Even if bigs exists to work around what Google is doing, that isn’t the right way forward. If people don’t agree with Google move, the only correct course of action is to ditch Chrome (and all Chromium browsers). Hit them where it hurts and take away their monopoly over the future direction of the web.
The best bypass is to use Firefox. uBlock Origin works best in Firefox:
https://github.com/gorhill/uBlock/wiki/uBlock-Origin-works-b...
Never realized anything was happening as I was on Firefox, until I saw ads as my wife was browsing youtube despite installing ublock for her years ago.
My wife was pissed when I installed an adblocker for her - turns out she likes the ads.
YouTube recently started showing ads through uBO in Firefox.
On what platform? I've been using Firefox and uBO on Linux and Android for over a decade and never seen a YouTube ad.
You might need to check that you are using all appropriate blocklists as well. The subreddit usually has a sticky/pinned post for YouTube related issues as this has been a slow moving target for about a year now.
I'm on Windows 10.
Switched (back) to Firefox from Chrome years ago and haven’t looked back. Between uBlock and Privacy Badger my web experience is pretty good despite the endless assault on end users.
Speaking of 'works best in Firefox'... I mainly use Chrome (kinda have to), and it's practically impossible to use it for reviewing big GitHub PRs with many files changed (UI just freezes), but everything's perfectly fine in Firefox!
Could this be a subjective experience? Is it reproducible on multiple machines? And have you tried it with a new profile?
Well, many people have complained about this very issue, and it was actually from this [1] discussion that I learned that Firefox handles big PRs just fine. No amount of jumping through hoops, including creating a new profile, helped to make it work in Chrome.
I can’t help seeing ad blockers as fairless content consumption, like choosing to download films, musics and books without paying the creator and the distributor (VOD, MOD, concerts, libraries…). Sounds great for you but how would that work if everyone would do the same?
Although we all be happy to se more competition, using an ad blocker on Google sites (and G-add financed-sites) have no positive effect for the competitors.
Don’t take me wrong, I hate Ads and Google methods but we can’t all rob the same store and hope there will be infinite food on the shelves and that the next store will benefit from that.
Google doesn't exist in a vacuum. It's not written in the stars that Google must succeed. If Google's business model doesn't meet web users expectations then it's perfectly alright for Google to fail as a business. Businesses fail all the time.
Google is not special or different. Google can adapt or die.
Remember also that as Google has grown and captured more of the available attention and advertising dollars, other businesses that rely on attention and advertising such as free-to-air TV or print media have contracted and even failed. Google has shed no tears for them and, correspondingly, there's no need to shed tears for Google.
Almost all content I consume is not funded by adverts, it’s funded by passion or subscription or donation.
Adverts have no positive effects for anyone other than the advertising firm. They cost the viewer more than the provide the advertiser
if they’re not funded by adverts then you don’t need an ad blocker, right?
bbc news is full of tracking despite not showing adverts.
> Sounds great for you but how would that work if everyone would do the same?
I guess we would be free from companies such as Meta and Google? Where do I sign up?
You also seem to think that advertisement has no impact on alternative distribution methods. The fact that other viable options are scarce currently only shows that ad companies have a stranglehold on creative industries through their monopoly.
Running ad blockers for me is a matter of principle. The amount of tracking and telemetry that exists on the Internet is 1. massively invasive from a privacy perspective and 2. massively wasteful from an energy, bandwidth and time perspective.
If you have something worth selling, then sell it.
This is a comical view. If protection of downloadable material that someone wants you to pay for, is removed by an ad blocker, then that is broken by design. Make a website that is suitable to sell things, is the solution.
This is a candide view: IRL store use RFID doors for a reason, and customers do pays indirectly for those doors.
However I’m not 100% sure to have understood your phrase so please tell me if I missed your point.
Sorry, I skipped some part while writing. Edited to make sense.
I principally agree with you. But in reality, the ad-funded model has failed. It failed a long time ago.
There were never any restrictions placed on it, so it became a self-sustaining downward spiral to the current state of things. When I see the internet without an ad-blocker it is completely unusable. Quite frankly, I would most likely stop using most of the internet altogether if I couldn't block ads.
So what is the alternative? Same as always: paid services. A service / platform can either work out a pricing model that works for people, or it shouldn't / can't exist in that form.
Some people will argue that they'd rather have ads and also content for free and that's fine. Maybe some people can tolerate them. I cannot. I find them to be as close to experiencing physical pain as possible. It's like pure mind-poison and I will bend over backwards to avoid ads.
