Granular control over requests is completely lost in Manifest V3.
For example, with Manifest V2 we can initiate a request from a content script after we begin listening for it from the background script, pass a single-use token in the Accept header, identify the request from the background script based on the token, remove the token from the Accept header and edit other headers before the request is sent to the server, then manipulate the response for that single request and stop listening from the background script.
I use this workflow in Search by Image to grab an image from the page context when no CSP headers are present for the asset, and the image is only served if a certain cookie and referrer is sent. This will no longer be possible to achieve with the current API of Manifest V3. Extensions used for page archival will also be impacted.
Manifest V3 removes a robust toolset that content blockers can use the react to all evasion techniques ad companies implement, and the rest of the extension ecosystem will be part of the fallout.
Regarding the static list that Google is so graciously allowing us: When is it read by Chrome? Can we submit new lists whenever we want? Are there new API calls for manipulating the block-list?
Ugh this change really pisses me off, truly Google has fallen so far. Kind of like the promise of the web. :(
Dynamic session-scoped rules are also available, but the whole declarativeNetRequest API is way too primitive to efficiently defend against advanced techniques the advertising and marketing industry currently implements.
The allowed length of the rule list is also irrelevant, the API is designed to pose no real threat to state of the art ad serving and user tracking technology.
>Extensions used for page archival will also be impacted.
That has me more concerned than anything else. Christ...
Now I've actually got to read the horror that is browser code? I was looking forward to a nice dip into systems for a bit... Archival takes priority though. The signal must be preserved.
One of the interesing things about this story is that there appears to be no consideration of not "updating" to a new Chrome version. The idea of user choice in "updating" is completely absent. Why cannot a user say, "V3 sounds wonderful but I will stick with V2, thank you." A user has a version of a program that works for that user (e.g., with uBlock Origin), and Google can apparently forcibly stop that user from using that working version, through a process of "automatic updates". Users must "accept" updates which makes one wonder Google can pull this off. Does it not rely on user behaviour. By accepting every "update" without question, the user is effectively consenting to being controlled.
Perhaps users will someday "wake up" to realise that so-called updates are not necessarily being remotely installed for their benefit, but for the benefit of someone else. No doubt Google has some parallel construction type explanation why users need V3, but how many folks cannot see that they are letting the fox guard the henhouse.
Perhaps if ads can be blocked, so too can updates. (IME, it's possible.)
Companies rely on their fuckups to force you to update so you get the rest of the kool-aid right along with the stuff that is a must have. You can't say 'just give me that security stuff and hold the trash'.
Not within a single application, usually. You get the application updated or not, but not 'just the security fixes' and the rest of the application stays the same, especially not with the likes of Firefox.
Even if you could force every app development company on the planet to support two-channel updates for "security only" and "everything else", How long would it take for them to force non-security related updates into the security channel through some vague justifications?
When it comes to extensions, they can _only_ be installed and updated through the "Chrome Web Store", so even if you were to stay on an old Chrome version that still supports V2, Google wouldn't let you download any extensions using it.
(There is a possibility to side load extensions for development purposes, but it's not a real option for end users. All other means of side loading has been killed by Google some years back.)
I vehemently disagree with the big G edicts here but to put forth an argument that automatic updates to a known user software tool is THE problem in an era where automatic updates have reduced the attack footprint for a variety of applications is... confusing.
As 'anti-choice' as it may appear (AND IS) automatic updates for net connected software is how we have improved the general base level of security for the net.
Unfortunately that has been completely dependent on providers of widely used software focusing on security and brand image over self serving interests. Nothing has ever prevented these companies from doing what could be considered the "wrong thing" over the right thing to date and, in general, blocking updates would be the wrong thing.
With that said (written).... A project like this with an (mostly) open code base should have a veto mechanism to push the developers towards a different solution when something like this comes up.
There were over a dozen of 0day exploits this year alone. Some used in water hole style attacks, so not even that targeted. And these are state of the art incidents which would have pwned even users with all the updates installed.
After the patch has been pushed out, exploits become progressively cheaper so letting users to postpone security updates is a crime.
Ads, which is about running untrusted and usually hostile JS in your briwser, is the Pandora box of 0day exploits. Cut off ads, disable JS by default, and you'll solve 99% of 0days.
Just boycott Chrome, as a user and as a developer. And boycott any other Chromium-based browser altogether.
The only reason why a mediocre ads company like Google is managing to mess up the web is that it has >90% of the browser's market share, if you include all Chromium-based browsers.
If they can periodically break the basic functionalities of web extensions however they like (HTTP calls within extensions, background scripts, ability to manipulate the DOM...) just to ensure that people won't manage to block ads and trackers, and they still get developers to build stuff for their browser and they don't lose a single user, they can really get away with EVERYTHING.
Time to let them know that they can't really get away with everything. Google has been an evil company beyond redemption and with a net negative added value to the industry for too long and now it deserves to go down. MV3 should be the reason why developers should stop building extensions for Chrome, users should stop using Chrome, and other browsers should move to other web engines than Chromium.
If nobody follows Google in their efforts to push for MV3, then we'll be left with a limited browser with limited functionalities and nearly no extensions. Let Google sink in their own sh*t.
Firefox. I switched on all of my machines, MacOS and Windows, a few years ago and rarely have any issues. I was expecting it to be a rough ride based on what I hear around the internet but it was quite the opposite: seamless.
As with most things you'll hear comments on HN with both sides liking and hating it but I never experience the terribleness that comes from those that say it sucks. I also don't mind switching to Chrome when I absolutely have to.
edit: I also use FF on Android and I will admit it has a few more issues than it has on my PC, but nothing that is bad enough to make me use Chrome.
If you are on a Mac, I suggest that you try Orion browser (currently in beta) [1]. It is based on WebKit, with a custom port of web extensions API [2].
Not only that it runs Chrome and Firefox web extensions like uBlock Origin but we will be keeping support for Manifest v2.
I want to and put my email address on the website twice since this was posted on HN a few weeks ago. I never received even a confirmation that I was added to the waitlist let alone the actual invite for beta. Also what’s with sending out invites every 3 weeks? Without knowing the point from which you count 3 weeks, it’s pretty much useless information.
For all the claims that the sky is falling, I'd like to know which functionality is still missing in declarativeNetRequest. Extended rule limits, dynamic rules, and header modification have been added. What else is required for a functional adblocker?
This reddit thread barely seems to understand the issue, never mind the technical deficiencies of the API.
I think this is missing one of the most important points. Even if Manifest v3 was able to provide everything content blockers need today, it would still be bad. Why? Because blocking ads and tracking is a never ending race and content blockers are continuously adding new mechanisms to detect and block ads/trackers.
Manifest v3 declarative APIs are a snapshot of what is good enough today (although not quiet yet…), but will very soon be out-dated. Manifest v2, given the huge flexibility provided by its APIs, is a much better platform for innovation and adaptation in this regard.
With manifest v2, browsers are a platform and allow extensions developers to innovate and build powerful new features (some of which were not imagined before, and sometimes end up being implemented by browsers later on). It’s good for users and it’s good for browser vendors. With manifest v3, Google decides that that the status quo today is good enough, forever, and we do not need new things in the future (or at least not unless they decide to implement them in Chrome themselves).
Thanks for linking. So this post talks primarily about missing support for noop ("no operation") rules. Jumping into the uBlock docs, they say:
>A request can be blocked (block), allowed (allow), or ignored (noop). A noop rule will cause matching network requests to be ignored by the dynamic filtering engine, but those ignored network requests will still be subjected to static filtering (filter lists).
So the missing limitation in MV3 right now seems to be that things can be blocked or allowed by dynamic rules, but not ignored such that static rules (be they from a list or the user) can take over.
I'm not sure what use case that has exactly, but I'm guessing that could be a problem if a user wants to override an existing filter with a custom, dynamic rule. Is that the right idea?
