This is not as terrifying to me as the other news brought to my attention by a post in today's Reddit's r/YSK, that if you use Adblock, your gmail can be closed.
In the new TOS of Youtube [1], it states that if your account is not deemed commercially viable, your Google account (i.e. your Gmail, your Google Photos, your Google Drive, etc.) can be closed down:
YouTube may terminate your access, or your Google
account’s access to all or part of the Service if YouTube
believes, in its sole discretion, that provision of the
Service to you is no longer commercially viable.
Makes sense they would make this decision, as Youtube is a big money-loser for Google and they want to do something about this. Still, this is more of a wake-up call to me than anything else that I need to get off Google.
> Terminations and Suspensions by YouTube for Cause
> YouTube may suspend or terminate your access, your Google account, or your Google account’s access to all or part of the Service if (a) you materially or repeatedly breach this Agreement; (b) we are required to do so to comply with a legal requirement or a court order; or (c) we believe there has been conduct that creates (or could create) liability or harm to any user, other third party, YouTube or our Affiliates
> YouTube may terminate your access, or your Google account’s access to all or part of the Service if YouTube believes, in its sole discretion, that provision of the Service to you is no longer commercially viable.
just one more reason i continue to recommend that youtube is greatly improved by signing out. none of the signin-walled "features" are worth it anyway. comments are a banal wasteland, votes mean nothing for creator visibility, subscribing doesn't mean you'll see new videos when they're released, algorithm-driven recommendations actively harm diverse content discoverability...
I don't even visit the YouTube site that often anymore. I've set up a script to use youtube-dl to download new videos from channels I like on a daily basis.
that's an excellent option, but make sure you aren't logged into your gmail on that same computer. Your script shouldn't access the cookies of the browser, but if somehow they are able to, they will disable your gmail account when they realize you are watching from the same IP with a headless script that can't watch ads.
Youtube-dl saved my youtube experience, as I have many playlists that have actually gotten entries deleted somehow, and I had then no recourse into recovering my playlist (often the uploader or another youtube denizen just re-uploads it, but I lost all information about the video).
You can play around with the parameters to get the behavior you want (there are tons more than I don't use), I kept it pretty simple. In my case it checks the channel page for videos that are newer than 7 days (it runs daily but this gives me a buffer). If there are more than 10 videos newer than 7 days it only checks the first 10. It stores previously downloaded video information in downloaded.txt so it doesn't download duplicate videos, and outputs the video in the format videoName.ext.
Then throw that into a shell script along with any other channels you want and set up a cron job to run it as often as you'd like. You'll also probably want to put 'youtube-dl -U' into a cron job to keep it up to date, YouTube frequently changes things that breaks functionality of youtube-dl.
I never thought to set up something like this, but it's a fantastic idea!
Now... this may seem like a silly question: What does the '--' do before the channel url? I know '--' is normally used for parameters longer than one character, but that one is kinda just floating about haha.
Putting "--" as an argument means that future arguments starting with "-" will not be parsed as arguments (imagine trying to rm a file called "-rf" or grep for "-"). But it just so happens that it's not necessary in this case.
Looks like a mistake on my part, I was probably playing around with another parameter and forgot to remove it completely. It runs fine with it there so I never noticed it but it isn't needed.
I don't know what a markiplier is, I am just reading the actual changes on the YouTube terms website.
Terminations and Suspensions by YouTube for Cause
YouTube may suspend or terminate your access, _your Google account_ , or your Google account’s access to all or part of the Service if
(a) you materially or repeatedly breach this Agreement;
(b) we are required to do so to comply with a legal requirement or a court order; or
(c) we believe there has been conduct that creates (or could create) liability or harm to any user, other third party, YouTube or our Affiliates.
I tend to believe YouTube wouldn't put it in if they didn't mean it.
Your original comment asks where it says they can terminate your Gmail account. I was responding to that. There are dozens (hundreds?) of documented cases of Google banning the associated Google account when they ban the YouTube account.
Yes, just because they can, doesn’t mean they have to, but they do it anyways.
I find that very worryingly vague. In my reading though, that only applies to YouTube itself ("the Service"). It seems to be saying that your Google account can lose access to YouTube, not that you can lose access to your Google account.
Wow. That is some heavy-handed, misguided "justice" there. Banning people's Google (including GMail) accounts, even rejecting appeals, only for using emotes the way it was requested and encouraged by the streamer they were commenting on.
The thing that was apparently against unspoken Youtube policy here was this kind of interactive, emote-driven streaming. But I get the impression Markiplier didn't get banned, only their fans.
Maybe, but maybe not. There was another recent YouTube controversy where dozens of people were banned from all google services (including Gmail) for spamming on a gaming livestream chat (which is considered perfectly acceptable behavior by most streamers).
I think it depends on how "the Service" is defined. As "Service" is capitalized, it is likely defined in the TOS, and may only apply to Youtube (not Google as a whole). So I believe you (and the redditor) are reading that passage incorrectly.
(IANAL, and I have no clue if what I said is right).
I've been struggling with this myself. But extrapolating from news that some Youtubers who got banned also found their Google accounts (i.e. Gmail, Drive, etc.) closed, (someone up above just commented on this), I feel I must err on the side of caution. I mean, what do you then make of this haphazard interpretation of 'Service'?
p.s., not to be snarky, but you ought to add a disclaimer that you're a Googler in your comment!
There's the theoretical legal interpretation, and then there's the precedent for how google have traditionally enforced their rules. And they have been absolutely ruthless. Banning your family and everyone who ever logged in from the same IP as you. Deleting corporate Play Store accounts if one of the developers was banned in the past. It's all done automatically, and there is no way to appeal.
Unfortunately nobody knows, and you have little to no recourse if they ban you :(
It's insane to me that Google has gotten so hostile, they place little to no value on individual accounts, meanwhile those accounts are the lifeline of so many individuals and businesses.
This makes me want to ditch gmail to prevent accidentally getting my account closed, say for using Youtube while I have Adblock installed in my browser. I do have personal email on a domain I own, but it will be a lot of work to update my e-mail address with each service.
I want to ditch Gmail/Google as well but I am so entrenched into Android that I'm torn. I don't want to rely on third party ROMs that I need to root and install on my phone. I want the latest AOSP security updates, that's why I choose to buy the Pixel line of phones (looking into Android One phones as well). Also how do I keep my contacts synced between devices. What's a good replacement for Google Photos that gives me the same features. I'm sure people have figured this out already somewhere
This is exactly my problem as well. I think the best bet is to partially move off. Setup backups with other systems. For email, have all emails forward to a backup Yahoo account or something. You don't have to check it, but just have it in case Google screws you.
Yeah that's what I'm going to have to do as well. I think the most important (for me) is changing my email to another service (looking at Fastmail) and then slowly changing all my logins to that one. Backing up my contacts on a regular basis and importing them to the new service. And moving any important stuff off Google Drive. I'll probably still use docs and sheets but for things that I don't care if I lose. And finally, Google Photos will be the hardest one to leave. I have so much in there
And that's how it works. If you want to be able to use all the cool stuff that Google creates, you have to submit to their business model and play by their rules.
It took me about a year before I stopped getting any legitimate email at my gmail address. Start changing everything you can to your new email address at a domain that you own, and start forwarding your gmail to it. Every time a legitimate message comes in to your old gmail address, tell that person about your new email address, or update your email address with that service.
Fortunately, for privacy-conscious people this is not a huge problem as we're usually running Google apps in a separate workspace already. It sure is a problem for mobile users though as ads in general are a huge battery drain.
My confession as a privacy-conscious person: yeah, YouTube is the only Google service that I (reluctantly) use. I even pay cash money for it in exchange for no advertising.
However, I only use it on a single tablet that is devoted exclusively to that purpose. As with all Google services, I wouldn't dare to actually use it on a machine that I use for anything else.
So if you want to use ad-blockers, I guess it's important to use Youtube only while not logged in. Keep your GMail and Youtube use independent from each other.
Hopefully that's just saying they have the right to shut down YouTube altogether, rather than denying specific individuals. But I'm not fluent enough in Legalese to be sure about that.
The biggest advertising company in history tries to kill blocking advertisements in their browser? How am I not surprised.
I bet this move is also to kill the workings of extensions like DecentralEyes and others that try to protect users from being tracked. The whole changing of the API into a "sure we'll block that URL for ya, sometimes maybe" model reeks of increasing user tracking. They'll work out the kinks to let AdBlockers function again. But they'll have their tracking back.
Would anyone like to make a bet on whether ad blocking will still work in Chrome in two years? Something like "if you visit the top ten publishers in the US in Chrome Desktop with the best ad blocker will you see more ads than if you use Firefox Desktop with the best ad blocker"?
(Disclosure: I work at Google, not on Chrome, and don't have any inside information on this)
Vanilla ad blocking will continue to work because companies that participate in Acceptable Ads [1] will be happy to implement restricted ad blocking, such as Eyeo with Adblock Plus, while advanced and effective ad blocking that is not funded by advertising companies, like what uBlock Origin offers, will become impossible in Chrome.
Meanwhile a bunch of unrelated extensions will be killed, the ones that rely on modifying requests and which have nothing to do with ad blocking. Innovation around extensions that involves modifying requests will be halted, and everyone will suffer as a result, except Google.
Crooks will have continued and easy access to user data, since Manifest v3 is not focused on protecting user privacy.
Sure, I've been trying to make more tangible predictions about the future lately. I don't bet money, but if I'm wrong, you can come find me online and publicly tell me I'm wrong.