I am waiting for the age of smart-glasses to begin so that I can filter out ads in real-life as well. I simply never, ever, under any circumstances want to see any advertising ever.
If I want a product or service, I'll go search for it. I don't need anything to be suggested to me. And this is just my battle-hardened mind. I daren't think of what ads do to un-developed, children's minds.
It should be the government's responsibility to severely restrict advertising until it nearly doesn't exist. But that's not the world we live in, so I have taken matters into my own hands.
I sincerely hope that having produced a comment like that, you are not using ad blockers of any kind in any browser, including the reduced functionality Chrome uBlock Origin on manifest V3.
For me, ads broke the informal social contract between provider and end user years ago. Small, unobtrusive advertisements might've been okay, but ads eating an inordinate amount of my time and bandwidth, which exfiltrate my personal information, and which are served to me via SEO tricks and dark patterns are not okay. If sites want to ban me for not viewing their ads, fine. In the meantime, I won't lose any sleep over using my adblocker.
For you, if you are lecturing us on the moral imperative of viewing ads, then you better be viewing those ads yourself rather than only espousing cheap rhetoric.
I use Edge on both Win + Android, and uBlock Origin works perfectly on both.
>They decided it wasn't a security issue, and honestly, I agree, because it didn't give extensions access to data they didn't already have.
So they admit that MV3 isn't actually any more secure than MV2?
I'd be shocked if anyone actually believes them. This article starts with the obvious conflict of interest. Of course letting an extension know what websites you visit and what requests are made is an insecure lifestyle. But I still do it because I trust uBO more than I trust the ad companies and their data harvesters.
No, MV3 really isn’t more secure. MV3 still allows extensions to inspect your requests — it just doesn’t allow extensions to block them.
It’s almost comical how weak the security/privacy argument for MV3 is. Chrome could have developed a sandboxed web request inspection framework to prevent data exfiltration, but they didn’t even try. Instead they nerfed ad blockers without adding any security.
I wish I could browse the web kinda like this but minus the human:
Make Signal video call to someone in front of a laptop, provide verbal instructions on what to click on, read to my liking, and hang up to be connected with someone else next time.
(EFF’s Cover Your Tracks seems to suggest fresh private tabs w/iCloud Private Relay & AdGuard is ineffective. VMs/Cloud Desktops exist but there are apparently telltale signs when those are used, though not sure how easily linkable back to acting user. Human-in-the-loop proxy via encrypted video calls seems to solve _most_ things, except it’s stupid and would be really annoying even with an enthusiastic pool of volunteers. VM + TOR/I2P should be fine for almost anybody though I guess, just frustrated the simple commercial stuff is ostensibly partially privacy theater.)
https://stallman.org/stallman-computing.html section "How I use the internet" ?
It must be exhausting to be Stallman!
Hey Richard Stallman uses Invidious
So... you want to use a shared VPN?
> Maybe more I want to have a library computer at my house that somehow doesn’t use my ISP or, to go real paranoid, even click/type the way I always do.
You could build this yourself with relative ease[1], just add some software in the mix to tweak the typing and cursor movements. Have the "controller" connect via mobile network, Starlink or similar if you really want to separate concerns.
One of the main goals of MV3 seems to be nullifying protection against tracking URLs. Most of the discussion about adblocking technically "still working" under MV3 misses this point. It doesn't matter if you're actually served ads or not, when when your underlying habits can still easily be collected from the combination of fingerprints and tracking URLs.
> Most of the discussion about adblocking technically "still working" under MV3 misses this point.
Because it's a dishonest point. Ad blocking still works. All the same ads can still be removed from the page. Tracker blocking doesn't. This is still a huge problem for privacy. But while nearly everyone dislikes seeing ads that interrupt your content, people who actually care about tracking privacy are a much smaller group. The latter group are trying to smuggle concern for the latter issue by framing it as the more favorable issue to garner more support from the former.
I assume that those who care to block ads also care to block trackers, if they care about MV3 at all.
What I don't understand is why Google doesn't offer users the ability to add some extension ids into some whitelist to allow them using very sensitive permissions.
Force those extensions to have an prominent icon on the UI with a clear tooltip asking "did you install this yourself [No]" for easy removal, in case someone else did install it without you knowing.
There are so many ways to make this work, but they have zero interest in it.
You really don’t understand why? Money.
I've started assuming bad intent after WEI, even though it was dropped.
I believe them. The restrictions are reasonable and appropriate for nearly everyone. Extensions are untrusted code that should have as little access as possible. If restrictions can be bypassed, that's a security bug that should be fixed because it directly affects users.
