The much maligned “Trusted Computing” idea requires that the party you are supposed to trust deserves to be trusted, and Google is DEFINITELY NOT worthy of being trusted, this is a naked power grab to destroy the open web for Google’s ad profits no matter the consequences, this would put heavy surveillance in Google’s hands, this would eliminate ad-blocking, this would break any and all accessibility features, this would obliterate any competing platform, this is very much opposed to what the web is.
Google knows this. Trust isn’t really the problem they’re trying to solve.
This is my biggest issue, it’s such a bare-faced lie!
It’s completely insane for the browser to need to trust the client. Instead, you implement zero-trust, and require authentication and authorization for anything sensitive.
The server absolutely shouldn’t trust the client isn’t malicious, instead it should assume it is malicious until proven otherwise