The main issue is that both conditions and actions are limited. At the very least they would need to allow registering self-contained functions as conditions and actions, nothing less will allow extensions to have proper control over requests.
Yeah I am wondering the same thing. There have been several times in the past where it was said chromium would lose some of its adblocking abilities and so far that has not actually happened. This is one of those things that I will believe when it's actually in effect, but not sooner.
If you wanted to write a rule based on the edit distance between strings, it doesn't seem possible with declarativeNetRequest. This is useful for a lot of use cases, such as spam sites pretending to be a legit site by changing one character in the URL.
There's an extension api called onBeforeRequest() that lets Chrome extensions see urls that are about to be requested by the browser. It allows you to examine the url and do whatever code heuristics you want to decide whether you want to block it.
Google is removing that dynamic blocking ability and providing you with a way to supply a static list of blocked urls instead. No ability to use code to implement a dynamic list.
It's somewhat similar to taking a virus scanner and only allowing it to identify a virus by the filename being in a static, pre-generated list.
Also, Google says they are doing this for privacy reasons. Which is funny, because OnBeforeRequest() isn't going away, just the ability to block a request inside of it. You can still see every request, inject javascript with content scripts, exfiltrate data, and so on. You just can't preemptively stop a url/resource from being loaded using code...only a static list of urls. You can guess the type of extensions that depend on that functionality.
I pointed this out in a thread yesterday too, but the whole point is that you will no longer need to grant "see all my requests" permissions to ad blockers. In fact, due to the removal of the old blocking API, if an ad blocker asks for such permissions it's highly suspicious.
I imagine ad blockers also use content scripts for things like blocking ads based on images that are known IAB sizes. In that case, they have another avenue to watch requests.
I'd give the privacy angle more credence if they were really locking down everything. They aren't, because extensions would then be of very limited use.
It blocks requests based not merely on the full url, but just parts of it such as the the filename or path, or based on which tab or frame the load is for.
Heuristics can use information like parts of the url, context of the request (origin domain for example, or "request is coming from an iframe"), existence of third-party cookies, already detected page behavior, and so on. It also allows for updating the rules on the fly. Like if I allowed something, but it turned out to be a bad idea.
And Chrome won't allow the extension block lists to include regexps/wildcards, they all have to be FQDNs?
It seems reasonable to require a static list for privacy reasons. But not supporting pattern matching rules would seem to be an explicit attempt to stop ad blockers.
The privacy advantage is not giving extensions access to what domains you are browsing. The extension declares a static list but doesn't know what did/did not match.
Because if the extension knows what URLs you're accessing, and can send that data somewhere, that's a major privacy concern.
So this makes sense and seems good for privacy. But if it breaks uBlock Origin significantly, that seems like a very bad thing.
It’s a good theory, but it will still be possible to get an event for every single item that gets loaded. All they removed was the ability to block individual loads in that event. It is still entirely possible to collect that list of urls and snitch on the user.
From what I gather, this "Manifestv3" will change the permission system of browser extensions. Extensions won't be able to inject themselves into any website anymore, hence adblockers, which do this, won't function anymore. This may not be completely accurate, but I think is the gist of it. Maybe someone can correct me.
The Chrome devs claim that this is to enhance user security, but I have my doubts about that.
An extension can steal personal data and manipulate pages with Manifest V3 APIs just like before, it does not become any harder for extensions to compromise browsers. There may be an argument that it becomes a bit less performant to execute the JS required to thoroughly compromise a browser, but I don't think such malware cares about microsecond performance losses.
Ad blockers will no longer be able to have granular and complete control over requests. Extensions will still be able to observe requests, but not edit them on the fly based on advanced and dynamic criteria.
Extensions will no longer be able to neutralize all current and future evasion techniques the advertising and tracking industry implements. Ad blocking and tracking protection extensions will be forced to degrade technologically by about 5 years, and then stagnate.
Lots of things are changing. Here is Google's migration guide.[1] I've also personally seen some issues with the `<all_urls>` and `https://*/*` permissions to allow access to all pages, though I have not seen those well-documented elsewhere and it could just be user error. I've gone back to Mv2 for now, planning to fork Chromium to re-enable it for my personal extensions.
FYI Brave Browser doesn't intend on deprecating Manifest v2 and the blocking version of the webRequest API[0]. A discussion has even started on whether to stand up their own extension marketplace[1]
> As we look to the future by continuing to iterate on and improve upon Manifest V3 functionality, we also want to share details about the plan to phase out Manifest V2 extensions.
> There are two key dates for the phase-out:
> January 17, 2022: New Manifest V2 extensions will no longer be accepted by the Chrome Web Store. Developers may still push updates to existing Manifest V2 extensions, but no new Manifest V2 items may be submitted.
> January 2023: The Chrome browser will no longer run Manifest V2 extensions. Developers may no longer push updates to existing Manifest V2 extensions.
Fuck. Just when I got used to Chromium due its nice profiles feature.
Sigh. Back to Firefox then. Or perhaps I should just stop using the web for anything except the necessities. Now that I think about it, that would probably make my life better in more than one way.
You can run the profile manager from the terminal with `firefox --profilemanager` and manage the profiles from there Then you can create separate 'shortcuts' for each profile with this `firefox --profile [path to the profile]`
This is a workaround for the lack of proper UI, maybe mozilla will make a better UI if users start asking for it
I actually want the kind of UI chromium provides, where I can see from the background color directly in which "mode" I'm in. This makes it easier to separate work from non-work.
As pointed in the answer above on a similar question there is 'about:profiles' internal page in Firefox, so one can manage all the profiles (add/remove/rename/etc) and then during normal start of Firefox select which one is needed to be started.
The end game on this is that there will be browsers that support ad blocking and browsers that don't. Content vendors will go all out on blocking users that don't use their preferred mandatory ads browsers, and the 'web' as we know it will suffer.
Time and time again I try to switch to Firefox. But it always seems to fall short (for me at least).
I rely too much on separate profiles to disconnect work-related browsing from personal browsing. Separate bookmarks, sessions, browser plugins, sync preferences etc...
A UI that's as powerful is literally all that is needed for me anyway. Its such a shame they've neglected the Profile Manager.
I know this doesn't address all of the points you brought up, but I heavily use Multi-Account Containers[1] to isolate social, work, shopping, etc. It works well, for me. I don't miss Chrome profiles.
The last time I tried the Multi Account Containers add-on, it randomly wiped my list of websites after browser restarts and upgrades and there was no way to export the list of websites I had containerized. IIRC, there still isn't a way to do it unless I use Firefox Sync, which I don't.
The addon was also basically abandoned for quite some time with lots of bugs all over the place and was revived only recently. It was an extremely painful experience, to say the least.
I still use the Containerise addon instead because of that unpleasant experience.
That's a shame you've had a bad experience. I've covered many people over to it with most using it extensively with no major issues. I wonder if your issue had been resolved?
Personally it's the integrations. I have a Chromebook, which integrates with GSuite, and integrates with Android. I can manage extensions, permissions, etc, all from there. This is important since I use this Chromebook for work, but it would be cumbersome to run Firefox and Chrome simultaneously.
With Firefox I get just-a-browser, and I need more than that. If Firefox had a way for me to manage the browser across devices it would be more viable for me.
First, you can sync your browser with your Firefox account, so this is I guess what you want?
Second, for the Google (Gsuite, Android) integration, you could just use a work browser (aka Chrome).
Third, if you use all that Google stuff in your private life, I don't really see why you would be worried about Manifest 3-related privacy and ads/tracking matters anyway. I mean, Google already has your data.
> First, you can sync your browser with your Firefox account, so this is I guess what you want?
Maybe? Probably not though. For example, with GSuite I can manage the settings via the web UI and then have policies that enforce that those settings are verified correct.