I will make a public prediction that after one year of Manifest V3 actually shipping to users in mainline Chrome:
- Assuming that Manifest V3's declarative API is not significantly changed from its current implementation.
- If you visit each of the top 10 publishers in the US (including open publishing platforms like Twitter/Facebook/Youtube)
- If you compare Chrome and Firefox, each with the most-recommended ad-blocking/tracker-blocking extensions on their equivalent web stores installed (currently Ublock Origin, but we'll leave it open. "Most recommended" means that among technical users, this extension is the most commonly recommended. There's a little ambiguity here, but not sure how to narrow it.).
- Firefox will block more web trackers (65% likelyhood).
- Firefox will block more visible ads and popups (55% likelyhood).
There are a couple of reasons why I feel comfortable making those two predictions:
- Twitter and Facebook both try really hard to get around adblockers, and Firefox will be more likely to be able to combat their strategies in the future.
- Extensions like Privacy Badger will already have a more difficult time working in Manifest V3, so there's potential for new adblocking strategies to develop in Firefox that can't be ported.
- Safari made similar changes, and it's already less effective than Firefox at adblocking, so it seems reasonable to guess that Chrome will follow the same path.
- Properly configured, Firefox is already better than Chrome at blocking web-trackers, and I think Firefox will roll those changes out by default to ordinary users before Chrome does.
There are a few reasons why I'm hedging my bets:
- The advertising market is volatile, and might change significantly in the next year (privacy laws, etc...) This is unlikely, but not so unlikely that I can completely discount it.
- Chrome has research teams working on some interesting privacy strategies. I think it's mostly just talk and they won't do much of significance in a year, but I can't completely discount it.
- A mass exodus to Firefox could force Chrome to adapt Manifest V3 to be more open. This is also unlikely, but again, I can't completely discount it.
- And just general uncertainty, because the longer out you predict the more uncertainty you should introduce.
55% and 65% seem like very low numbers, but I think they're a relatively bold prediction. If Firefox and Chrome are blocking basically identical numbers of trackers/ads, that doesn't count as a successful prediction. I'm not going to be pedantic about, "Chrome randomly saw one more ad on exactly one website." Right now, I consider Chrome and Firefox to be equal in terms of adblocking capabilities. So even a 50% guess would be saying, "there's a one-in-two chance that something changes and Firefox will just be an objectively better browser for adblocking."
Thanks for giving so much detail about what you expect! This seems pretty hard to formalize a bet about, though, since the core disagreement is over "Firefox will block more visible ads and popups" which you'd put at 55% and I'd put at ~50%.
I want to stress that I think 50% is high here, because the default state is that most browsers do basically the same amount of stuff.
If you asked me to make a bet on whether Firefox would be meaningfully better than Chrome on, like, SSL support, I would give that a pretty low probability -- maybe 10% off the top of my head. Because I expect that a year from now nothing drastic is going to happen that would magically make either browser be different from each other on that front.
It's not 50% "one of the two things will happen, flip a coin", it's 50% "we will see a meaningful change from the status quo."
They are not trying to kill advertisements. They want to replace API to provide better performance. That's about it. ad blocking extensions won't disappear. May be some will, and new extensions emerge.
Incidentally these new declarative rulesets are useless against some very simple tricks. I know people who are working full time on defeating ad blockers and the new Manifest v3 seems to have made their lives so much easier.
If performance was the criteria by which they made decisions then they would probably bake ad-blocking directly into chrome, since ads/tracking is one of the leading reasons for poor performance
By that reasoning Microsoft didn't prevent others from writing .doc-compatible word processors either - they just defined the format as basically a memory dump of Word :)
This is how a company implements measures that could be a legal problem: By formally making a technical decision and having the actual goal as a by-product of that decision.
> By that reasoning Microsoft didn't prevent others from writing .doc-compatible word processors either - they just defined the format as basically a memory dump of Word :)
It's funny because for years MS kept officially supported, feature complete, portable format for use in interchange, while DOC being shared was kinda unintended consequence that just wasn't fought against.
The very requirements of the original DOC spec required it to be a memory dump.
They didn't need to replace the current API, adding a new API would have sufficed. If it was truly better, the major addons would have transitioned it voluntarily. No need to force it.
They are killing the functionality that has supported robust adblocking for a long, long time. Any extensions that replace the current model will be less effective.
This of course. Why is anyone in the least surprised that Google doesn't want the ads that fund Chrome (and everything else they do) to be blocked by the users of Chrome. Shall Google fund our nice things (like Firefox, Chrome, gmail, google maps, etc etc) with hopes and dreams in place of cold hard cash? The audacity.
Clearly an unpopular opinion here, but anyway: I'm happy to let a few ads slip through (which I will happily ignore anyhow) in exchange for the possibility of a future where I dont have to drive a car to get places.
It's not either/or, just like you can have a factory making cheap widgets without letting that factory pollute the local river with industrial waste.
Ads are funding the Internet only because it's the easiest legal business model to pull off, so everyone gravitated to it. But it's not like there wouldn't be money for self-driving cars without adtech, and in reality, them being tied with advertising companies only ensures that the future will be shitty.
To add to this, ads are currently the best way to collect micropayments from users online without requiring you (the website maintainer) to have a database or profile on each customer, or to handle complicated return processes, or to deal with merchant accounts. You just make an adwords account, serve content to people, and that's it.
I'm convinced that in a world where collecting anonymous micropayments was as easy as serving ads, the web would look at lot different.
People look at this as a choice between paying $5 a month for every website they visit, or getting it "free" with ads. But in a world with good micropayments, most websites wouldn't cost $5. Outside of the biggest players, most sites aren't currently making $5 a month per user via ads.
But should that mean letting the fox guard the henhouse though? The problem here is that the largest ad provider also controls the largest ad display platform (i.e., Chrome), and is using the latter to benefit the former.
I'm in the process of switching as much as possible to Firefox. I now use Firefox Mobile on my smartphone, and my new laptop doesn't even get Chrome. And in many ways, it's been a breath of fresh air. Firefox gives my much more control over my privacy, and even recommends some extensions to improve it further. A couple of websites are sadly broken on my Firefox setup, but I can live without them.
I want to get back to the content-driven web rather than this ad-driven web we have now. I want to read what people want to share, not what people think will get them ad clicks.
Why not something like Brave which has the performance of Chromium (still better than Firefox imo) because it's a fork but probably won't make similar business decisions to Google?
Isn't Google introducing this change upstream in Chromium? This means that it will affect downstream browsers, including Chrome, Edge, Brave, Vivaldi, Opera, and a number of others[1]. The only way they will keep the old functionality is if they fork it and maintain it themselves going forward, which could potentially be made more difficult by further upstream changes made by Google. A few have vowed to do so[2], but Google has too much power controlling the upstream to guarantee they can continue it long-term.
Google has a stranglehold on the entire browser market through Chromium right now. Switching to non-Chromium-based browsers is a must.
They’re less so forks than re-builds. They rely heavily on upstream and Google can certainly make it more difficult for them to maintain a “fork” that diverges too much from Chromium proper. Manifest V3 may be something they can easily keep out of their builds while maintaining the old method, but I’m no expert so I won’t comment on that.
A fork implies maintaining most or all of the code base themselves, when in reality, most Chromium derivatives simply change the “front-end” or the UI while keeping everything else upstream, except for a few tweaks here and there. To maintain an entire fork themselves would be a massive undertaking, especially since Google now has a practical stronghold on the development of the open web. “Forks” would have to ensure they work with the standards (and non-standards) that are being pushed by Chromium and there’s no easy way to do that besides using Chromium and “re-building” it with their broswer’s specific features and UI. Google could make Manifest V3 harder to exclude from those re-builds.
It’s this very reason that Microsoft moved to Chromium as they could not keep up with the changes Chromium were pushing to the open web. They have also made it very clear that they’re not “forking” Chromium for the new Edge, but rather using it as their “back-end” so they can focus on their “front-end” while contributing back upstream to improve the back-end. Too much of a divergence would land them back to square one with the issues they had keeping up with old Edge.
If a company the size of Microsoft are unable to maintain a “fork” of Chromium, it doesn’t leave much hope for the smaller companies like Brave, Vivaldi, Opera, etc. However, that does not mean that they are unable to exclude the Manifest V3 from their builds, just that they’re still beholden to the changes made to Chromium to some degree.
> If a company the size of Microsoft are unable to maintain a “fork” of Chromium
Microsoft is entirely able to maintain a fork of Chromium, or even their own proprietary browser.
What Microsoft has done is a cost/benefit calculation and decided that the benefit for maintaining their own stuff is not sufficient to justify the costs.
The thing about those types of analyses is that they are very company-dependent. That the C/B ratio is not good enough for Microsoft doesn't imply that it can't be good enough for other companies.
That was a poor choice of words on my part. Rather I meant, they themselves stated it was not feasible for them to keep up using EdgeHTML and they could not. The same may be true if they were to completely fork Chromium and maintain their own version (ala Blink from WebKit) while keeping up with the changes made by Chromium that in turn propagate to the entire open web due to its dominance. It’s the reason they moved to Chromium and contribute back upstream rather than “fork” it.
It doesn't have to be a complete fork. In git terms, it can be a branch that pulls from Google, but reverts the commits that disable this functionality. Write some extra unit tests to ensure this functionality is still active, and after that, every time Google pushes something that breaks it, tests will fail and you can fix what they broke. Other than that, you can just keep pulling all the changes from Google.
