both tried in their way to create their private walled garden. And they’ve been very successful at that so far. Tying discovery to delivery in a centralized manner is a very subtle form of total control.. this is one of the possible futures of the internet, but for sure a scary one.