> Third, if you use all that Google stuff in your private life, I don't really see why you would be worried about Manifest 3-related privacy and ads/tracking matters anyway. I mean, Google already has your data.
I opt into Google having my data, but I want to be able to opt out of running arbitrary content in my browser. uBlock and uMatrix give me that, Manifest v3 takes that away.
I use “regular” Firefox for personal stuff and the developer edition for work. After trying a lot of approaches for that separation, it’s what’s worked best for me. Also the developer edition has a cool/different icon
You can run the profile manager from the terminal with `firefox --profilemanager`
and manage the profiles from there
Then you can create separate 'shortcuts' for each profile with this
`firefox --profile [path to the profile]`
I have been using this workflow for years now. It separates literally everything: cookies, site settings, window size and position, configuration, add-on settings, etc.
This way I can emulate a fresh profile, a restricted profile with tracking protection, and a completely locked down profile with more or less everything disabled. My private Firefox in completely unaffected by my development profiles and I can open multiple profiles at once, theme them differently, and I know exactly which kind of instance I'm using.
It's excellent and works flawlessly for over a decade now.
You can add a bookmark shortcut button with the address about:profile and that makes it more accessible. I added a key shortcut to the bookmark itself. Then I can use cmd + L to focus the address bar, type the letter p, and hit Enter. That opens the profiles page and it’s reasonably fast.
I also created a similar bookmark with a JavaScript snippet that removes fixed elements from the page, typically top bars. I now have it in my muscle memory.
the portable version is also an option if the user passes a location as the profile path. This can be made more convenient by adding shortcuts for each profile.
The UX could definitely be improved, but it's manageable in my opinion
None of the ‘etc’ includes things that would properly support separate work vs personal profiles to the point that your company doesn’t need to access your personal data to inspect it in case of discovery requests / court order. Having proper separate profiles also allows sync so that an office PC can use the work profile only, while at home you have access to both work + personal and your work profile syncs with that of your office pc.
Yes. Discovery requests are going to be based on device, not browser profiles. If you use a personal computer to access work things that computer is going into discovery. Do not pass go. Do not whine about your browser profiles. End of argument.
Agreed. While I love containers, they are not an equivalent because they do not separate out the bookmarks, history and sync profile. With Chrome I was able to have a Chrome Profile on my work laptop that syncs to one of the profiles on my desktop computer. The desktop computer had a separate profile for my personal browsing. It worked really well.
The firefox profiles work, but they're too bare bones to ACTUALLY be usable. A few major problems I've had are:
* No easy way to start firefox twice in two separate profiles, while having separate task bar icons (which can optionally be pinned) in Windows 10. I did eventually get it to work by mucking about with creating my own shortcuts, photoshopping the firefox icon, using separate themes on both, etc. On Chrome you can just click the profile manager icon and you're pretty much done.
* When firefox is running twice with separate profiles you can't easily change the default profile. So it's awkward to get links from other applications to open in the firefox instance you want.
* Speaking of, sometimes firefox would just give me the "Firefox is already running" dialog when clicking a link. Only fix I found was to terminate all firefox processes, start my two profiles again and then click the link again.
It would be lovely if firefox made the profiles easier to manage and switch between.
What exactly are you missing from the profile feature in Firefox? It's barebones to setup, but I used it for similar purpose a while back and thought it was ok enough.
I worked around it that I always use Chrome for work and Firefox privately. As opposed to private browsing I don't care if my work related browsing is tracked, slower, less secure or use more bandwidth. Let the company that mandates Chrome or Edge pay for the consequences.
Why do so many think it has to be all or nothing. I'm completely happy to use Chrome for work as some things require it, and Firefox for personal use. It even has the benefit of the visual differences being a cue as to what 'mode' I'm in for keeping mental context separated.
Do that twice, running two firefoxes using two profiles, then click a link in a third application. This tends to try to launch a third firefox process which hangs for a while then says "application already running".
Okay, so you run one of them without no-remote. I had some issues with that, but it mostly works. Now how do you change the default profile? You completely stop firefox, update your shortcuts and finally, in my case, give up on using multiple profiles with firefox on a day to day basis.
I agree this is a pain point when using multiple profiles, and something Firefox should improve.
However it's not a huge issue. Mostly just copy-pasting links from mails etc instead of clicking, which gives the nice benefit of observing which site exactly you're about to visit.
That button grays out when both profiles are running. Try it.
Also if the firefox instance is launched with no-remote, this won't even work as expected. Instead it'll start another firefox instance with remoting enabled, which will fail to start because the profile is already in use.
There are profiles. I run multiple profiles in Firefox daily. I also use multi-account containers and temp containers inside each profile for further granulation.
what is deficient with firefox’s profile manager in that regard? last time i used it, it completely isolated every part of the browser experience, which seems to be what you want.
in any case, if containers don’t work for you, you can run developer edition for work and standard edition for personal. this is what i do, and the added advantage is that you can use containers on top of it for more granular isolation within each context.
Fuck. I'm getting too old for this shit. The cat and mouse game of Google / AdTech vs the general public has gone off the deep end. Popups. Popovers. Popunders. Content shifting. Paywalls. GDPR Alert! Chatbots. Can I send you a Cookie? Ok. Can I help you find something? No. Wait! Don't close the page yet! Coupon code? No. Subscribe to our newsletter? No. Autoplaying video. How To Make A Million Bucks A Month Selling On Amazon! You Can Be A Handsome Guy On A Beach Making Money Just Like Me! For. Fucks. Sake.
I just want to use the web to access a few of my favorite news sites, use Github, access documentation, watch the (very) occasional YouTube vid, and send email. Am I a dying breed? A mere rounding error in the pie chart of web users? Maybe.
But I am truly at a loss for what to do next. Using the internet without uBO is like sticking needles into my eyeballs. "Switch to Firefox!" they said. I've tried, many times. But I really need some simple things that FF can't provide. Like being able to work with JXA to grab tab URLs for some Alfred scripts and other automations I rely heavily on. There's a 20-year old feature request for this[0].
Ok, Brave then? Probably the best option right now, but it keeps me up at night thinking one day Google will actively start going after the forks, making their lives difficult enough in one way or another to the point that they have to shut down.
Safari? I haven't checked in a while but there were some critical extensions that just didn't exist last time I checked- things like Rich URL[1] for copying tabs as markdown (so useful!). Dev tools were meh.
Just feels like there aren't any good options. Rock and hard place. Google, enough is enough—why are you doing this? (rhetorical. we know why)
I remember a time when Google used to crank out a seemingly endless stream of stuff that basically were tremendous improvements to the internet.
Chrome itself was one of those amazing improvements.
These days are long gone it seems.
As a matter of fact, the exact opposite seems to be happening right now: every change coming out of a Google seems to improve their lot at the detriment of everyone else, especially their users.
The time to ditch Chrome was ~5 years ago, but if you aren't convinced yet, this latest "improvement" should be the straw that breaks the donkey's back.
I've noticed that most companies follow this cycle: they grow reputation first, then they harvest the crops by monetizing that reputation. Someone unfamiliar with farming will be surprised why farmers spend a year to grow crops only to destroy them at the end.
It seems the chrome team has been fabricating a hostage situation with their own foot for the past year or two. They keep yelling that they'll shoot it any day now, yet we don't seem any closer to it.
I wish them the courage to finally pull the trigger.
ubo is more featureful, while privacy badger is simpler. ‘better’ depends on needs. i’ve used both, even at the same time for some redundancy (at the expense of memory/cpu time).
privacy badger (if i’m remembering correctly) is based on ubo but specifically curated for privacy (not ad or other blocking), and as such, does most of the customization for you, whereas with ubo, you need to do much more of the customization manually.
so to answer the original question, i think privacy badger, like ubo, does use some dynamic rules, and those would be relegated useless with manifest v3.