We will support webRequest for uBO and uMatrix at least, I've already said so on Twitter and Reddit. The API is available to enterprise Chrome customers, it's being hidden not removed.
In case anyone cares about the facts that can be confirmed from our github: our enabling tips to unverified creators mistake was corrected quickly, and the tokens in question were ours, not the users who directed their flow (this matters because we do not intermediate in token flows; our partner Uphold, a licensed MSB, does).
Many people love sharing stuff. The move to this ad-driven web happened because companies saw they could make money here. I'm totally fine with companies not making money and the web being driven by scientists and hobbyists.
I have no ads or tracking on my website and provide code and projects, I just enjoy sharing things so other people can learn or get benefit out of what I've created.
I remember early 2000's, late 1990's internet...it was truly better times. Simplicity ruled, content ruled, not design solely around selling clicks.
Back in the IE 6 days I was in charge of fixing my families computers, and my family's friends computers. I was dealing with a few things a week, some requiring a full re-install. This was back in the early 2000's. Eventually I snapped and started charging hourly unless people switched to Gmail and Firefox. I started getting a lot less calls since Gmail was pretty good about filtering out malicious attachments and IE was, IE. I probably got around 40 households to switch to Firefox. The people that refused to switch financed a lot of my undergrad, I charged 100 a hour. I don't like fixing computers and the goal was to make things as painful as possible for them so they would stop using IE.
Using a ad-blocker in Firefox was the #1 thing I suggested for safe computing. And don't open unexpected email attachments. This killed 95% of peoples computer woes.
So good job Google, you did it, from here on out whenever I see Chrome on families computers I will strong-arm them into switching to Firefox. I did it in 2005 and was wildly successful. I can do it again. And I think my Christmas gifts this year will be domain names and three year subscriptions to Fastmail for my immediate family.
I always found that it was best not to lie to users for their own good, at least if you want them to continue considering you a trusted source of computing information.
You don't have to explain what firefox is, or what IE is, just that "this isn't IE but it does the same thing and will keep you safe".
Maybe they'll have follow up questions, and you can answer those, but lying is just a good way for them to go back to IE and not tell you because they don't to be treated condescendingly.
Oh no, he doesn't think they are stupid, just that they don't know the difference between browsers. If my mechanic mounted a new transmission or something that wasn't the same brand as the one mounted before, and told me "it's the new version", I couldn't care less as long as it worked as intended. I don't know anything about transmissions, so from my point of view I have no way of knowing if what he's telling me is the truth or not, I just trust him to make my car work again.
This reminds me that such people also think that the visual experience of browsing the internet is somehow "fixed". My impression of social media is that one of its draws (pitfalls actually) is that it gives the impression of different people experiencing the same thing, e.g.: a 100 people like this or 500 people retweeted that.
However, as programmers, we should see the internet not as a browser at all. We should see it as a list of protocols and implementations thereof.
I think a big part of the oh-so-common emotional social media battles is anticipation of the other person's experience. Hopefully for you, as a programmer reading this, your view of the internet is protected by automated command line scripts that fight your internet battles for you...
If my mechanic mounted a new transmission from another brand without telling me beforehand that he intended to do so, and I found out later, then I would immediately lose all trust in such a mechanic.
Why did he mount a different brand? Was it because he thinks it's better? Maybe it's cheaper, but otherwise equivalent? I have no way of knowing, and I trust his judgement entirely. On the other hand, if I went to my mechanic and said "Look Bob, I want an ACME Turboencabulator v2 mounted" I believe he would be happy to do so. The point is, most users don't even know what a browser is and just want to get back to facebook ASAP, and don't care if you tell them you installed an ACME Turboencabulator or a Stark Industries Turboelectroencabulator.
Of course, we all know the original Turboencabulator is GE and all the others are knockoffs, but I've tried other brands and they work just as well, if not even better.
Same here, and I understand cars. This is repair fraud, actually, and a criminal offense in the US. If I paid for and was told I would receive an OEM part and instead I got some aftermarket part off RockAuto, I'd be beyond pissed off and I'd get my recompense somehow.
I understand the grandparent point, but their analogy is terrible. When you are paying for a specific brand of item and you get an alternative brand without being informed and giving consent, that is fraud. It is a crime, and it is effectively stealing from you the difference in price/value/cost of the two items, since you're paying for the other brand.
Never did I mention I had specified a model/brand. I just went to the mechanic and asked him "fix my transmission". Whatever the way he does it, if it works it's good to me.
Yes, the most ignorant among us will never find out, unless they have a problem and go to a different mechanic that tells them. But it is very very obvious when you actually receive parts whether or not it's an OEM part, or an aftermarket part. Both may be identical and made in the same factory, but if I request a repair with OEM parts, am charged for OEM parts, and am provided with non-OEM parts that is repair fraud and a crime.
No they are not, they just frequently devoted their intelligence to being a lawyer, doctor or whatever rather than caring about tech. Any more than they cared about the finer points of their microwave or VHS recorder.
The first Google scam - yes scam - was Adsense and adwords. The search "sponsored" box was a yellow designed to be near indistinguishable from white, and was invisible on many LCD monitors. Adsense and adword links were the same blue IE used for links - because people had been conditioned to believe blue links simply traversed the web.
With hindsight, that's the moment everyone should have lost all trust in Google.
yeah back then there was a theme for firefox 3 that mimiked explorer icon and ux, all my relatives had that, very few questioned the different download menu.
thanks satan In all seriousness, "And ofc do not forget to say that is new IE version", that is the key, let them think they are still using their old software.
I use a pihole at home too. It is funny since I have gotten a few texts from my roommates about their phones being infected when they aren't connected to the wifi here. They think it is a virus and I have to tell them that is what the internet normally looks like.
I wouldn't rule out an infection in that case. I have a friend who has phone malware that shows ads about every minute or so. I offered to help factory reset it (last I checked everything she wants to keep is automatically backed up to the cloud) but we just haven't gotten around to it. And yes she really does use her phone regularly.
DNS adblockers like Pihole are markedly _less_ effective than the declarative content blocking proposed for Chrome and currently in-use by Safari.
They do have the advantage of covering your entire LAN and working inside apps, so they are definitely useful. But they don't replace real adblockers, or even the castrated ones Google is pushing on its users.
It won't work for long. With eSNI and DoH you won't be able to use DNS for blocking, and IP is very easy to switch around, especially in IPv6 but even in IPv4 (ad networks have money, shortage is not a problem for them).
What lists are you using, which avoiding? My use of pihole constantly disrupted basic services such as Sonos. I can certainly find the URL culprits and resolve it, but I got tired of constantly doing so...
In case of Sonos - the speakers disconnected all the time. Taking off pihole completely solved the issue. I did not check for possible problematic URLs on the blacklists though.
What were you using for DHCP? I'm no Sonos engineer but that sounds like it might been network level rather than DNS. I have pi-hole doing DHCP as well and created DHCP reservations for my Sonos speakers just to be safe (although it isn't necessary and I never had issues when they were regular DHCP clients of my ISPs router).
Back then, that was pretty good advice. IE was so insecure your entire system was at risk if you were exposed to the wrong content. Google made their browser quite secure and fast, which negates some of the reasons why people used ad blockers. There are other reasons people might use them, but these days you're much, much safer on Chrome than you ever were on IE.
Maybe the attacks were less sophisticated back then. I've seen so many windows computers completely owned by people using chrome to stream tv shows or perhaps visiting the wrong site while looking for discounts on shopping.
Note how they say: "We have no immediate plans to remove blocking webRequest and are working with add-on developers to gain a better understanding of how they use the APIs in question to help determine how to best support them."
"No immediate plans" is weasel-speak, as is "[we] are working with add-on developers".
If Mozilla was dead sure that they weren't going ahead with it, they would say so, unequivocally. And I remind you that Mozilla "worked with add-on developers" when they unilaterally decided to drop XUL and go ahead with web extensions, while failing to include support for APIs that developers said they needed to support functionality that their add-ons provided.
IMHO, adoption of manifest v3 is not a matter of "if" but rather "when".
While I would agree that this might be just a overt way of saying "when", that statement came from Mozilla, and so far I don't think I could accuse them of misleading newspeak. If that was any other big corpo, then you are absolutely right.
As far as organization Mozilla have my trust and I don't look for false bottoms in their statements.
I would point out the previous statement they made there:
> Firefox is not, however, obligated to implement every part of v3, and our WebExtensions API already departs in several areas under v2 where we think it makes sense.
I trust Mozilla to be on my side as customer than ad industry. Well, we will see what future brings.
Mozilla is free to implement Manifest v3, while preserving the webRequest API in its current state. Maintaining the blocking abilities of the webRequest API would not introduce any incompatibilities with Chrome extensions, because they simply would not use that part of the API.
I think the concern is they might also be "free" to find alternative sources of funding if that were the case not whether or not it's technically feasible to support an API that exists today.
Of course, I'm mainly pointing out that if Mozilla retorts to use compatibility as a reason for deprecating parts of the webRequest API, they'll most likely be dishonest.
"Google wants to drop support for blocking WebRequests, which will cripple certain extensions, others might not even work at all. Mozilla is not going to follow this destructive path. Instead, they will keep allowing the use of blocking WebRequests and investigate how to address the issue differently."
That isn't an official communication from Mozilla. That is "someone's" recollection of something "someone" said (or not) at some workshop:
"Fair warning: I don't speak for Mozilla. Everything I say here is a recording of my memories from that event. Nothing more. Nothing less."