I also think uBlock Origin is so important and trusted it should not only be an exception to the whole thing but should also be given even more access in order to let it block things more effectively. It shouldn't even be a mere extension to begin with, it should be literally built into the browser as a core feature. The massive conflicts of interest are the only thing that prevent that. Can't trust ad companies to mantain ad blockers.
> Extensions are untrusted code that should have as little access as possible.
It's entirely possible to manually vet extension code and extension updates in the same way that Mozilla does as part of their Firefox recommended extensions program.
> Firefox is committed to helping protect you against third-party software that may inadvertently compromise your data – or worse – breach your privacy with malicious intent. Before an extension receives Recommended status, it undergoes rigorous technical review by staff security experts.
https://support.mozilla.org/en-US/kb/recommended-extensions-...
Other factors taken into consideration:
Does the extension function at an exemplary level?
Does the extension offer an exceptional user experience?
Is the extension relevant to a general, international audience?
Is the extension actively developed?
The same way it's done with V3, because no permission-level blacklist/whitelist is going to prevent the person from creating an interpreter within JS itself.
Looking at https://developer.chrome.com/docs/webstore/troubleshooting#a... it seems most of the heavily lifting is done with some combination of static/dynamic analysis during extension review. The same analysis (plus trivially catching eval) could be done with V2 as well.
Why am I not allowed to trust an extension just as much as I trust the platform it is running on? This is the same logic behind mobile OSes creators deciding what apps can do.
It's a logic I fully agree with. As the owner of the computer, you should of course be able to do whatever you want. The APIs should still be designed around sandboxing and security though.
I only trust free software, and only after I have read its source code and evaluated the distribution channel. I don't want proprietary obfuscated third party code running on my computer without some serious sandboxing and virtualization limiting access to everything. I went so far as to virtualize an entire Linux system because I wanted to play video games and didn't trust video game companies with any sort of privileged or low level access to my real Linux system.
Malicious actors are known for buying up popular extensions that are already trusted by their user base and replacing them with malware via updates. The proper technological solition to such abuses is to make them literally impossible. Exceptions can and should be made for important technologies such as uBlock Origin.
Would that rip off the how-do-we-fund-the-web bandaid, forcing new solutions? Worry about the interim where some publishers would presumably cease to exist. And who would remain afloat—those with proprietary apps, as Zucky as they are, I’d guess…
UBO is absolutely incredibly important. Figure you might know more than me about how journalists and reviewers and the like can still earn a keep in a world with adblockers built in to every browser.
> Would that rip off the how-do-we-fund-the-web bandaid, forcing new solutions?
Absolutely. The web is mostly ad funded. Advertising in turn fuels surveillance capitalism and is the cause of countless dark patterns everywhere. Ads are the root cause of everything that is wrong with the web today. If you reduce advertising return on investiment to zero, it will fix the web. Therefore blocking ads is a moral imperative.
> Worry about the interim where some publishers would presumably cease to exist.
Let them disappear. Anyone making money off of advertising cannot be trusted. They will never make or write anything that could get their ad money cut off.
People used to pay to have their own websites where they published their views and opinions, not the other way around. I want that web back. A web made up of real people who have something real to say, not a web of "creators" of worthless generic attention baiting "content" meant to fill an arbitrary box whose entire purpose is to attract you so that you look at banner ads.
An extension I trust is by definition trusted code. What is trusted is for the user to decide, not the broswer developer.
I get what you mean and I think we align here, but I trust the uBlock team infinitely more than I trust Google to make my own extension decisions. I know there's a subset of regular users who fall for all manner of scam, but Manifest V3 doesn't even solve any of those issues, the majority of the same attack vectors that existed before still exist now, except useful tools like uBlock can no longer do anything since they got deliberately targeted.
Besides, there's ways of having powerful extensions WITH security, but this would obviously go against Google's data harvesting ad machine. The Firefox team has a handful of "trusted" extensions that they manually vet themselves on every update, and one of these is uBlock Origin. They get a little badge on the FF extension store marking them as Verified and Trusted, and unless Mozilla's engineers are completely incompetent, nobody has to worry about gorhill selling his soul out to Big Ad in exchange for breaking uBlock or infecting people's PCs or whatever.
I trust ublock infinitely more than anything written by Google, a literal spyware company.
This comment reads as if those villains have to provide explanations. Bitch they are Google they ask the questions. If they want they can pirate everything then sell it to make some cash, the stupid laws that we have to follow don't apply to them.
