Brave takes brave stand against Google's plan to turn websites into ad-blocker-thwarting Web Bundles:
A proposed Google web specification threatens to turn websites into inscrutable digital blobs that resist content blocking and code scrutiny, according to Peter Snyder, senior privacy researcher at Brave Software.
On Tuesday, Snyder published a memo warning that Web Bundles threaten user agency and web code observability. He raised this issue back in February, noting that Web Bundles would prevent ad blockers from blocking unwanted subresources. He said at the time he was trying to work with the spec's authors to address concerns but evidently not much progress has been made.
His company makes the Brave web browser, which is based on Google's open-source Chromium project though implements privacy protections, by addition or omission, not available in Google's commercial incarnation of Chromium, known as Chrome.
[...] The Web Bundles API is a Google-backed web specification for bundling the multitude of files that make up a website into a single .wbn file, which can then be shared or delivered from a content delivery network node rather than a more distant server. It's one of several related specifications for packaging websites.
The problem, as Snyder sees it, is that Web Bundles takes away the very essence of the web, the URL.
"At root, what makes the web different, more open, more user-centric than other application systems, is the URL," he wrote. "Because URLs (generally) point to one thing, researchers and activists can measure, analyze and reason about those URLs in advance; other users can then use this information to make decisions about whether, and in what way, they'd like to load the thing the URL points to."
An individual concerned about security or privacy, for example, can examine a JavaScript file associated with a particular URL and take action if it looks abusive. That becomes difficult when the file isn't easily teased out of a larger whole. Web Bundles set up private namespaces for URLs, so privacy tools that rely on URLs don't work.
"The concern is that by making URLs not meaningful, like just these arbitrary indexes into a package, the websites will become things like .SWF files or PDF files, just a big blob that you can't reason about independently, and it'll become an all or nothing deal," Snyder explained in a phone interview with The Register.
Separately, Google has been working to hide full URLs in the Chrome omnibox.
(Score: 2) by barbara hudson on Sunday August 30 2020, @11:16AM (3 children)
Or you can go to the actual web site instead of using google search, which offers AMP (this is just their next version of AMP to bypass the source web site and send everything faster).
Stop using google search and you won't be offered google AMP sites as the first result. So you won't see their next iteration of AMP, which is what this is.
Brave is probably angling for a deal to make google the default search engine like Firefox has, so they won't tell you to just not use google search and avoid the whole mess.
I haven't seen a google AMP page in 2 years. Or a google search result. For most searches, it's easier to just bypass google and go directly to Wikipedia anyway, since that was their best result half the time 2 years ago anyway.
SoylentNews is social media. Says so right in the slogan. Soylentnews is people, not tech.
(Score: 2) by dltaylor on Sunday August 30 2020, @11:38AM (2 children)
The point is that there will be damn few "web sites" that serve only the current conglomeration of HTML, JavaScript, ...
What they will serve is bundles, and only bundles.
We all know what a nightmare JavaScript has been for security and privacy, but how many legitimate e-commerce and data (not "social media") sites are usable without allowing it? Same thing will happen with bundles unless the rest of the world can, somehow, put a stop to it. I doubt it, since Chrome and Edge are both going to support it, Google's libraries will trivialize the assembly of them, and we'll be back to "Your browser is not supported. Please download a supported browser from one of the following links.".
(Score: 2) by barbara hudson on Sunday August 30 2020, @10:45PM
No gmail spyware. No google maps. No YouTube. No other spyware from Alphabet.
No Android. No chrome. No Chromebooks. Nothing.
There are alternatives for everything I need (which turns out to be not that much).
Google can cease to exist and I would not really notice.
SoylentNews is social media. Says so right in the slogan. Soylentnews is people, not tech.
(Score: 2) by barbara hudson on Monday August 31 2020, @12:26AM
This is just to ease the load on Google sergers when they're intermediating themselves between sites and the end users.
Brave is just using this as an excuse for publicity. And it's working, because people, especially geeks, are so easy to troll. Brave has trolled everyone. And there is no evidence that anyone commenting except me has even read the spec, or it would be kind of self-evident. Certainly the register didn't.
SoylentNews is social media. Says so right in the slogan. Soylentnews is people, not tech.