(and yes, I noticed that the second "someone" is Mozilla's "Add-ons Policy Policer, Thunderbird Council Chair", but my point still stands: this is something "someone" said, not Mozilla's official position)
Mozilla will certainly support manifest v3 to maintain Chrome compatibility. That was never in question.
The question is whether Mozilla _removes_ support for webRequest like Google did. And you're right, they weaseled their way out of answering that question.
They're getting garbage in with the service too - about the last dozen (at least) or more times I've had to do it you can clearly see that one of the options is what the AI thinks should be the answer, but isn't. But if you don't select it before clicking 'verify' it gives you a little 'please select all taxis' or whatever.
No AI, that's just a car, not a taxi.
But who cares, I just click anyway and feed bullshit in and in a few years it'll think everything is a taxi.
It is not about Chrome vs Firefox. It is about how much information they can get about you.
The idea behind the "I am not a robot" captcha is that if you act like a human, then you don't need to be shown pictures for further confirmation. The more you allow tracking, the more info they have to figure it out.
A big one is being logged in to your Google account. Having access to all your history really helps. And because Chrome heavily encourage you to setup a Google account, Chrome users are more likely to be logged in than Firefox (or other) users.
Spoofing your user-agent is likely to be worse. If you have a Chrome user-agent but your browser don't act like Chrome, that's a big red flag. Bots often spoof their user agents.
This is the point in the dominance cycle where the dominant player decides they no longer need to be the fastest or the most secure and that their dominance will allow them to coast along doing their thing.
There’s nothing particularly inevitable about what happens next, but let’s hope they get an IE6-sized kick in the teeth.
has anyone else noticed a marked decline in the quality of Google search results over the last 12 months? I swear, around about 2011 I thought Google was going to become self aware but it's declined from that high-point to a point where duckduckgo has become a viable alternative for more than just reasons of privacy. Which is a great thing!
Turns out "Don't be Evil" was more than just a feel-good marketing slogan. It may have actually been good for business as well.
The one that I've noticed getting much worse over the last couple of years is Google (and to a smaller extent DuckDuckGo) removing the least common search term if there aren't thousands of hits. Precise search terms are very valuable for hitting the right results in a pile of unrelated slop and Google is even doing things like returning all Windows results when I search for linux and some CLI app that isn't available for Windows and never was. I can put in full paths out of /sys and Google will happily remove linux and the entry name because I'm only getting 5000 hits. The only thing I can think of is that they're trying to increase the number of ad impressions by having you need to do more searches to find what you're looking for.
I do remember remarking to somebody around this time that google search had become something of a glorified grep.
You could still get things though. What I meant in this comment is that it has gotten even worse to the point that its almost unusable. It really does remind me of Microsoft of the 00’s.
I think 2014 was the big change into "AI first" for Google. I remember Translate working fine in 2014 in China with the offline pack, and the offline pack was ~220MB. In 2016, the offline pack was ~30MB and nobody understood the translations over there.
I don't know about overall quality of search, but did stack overflow do something to fall out of Google's good graces? I swear unless I specifically include stack overflow in my search query it's either near the bottom or not include at all. Instead it's a whole bunch of articles from independent websites. This is for questions I know fit the bill for stack overflow too. It's almost like Google is artificial lowering their ranking to decentralize the source of knowledge. That or stack overflow lost 70% of readership in 4 months
Google knows I land on StackOverflow results so often that SO results appear near the top, if not the #1 result, for terms that often have nothing to do with programming or computers. I was recently looking for an online thesaurus service and Google showed me an SO post about building linguistic/semantic search algorithms. Hmmm.
This is my experience too, and also in other areas. I have to include "stack overflow" or "forum" keywords to actually find something useful on the first or second page. Example: drone racing discussions.
I've noticed that for far longer than 12 months. Google search results are frequently crap. DuckDuckGo is often better.
But sometimes I dream about building my own search engine. It would avoid the big ad-driven sites as much as possible, and give preferential treatment to obscure blog posts about topics nobody else has written about. I want a search result to show the many different ways it could be interpreted, rather than assume one of them based on whatever heuristic, and show me tons of identical results that aren't what I want.
Yes. When I started using DuckDuckGo it was despite Google's search results often being better and every few weeks I used Google for some queries because I simply couldn't find what I was looking for.
Now my last visit to Google is more than a year ago because DDG got better while Google got worse.
> has anyone else noticed a marked decline in the quality of Google search results over the last 12 months?
I noticed this since around 3-4 years ago.
It seems to be based on region.
Quotes get ignored. Even very specific queries about X prioritize clickbait junk like "TOP 10 X!!"
I THINK they might be anti-competitive too; searching for particular Apple APIs is sometimes more miss than hit, though that might be because of Apple's own poor documentation.
However, most Apple-related searches used to show me Samsung crap, and that's definitely not benign. Like searching for "iPhone" literally presented an ad for the Samsung Galaxy at the top, for a while.
I think this is a combination of SEO exploiting the methods Google used to use to provide good results and personal data based result optimization only being good at certain types of queries...
Why does an alternative have to be widely adopted to be seen as good? Tech has an obsession with "popular or bust" and that's the ultimate cause of the lack of choices IMO.
Betting protection from antitrust issues on getting cozy with a political party is a risky strategy; political landscape shifts on quite regular basis. It's safer to keep a competitor alive so that if and when the power goes to people who don't like you, it won't be easy for them to go after you.
It’s been ongoing since Trump’s win. I can’t find the link right now, but they’ve also been bankrolling and having speakers at those weird, right wing DC conferences. And they’ve been supporting ALEC for years.
And other projects will apear, all the people that visit sites like this one here, will switch, and slowly transition their families. Majority will conitniue "suffering" since they already don't have adblocks installed.
It is true and I wonder if the tech people aren't becoming the privileged class who knows ways of not feeding the big corporations.
For example, it takes a lot of effort and energy for me to explain to non-technical people that comparing Apple and Google in terms of their mobile devices is non-sense. Just look at their regular financial reports, I usually say, and understand that one is an online advertisement business, while the other is a purely software + device business. One wants you to use their devices at all costs, while the other wants you to buy them. Those are very different core business models, different mentality and approaches. Etc etc. And so the choice between them comes down not even to taste or quality or price; it comes down to which business model you sell your soul to.
And then there's ad blockers and understanding how modern internet works etc. It worries me that the disconnect between those who understand the inner workings of tech and those who don't becomes bigger and bigger by the day. As the tech business itself becomes more and more sophisticated (and monopolist/authoritarian).
I operate a website visited primarily by both unsophisticated users and non-expert but savvy users (the former group being the demographic that exchange emoji-laden meme images on Facebook, and the latter group as the type of people comfortable getting around a phpBB board in the mid-2000s). I've seen a steady decline in AdSense/AdWords ad-revenue from visitors based on ad-impressions despite increasing visitor counts from those two main demographics - the evidence suggests they're using some form of ad-blocker.
But there will still be adblockers. Safari still has them, manifest v3 Chrome will too. They work great and the user doesn't need to hand over all of their browsing information to the adblocker for it to work.
They still are the fastest and the most secure, and Manifest v3 is faster than uBlock Origin since no javascript code needs to run.
I won't be using Chrome anymore once they implement this since I like my element-hiding rules which I wrote myself, but for the common rabble, Manifest v3 will be an improvement.
The speed difference is only noticeable in benchmarks. It's completely meaningless for humans. Manifest v3 will not be an improvement for anyone previously using uBlock Origin.
They could support declarative rulesets without disabling request blocking. And the request inspection API is still live, it seems; I wonder if this means SimilarWeb and other spyware peddlers can stay in business for now.
Classic cat and mouse moves.
Adblockers will move to OS level so google cant do anything about it.
Pi-hole and Network level blockers should also see a rise.
I generally don't mind ads that are embedded into the page (at the moment). It would solve a lot of the big problems people have with ads right now. Anyway, this change only prevents extensions from blanket blocking web requests, and will make no difference to adblockers which manipulate DOM content.
I think the same thing that happened with popup blockers will happen again. Advertisers will be forced to listen to the consumers and the internet will be better for it.
Have you turned off your popup blocker recently? You can surf around even to fairly sketchy sites, and I bet you won't see a pop up. The consumer won. With tracking, we'll win again.
Then you need to manage custom certificates and embedded browsers and updaters may not handle proxied connections well. (And what about your tv where you can't provide custom CA certs?) This way of handling things never ends well. Both in enterprise solutions and consumer ones.
And cert pinning in the browsers blows this out of the water, which is why I'm of two minds about it as a security feature. It seems that a lot of security these days is really about removing people's control over their own devices.
You can import an own root cert which will be honored. I work in a company where all internal servers have a certificate a non-public root has signed. Works both on Chrome and FF.
They are being very stupid. Switching primary browser isn't trivial, but it's easier than wading through an ad-laden web. Goodbye Chrome, hello Firefox.
Except we are the ones that usually decide what to put on end users computers.
And we are the ones that makes suggestions. And end users then make same suggestions to other people.
Word of mouth I believe is a VERY important marketing tool.
Basically if Chrome looses people that brought them market share in the first place... I think market can shift. Not that it happens fast enough. But having some market share for Firefox is important.
The big question is, how many of those less technical people switched to Chrome because of technical friends or family and how many switched because of Google abusing its monopoly by displaying deceptive ads for their browser on all web real estate they own?
If you're not technical, switching browser means losing your entire navigation map of bookmarks and default start page, along with learning a different program's ways of doing the same things.