IMO those organizations should pay the taxes for all the people in the country they're being used at. This will create the best incentive for them to succeed.
The only security change is a policy one that did not need to be bundled with the rest: you can't load external code and run it in a privileged context like the background worker. However you can still load it into a frame and communicate with it.
It's less secure.
An adblocker is a firewall for your brain. Google should have no say over what I consume and when and with for instance youtube being pretty much unavoidable their monopoly position is abused by forcing you to pay for it. Doubly so because of the bait-and-switch, I'm fine with platforms that start off being ad supported, I'm not fine with platforms that become huge on piracy that are free to use by everybody and not an ad in sight and then when bought out suddenly you end up as a captive lemon to be squeezed.
I suppose that switching to Brave will be one of the best solutions after all. They have already comment this in June: https://brave.com/blog/brave-shields-manifest-v3
Or Firefox, which isn't just a reskinned Chrome...
What makes Brave trustworthy enough for us to run our entire life through it? For me it's irreparably forever tainted by crypto grifting.
> Adblockers basically need webRequestBlocking to function properly. Pretty convenient (cough cough) for a company that makes most of its revenue from ads to be removing that.
Why does this keep getting repeated? It's not true.
Anyone can use uBlock Origin Lite with Chrome, and manifest v3. It doesn't just work fine, it works great. I can't tell any difference from the old uBlock Origin in terms of blocking, but it's faster because now all the filtering is being done in C++ rather than JavaScript. Works on YouTube and everything.
I know there are some limits in place now with the max number of rules, but the limits seem to be plenty so far.
It is true though. Like, literally. Why do you think it is called Lite?
The statement was: "Adblockers basically need webRequestBlocking to function properly. "
This is demonstrably false, ublock lite proves that adblockers can work without it.
Whether or not ublock lite is missing functionalities because of MV3 is irrelevant to the original statement that adblockers need webRequestBlocking.
> This is demonstrably false, ublock lite proves that adblockers can work without it
uBO Lite is missing plenty of features: https://github.com/uBlockOrigin/uBOL-home/wiki/Frequently-as...
So your argument is that if an extension could block even a single ad with MV3, it means that ad blockers function properly in MV3? Do you not agree that "properly" means "having all the functionality they had with MV2"?
> Whether or not ublock lite is missing functionalities because of MV3 is irrelevant to the original statement that adblockers need webRequestBlocking.
It can be relevant depending of how you define properly. If it depends on any of those functionalities that are missing, then it’s relevant.
> It is true though. Like, literally.
Doesn't seem true to me. If it's true, then why is uBlock Origin Lite functioning properly as an adblocker for me?
> Why do you think it is called Lite?
Because it's simpler and uses less resources. And they had to call it something different to distinguish it from uBlock Origin.
One of the most frustrating things about these discussions is that it-works-on-my-machine effect. Anecdotal evidence is easily surpassed by a deeper understanding of the mechanisms that are changing. Here's what the author of uBlock Origin says about its capabilities in Manifest V3 versus Manifest V2.
> About "uBO Lite should be fine": It actually depends on the websites you visit. Not all filters supported by uBO can be converted to MV3 DNR rules, some websites may not be filtered as with uBO. A specific example in following tweet.
You can read about the specific differences in the FAQ:
https://github.com/uBlockOrigin/uBOL-home/wiki/Frequently-as...
My personal take is if you're a pretty unsophisticated user and you mostly don't actually interact with the add-ons at all, Manifest V3 will probably be fine.
If you understand how ads and tracking work and you are using advanced features of the extension to manage that, then Manifest V2 will be much, much better. Dynamic filters alone are a huge win.
> super vague stuff, like links to the FAQ that list a bunch of technical details
Not being able to block remote fonts is a vague technicality? It's a feature I use, a user-facing setting, not an under-the-hood technicality. (Budding web designers have a tendency to pick overly thin fonts because it looks fancy/unique at a glance and being interested in the actual text on the webpage was not their job description)
I'm less familiar with the other things. Clicking one experimentally, it mentions:
>> The primary purpose of dynamic URL filtering [is] to fix web page breakage
Webpages break on adblocking not infrequently. I'm not a blocklist developer so I can't say how useful this particular function is, but I'm also not going to assume that, just because I don't know the technical details, that it's just handwavey technical details nobody needs to care about and everything will be the same regardless of what the most qualified person on the topic is saying
> I don't think I should have to read a series of 20 web pages dense with specialized technical details to understand what it's supposedly not doing
Consider that you're not paying for someone to produce marketing material; it's a free thing. Sometimes that means that finding out information requires reading source code, or in this case, it's probably data files that contain these dynamic thingies so you could see the list of what mitigations will stop being possible and on what kinds of sites those are. If you (or someone else) do a writeup that fills the information gap you are looking for, I'm sure a lot of other people also appreciate that existing
What is the adtech that's leaking through? I regularly use Youtube with uBO Lite, and it does infact consistently prevent me from seeing ads. I've yet to see a single one.
