SoylentNews is people
SoylentNews
Submitted via IRC for TheMightyBuzzard
Linux users are more likely than most to be familiar with Chromium, Google's the free and open source web project that serves as the basis for their wildly popular Chrome. Since the project's inception over a decade ago, users have been able to compile the BSD licensed code into a browser that's almost the same as the closed-source Chrome. As such, most distributions offer their own package for the browser and some even include it in the base install. Unfortunately, that may be changing soon.
[...] To the average Chromium user, this doesn't sound like much of a problem. In fact, you might even assume it doesn't apply to you. The language used in the post makes it sound like Google is referring to browsers which are spun off of the Chromium codebase, and at least in part, they are. But the search giant is also using this opportunity to codify their belief that the only official Chromium builds are the ones that they provide themselves. With that simple change, anyone using a distribution-specific build of Chromium just became persona non grata.
(Score: 2) by choose another one on Wednesday January 27 2021, @05:42PM
At the end of TFA:
I guess they think Google has never Googled "user does the link"....
(Score: 2, Touché) by Anonymous Coward on Wednesday January 27 2021, @05:58PM (6 children)
How about simply not using a browser that is made (funded) by the
worlds most invasive advertising and tracking company. Even if it is
BSD licenced open source.
(Score: 0) by Anonymous Coward on Wednesday January 27 2021, @06:43PM (2 children)
But all the LATEST, MUST HAVE web features are whatever Google has implemented.
(Score: 0) by Anonymous Coward on Wednesday January 27 2021, @08:18PM (1 child)
Just consider this. If a significant number of people turned away from the browser funded by the worlds most invasive advertising and tracking company, you'd no longer see that same advertising and tracking company being about to force "new thing, only ours" onto the web.
By using the browser funded by the worlds most invasive advertising and tracking company you are all but turning around, bending over, and saying: "please, google, give it to me up the ass".
(Score: 0) by Anonymous Coward on Thursday January 28 2021, @12:09AM
When damn Microsoft breaks damn Github for damn two-year-old browsers, is it because damn Google forced them?
(Score: 2) by Marand on Thursday January 28 2021, @02:33AM (2 children)
Great idea, but which one? The alternatives that are built from Chromium, or the one that isn't (Firefox) but still depends on Google's money to survive.
About all that's left now that isn't under Google's thumb in some way is Safari (lol) or a fork of XUL-based Firefox. The former's not really a great alternative and the latter's what I'm doing but it's getting harder to stick with and I find I'm having to use one of the various Chromium-based options for miscellaneous sites more and more as times passes.
(Score: 2) by hendrikboom on Saturday January 30 2021, @12:55AM (1 child)
Writing a browser has slowly become a huge undertaking, because of decades of incremental accretions to the specifications. Perhaps we've reached the stage where a completely new set of protocols and interfaces would be appropriate, but the curse of compatibility (and ocmpatibility is one of the important properties of a browser) makes it unlikely to gain traction.
These new systems should be put together with the traditional Unix philosophy -- a harmonious cooperation between independent programs that each do one thing only and do it well.
Unless there's some hacky scheme to access existing browser code whenever appropriate, the way new programming languages often have conventions to make bindings to existing C code.
Any ideas?
-- hendrik
(Score: 2) by Marand on Sunday January 31 2021, @02:22AM
Same reason everyone uses Facebook while claiming to hate Facebook and its policies. "Everyone else uses it so I have to, too." It's hard (sometimes impossible) to break that sort of hold. I predicted this happening in the 90s when I started seeing companies listing their website URLs in ads, on TV, etc.; it was only a matter of time before http cannibalised the other protocols and became "the internet" to the detriment of everything else. :/
I think the ideal thing would be to separate "the web" as a way to serve and display documents from "the web" as a way to serve and run applications. Gemini [wikipedia.org] is somewhat on the right track here, at least for the document side, but I think its Gopher-like text/gemini MIME type as the default display format was a mistake. Defaulting to something more expressive but still fairly simple and human readable/editable like Asciidoc or Markdown would make it more appealing and more usable in general, and you'd bypass a lot of issues with websites such as accessibility automatically since the user configures their document browser the way they like via styling. Maybe allow the site to offer a preferred style but ultimately make it the user's choice with no way to override that or change on the fly. You'd avoid a lot of accessibility problems that way, wouldn't need cookies to store site settings (one of the early steps on the slippery slope to current-day web apps), etc. Though you'd still need to do a few things, like explicitly disallowing cross-site caching at the specification level to avoid a repeat of the "supercookie" problem where people stuff metadata into images to track you across sites.
For the app serving aspect, one could argue it shouldn't exist at all, but I think the idea of it is fine. More than fine, it's a worthwhile goal and a good way of separating one's choice of OS from the applications one has to use. It's doing what Java once promised, with its "write once run anywhere" mantra. The problem wasn't that we started serving applications over the wire in thin-client fashion, it's that we decided to bolt it onto a document display platform in an ad hoc using the fashion rickety foundation of a half-baked kludge of a programming language that was made in a bit over a week for light scripting tasks. Doing so broke the web, making it an endless stream of security vulnerabilities and privacy violations.
Perhaps instead of the programming equivalent of lashing a jet engine onto a tricycle again, a better option would be to have a separate protocol specifically made for the purpose of dealing with web apps and only web apps that handles issues like sandboxing applications. So for example, you go to your city's site at someproto://mycity.com/transit/ to get access to basic information, a static map of the rail lines, etc. and it could provide a like to webapp://mycity.com/routeplanner. You visit that link and the handler for the webapp protocol would confirm launch and give you an interactive route planner in its own little sandbox, separate from other apps and separate from how you got there, no linking back out. So no cross-site scripting concerns, no easy web-wide tracking, etc.
A pro (or con) of this approach would be that these webapps would be managed by the OS window manager instead of trying to run apps inside tabs inside a browser window. Good for users of OS with sane window management, not so great for Windows users. Same situation that led to MDI windows.
Following on the above, this theoretical webapp protocol could be extensible and ostensibly platform agnostic in the sense that it doesn't care what it runs, it just handles the sandboxing and isolation stuff and makes sure the app launches but doesn't care how the app was made. Then it could start out supporting the current status quo in some form, doing something similar to ideas like Neutralino [github.com]: one Electron-like platform similar to having the JVM, and the protocol handler runs multiple instances.
That would prevent existing work from being invalidated without closing the door to better options, so you could then add a streamlined version that removes most of the http cruft, swap out JS for webasm, etc. and people could start building new (or porting existing) things using it and any advantages it brings. Or replace the entire stack with something different down the line if/when better ideas appear.
Well, the above is my "I think this would be ideal in some form" take but it won't happen. Though maybe that last part might still occur in an evolutionary sort of way. There's been a push toward things like PWAs, which give the illusion of webapps being independent of the browser. In time that might lead to some actual separation of the two, because if the idea becomes mainstream enough it'll be possible to eventually replace parts of the rickety infrastructure quietly and separate things a bit more over time. Google might be the catalyst for eventually replacing the underlying architecture piecemeal until it's better, just like it's the one trying to push PWAs into the mainstream, but they won't push for disentangling it entirely because it would destroy their revenue model.
Only way I see that last part happening is if Google decides that removing scripting from general web browsing makes it easier to track users because they'd lose the ability to create ad blockers. Then we'd see Google touting the increased security of the separation and pushing a Chrome update that removes all JS but gives you none of the privacy benefits.
This kind of rambled a bit, but ah well.
(Score: 2) by VLM on Wednesday January 27 2021, @06:24PM (1 child)
Basically they're tired of "everyone" using the same API key. From a security standpoint thats probably good and would imply they're gonna roll out "more important stuff" that should be more carefully secured or they're taking security microscopically more seriously.
Could ship new API keys with every API change or theoretically with every released version.
Currently, I don't see anything I want in the API I'll be locked out of, so I'm not overly bothered, although the implication is new/interesting things are coming.
(Score: 0) by Anonymous Coward on Wednesday January 27 2021, @08:51PM
it's something along these lines. the googlers said that the API was not intended to be used in this way and they are trying to rectify that now. i don't care about sync. the more google shit stripped from chromium the better. i only use it for testing anyways.
(Score: 0) by Anonymous Coward on Wednesday January 27 2021, @07:06PM
have already given their arses to Google nicely gift-wrapped. Chrome or Chromium, official build or not, makes no difference if you are damned already.
(Score: 4, Interesting) by tangomargarine on Wednesday January 27 2021, @07:45PM (8 children)
I finally got around to dist-upgrading my Mint install the other day (which was a lot more complicated than I remember it being before, boy howdy!)*, and once it was all finished I was rather surprised when I went to fire up Chromium, and the shortcut gave me an odd look and said "I'm sorry, I don't know what that is."
Five minutes of searching online later, apparently it turns out Canonical has been publishing Chrome builds using their own special packaging system ("Snap"), and the Mint repo managers said "screw that", so now when you update chromium-browser it turns into a dummy package and you no longer have a working browser. Surprise!
Instead, you have to go in the repo and install chromium. At least I still had all my settings saved in /home. But that was one of the more surprising things I've experienced on Linux recently.
--
*The process had a few other eyebrow-raising things involved, too.
"Okay, first off, disable and uninstall all of your third-party repos." Don't just turn them off then re-enable them later; we want you to go in and rip them completely out. Oh, great. "Because they may or may not cause problems with the upgrade."
Then, they apparently have some new system snapshot tool which I ran, which ran out of space on my system partition before it finished. Didn't see it let me change where the backup went anywhere in the GUI tool. So do a search where it actually puts the files, find the directory, and wipe all those...
Then it turns out the upgrade literally will not let you continue until you have made a snapshot, or circumvented the step by piping "{}" to a certain path on your filesystem. "We're not just encouraging you to make a backup, we're *forcing* you to!"
Then they require you to simulate the upgrade just on the repo side of things, before you're finally allowed to push the big "Just Fucking Do It Already" button. I swear that back in the day on Ubuntu this was literally just one big button and a couple direly-worded warning dialogs, and you input your password, then it got on with it.
"Is that really true?" "I just spent the last hour telling you to think for yourself! Didn't you hear anything I said?"
(Score: 1, Interesting) by Anonymous Coward on Wednesday January 27 2021, @08:00PM (1 child)
Just about all software is user hostile these days. It's ALL malware.
Remember when your computer was considered YOURS and you controlled it? That was years ago...
(Score: 2) by tangomargarine on Wednesday January 27 2021, @08:15PM
I'd call hardware whitelisting and Secure Boot the final nails in that coffin, personally. But I'm only in my 30s so I wasn't really around for a lot of it.
"Is that really true?" "I just spent the last hour telling you to think for yourself! Didn't you hear anything I said?"
(Score: 1, Informative) by Anonymous Coward on Wednesday January 27 2021, @09:42PM (1 child)
than wrestling with an "user-friendly" distro is.
(Score: 2) by Reziac on Thursday January 28 2021, @02:43AM
My solution was a rolling distro. Upgrade? Whuzzat??
And there is no Alkibiades to come back and save us from ourselves.
(Score: 0) by Anonymous Coward on Thursday January 28 2021, @02:39AM (1 child)
Gentoo is fundamentally immune to this sort of problem.
(Score: 0) by Anonymous Coward on Thursday January 28 2021, @09:24AM
Clippy: Would you like to compile Chromium now? You will have to browse the web with a browser full of unpatched holes for the next few days in any case.
(Score: 2) by Common Joe on Thursday January 28 2021, @10:07AM (1 child)
I haven't upgraded to the latest Mint yet but you're describing everything about my last upgrade. It surprised me too.
I get what the Linux Mint team is trying to do. I've encountered many IT professionals who don't know how to back things up properly. (Not joking. These were people who should know better.) And countless non-IT professionals who were even less experienced.
I've considered dropping Linux Mint on my parents' computer. It's a good operating system if you just want to install and get going without much fuss, but there is no way my folks would survive something like this. It took my mom a decade to figure out how to send email. (Now, I can't get her to stop sending me political stuff. [Sob!]) This kind of stuff has to happen in the background after an "ok" from the user.
I don't know for sure, but I'm guessing that they are building up to a version which will automatically update itself and undo the update process should things go sideways. It will take time and feedback.
As for Chromium, I support their decision [linuxmint.com] because Ubuntu is testing out whether they can force downstream operating systems to use their pre-compiled software. To my knowledge, Linux Mint is the only one who stood ground. It's unfortunate, but Linux is getting more political and lines are being drawn. This is one of them.
(Score: 0) by Anonymous Coward on Thursday January 28 2021, @08:02PM
too many PHW (pointy haired whores) ruining linux world.
(Score: 2, Interesting) by Anonymous Coward on Wednesday January 27 2021, @08:13PM (5 children)
It's time to consider the HTML5/JS/Webapp monstrosity its own thing. We need to break with it. I would go with XHTML and perhaps rethought CSS or maybe even XSLT to render domain-specific XML to XHTML. The old men will scream that they want their HTML 3.2 back blabla. Point is we need to create something simplified so that we can build FLOSS browsers again.
Everybody wants to go back to the Second Age and early Third Age of the internet. The user base was much smaller then. We just have to accept that what we're building isn't for the average person who buys a new cell phone every year so they can mindlessly click click click. We will have a smaller user base.
(Score: 1, Interesting) by Anonymous Coward on Wednesday January 27 2021, @10:18PM (4 children)
One step further: what if we all went back to Gopher? Text and menus and the occasional binary download, what more do you need?
(Score: 1, Insightful) by Anonymous Coward on Wednesday January 27 2021, @11:15PM (1 child)
Under construction GIFs.
(Score: 3, Insightful) by crb3 on Wednesday January 27 2021, @11:39PM
Blink tags and GIF-animated separator bars.
(Score: 2, Interesting) by Anonymous Coward on Thursday January 28 2021, @12:01AM
https://gemini.circumlunar.space/ [gemini.circumlunar.space]
(Score: 0) by Anonymous Coward on Thursday January 28 2021, @08:48AM
Does it work over tor? That is where the future lies.