If you are technical, it's still a pain to get everything imported and set back up, and the extensions you're used to may be absent or done in different ways, and the subtleties of eg: incognito mode and reader mode may be different. You may have to re-construct your personal adblock rules. And so on.
Like so many others on this thread, this is my push to go entirely back onto Firefox. I'll keep Chrome for the diminishing number of sites that don't like Firefox.
You can use Brave as your Chromium-based browser. It blocks ads natively, and I've not yet run into a site that required Chrome that didn't work on Brave.
Suggesting a browser because it has adblock preinstalled is like recommending a specific Linux distribution because it comes with LibreOffice out of the box: it doesn't matter for anyone who can click 2-3 buttons.
What matters to me is the part I can't influence that easily, and I simply prefer Firefox because it's not based on Chrome. Not something many browser developers can say nowadays.
But if you need Chrome for certain sites that only support Chrome, then giving Chrome the middle finger by using a non-Chrome Chrome seems like the best of two evils. I realize that sites only supporting Chrome is terrible and shouldn't be a thing, but sometimes it really can't be avoided.
I say this as someone who uses 99% Firefox, 1% Chrome... I had never thought about this point I'm making before.
How sure are we that Brave will not break also with these new changes? And also, how sure are we that Chromium isn't secretly tracking users already? I don't have time to read the source, and don't trust that many people that say it's all a-okay.
For the entire history of the internet, there have been sites that only work properly with the dominate browser, starting with Netscape and then, famously, IE6.
I'm always confused when people imply this isn't the case or start demanding evidence. I'm bemused when they are surprised.
Welp, I've been putting this off for a few years, but this is as good as moment as any to do it. Took me 10 minutes to import all bookmarks, set up extensions, and customize one or two details but it is done. So long Chrome, it was good while it lasted!
A couple years ago my mac started to not go to sleep... I checked and it was Chrome saying “webrtc has active peer connections”. No, you can’t disable webrtc in chrome.
So I’ve been a bit ahead of the crowd and gave up on Chrome long ago.
This ad block scandal made me give up on Safari too though. Firefox seems to be the only reasonable option left.
I don’t care about Chrome (having ditched it long ago). On the other hand, I do care about whatever Chrome implements having an adverse impact on Firefox.
Mozilla has said before that Manifest V3 is up for consideration in Firefox and that “there are no immediate plans to remove” the existing APIs (mainly webRequest). [1] If Mozilla makes the power of uBlock Origin untenable on Firefox [2], that’d be a sad day for me, and I’d probably switch to Brave (assuming it’s still able to support uBlock Origin, even though it has a built-in as blocker).
If anyone from Mozilla or the Firefox team is reading this, please lead the way on these changes in a way that improves security (one of the goals of Manifest V3) while allowing extensions to remain powerful. Letting Google dictate the terms or just following Chrome will likely make Firefox worse in the eyes of power users and those who influence others to use it.
[2]: like it did with the XUL obsolescence (for good reasons) and the removal of great extensions like Tab Mix Plus and Session Manager (without providing a way forward for them to work; session saving extensions on Firefox are still not as good as the mozdev Session Manager was).
Mozilla is full of either cowards or sellouts. When the page visibility API was added to Firefox for Android and used to automatically pause nonvisible YouTube pages they ignored user arguments for blocking it.
Yep, the hysteria has no substance. I'm using Safari both on mobile and on desktop and use adblocker even though the evil Apple should have had them killed.
If Anything, I am nervious of installing any ad-on that can access the web pages I visit and send god knows what who knows were. It's almost as an accident waiting to happen. The web is only secure when your browser is secure.
I like the natively handled content blocking approach much better.
I'm not deep in the ecosystem and certainly no expert but I got one of those small iPads for free and tried using it as a device for browsing the web.
AFAIK there is no way to make Safari execute any cosmetic filters at all. (My uBlock Origin setup lists ~50k network filters and 150k cosmetic filters)
There are cookie notices, social media buttons, premium newspaper article headlines, comment sections, fixed elements and content "suggestions" everywhere. Unusable.
I use css filters in ublock origin to increase the font size of the HN comment titles because I often miss the collapse or vote links. ...or to block the food suggestions in Googles shoppinglist that, by appearing as an overlay, always hide the first list entry to suggest me to buy "hamburger". (I'm not joking.)
I still do have the device somewhere and I am open for suggestions on how to get control over the content (or at least remove ads) on an ipad, but I don't think there is currently any full content-blocking solution for iOS.
Which is a shame because (in my case unbearable software aside) the device does not appear bad from a hardware perspective.
I guess the argument is "is it worth it to save some people the privacy issue of extensions phoning home the pages you visit by requiring the ad-blocking to be a rule list and not rely on synchronous webRequest blocking". Safari's webRequest change also blocked even monitoring webRequest URLs, so the current adblocking solution is to only provide a list of blocked patterns, and it seems to work for me.
I had already switched my mobile browser to Firefox explicitly so I could use ublock. And now it's time to move to Firefox in the desktop. I appreciate Google helping with the decision.
You seem to be assuming that the people maintaining the rules have been somewhat lazy so far. uBlock origin has the reputation of being pretty performant though, so I'd assume the engine and rules are already well optimized.
That aside, I wouldn't want to bend backwards just to comply with how Google wants the world to work. I'd rather use Firefox.
It would be hard but I think it might be possible, provided some time is put into coalescing rules in an efficient way. (I have done something similar and couldn’t quite manage to get it to fit, but I didn’t look at it for too long.) One issue that still remains relevant is that adblocking lists usually grow with time and require more features as ads evolve, so it’s not clear that the new API will continue to support this.
What a needlessly hostile title that editorializes and doesn't match the linked article.
@dang can you change it to match the site? I think this submission violates the site guidelines on titles. The original title is "Google Begins Testing Extension Manifest V3 in Chrome Canary" and doesn't include the ad blocker flame bait.
"Otherwise please use the original title, unless it is misleading or linkbait; don't editorialize"
The bit about adblockers provides context on why this article is worth my attention. I'm not an extension developer, so "Extension Manifest V3 in Chrome Canary" means nothing to me.
But this:
>The most controversial aspect of the extension manifest v3 is the upcoming changes to the webRequest API. In v3, Google has changed the API so that extensions can only monitor browser connections, but not modify any of the content before it's displayed.
>Instead Google wants developers to use the declarativeNetRequest API, which has the browser, not the extension, strip content or resources from a visited web sites. This API, though, has a limit of 30,000 rules that can be created.
>Unfortunately, this change will break popular ad blockers such as uBlock Origin, which rely on the original functionality of the webRequest API and need more rules than are available in the declarativeNetRequest API.
It's also completely misleading and perhaps willfully so.
The limit's been raised. The removed API is used by half of all detected malicious extensions to spy on users. Ad blockers will continue to work fine with the new API, just like they do on Safari now.
I didn't use an adblocker until every single site began competing on how much of my screen can be a billboard telling me that I won't last two minutes playing their game. If the new changes make it past testing and there's no strict anti-ad abuse policy put in place, I'm jumping ship.
I'm the one who switched my whole family to Chrome back in the day to get them off IE. I have no problem doing it again this holiday season. Firefox for everyone.
No idea what Google is thinking. In one short decade they've become the new villains of the internet.
I moved earlier this year, it's been a good experience overall. The dev tools, which were what was holding me back, are _excellent_ and improving all the time.
Only thing I'd really love to see are container-specific windows, so 'Work' tabs would open by default in my 'Work' window.
I use brave but some brave allowed ads seep through. I have no issue with ads; I just don't like tracking and insane JavaScript pop ups taking over the browser without the user invoking a deliberate action.
On mobile i use brave, and when things break I switch to chrome. I tried Firefox multiple times, but I can't help but miss the swipe the address bar to go from tab to tab. I always revert back to chrome. So it's more of a convenience for me.
But if I had to choose between adblock or swipe to switch tab, then they made the decision for me. There is no way I can ever browse the web without an adblocker
Brave blocks ads natively, even on mobile. It's a pretty nifty browser for when you want chromium. Firefox mobile is slower in comparison, but their extension support is killer tbh.
I've given up on Chrome a long time ago (using Firefox now), but I think the best way to block ads for good is to use Pi Hole as DNS. I've set it up a couple months ago at my home, plus a Wireguard tunnel so that all connections from my laptop and phones go through that DNS (with the added benefit of encrypting all my traffic over unsecured networks).
Why should it? Most ads are toxic. Even if the site is well-intended and doesn't put too many of them, the few ads are still going to track you and disregard your privacy.
If site has ads served from main domain you can't block them
You can block ads with some static files on subdomains/domains, and this drastically change content (like how is image sites looks like without images?)
So, using DNS filtering for big ads providers is OK
For small and smart ads providers will not work
And I mean ads and tracking the same thing. While you can block all kind of "analytics", at the same time you can't block web-server logs with your IP (cookies, etc)
They don't realise how easy is to swtich, and ads already started to anoy almost all. Searching for Subscription model or other model is the key here. Apple with their lower price iPhone 11 sensed it, and acted to increase their service revenue while Google yet to have streamlined payment gateway let alone reliable subscription service product wide.
Now that they're pushing forward with the artificial limits, I'm looking forward to moving back to the days when large software was deployed on floppy/discs. I can see it now: "ublock origin part 1", "ublock origin part 2", ...
In current form, yes. The article pretty clearly states:
>Instead Google wants developers to use the declarativeNetRequest API, which has the browser, not the extension, strip content or resources from a visited web sites. This API, though, has a limit of 30,000 rules that can be created.