This is why I switched back to Firefox three years ago. The writing was on the wall for ad blockers in Chrome. I want one that works. I want control over my web experience.
Firefox is absolutely fantastic nowadays, and I strongly encourage everyone to start using it as their primary browser. It's hard to overstate how important it is to have at least two independent browser implementations around.
If Firefox dies then Chromium would become the de facto rendering engine, and we'll no longer have any meaningful specification for web standards. The web will simply be whatever Chromium does including all its quirks. We've already seen the horrors of that back in the days of IE.
Furthermore, Google is fundamentally an ads company and it should not be the gatekeeper for the internet. I highly recommend reading a recent antitrust filing regarding how Google has worked with Facebook and Microsoft to discourage them from increasing user privacy
Google has a secret deal with Facebook called "Jedi Blue" that they knew was illegal and has a whole section describing how they'll cover for each other if anyone finds out. Google has a team called gTrade that is wholly dedicated to ad market manipulation.
Google had a plan called "Project NERA" to turn the web into a walled garden they called "Not Owned But Operated". A core component of this was the forced logins to the chrome browser you've probably experienced.
Google is willing to do almost everything to prevent people from circumventing their ad exchanges which is what AMP is all about. Google habitually does insider trading on their ad exchanges in every way possible.
The exchanges are also rigged so that google wins on bids where they aren't the highest bidder. A large amount of people inside Google are aware of all of this.
Google has worked with Facebook and Microsoft to discourage them from increasing user privacy, lamenting occasions where they prioritized their reputation over their collective business interest.
I'm afraid Mozilla can't promise anything at this point:
>After discussing this with several content blocking extension developers, we have decided to implement DNR and continue maintaining support for blocking webRequest
Then they say blockingWebRequest will be eventually deprecated:
>We’d like to note that it’s still very early to be talking about migrating extensions to Manifest v3. We have not yet set a deprecation date for Manifest v2 but expect it to be supported for at least one year after Manifest v3 becomes stable in the release channel.
> After discussing this with several content blocking extension developers, we have decided to implement DNR and continue maintaining support for blocking webRequest.
They're adopting v3 but not removing this critical use-case.
Chrome is removing the ability to examine an in-flight request and act on it with live code before it happens. So there is no way to port anything. You can perhaps remove all the live heuristics and just use the limited "static list of bad urls" functionality Google is leaving you with. But I wouldn't call that a port of the code.
profiles are my number one reason for using chrome as well.
i need them because of my bookmarks. i have close to 6000 bookmarks. 20 years and counting of curated and tagged web links. chrome syncs them across all my devices. i have to do the import gymnastics once in a while for edge and safari. but that's it.
why are bookmarks still browser-specific and not a OS-level feature? why do we need all that import/export gymnastic?
bookmarks are links to web sites, apps, or pages. they should have never been browser-specific. i want to be able to access them from all my devices. they should have been like my photos, or my music collection. and yet, they are not...
because 75% of them are probably dead links now ;-)
but all the major browsers have sync. you can export them from chrome and import them into brave
and btw if you use a lot of bookmarks (i do too) you might love this graphical bookmark manager YASD - you can browse bookmarks as thumbnail images of the site -- much easier to browse them for the link you want):
> because 75% of them are probably dead links now ;-)
i know that pain far too well :)
i created a custom chrome extension that opens a random bookmark in a new tab to check the link. this helps me fix dead links but it is a very slow process. sometimes i go over them manually and remove a bunch.
For Microsoft to really rain on Google’s parade here, don’t all they have to do is allow V2 compliant extensions into their extension store? If so that would be a grand opportunity.
*Off-topic:* I've experimented with a new layout in Firefox, and now I can't think of going back.
I first installed Tree Style Tab. I then removed the tabs at the top of the window and added a permanent status bar to the bottom of the window using userChrome.css: https://i.imgur.com/PIONywj.png (edited to add, my userChrome.css: https://gist.github.com/anthonyclarka2/155c038de96e91894cbd4... ) (EDIT: I added some extra css to this to set the titlebar and system UI buttons - use the first revision if you don't want that)
The tree style tabs are wonderful. I can see a grouping of tabs, see which tab is the "parent" of a bunch of pages. I often have a root tab with Jira current sprint, then a ticket sub item, then branching from that I have various documentation and github pages open. All of those pages together form one mental "unit" of related information and work.
I'm sorry to post this in a somewhat unrelated thread, but I'm geeked out by how well this works! Firefox is better for my needs anyway, because I can tag bookmarks. Much easier to find saved pages through searching tags for "emacs, babel, python" for instance. Or "firefox, tabs, css"
*On-topic:* This move by Google is going to lose them a ton of browser users, I think. People love blocking ads! Especially tech-minded folk, who are often asked to recommend software or repair things for less knowledgeable or comfortable people.
I'd also like to see a Chromium fork that continues to allow the Manifest V2 API.
You can save some vertical space by moving the window buttons (minimise/close) into the same row as the omnibox, while also hiding the window title bar like https://imgur.com/a/YbgVgwF
The title bar can be hidden through the customise screen. The gaps on the toolbar by the omnibox are important as they give you something to drag the window by.
I've combined TST with 1) "Firefox Multi-Account Containers" (to have different "profiles" within the same browser, very useful for personal/work/shopping/etc), 2) "Simple Tab Groups" to be able to switch contexts (social networks time, research, free time reading and news... these are topical groups, different functionality from containers).
i love everything about multi-account containers except when it comes managing two google accounts (for work and personal). I can never get them to work proeprly with the number of redirects and whatnot. not sure who to blame here but i hope Firefox comes up with a fix soon.
It would be better to create two profiles in firefox to separate work and personal. And both can be started at the same in two different browser instances if you like.
This, absolutely. What I mentioned as "work" above is personal work. Keeping work sessions, history and bookmarks separate is better (and probably safer?) than having all in the same browser. This issue is even bigger with Chrome if your work account happens to be managed, as it may take over your browser's settings.
This sent me down a good rabbit hole. Ended up finding a simpler userChrome.css that removed the native tabs. I'm sure yours does a lot more cleaning up of the UI but the following worked well for me: https://github.com/taylorsilva/dotfiles#hide-firefoxs-native...
I tried this too, but as Mozilla has no regard for any customization that are not done via the official graphical configuration interface (and sometimes not even that, considering how the compact UI mode is being removed), you'll have to find out how to fix it every time you update your browser.
I don't think I've ever updated my userChrome.css file, certainly not in the past few years. The browser chrome is pretty stable since this is how the browser itself is styled, so outside of big UI updates like Proton (which didn't even impact my own css) the chance of breakage is pretty slim.
> I'd also like to see a Chromium fork that continues to allow the Manifest V2 API.
Maintaining a Chromium fork that deviates from upstream is a full time job that requires about 3-5 engineers. My day job's sibling team maintains such a fork.
Right so must exactly clone a very very large code base, for free, with no attempt to monetize (must compete with one of the worlds largest corporations with zero inbound resources whatsoever). Must also not attempt to add any features that users want, which may also help generate revenue. How do you expect anyone to take on Google, if when they make a single penny, they're called scammers?
Don't let blind hatred of a particular technology bias you. You can think cryptocurrency is stupid, but it's not inherently a scam. Unless you have some proof that Brave is participating in scamming its users, which I would love to see proof of. Anyways I really don't think this kind of mudslinging is appropriate, particularly against a small company which appears to be working to prevent an advertising takeover of the internet.
Edit: I posted this in an extremely sarcastic tone, which I apologize for, but this refrain "oh it has a crypto part, COMPANY IS SCAM" is getting extremely tiring and is, dare I say it, a stupid thing to say.
What a perverse implication. I suppose its a great theory for you tho - anyone who uses the currency is automatically part of the scam, thus there are no honest defenders, thus it is a scam! Q.E.D.!
I own about 50 dollars of BAT, the currency that Brave uses, which I added to my wallet purely as a way of supporting Brave. I would happily -give you that 50 dollars- as a lesson about how none that changes ones opinions.
Does Brave have their own extension 'store' yet? Last I heard they're still piggybacking off Chrome's. I see no point in Brave supporting the old API if none of the extensions do.
Sidebery is great. I do experience one annoying issue: it's unreliable at saving/restoring the tab tree across restarts. Sometimes they end up as a flat list, sometimes not all tabs show up. Closing and re-opening a few times usually fixes most of the problems, but not consistently. That never happened with TST, but it's bearable.
Development also seems to have stalled while a big new version is being developed behind closed doors.
How did you track down those problems to reside within TST? I've been using it for years with routinely 100's and occasionally thousands of tabs open without any issue whatsoever.
Weird to see an off topic post being number one in the thread. Good for you and your layout but the on topic comment is as cookie cutter as can be. No shit that tech minded folk like to block ads! I view this post as an attempt to distract from the actual topic.
I don’t believe any comment recommending Firefox is off topic at all for this. For anyone who is worried about losing uBlock functionality in Chrome, the correct answer to that problem is to switch to Firefox. Hence the top two comments right now pertain to Firefox.
My apologies, it was not my intent to distract from the discussion at hand. I thought my original comment would languish at the bottom of the thread with 1 or 2 votes.
You're wasting a bit of vertical space though with that empty titlebar. I turn off the titlebar for all windows in KDE Plasma and add this (https://github.com/psifidotos/applet-window-buttons) applet to the panel.
TST does look great. Not sure it's usable in my case:
- similar to what others mentioned, I'm running a browser at 50% width of fullscreen (27", 4K display). This is ideal for most websites: it's about as narrow as most websites would natively be. However, this means there's no horizontal space left to sacrifice.
- I've been hard at work eradicating non-standard/exotic tools/workflows/etc. from my life. Maintainers abandon software regularly and then you're left stranded, perhaps your entire workflow gets turned upside down. Good old regular tabs "just work" and do so everywhere. The more you customize your setup, the more you're stranded on foreign territory. There's value in just getting used to what's there by default, to a degree.
TST essentially turns the 1D tab row (let's call it list) into a nested structure. And that really is fantastic. However, I think I'd hope and wait for that to become mainstream and officially integrated and wide-spread, if ever, before relying on it. The usual, top-row tab bar with some 2-dimensional twist seems promising.
Hey, I have my own workflow around tree style tabs + bookmarks (I think several people are re-inventing the same setup independently), but I guess I don't know browsers/css well enough to understand what you described.
Explain it like I'm 5: A) to get rid of the top tabs I copy-paste your userChrome.css and put it where?, and B) will that have any other effects?
Do you use only full screen browser windows? I got the feeling that TST doesn't play nice with narrower windows as it requires a lot of horizontal space. I've got 10 browser windows on 5 different desktops now (8 Firefox, 1 Vivaldi, 1 Chrome). Only 3 of them are full screen, one per browser. The window I'm currently typing it is wide about 2/3 of the screen and it's probably twice as wide as it should be to read HN (the lines are too long to read comfortably.) My screen is 15.6", 16:9.
I've gotten used to the full screen (or width) windows. Mostly it's because of certain work web UIs that need as much width as possible.
I agree with your statement that wide text is difficult to read. In Emacs I use Olivetti mode to narrow my text windows, I should probably do something similar for hackernews or other sites that would benefit from narrower windows.
In Firefox, there's reader mode too, which makes things much easier to see.
Thanks for the hint to Olivetti mode. I usually either split the frame horizontally (C-x 3) to look at multiple buffers side to side or narrow the window. Long lines are bad for programming too.
My dream of tab management is if the browser would suspend long-unused tabs into a tree-style list—i.e. a bunch of bookmarks in the same arrangement in which I opened the tabs, without overhead of actual tabs. Then, live tabs could also be on the same list.
Right now, suspended tabs in FF still take memory and slow the browser down, and are cumbersome to search through.
Basically, I'll need to marry Tab Suspender with Tab Session Manager, then perhaps borrow the UI of Tree Style Tabs.
It would just need a (regular to get security fixes) rebuild with an extra patch applied. Something that Linux distributions do all the time for Chromium.
The question is just who could maintain the extra patch.
I think people just don't know what they don't know. Firefox containers is awesome. I can type amazon.com and it will automatically open in my shopping container (after some configuration). I can type messenger.com and it opens in Facebook container out of the box. We even have container sync now so you can sync these settings across browsers.
Mozilla isn't perfect though. I don't understand the decision to get rid of lockwise, my default password manager on iPhone and Android.
My understanding is their password manager is now fully part of the browser and you can enable it to act as a password manager for other apps as well. I just tested adding an email account and got the option to "unlock firefox" and input credentials
I've been using Firefox for more than 15 years, so I'm not a hater or anything like that.
Maybe it's just a MacOS thing, but parts of Firefox are a mess and it has downsides compared to Chromium or Safari.
- Javascript-heavy sites are often slower on Firefox for me.
- On the security side of things (sandboxing, etc), Firefox often lags behind Chromium.
- There's a site or two that don't work well. Sometimes it's the site's fault, sometimes it's Firefox that is lagging behind on something.
- It would use way more power than Chrome until last year. It has improved and I think they're more or less the same now, but both are still worse than Safari.
- Profile management is there, but nothing compared to Chromium. And no, containers are not the same thing (although they are nice).
- The UI is all over the place. You have windows that still look like Firefox 3... and they've been through 2 or 3 major UI redesigns. The margins on the bookmarks bar doesn't even fit the new design. There are amateur projects out there that do a better job at this.
- Talking of bookmarks, why the heck the cmd/ctrl+click behaviour is different on bookmark links and links on web pages?
- It doesn't handle different languages well. No in-page translation, no automatic language detection for text correction, etc.
Firefox works. If Chromium disappeared tomorrow, it would be good enough for many... but is it the best browser? For uBlock Origin? Sure! But is it the best browser overall? Nope. At least not on Macs.
If Mozilla wants people to use Firefox, they need to create a better product because the "help the open web!", "google bad!", etc, only works with people that use HN.
Firefox's JavaScript engine isn't a mess. It does some things faster. The problem is some developers don't test performance in Firefox. Or someone decides it isn't worth fixing. Using Chrome because of it is short term rational of course. But it makes the problem worse.
Sandboxing is a mix.[1]
It seems like Safari gets new features last usually. And other browsers never won't lag Chrome when the only criterion is if Chrome supports something.
What windows look like Firefox 3? What's wrong with the bookmarks toolbar margins? What amateur projects do a better job?
Ctrl+click opens a menu for bookmarks and links. Cmd+click opens a new tab for bookmarks and links. The only difference is Cmd+click on a bookmark switches to the new tab. I guess you want to open bookmarks without switching?
Best is subjective obviously. I wouldn't even say there's 1 best browser for me.
Firefox burned me too bad to ever want to use it again, they too have deprecated extension frameworks (of which I maintained a couple and were subsequently broken). The Australis release was my last straw, it was so bad and ugly and took away most of the ui customizations. That release stated they didn’t care what there users felt, they’d change things so they could make money not preserve the web.
I stopped using Firefox largely because I got tired of having to pause when commenting to deal with its spell checker. Firefox has worse spell checking by far than any other major browser. It's also worse that LibreOffice which is odd because it uses the same open source spell checker as LibreOffice (and as Chrome and MacOS). All the words mentioned below were handled correctly in the other browsers (and LibreOffice, Microsoft Office, and Apple TextEdit).
Here are words I submitted to their spell checker error Bugzilla bug over a year ago that are still not fixed: manticore survivorship ferrite massless rotator dominator untraceably synchronizer.
Here are words I reported about 11 months ago that are still not fixed: another's backlight coaxially hatchling impaction intercellular irrevocability licensor measurer meerkats mischaracterization misclassification misclassified partygoers passthrough plough retransmission seatbelt sensationalistic trichotomy underspecified untyped.
Here are words that I reported that are now fixed, but took a year or more to be fixed: all-nighter auditable automata blacksmithing bubonic cantina commenter conferenced epicycle ethicist fineable initializer lifecycle micropayments mosquitos pre-programmed preprogrammed prosecutable responder solvability spectrogram splitter subparagraphs subtractive surveil tradable transactional tunable verifiability verifier ballistically chewable counterintuitive exonerations mistyped phosphine programmability recertification shapeshifting tradeoffs webmail.
Chrome does have a spelling annoyance. It frequently flags "of". It seems to be flagging it for grammar, not spelling, since rewording the sentence after the "of" can make it go away.
This is a bit annoying, but an order of magnitude or more less annoying than Firefox's false flagging because I can always immediately recognize that I have in fact spelled "of" correctly. With Firefox's false flagging of words like "manticore" or "survivorship" or "ferrite" I'd have to check a dictionary or the web.
Firefox show ads for Firefox all the time. The “WE CARE ABOUT YOUR PRIVACY” tab that opens every second time, is the most “big browser” warning to me. Anyone who says so much that they care (while asking me to create an account to upload my browser history, which is the best antipattern in our surveillance states) can’t possibly be honest.
Plus they fire CEOs who are against at-will abortion, so they’re literally against my religion. And they’re not selecting on technical ability but on political opinions.
> Plus they fire CEOs who are against at-will abortion, so they’re literally against my religion.
I think you've got a few wires crossed. The Brendan Eich controversy was over his donation to support Prop 8, which banned same-sex marriage in California.
> Plus they fire CEOs who are against at-will abortion
I find it really funny that your outrage cannon is locked and loaded, brandished and pointed...but you've completely forgotten your justification for bearing arms.
Pretty much the only reason for me is security. I use Chrome when I need to access email, banking or other sensitive site, and I don't trust Firefox sandboxing or other security features nearly as much as Google.
If Google makes enough changes that eventually makes it impossible to merge upstream code while maintaining compatibility with the old APIs, then Brave and everyone else will either be stuck with old and unpatched Chromium versions or they'll have to waste resources to keep things working.
Not everyone has the resources to maintain their own Chromium fork and it's not easy to keep up with Google, Microsoft, Samsung, etc. Just look at Firefox.
That's not actually true. Brave's system uses a Chromium commit hash as a base, then applies patches on top of that. They'll have to manually move the old API implementation into patches and continue to maintain it there.
Source: I've collaborated with / worked on Brave in the past.
Won't this create a problem for them when it comes to the extension store since no new v2 extensions will be able to be deployed there even though other chromium based browsers support them?
Chrome has been anti-user, anti-usability for some years now.I don't even want to recall the disgusting changes they did that made it unusable for me,among: website-wide audio mute, disabled click-to-mute audio.
Frankly do you consider market share a legitimate argument?It's not,and the fact that some 'tech-literate' people still use chrome baffles me.Same goes for Firefox, but my problems with them are not so much about their browser/tech but other which are not pertinent.
Are people really that adamant about blocking ads on the web? I don't understand why people think it's a good idea to remove the primary source of revenue for content creators. At the most it amounts to a very mild annoyance and ads also help small businesses to grow.
Edit: I'd appreciate it if someone could respond to the points I made rather than simply complain about why they don't like ads.
To put it as politely as I possibly can: advertisers can suck my ass.
They could have been good citizens, but they've proven time and time again they'd rather be the scum of the goddamned earth and use every annoying and malicious trick in the book to fool you into paying attention to their bullshit for the second or two it takes to make their shit go away instead. Not to mention all the overhead of their shit making everything fucking slow as hell.
Hehe well put, we are way past the point of wanting to put up with ads as users.
The question is how far Google wants to take Manifest V3. The current path will mean a huge boost for browsers with Manifest V2 capability, e.g. Brave, Firefox and to some extent Safari.
By themselves, ads aren't the real problem --- personalized ads are the problem.
The idea that they have to profile and track your every move all over the internet in order to try and sell you stuff you don't really want or need.
Example: If I go to a pet supply web site, an ad for dog food is perfectly understandable --- maybe even welcomed. But just because I was profiled visiting and maybe even buying, I shouldn't be bombarded with ads for cat food all over the internet.
Even worse is the fact that over time, your profile becomes incredibly detailed. They sell this info to their "affiliates" -- which is basically any data broker willing to pay for it. Next thing you know, your insurance rates are being increased based on something they found in your profile.
For the individual consumer, there is nothing good about privacy invasion and personalized ads.
> By themselves, ads aren't the real problem --- personalized ads are the problem.
I don't even care about that, what gets my goat is that ads pileup significantly slow down pages and increase energy consumption; and sites still get plastered to unreadability.
Me neither. I don't want to see any ad, of any kind. And that's the case currently, on FF with uBock Origin. I never see an ad anywhere, ever, and if one slips through I can block it in the future.
I can't imagine anything different. I'm prepared to go to great lengths to preserve that status quo... although IDK exactly what those could be.
That is annoying ... but it could be much more detrimental than annoying if it is also reporting back to a global tracking network that sells your profile to be used against you by a multitude of other actors.
The difference here is between you watching ads versus ads watching you.
I don't care if they have my data. My data is useless to me. Have it. I don't even think it's worth that much in the first place. I care that they make the web a crappy, unusable, annoying place. They make the browsing experience less secure. They slow down the webpages and eat bandwidth. They look ugly. It' my goddamn pc, i very well can choose what to run on it.
You should. They're inventing new ways to use this data against you all the time.
For example, there has been some effort to profile you based on the price you pay for goods on the internet. They assign you a "sucker score". Once you're classified as a sucker, the price you get offered is higher than what a "non-sucker" might receive.
And such practices, based on personalized profiles, should most likely be illegal. (Various other practices like these have been made illegal as well)
Personally, I don't care that they're doing this (to me). I care more that they shouldn't be able to legally do it.
And also, as other people have said: it's ads that are the problem. Not personalized ads. Ads in general. They're ugly, bad, awful, battery-sucking, headache-inducing, loud, autoplaying, CPU-hungry, slow, very bad no good.
Ok, what more can they do with it? Is that the worst scenario? Inequal pricing? Not really a _new_ ideea, and I doubt that make a large enough impact to make me care.
People are being refused jobs and treated as criminal suspects based on their location profile. Insurance rates are being increased based on these profiles. Real estate agents and auto dealerships are starting to use this data in their negotiations with you.
> Insurance rates are being increased based on these profiles
Let's be honest here, rich people get better insurance rates. Not because of some nefarious scheme to impoverish the poor, but because they claim less (which is the primary driver of insurance cost).
Additionally, many (if not all) insurance companies use things like your home address as a factor in pricing, which again benefits people living in rich(er) areas.
Firstly, I don't think that your web data would be particularly predictive for insurance, without substantial modelling/dimensionality reduction and secondly, such modelling/DR is gonna be a very difficult sell to regulators, who typically demand a fully explained model for premium calculation.
Secondly, much of this is illegal in the EU, you should probably elect representatives who'll ban this for you.
Firstly, I don't think that your web data would be particularly predictive for insurance...
No? They use a multitude of sources (Facebook for example) and factors such as "Do you buy premium beer" to judge how much of a sucker you are and adjust their price according. There have been cases in the US with rates varying significantly among individuals who live in the same neighborhood with similar size houses and coverages.
Again, the rate they initially offer and any subsequent increases depends on how much of a sucker they think you are.
Who? I'm willing to bet substantial money that none of the major US based insurers use Facebook data in any real sense.
This is one of those things that sounds plausible to people not in insurance, but I'd you look at the regulatory structure makes little sense.
