Comment by fc417fc802
1 month ago
v2 is not a MitM concern (but it is a malicious code concern). Before quibbling about this consider that if v2 qualifies as a MitM concern then pretty much every other piece of software also does. That isn't in keeping with the spirit of the term.
The outrage is threefold, because there is no viable alternative, because it infantilizes users, trampling their agency, and because it clearly serves corporate interests at the expense of the user.
As to your proposed solution - the rewriting needs to happen on a separate device in order to avoid pushing extra data across the network. If you're already self hosting that service then there's no need for a transparency ledger.
It's auto updating JavaScript maintained by some unknown that can rewrite html on any page, how is that not an MitM risk?
The html itself is rarely a lot of data, most things in this space remove or resize images etc.