SoylentNews is people
SoylentNews
from the bring-back-common-sense-adctl dept.
Google engineers have proposed changes to Chromium which would completely break content-blocking extensions, including various ad blockers, ostensibly for "security" reasons.
Per The Register:
In a note posted Tuesday to the Chromium bug tracker, Raymond Hill, the developer behind uBlock Origin and uMatrix, said the changes contemplated by the Manifest v3 proposal will ruin his ad and content blocking extensions, and take control of content away from users.
Content blockers may be used to block ads, but they have broader applications. They're predicated on the notion that users, rather than anyone else, should be able to control how their browser presents and interacts with remote resources.
Manifest v3 refers to the specification for browser extension manifest files, which enumerate the resources and capabilities available to browser extensions. Google's stated rationale for making the proposed changes is to improve security, privacy and performance, and supposedly to enhance user control.
"Users should have increased control over their extensions," the design document says. "A user should be able to determine what information is available to an extension, and be able to control that privilege."
But one way Google would like to achieve these goals involves replacing the webRequest API with a new one, declarativeNetRequest.
[...] Hill, who said he's waiting for a response from the Google software engineer overseeing this issue, said in an email to The Register: "I understand the point of a declarativeNetRequest API, and I am not against such API. However I don't understand why the blocking ability of the webRequest API – which has existed for over seven years – would be removed (as the design document proposes). I don't see what is to be gained from doing this."
Hill observes that several other capabilities will no longer be available under the new API, including blocking media elements larger than a specified size, disable JavaScript execution by injecting Content-Security-Policy directives, and removing the outgoing Cookie headers.
And he argues that if these changes get implemented, Chromium will no longer serve users.
The Register points out that this will not just affect Google Chrome and Chromium, but also Chromium based web browsers such as Brave Browser and Microsoft Edge.
(Score: 0) by Anonymous Coward on Thursday January 24 2019, @02:46PM
"give all my DNS traffic to a third party"
You're already doing that if you're using ISP caching DNS servers, or most of the "open" DNS servers, since they sell your data to whoever is willing to pay.
The way to get around that is to install a fully recursive resolver. There is one w/ maradns that works. It adds about 1/3rd of a second to page loads on average. Of course if everybody did this it would crash the root servers. So it isn't a scalable solution. But if you want privacy in your DNS, you're pretty much going to contribute you're little piece to DOS'ing ICANN.
This is really a legal problem more than it is a tech problem. DNS caching is switched data between parties unrelated to the ISP. With common cairrage what they do is felony wiretapping. But we don't have that because of Pai is a criminal.
The DNS over https thing is a land grab. Everybody knows DNS is deprecated. They are localizing it because they plan on proprieterizing it at the OS level. Essentially this gives them control over the registrars. Which is to say, the fact that you haven't seen half a dozen registrars get together and design a secure portable DNS over IPV6, means that they are going to all be subsidiaries of Comcast and AT&T here in the next several years.