>Unfortunately, this change will break popular ad blockers such as uBlock Origin, which rely on the original functionality of the webRequest API and need more rules than are available in the declarativeNetRequest API.
Looking at an old picture of ublock origin block lists: https://www.bleepstatic.com/images/news/u/1100723/uBlockOrig... we can see 150,000 rules. The whole point of a rules list (easylist/easyprivacy) is that they're easy to maintain, since it should be a surprise to no one that adding new ad domains is trivially trivial. EasyList alone is 30,000 rules and it alone is woefully insufficient for a modern-day browser. The declarativeNetRequest only allows for ONE type of filter to work. The static kind, i.e. the old, deprecated, bad, insufficient kind.
The way ad-blockers work at the moment is that the authors of ad-blockers work hard to not break the websites they block adverts on. This is good for users. This change means ad-blockers will need a different, simpler approach that probably will break far more websites. For example, you could write a very simple ad-blocking script that just denied requests to load JS from any third-party domain. That would break a lot of websites, but you wouldn't see many adverts.
I'd rather have lots of broken websites than websites with adverts. I suspect a lot of web users feel the same way.
It does not; actually, I’d argue that the adblocker I’m using right now works just fine. I cannot see how it will do in the future, but it’s just incorrect to say that this change kills all adblocking.
It does kill the really effective ones like uBlock Origin by removing any ability to do heuristics, "right click to block", "IAB sized divs" and similar dynamic detection. The 30k limit is also too low. So, a bit of hyperbole, but it DOES kill the best blockers.
Everybody saying declarativeNetRequest is sufficient and Apple's Safari content blocking works perfectly fine is entirely missing the point. Both of those statements are true enough, _for right now_.
Losing the ability to modify content in this manner means adblockers can't compete in the arms race against advertisers. Anti-adblock scripts running locally with randomly-generated names will render this sort of declarative content blocking ineffective.
I am so glad that it's a while I have started migrating off Google, Gmail and Android and I am Chrome-free for almost two years now (Syncthing and DecSync helped a lot).
However, I think Google will exploit their browser-market-dominance to bend web tech to make escaping from ads impossible, same as what they did with DRM.
Sooner we move off ad renvenue based products the better. Surely there's a way to get people to pay a tiny bit to get great quality products that don't fuck them in the arse.
We need some benevolent dictatorship in tech to sponsor this ecosystem.
We have seen that floated many times but I am afraid it is a non-starter. It has the same exact issues as Clickbait but calls for a large infastructural change. Just having a convenient pay mechanism would be an in practice security vulnerability from scareware. Plus like subscriptions the owner practice often will be "do both at once"!
Is it that the people posting in this thread are.. authors or stakeholders of malicious extensions? Do they all work for Mozilla? Are they a part of some rival industry which stands to benefit from the fall of adtech? Have they shorted GOOG?
Surely it would be strange to class arguments from users who want to continue to block ads in their browsers the same, effective way that they have been for years as motivated reasoning. What sinister motivation am I missing?
For whatever reason they all seem determined to put Google in the worst possible light and ignore any arguments to the contrary. I can't speak to the motivation other than "hate Google".
If you consider your own reasons (which only you are privy to) for supporting Google's actions in this case, you might find that you're stretching to meet a narrative. And sure, they might be too, but we can't really claim that fairly without peeking inside their minds.
All we really know is that they are annoyed that Google is neutering an extension which they like to use, which makes enough sense that speculation on their motivations isn't really justified.
I use Firefox as my main browser and have Vivaldi, Brave, Edge, Installed for testing purposes. I just need to migrate my email away from Gmail hmmmmmm. Any good suggestion?
Did you link to the right thing? That isn't a deflection, they're asking permission to sideline the issue on uBlock's issue tracker into a discussion about Chrome/Chromium's extension policies, which incidentally they didn't get a clear answer to.
> I also don't want to hijack this without the project's permission. @gorhill & contributors, do you mind having this discussion here or would you prefer if we moved it elsewhere?
I haven't really been following this issue, but I did read the linked reply, so I may be missing some bigger context.
That's the correct link, and it is deflection. When developers tell you that the extension review process is so unfair that it feels like bullying [1], and ask you what changes do you plan to introduce to prevent this, the least you can do as a developer advocate is to briefly answer the question, then open a thread on Google Groups and invite people there to continue the discussion.
What they did was to introduce a break in the discussion. Most people subscribing to that GitHub issue, which was trending on HN [2], will not start monitoring Google Groups for any new discussion that may take place, which reduces the likelihood that there will be enough people pressuring them to give clear answers.
This is classic modern Google. "Advocate" probably means he is advocating for the Chrome Extensions Team and not the Chrome extensions. That would allow him to have an internally consistent world model and is probably how greater corporate Google interprets the title.
So communicating what the team is doing to the outside world, not defending the utility of the extensions.
Even if you don't share their opinion, you have to accept that some people honestly believe that advertising is necessary for funding the open Web and keep it open for people who either can't afford tons of subscriptions or hate them for privacy reasons.
Realistically, Mr Vincent is not in charge of being an advocate for anything other than Google's corporate interests. But he is not in charge of destroying extensions either. He may well be in charge of destroying ad blockers though.
I don’t accept that these people think they are helping create an open web. I think they’re trying to make their stock options worth more and appease their bosses.
I don't know Mr Vincent or anyone else at Google, but it seems unrealistic to assume that no one at Google could possibly believe that advertising is helping not hurting the open Web.
Stock options and bosses with different incentives are available at other employers as well.
>I don’t think anyone could be naive enough to believe ads help the open web
I don't think assuming bad faith with absolute certainty is a productive form of debate.
[Edit]: As a matter of fact, I don't believe that advertising is entirely replaceable as a funding mechanism for the open web at this point in time. That doesn't mean we have to accept all its excesses without resistance.
>Most other employers don’t have a near monopoly on the web browser market.
A near monopoly is not a prerequisite for an employee to make a lot of money somewhere else, especially not for someone in a PR role like "advocate".
> I don't think assuming bad faith with absolute certainty is a productive form of debate.
It’s not a debate though, Google is removing these user friendly features and sprinkling some marketing speak over their actions. It’s right to call them out on that. Also, if your job is to be the face of that marketing speak, you should expect people to question what you say.
[edit] Funding and openness are tangential. A system need not be profitable to be open. Look at open source.
I don't think open source is a viable solution for all currently ad funded services. Some services cost a lot of money to run and many indirect funding sources come with their own downsides. Open source projects are often leveraged by some of the largest corporations for their own strategic purposes that don't necessarily help openness.
But my original point was simply that this is a non-trivial debate in which all sorts of opinions can be honestly held.
> ...advertising is necessary for funding the open Web and keep it open for people who either can't afford tons of subscriptions or hate them for privacy reasons
That's a minor issue. The bigger issue is the fact that, if adblockers become truly popular, websites will go back to serving opaque binary blobs instead of HTML+CSS+JS.
Remember Flash and 'Flash pages' back in the day? That, except worse.
I'm not sure that is worse. A vast majority of the primary source web has no in page ads as it is things like orgs talking about their own products. If I could reliably filter the entire ad funded web from my search results on the basis of their using a blobs/DRM feature, I'm not sure how often I would do a search on the derivative web.
I don't think sites will bake ads into the blob. It's too much server-side hassle. The equivalent today is just serving the ads from your own domain, and precious few people do that. The other option is a binary blob making a network request to an ad server, which can be blocked.
I know people who are building this as a service. It renders this new adblocking API completely helpless. Since it's just a proxy with relatively low CPU load, it's feasible e.g. Cloudflare could also build something like this.
I have found that picking at people for a decision that you don’t agree with is rarely useful; we already have people going through GitHub to find instances of other “disingenuous” behavior. Like the decision or not, the change is the product of an entire team at Google, and it’s not productive to harass the one person mentioned here because they’re an easy target.
Google has been perfecting this language over the past few years, with press releases/blog posts of fame such as: "We're evolving Google Fiber" (read: We're killing it) or "We're releasing the End-to-End email encryption extension to the community" (read: We're abandoning developing and supporting it for Gmail), etc
I remember clearly an interview of a very famous IT billionaire going this way:
- What's the most annoying myth about you?
- A myth migh be that I'm the most generous philantropist of all time. [...But] I havent' sacrified my time or economic well being the same way lots of unamed, amazing people do. So they're the worlds best philantropists.
This is the least subtle humble-brag of all time. "People says I'm so incredibly amazing. But they are wrong. There are out there more amazing people." is gotta be next to the job interview answer "my biggest weakness is that I work too much" in the BS book.
But the reactions to the interview are still, to this day, "this person is so humble", "he is such a good man", etc.
Except that people do, in fact, say things not so far from "Bill Gates is the most generous philanthropist of all time". If you put "most generous philanthropist of all time" into your favourite search engine, I bet you will get a lot of top-N lists and I bet Bill Gates will be in all of them. (Unless they're things like "most generous philanthropists you've never heard of", "most generous female philanthropists", etc.) If I put that exact phrase, in quotation marks, into Google, the result I get up at the top is an article from 2007 (so, well before that interview) making that exact claim. [EDITED to add:] More precisely, it calls him "perhaps the most generous philanthropist of all time".
I don't think it really counts as a humblebrag to say "it's a myth that I'm X" when there are in fact a lot of people saying you're X.
