Hacker News new | past | comments | ask | show | jobs | submit login

WEI doesn't prevent bots. Bots would just need to script an attested browser via tools like AutoHotKey -- the only way WEI would prevent bots would be by preventing you from running the browser on an operating system without 3rd party software installed. WEI is a 2 or 3 month roadbump for bot builders.

WEI does prevent any customization.




> the only way WEI would prevent bots would be by preventing you from running the browser on an operating system without 3rd party software installed

Or by isolating the browser from third party software. Android does not let applications mess with each other. Windows already prevents non-elevated applications from touching elevated applications (i.e. running as administrator).

What makes you think that Windows won't add an "untouchable" mode to executables belonging to "approved" browsers? The kernel is already locked down so you won't be able to bypass it that easily.


It's absolutely possible to automate an "attested" phone with a physical robot finger, which is neither extremely complicated or expensive tech. It might be too expensive for mass-scale DDOS, but it would still be cost-effective for more interesting things like click fraud.


> Or by isolating the browser from third party software. Android does not let applications mess with each other.

Android lets applications mess with each other. That's how the accessibility features work.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: