SoylentNews is people
SoylentNews
from the bring-back-common-sense-adctl dept.
Google engineers have proposed changes to Chromium which would completely break content-blocking extensions, including various ad blockers, ostensibly for "security" reasons.
Per The Register:
In a note posted Tuesday to the Chromium bug tracker, Raymond Hill, the developer behind uBlock Origin and uMatrix, said the changes contemplated by the Manifest v3 proposal will ruin his ad and content blocking extensions, and take control of content away from users.
Content blockers may be used to block ads, but they have broader applications. They're predicated on the notion that users, rather than anyone else, should be able to control how their browser presents and interacts with remote resources.
Manifest v3 refers to the specification for browser extension manifest files, which enumerate the resources and capabilities available to browser extensions. Google's stated rationale for making the proposed changes is to improve security, privacy and performance, and supposedly to enhance user control.
"Users should have increased control over their extensions," the design document says. "A user should be able to determine what information is available to an extension, and be able to control that privilege."
But one way Google would like to achieve these goals involves replacing the webRequest API with a new one, declarativeNetRequest.
[...] Hill, who said he's waiting for a response from the Google software engineer overseeing this issue, said in an email to The Register: "I understand the point of a declarativeNetRequest API, and I am not against such API. However I don't understand why the blocking ability of the webRequest API – which has existed for over seven years – would be removed (as the design document proposes). I don't see what is to be gained from doing this."
Hill observes that several other capabilities will no longer be available under the new API, including blocking media elements larger than a specified size, disable JavaScript execution by injecting Content-Security-Policy directives, and removing the outgoing Cookie headers.
And he argues that if these changes get implemented, Chromium will no longer serve users.
The Register points out that this will not just affect Google Chrome and Chromium, but also Chromium based web browsers such as Brave Browser and Microsoft Edge.
(Score: 4, Insightful) by Runaway1956 on Wednesday January 23 2019, @04:13PM (7 children)
That we can block servers at the router. That means ad-servers, googleanalytics, the many MStelemetry servers, and so much more.
Your browser doesn't control your router (yet, at least) so those of us who demand that WE control our "experience" will still have control.
“Take me to the Brig. I want to see the “real Marines”. – Major General Chesty Puller, USMC
(Score: 2, Insightful) by Anonymous Coward on Wednesday January 23 2019, @06:05PM (1 child)
oh but many vendors are expecting people to configure the edge devices in a mobile application that runs on iOS or Android *only*.
Telnet/ssh/https from something else (modern desktop or whatever) is not the focus.
just you wait--features you had will be removed, or at least, your ability to access them will be grayed out and then gone--also for security reasons.
my favorite security reasons so far have been encrypting the data coming from my computer being sent to google and microsoft and other companies that... that I never packaged data up to send to them, and now, stuff is being sent in an encrypted form, ostensibly to prevent someone else from seeing it. someone like the user.
(Score: 3, Interesting) by Anonymous Coward on Wednesday January 23 2019, @06:19PM
Been running a home firewall since mid 90’s first on 386 now p2 professor. Tossed in n the 17,000 black hole tracking sites. I am 99% ad free. New servers pop up everyday. In the firewall all 60 home devices are ad protected.
Hell but out a small app on the machine being the dns for the phone can be done (Interal vpn ;). Simple and quick.
The big issue is is chrome going to bypass dns.?? Dns-over-http. That will break the internet and chrome will be a fully walled garden. Destining the first niter still freedom
(Score: 2) by RS3 on Wednesday January 23 2019, @07:08PM
Yes, that and it should be fairly easy to make software that would insert itself into the network packet flow and function as a packet filter. That said, some of the crap comes with the datastream you want, so...
But hopefully someone will build a browser, based on open-source chromium, that will continue to give us the plugin functionality and control we want.
(Score: 0) by Anonymous Coward on Wednesday January 23 2019, @08:43PM (3 children)
That isn't as easy as you think. On many pages, adblockers have to redirect googleanalytics and other javascript to avoid breaking the pages.
(Score: 4, Insightful) by Runaway1956 on Thursday January 24 2019, @12:43AM
That is true and untrue. See, when I find a page that is "broken", a make some very small effort to load it again. On a rare occasion I'll make two or three efforts. If the page won't load, then I view it as "the site is broken" and move on. Maybe I'll type some search terms, and find an alternative page that offers same/similar material, or maybe not. But, I don't view it as "my filters broke the internet". It's more "Those dumbasses should have designed their page better". And, at the end of the day, I simply do not feel deprived that ten, or ten thousand pages failed to load.
“Take me to the Brig. I want to see the “real Marines”. – Major General Chesty Puller, USMC
(Score: 2) by Reziac on Thursday January 24 2019, @02:39AM (1 child)
I haven't let googleanalytics run anything since shortly after the damn thing first showed up (blocked in HOSTS and denied in NoScript). Originally because it caused a huge lag in page loads; later for the obvious reasons. Don't know of any sites this breaks. I must be doing it wrong.
And there is no Alkibiades to come back and save us from ourselves.
(Score: 0) by Anonymous Coward on Thursday January 24 2019, @03:45AM
Or your web habits are not the same as everyone else's on the planet. For example, avianca.com did not work for years if you blocked google analytics. But if you don't believe me, just look through uBO's "unbreak" list or EasyList for how they handle the various trackers.
BTW, "denying" a script in NoScript actually serves and runs what NoScript calls "surrogates" (other called them "neutered") in many cases, including Google Analytics. This is precisely because they break pages when truly denied.