He could, for sure, have gone further out of his way to avoid humblebragging: he could have said something like "I think a lot of people overstate how generous a philanthropist I am". But he was asked, specifically, what the most annoying myth about him was, and all the anti-humblebrag tactics I can think of right now avoid humblebragging by not stating a specific proposition at all -- so they fail to answer the question he was actually asked.
And he could, for sure, have picked something else, maybe something about his time at Microsoft. But these days he's much better known as a philanthropist than as a Microsoft founder or executive, and I bet the things people (truly or falsely) believe about his Microsoft career aren't the things he considers the most annoying myths.
I find it interesting that Google thinks they are going to get away with this. I'm afraid they might be right.
I've been on Firefox since they launched their quantum version a few years ago after a few years of using Chrome. I like Firefox but I notice a lot of people around me seem to default to Chrome. Things work well enough on Firefox that I don't consider compatibility a problem. But I do get a lot of raised eyebrows from people who consider this an extreme thing to do. Just like back in the day where I was doing most of my browsing with alpha builds of Mozilla Phoenix instead of just using IE like world + dog.
But what matters is that the market has changed. 15 years ago when MS made their anti competitive moves with IE and in the process helped Mozilla survive their Netscape implosion through reinventing themselves through their Phoenix -> Firebird -> Firefox reinvention (I used all of those). However since then, the market has consolidated around just 3 browser engines: Chromium, Webkit/Safari, and Firefox. Of those Chromium essentially powers all of the Chrome alternatives that aren't Firefox or Safari (Edge, Brave, Opera, etc.). Another change is that the web has imploded to just a handful of websites gobbling up most of the traffic. Yes there are a lot of websites but mostly the way to them leads via Google, Facebook, Apple, or MS owned properties.
Finally the ad market has changed. GDPR and related efforts in other markets (including the US) are pushing the market towards more responsible behavior with respect to getting users to opt in and to ad experiences that are increasing harder to block because they don't necessarily come via separate websites and domains.
There's also the giant shift to mobile. Google and apple would like you to use phones and tablets to the expense of desktops because they can control those platforms better. So they are building their platforms with those in mind, unintentionally-or-not crippling desktops
Off-topic: because of this, I was thinking of moving to Vivaldi and it's really sad how unpolished and slow their UI is... it's almost as if it was a beta, still. I wonder if they use it themselves...
It seems to me that they want to reinvent the entire Chrome UI but they don't have the necessary manpower to do it properly.
Internally, businesses run whatever system they want, but it is almost always an authoritarian hierarchy. (Do what you're told or leave. Various amounts of arguing or grumbling before you do may or may not be tolerated.)
The language used in bad times is telling. You'll hear managers talking about how it sucks, but is needed to save the company ("individuals must suffer for the greater good").
Externally, businesses reflect the political preferences of those who control them, but they tend to prefer weak states they can influence or control. Democracies are harder to control this way because the stakeholders are diffuse. Centralization, strongmen and corruption make things easier.
Not sure if this is tongue-in-cheek, but the key consideration here is that of authoritarianism (which is capable of being used in conjunction with plenty of other -isms, including socialism and capitalism). Corporations tend to be largely authoritarian as well (i.e., you are expected to respect your boss because they are your boss (and if they deign to respect you, this is regarded as magnanimity); possession of authority in authoritarian contexts is circularly self-justfiying).
I wonder how much of this is actually about Adblockers... vs Googlers just wanting to make some performance numbers go up in aggregate to make their own internal company stats better.
As someone who's used digital advertising in the past I wouldn't really care about forcing my content upon all customers. It's a self selected opt-out for someone who won't ever click anyway.
The real problem is news websites don't show restraint and shovel (so, many) ads to customers, making impressions go up and clicks go down. IMO ads won't go away and adblockers won't kill them completely as too many market forces (privacy, performance, revenue) is making the industry adapt.
Disclaimer: Personal opinion, Googler, not in ads or Chrome.
This is absolutely the real thing hurting online advertising right now. Nobody wants their eyes molested by that many ads, and it makes the user's eyes glaze over. Fewer, better quality, better placed, and less obnoxious ads have consistently worked out better for my clients in terms of clicks.
Given that they added an arbitrary limit to the number of rules that is high but not quite high enough for modern adblockers I'm gonna assume this was intentional.
Apple/Safari adopted pretty much the same architecture on Ad Blockers. Maybe just maybe the conspiracy theories are all wrong, and there was actually a legitimate, technical reason for choosing a restricted API.
If there was, they could've communicated it clearly already a year ago. There is no reason to give Google the benefit of the doubt, since it's clear they're not trying to get it.
If this rolls out, I'm going to very loudly tell my friends to use Fox, and not stop.
They have, https://docs.google.com/document/d/1nPu6Wy4LWR66EFLeYInl3Nzz..., and reading it I have always thought it makes sense, as much sense as why Safari decided to do it. However, I don't think I have ever thoughtful discussion why their intended goal (security and privacy) is wrong or could be done in other ways.
I feel sad that each time this comes up even on HN it's always "Google, ad company, bad". There's a mention elsewhere about 30k limit being limiting. Why aren't we discussing alternative enforcement metrics, and request for inclusion?
> maybe [...] there was actually a legitimate, technical reason for choosing a restricted API
Without any further explanation that sounds rather unlikely.
The change is very publicly criticized and keeping legitimate reasons that could've increased support secret is a really counter intuitive strategy.
Apart from that I think it's not far-fetched or particularly conspiratorial to assume that an ad-company might have an interest in restricting ad-blocking.
"When you hear hoofbeats, think of horses not zebras."
I use Safari because it gives me freedom. I paid Apple for their product, now I own the product. It works well except for some Chrome demo apps(which gives me the chills "For the best experience use Internet Explorer" == "Your browser is not supported, use Chrome 46 or newer")
You can bundle many rule lists inside one extension. It's how 1Blocker works, and I did it myself for my own adblocking extension.
I'm not sure if this is possible in Chrome's proposal though.
Maybe this change will finally get people to prune Easylist which had 30% outdated cosmetic-filter cruft when I last sampled it along with hobby horse websites <0.00001% people would ever visit. Right now it's basically like an append-only legacy CSS file.
And the limit is easily circumvented by having multiple extensions. I've seen Safari extensions that split themselves up to one extension per block list.
Google is an advertisement company there is nothing conspiratorial about them using their market share to force ads on people. After all whats the point of supporting chrome if it sells no adds.
1) avoid being locked out of platforms by not controlling the default search. Apple and Microsoft could either extract a high toll, or crush search engines by controlling what search engines people see by default. On iOS, Apple does extract a toll to be the default, but MS was denied this, by Chrome beating out Windows Mobile and Edge/IE. If your company is wholly a web company, and someone else controls the key onramps to the web, you're potentially in trouble.
2) If the Web becomes a toxic wasteland (which was happening prior to Chrome when IE6 ruled), users flee more towards silo'ed platforms and apps. A healthy web is as beneficial to Google as a healthy forest is to a timber company.
It's like saying "The New York times is an advertising company, not a news company, so why would they invest in journalism schools if the point is to sell classified ads?"
And then there's just plain old interest in technology. Lots of projects at Google start from 20% engineers time, and grow to large successful projects, without any business model, they're just costs. You've got more than a thousand open source projects I bet being run by Google engineers, the majority of which exist because someone wanted to scratch an itch. Go, Angular, Tensorflow, Guava, et al, don't make money and aren't intended to.
(You need a standard disclaimer for your employer in this particular thread.)
I disagree that Google is a web company proper. It might have been years ago, but nowadays Google is capable of bending the very rules of the web and internet at their liking. As a result it can now essentially define what the web (okay, the modernish web) is, and that makes your points moot. Also Google's open-source projects are irrelevant to this discussion, much like that using React doesn't void your rights to criticize Facebook.
With Google's new API, all ads can still be blocked. There will be a limit for network request blocking rules, but it's very high so that normal users don't reach it. And for those that reach it, only network requests are affected, so adblockers can still use other APIs to hide the ads.
You can use other APIs to hide ads (i.e. prevent them from being displayed), but they would still be downloaded so you lose the privacy, performance and security benefits of the ad blocker.
It makes sense to me that a company that is heavily invested in an ad-driven internet economy would limit the use of ad-blockers in their very popular browser. They surely weighed the risks of losing some users to better browsers, and probably found that they were by now acceptable.
I don't know if this actually helps Google show more ads. With a 30k rule limit, I'm imagining most adblockers will prioritize the most common ad domains, and I'm pretty sure Google would be at the top of that list. This may really be a win for the long tail of smaller ad networks rather than the bigger players.
Most of the web browsing happens on mobile devices where Chrome has a staggering 5B+ installs (though possibly not all active) vs Firefox's 100M+. Chrome on mobile never did support extensions let alone content blockers.
The manifest v3 offensive is meek compared to their hegemony already on display in the Android world which has 2B+ active users that almost exclusively use Chrome.
I see an anti-trust case in here somewhere or for Mozilla to simply buckle up and sign deals with OEMs that makes them the default browser and webview on Android.
Wow, the amount of negativity here is awful. I looks like most commenters have not even read the article...
First of all, the HN title is not the title of the article. HN mods, please change it to reflect the actual title of the article.
Second, to me this does not seem as some attempt by Google to actively block Adblocker extensions. They are proposing a change to the API (Manifest) to no longer allow manipulation of content, which I think is a good thing from a security standpoint. They also propose reducing the number of content stripping rules to 30k. Now, I'm not familiar with add-on development, but this sounds like a constraint that was implemented for performance reasons. This constraint will break add-blockers in their current form, but there is no reason for me to believe that this will make content filtering impossible.