What they do use is prior claim history and public records (credit, driver license etc). That's most likely where the differences you've seen come from.
>For the individual consumer, there is nothing good about privacy invasion and personalized ads.
That's not true. If I'm forced to see ads they might as well be personalized. Hell, sometimes (rarely, I'll admit) I even find some things that interest me, like new products or services. Personalized ads work, there is no way around it.
What irks me about these complaints is not complaining about ads, we all know they are annoying, but the faux moral high horse people, especially in this supposedly ultra rational community, put themselves on. I mean, it's not like you are begging to be paying a subscription to get rid of ads. For most sites you are still going to be browsing there with your adblocker even if the "legal" opportunity to get rid of ads is offered. If the ads weren't personalized you would complain about how irrelevant they are or something in that vain. You are not avoiding websites that display ads you find annoying you just block them. So please, stop with the moral high ground. You block ads because you can and because it's easy and, on the face of it, harmless.
Yes, the data gathering can be abused, like anything, really.
The Journal identified several companies, including Staples, Discover Financial Services, Rosetta Stone Inc.and Home Depot Inc., that were consistently adjusting prices and displaying different product offers based on a range of characteristics that could be discovered about the user. - https://lifehacker.com/how-web-sites-vary-prices-based-on-yo...
You might pay for a product and still get ads or get spied on, ex smart TVs that get updates with ads, smartphones that come with sponsored applications or games you can't remove, Windows computers or Windows itself , Be honest , did you see some product Box that says with big fonts on it "this product contains ads and telemetry" so you chose the other product that does not do that ? (or a non related example do the phones say on the box that "we force the developers not to inform you of better deals outside of the stores because we are greedy fucks and want you to pay more on stuff" ... companies will push the limits of legality to suck as much as they can from you, even if you pay for the products.
> I mean, it's not like you are begging to be paying a subscription to get rid of ads.
Hah, and what, have multiple walled gardens, pay monthly subscriptions for skimming 2 articles 1 a month? Have to deal with the whole payment process? The complication alone would be more that what I get out of it.
Besides, pay what? Most things on the net are crap anyways. You know those SEO cancer, content devoid, webpages? I would hate hate hate for them to get even 1 cent off of me. Most _good_ pages, ones I am truly interested are not ad powered anyway. HN is _almost_ add free. Reddit is pretty annoying with ads, but the content is community generated anyway. Most forums I visit are not ad powered.
I swear, if I could, I would pay the ad revenue myself. I really really am curious how much that amounts to. Can't be too much, I remember reading _somewhere_ that FB has on average 50$/year off of each account. Sounds about right, but maybe my memory was playing tricks on me and the info might be bullshit. Would love to just send 2 cents for each page visited would that be fair? Someone should do a micropayments interface so that I can send some crypto to pages I read.
It would be kinda hard for an individual web site to develop a meaningful profile of you. The major exception to this is Facebook where they profile you based on your personal posts and activity as well as all your friends.
Facebook and Google have a global reach. They have trackers and profilers on about 80% of the web sites.
Google and Facebook have a global reach that few others can duplicate. Google has trackers on 80% of web sites and probably 80% of phones too since Android is completed compromised by them. With all this data, they may know you better than you know yourself.
I personally don't care about "content creators". I create a lot of content for free because it's useful for me in other ways and interesting on its own.
Modern ads are surveillance tech and I want to see that die at any cost. Ads would then either have to adapt to stop being surveillance-based or the most interesting "content creators" would adapt to monetize in other ways.
I really don't see a future in which interesting "content" just stops existing just because tracking ads don't exist. If people want things, they will appear and eventually will be able to be monetized in some way.
Firstly 'very mild annoyance' for you maybe, I'd rather eat bricks then watch the endless ads and popups. Now a good old advertisement, like you'd get in magazines, target based on context are fine. Even some TV commercials are fine, I'd rather not have 20 minute on the hour of them, but meh.
It's all the low effort, spammy targeted crap that is the problem imo.
And 'ads also help small businesses to grow' is bs if you ask me.
- online ads are largely for the big business as small business gets crowded out & out-spend on search terms etc.
- targeted ads do not contribute meaningfully to conversion if you look close enough. Conversion metrics are crap as they do not account for the huge selection bias involved.
- marketing in general contributes nothing to society, it is all busy-work that changes nothing but maybe moving some people around between brands. It is a zero-sum game where the everybody keeps spending more and more and more for less impact & the market as whole is not impacted.
- 70 to 90% of all clicks & impressions are by bots.
- Content creators get jack shit for advertisements, if you pay like 1$ a month for someone's patreon or whatever you are generating more revenue then watching a thousand ads.
And then there is all the nefarious uses of targeted advertising that follow from it...
To me, browsing without ad-blocking is absolutely impossible. I've got a very low threshold of tolerance for those things. And I frankly couldn't care less whether people can earn money off advertising or not. I don't consider it making an honest living. If their businesses failed because of it, so be it. I feel the same about data collection and tracking.
As far as I'm concerned, we'd all be better off if that entire industry was nuked off the face of the Internet.
My job requires me to spend hours online, including on a lot of news sites. I block all ads for my own mental health: The last thing I want is ads that are calculated to work me up and make me angry/upset following me around everywhere because of my job. Likewise, just because I work doesn't mean I should be forced to be a captive audience for companies/groups trying to work me up.
On a larger scale, I believe the mental health harms to the general populace of incessant and emotionally manipulative advertising is far worse in consequence than some artists not earning money (and I've supported myself writing fiction, I'm not dismissing creators here). If artists earned money but it required 80% of the population to become hooked on bath salts, I'd consider that a problem.
Also, I have MS and that includes some twitches/spasms + I'm slightly visually impaired so I have some accessibility stuff set up and jumping/moving ads etc. are a common issue for me, as is engaging on accident through a finger/hand spasm. Now consider how many people are elderly or have vision issues; I feel like ads are uniquely predatory to certain populations.
> I don't understand why people think it's a good idea to remove the primary source of revenue for content creators.
> I'd appreciate it if someone could respond to the points I made rather than simply complain about why they don't like ads.
I'd say explaining to you why they don't like ads should help you understand why they think it's a good idea to remove the primary source of revenue for content creators, if that primary source is ads.
Here's the worlds smallest fiddle.
If your primary source of revenue is automated advertising, I don't care if you lose money. Sorry not sorry. Get some sponsorships, exclusive content, whatever. But if you want to sell my information to companies to build a profile on me and then invade my life with all manner of annoying distractions using that data, you want me to feel bad when I put a stop to it because you didn't get your penny from me? Cry about it if you want.
Seriously, fuck ads. We have offered a truce to the ad companies before. Put a banner at the top. Slap a commercial in a video. But that's not good enough for them, they autoplay videos and popups and tracking pixels and 10 ads in a video. And then when we tell them where they can go stick it they act like we are stealing. So fuck them, they can go hungry, and if you intend to monetize me by funneling my attention to them, you can go hungry too.
Yes, people are that adamant about blocking ads. I block all ads. I don't need my mind polluted with noise and my life to be about stepping over dogshit every step I take and I don't need spyware running in my browser.
You're going to be hard pressed to find many people who are going to agree with your premise that ads are only a "mild" annoyance.
Nobody wants to hear the stupid jingles on YouTube every 5 minutes (yes, I've had them every 5 minutes). I'm sick of lazy loading ads shifting content and then when I interact with the main content spring to life with that interaction and start playing audio.
I don't want ads at all, period. Their abusive history is enough reason for that.
I do not care if the website owner goes broke, if they want to live off of it charge for it. If people don't want to pay then a lot of people need to realize their content isn't all that valuable in the first place. It is great that small businesses can use ads, but unfortunately the market has ruined it for everyone by being so lax with the experience as a whole. Ads lie and sell you shit, so everything that shows up is probably shit.