It is also clearly stated that the V3 manifest is in early testing phase. Nothing here is set in stone.
As 'yipbub says, the amount of negativity here is appropriate. The topic of Manifest V3 has been discussed to death over the past months, and the conclusion is, it does cripple ad and tracking blockers. The security benefits of this change are at best dubious[0], the performance argument is nonsense, and it really does look like the primary goal of this proposal is to make it impossible for browser extensions to effectively prevent users from being tracked. In the months since the initial proposal, Google has done nothing to suggest this is not their goal.
They announced this back in May/June - the whole 30k rules things.
Current rules list easily exceed that number. They said back in May/June that they would consider looking increasing the number of rules - they clearly haven't chosen to increase the number in the intervening time. Maybe they are waiting for more actual testing, but they're not setting themselves up for an easy time.
It's also honestly a little rich to worry about the performance impact of ad blocking given the performance impact of ads themselves.
Mods, can we have this title changed to match the article? It’s not accurate, as Manifest v3 does not “kill” adblockers. (Whether it cripples them or not is still subjective and does not belong in the title.)
Did anyone actually read the submission? The title is clickbait that doesn't reflect the content.
The change here moves modifying content of the webRequest to the browser from the extension. This is fundamentally more secure. Allowing third-party extensions to inspect and _modify_ arbitrary HTTP requests is nothing short of dangerous.
The new declarative API (from the article) limits such extensions to 30,000 rules. I honestly don't know what impact this will have on ad blockers. At worst it seems like ad blockers will become less effective as simple logic tells you that some rules matter more than others and the least used rules will simply be dropped.
So rather than be alarmist and use this to feed into the tired narrative that "Google is killing ad blockers because it's an advertising company" (paraphrased) we should be pushing for changes that make this workable, such as:
1. Having a higher limit than 30,000; and
2. Working on ways to condense N rules into <N rules. There must be ways we can be more expressive so that we don't require as many rules, no?
I honestly don't like the fact that I have to give a third party developer so much privileged access to run an ad blocker and I'm surprised anyone else is. Extensions can be compromised.
> So rather than be alarmist and use this to feed into the tired narrative that "Google is killing ad blockers because it's an advertising company"
That’s not alarmist, it’s the obvious truth. As a user I should have complete control over what runs on my machine. I don’t need Google “protecting” me (by breaking ad blockers). Google is the single most destructive force in the tech industry today. Very much like Microsoft in the 90s. We should resist their attempts to embrace, extend, extinguish and we should be insulted that they couch these changes in marketing speak that pretends to be pro-user when it’s the exact opposite.
> As a user I should have complete control over what runs on my machine.
You do. By running Firefox. This level of control might be useful to you but it's not to most users. As much as power users chafe against things like the App Store, for example, this is clearly a win for most users. Limiting what a malicious extension could do is very much the same because I can guarantee you there are scams to get users to install malicious extensions.
How Firefox should respond here is to make ad-blocking a first party solution. In that Firefox itself is responsible for the blocking and all extension writers are responsible for are the rules.
At that point you will have a solid story that FF is putting the user first.
Beacon.enabled default is true, and the password manager defaults to sending passwords to a remote server. MozCo is not user friendly. Their main focus is on keeping the Google money flowing.
Only to those who are woefully ignorant of how any large company work and are unable or unwilling to see passed their own desires. But let me ask you this, even if we stipulate it's 100% true, how does that help? What does that accomplish? You've simply stated an opinion that those who agree with you will cheer for (changing nothing) and those who disagree with you won't change (also changing nothing).
People have this overly simplistic view of how large companies work and ascribe malice to Google in particular for what's essentially just chaos. And I say this as a Xoogler.
There are conflicting forces in Google that include, but are not limited to:
1. Protecting the ad revenue business Google is utterly dependent on; and
2. Promoting user privacy and benefits because that's what gets users to keep using your products.
Even (1) comes from a wide variety of motivations such as:
- Making more money;
- The belief that ad-supported models are the only model that works so advertising is an absolute necessity to providing services on the Web.
> I don’t need Google “protecting” me
And again, you seem to be deliberately missing the point here because you say "I" a lot. What about your parents? Or grandparents? Do they need "complete control" over their machines? And consider for a second the scenario where you're not giving them tech support.
This "complete control" is exactly what enables botnets (many of them anyway), fraud, theft, DDoS attacks and so on.
> So rather than be alarmist [..] we should be pushing for changes that make this workable
If, as the author suspects, the intent is to break popular adblockers, I have no interest in trying to make this workable.
Personally, I think this is a typical half-legit move: there's a good intention (security) but it's also hard to believe they did not realize that by pushing these changes, they were going to break several of the most popular extensions available. And, that the direct impact of this would be that for a short moment (at best) many more ads were going to be displayed on Chrome.
I think we've seen a lot of these half legit moves recently (apple battery scandal?). So I'm starting to be more and more suspicious.
Not just page content. They can read your cookies, they can see all requests (just not modify them on the fly). The extensions tracking you acting as spyware will see no change, the other kind of malicious extensions that want to modify your requests will still do so by modifying the DOM of pages for example.
So the "security" reasons google gave have long been debunked as non-sense.
The other half is the performance reasons. What's the performance burden of calling a (chain) blocking webRequest listeners? Last time I checked it was single digit milliseconds per request. So a very ad-laden worst-case website with 100 requests will spent maybe 500ms in the webRequest listeners, but will still load faster thanks to all the cruft being blocked away. So what's the win for performance exactly?
How hard exactly is it to use Firefox instead of Chrome? It literally takes 2 minutes to switch. This isn't a Microsoft situation where, at the time, there was no alternative to Windows. It is the easiest thing in the world to change browsers. Google knows this too.
> How hard exactly is it to use Firefox instead of Chrome?
I don't understand, you're saying these discussions are useless because anyone can switch to Firefox anytime? But why would anyone decide to switch to Firefox if it weren't for these discussions. This is not something users can experience directly (like bad UX), clearly they need some level of understanding.
And Google taking full control on yet another thing on the web, does sound like a slippery slope to me.
> Allowing third-party extensions to inspect and _modify_ arbitrary HTTP requests is nothing short of dangerous.
On the contrary, I think google removing this ability actively removes user choice. A choice that I think users should be able to make.
Slippery slope argument: I run a PiHole on my network. Perhaps Google should also absolutely require DNS over HTTPS in Chrome, too, because it's nothing short of dangerous to allow third-party DNS servers to inspect and modify arbitrary DNS requests.
> Extensions can be compromised.
It's also Google's decision to make extensions auto-update by default.
30K is just not enough. Intercepting requests is still possible, just not blocking. Extensions have been already abusing this, of course. It's fiendishly difficult to prevent e.g. corporate users from leaking the whole intranet to SimilarWeb unless you completely disable browser extensions.
> I honestly don't know what impact this will have on ad blockers
But adblockers authors do know. Instead of accusing people of not reading the article, feel free to read what uBlock origin author has to say about this change.
This isn't just the rule limit, and the most powerful part of extensions imo is to be able to block/modify elements at the dom level. Both for ad blocking and for customizations (reflow pages, modify css, etc). If you don't feel comfortable giving access to blockers, it's not that hard to roll your own. Just read the format of easylist.
> extensions can only monitor browser connections, but not modify any of the content before it's displayed
And if requests are blocked then content publishers can very easily detect ad-blockers and intentionally degrade the user-experience or add nag screens that aren't part of the usual ad network code. If it's an SPA then it'd be almost impossible to untangle easily when the site's developers can add their "is-adblock-detected?" checks anywhere in their SPA codebase and mess with the UX at-will.
Ok, so of all the replies here, this is the first I've read that's actually raised a really good point. Simply blocking requests will make ad block detection easier for Websites. Then again, this seems to be pretty prevalent already (as in lots of sites I visit already detect this).
Most adblocking scripts I’ve seen work by detecting if an ad loaded into its ad-placeholder. If you disable JavaScript completely then you don’t get the nag-screen. Some variants use CSS to show the nag screen by default and only removes it if it sees the ad loaded fine.
But server-side connection-blocking or request-blocking detection works even when JS is disabled, but it requires a lot of infrastructure and cooperation between publishers, ad-networks, and more - both technical and political/business cooperation.
Eventually in the future, web-browsers will render a page twice: one fully-loaded page, hidden from the user, that the ad code will think is what the user sees, while a network-sandboxed version is shown to the user with the already-loaded ad images replaced with white boxes or so. The client scripts can’t tell the ads haven’t loaded and even if they did they can’t phone-home to snitch on the user, while the browser still made those HTTP requests for the ads so the ad-network is satisfied it made an impression.
Perhaps we could get fake ad-loading working without wasting downstream bandwidth by spoofing the IP source address field?
So, some handwaving and all concerns go away because they are 'tired narratives'. Why not just block all extensions? That's clearly the most secure solution.
> I honestly don't like the fact that I have to give a third party developer so much privileged access to run an ad blocker
Then don't, install another one that works the way you want. Or don't, because the limited blocking abilities you appear to find sufficient can be gained just as well using an external proxy.
In the new TOS of Youtube [1], it states that if your account is not deemed commercially viable, your Google account (i.e. your Gmail, your Google Photos, your Google Drive, etc.) can be closed down:
Makes sense they would make this decision, as Youtube is a big money-loser for Google and they want to do something about this. Still, this is more of a wake-up call to me than anything else that I need to get off Google.[1]: https://www.youtube.com/t/terms?preview=20191210#main&