Any semi-serious security posture must involve blocking ads. The incentives in the adtech industry mean that the security issues with ads can never be fixed.
This was really what made the decision easy for me back however many years ago when I started using an adblocker.
Internet ads can be irritating and the pervasive cross site tracking and profiling bothers me, but I don’t have fundamental issues with advertising generally. What is totally unacceptable is being served ads with malicious payloads on major websites.
If a website wants me to take their “please disable your adblocker” popup seriously they need to make 100% sure they don’t serve ads that instantly redirect the browser to a fake facebook phishing website that breaks the back button. Until then it’s adblock everywhere and the same for all of my friends and family to whom I give computer help.
Is it my responsibility to help "content creator" small business growth regardless of how ridiculous their revenue model is? Here is a tip: put some thought into the sustainability of tossing that responsibility over the wall to Google - if you want money, do the work. There was a time, not very long ago, when you could pretty easily control the amount of marketing you exposed yourself to.
uBlock Origin can do much more than block ads: you can block annoying live chat scripts, cookie banners, disable JavaScript for specific domains, and even limit maximum size of assets downloaded from website (e.g. huge gif files, images or videos). It's amazing how much faster browsing becomes with correctly customized uBlock Origin.
Ads consistently overwhelm main content, hijack navigation, and rely on mass collection of user data to sustain the adtech industry. They’re one of the worst products of the tech industry.
In principle I don't mind ads, but I do mind the cross-domain tracking. If sites served ads from their own domains, I'd keep them. I consider it up to web site owners to figure out how to make money from their site if that's what they want to do. Until they and the ad providers come up with an acceptable and practical way of doing that, I am willing to look at their content as long as they're willing to serve it to me.
Then there are also the ads that are annoying: those with moving parts or sound. I will always block those.
Besides the issue of tracking and such, there's the fact that limiting arbitrary unchecked third-party executable code to run on your computer is a good thing.
I use uBlock primarily as a line of defense, not just to avoid annoying ads.
As an example, a few years ago the ad network of a newspaper here in Norway was hacked. Anyone visiting their site (or affiliates) would silently and without any user interaction get infected with a banking malware.
The malware that time would cause bank transfers made through the online banking site of the most popular bank here to go to a different account than the one specified. It could have done something else.
Let me give an example. I teach public speaking and I often use online-stopwatch.com as a timer for quick practice speech stuff in class. I had not installed an adblock on the computer in the classroom because I was trying to be good and give that very useful site the ad views.
Then one day in the middle of class I start hearing sound coming out of the speakers which disrupted the class. The site had put an ad on it with an autoplay video. I put ublock origin on it right away.
I'd put it this way. Ads networks position themselves as an efficient money delivery pipeline between you and content creators. In reality, they are like a delivery company that employs junkies and is run by heroin addicts. When they take your money, they promise to not steal. But junkies are junkies, they can't not steal, so on the way to those content creators, they steal most of your money.
I used to not block ads, but today it's almost impossible to use any site that depends on ad revenue without an ad blocker. The amount of garbage on the page - notifications, badges, banners, popups, whatever else crap marketing people invent - is staggering. Sites are mangled to the point of being unusable. I want to support creators, but it's a two-way street.
We have more than too much content right now, and in my mind the tracking and ads means that the “free” content is not worth the price. I’d rather there be less content if it meant no tracking.
HN users tend to get annoyed by (1) ads, (2) paywalls, and (3) articles without enough research (aka time aka money). I'm cognizant of the fact that HN isn't a hive mind, and so these complaints aren't necessarily coming from the same people—but some certainly are.
Well, which is it? Or do we expect content creators to work for free?
If we have to pick a poison—and, well, I think we do—the ad model has one major advantage: accessibility. If we want to make information available to as many people as possible, an ad-supported model is the way to do it. Paywalls lock out everyone at the lower end of the income bracket, and force everyone consume content from only a smaller number of sources (since subscribing to every website is impractical).
This isn't to ignore all of the negative social consequences of advertising. The question isn't whether ads are bad, because they absolutely are—the question is whether they're worth the cost of accessible journalism.
> Well, which is it? Or do we expect content creators to work for free?
"we" don't care either way. Their business model is their business
In any case there's plenty of people not blocking ads. It looks like everyone uses adblock if you look at a tech audience because they are a tech audience, not because everyone is using adblock
> If we want to make information available to as many people as possible, an ad-supported model is the way to do it
There are alternatives, a good one I see used in Ptreon, the supporters get early access to content, the rest will get it a month later. Let me try find the pros and cons
Cons:
- you need first to find supporters, so for a while you need to work hard to get them
- some supporters might feel entitled to stuff, you need to make sure to be clear about what being a supporter means
- you need to be very clear and transparent , some supporters will not tolerate delays or low quality/quantity updates
Pro:
- you have a predictable revenue model, you don't depend on an algorithm
- you mostly don't have to censor your content (there are exceptions true, but there are alternatives)
- you don't have to promote scams like VPNs, shit games with loot boxes, crypto scams
- you are not forced by an algorithms to release on a certain text/video length , a certain schedule , use certain shitty thumbnails or click-bait titles
- if you make public your content after a month or week etc, your fans that don't have money still get it and will promote it, also influencers will promote it because they know it will be free after a time interval.
This patreon model does not solve everything, just wanted to mention that there are alternatives to shity ads that track and manipulate you. Other alternative would be honest contextual ads, like if you search for printer ink from city A then Google/Bing could show you an ad from a local shop that refils ink cartridges.
I think Patreon is great for individual creators and other small scale operations, but I'm skeptical that it can generate enough revenue to sustain larger scale journalistic operations.
Organizations like NPR have been attempting a user-contribution model since before the internet, and it works to an extent, but they still have to rely partially on (minimalistic) ads as well as government funding.
Sure. Patreon is not a solution for all, but isn't private media already "patronized" by billionaires ? And they use ads to make more money? And for smaller private media like my local radio, they will use local ads and some ads might be of interest to me, the issue most of us have with ads is not that the local car washing place put an ad on radio, but with Google or FB ads because they track you over the internet and profile you, so FB would have a profile for Bob like "middle income, single, straight man, naive, likes tech, likes watches, ...anxious,. insecure, depressive... this is a lot of data that honestly could be use for good but instead it is used to manipulate Bob to join different FB groups, to show Bob different ads for some shit that he would probably buy that is probably bad for him etc. On top of this tracking there is a ton of other JS code to try and ensure there is no bad actor that would try to inflate the numbers of clicks. If you would have some plain ads with text and non animated images then I think most poeple would be happy and not bother to hide the ad.
What I think it will happen is some countries will eventually make laws to make tracking opt-in, like the do not track flag in browsers , or at best for advertisers make the user chose at first launch the default for tracking setting
Here's what arguments like this fail to understand: I don't care if you get paid.
I don't expect anyone to work for free. If you stop creating because you're not getting paid, too bad for me I guess. But I don't owe you attention because you did something either. There are two sides to this remember.
If what you do is worth charging people for it, charge people. If charging people would make you go broke, how valuable is what you're doing, really?
If your revenue model is "let some scum track my users and sell their data" you weren't taking your revenue seriously to begin with, you need a better business model than "they'll put up with it because they like me."
Sponsorships. Patronage. Merch. Exclusive content. These are viable revenue models, you get what your work is worth. If you can't pay the bills with these, nobody really wants your content anyway and they're probably just passing the time because it's free.
Tracking based Ads generated by Google Ad-words and other networks should cease being viewed by content creators as the "primary source" of revenue, creators need to get creative and come up with better, most lasting revenue sources. Many already have, from direct memberships, merch, first party ads, but I am sure there are other more creative ways to make money
The lazy days of "just toss an adwords tracking cookie everywhere for the fast cash" is over, and I for one will celebrate the death of Ad words and all the other tracking ad networks