There does seem to be a war going on between Youtube and adblockers where sometimes Youtube will show me a screen saying that adblockers are prohibited instead of playing the video. But usually a full-page reload which I guess refreshes uBO's rules (either the original Full or the new Lite) fixes it. I'm pretty sure this also happened under the original full uBO, so I don't think it's specific to any new limitations of Lite.
Its called Lite because it has tons of missing functionality from the not-Lite version that make the not-Lite version more effective as a content blocker.
I hate ads with a passion and would stop using Chrome immediately if I started seeing ads.
I agree on all counts. uBlock Origin Lite has been a totally satisfactory substitute. I honestly couldn't tell you when the switchover even happened.
>>It's not "tons of missing functionality"
https://github.com/uBlockOrigin/uBOL-home/wiki/Frequently-as...
Okay. Sure.
I think the ultimate fix is to make it a felony to pay someone to say a message as if it's his own (meaning an actor Ford pays to be in an ad needs to say "Ford paid me to say ..." at the start of every sentence uttered which states an opinion, if that is not the true opinion of the actor). It must also be a felony for someone to accept money in exchange for stating provided opinions as if they were his own. Customers in ads giving true testimonial reviews must state they are being paid (if so) at the beginning of their statements in the ad. Only quantitative and qualitative content about the product or service advertised should be allowed, anything which sets tone, vibe, or otherwise emotionally communicates to the viewer needs to be banned. This also goes for food product boxes, with the additional rule that 75% of the non-barcode front label area must be nutrition and ingredients, while logo/brand work and propaganda is limited to the remaining 25%. Back label is an exact (maybe B&W) copy of the front. Ads should also mostly be found in directories where people go looking for services or things, and NOT plastered everywhere ready to rape brains for quick nickels. We need an advertising censorship board that keeps records on both ad makers and client businesses, so that chronic offenders get smacked down hard.
Once advertising is dead, you will see a much more free and level internet.
Element zapper functionality is returning: https://github.com/uBlockOrigin/uBOL-home/issues/325
It depends on how you interpret the word "properly". There are ads and adblocker-detection techniques that can't be blocked by MV3-style static filtering.
If "properly" means "can block all ads" then you're wrong. If it means "can block some ads" then you're right. If it means "can block most ads" then you're currently right, but likely to become wrong as adtech evolves around the new state of play.
Don't forget Chrome launched with built-in popup blocking. Now we just have popunders, in-page popups, back-button hijacking etc. Ads, uh... find a way.
I believe that another change is that ad blockers cannot update as quickly now? If that is true, since ad blocking is a cat and mouse game, doesn't that make ad blocking with a delay less functional?
No, that's not true either. Updating rules is allowed. The restriction is about updating code.
Hmmm, according to this post [0], ad blocking lists must now be updated via store updates. Is that not the case?
[0] https://old.reddit.com/r/uBlockOrigin/comments/17as8o8/the_r...
If I recalled it correctly, Chrome's developers imposed a stricter limit on dynamically loaded (fetched) DNR rules. That's why updating rules with the store is the more conventional method.
So OP got Google to patch a harmless "issue" that could've been used by addon devs to bypass MV3 restrictions. Hope it was worth the $0.
Said bypass would exist for maybe a day max before getting nuked from orbit by Google. If anything, there was a non-zero chance OP would've gotten paid and he took it. I don't blame him.
They do it for free
I don't agree with this conclusion. Google is fully responsible for MV3 and its' restrictions. There's no reason to shift blame away from them.
Let's do a thought experiment: if OP hasn't reported it, what do you think would happen then? Even if different ad blockers would find it later and use it, Google would have still removed this. Maybe they'd even remove extensions that have (ab)used it from Chrome Web Store.
Indeed.
Perhaps a hobbyist would code “MV2-capable” MV3 adblocker for the fun of it, forking UBO or something, as a proof-of-concept. How much time would anyone spend on its development and who would install it when the max runway’s a few days, weeks, or months?
It seems someone's already done it. It requires some extra setup, but I managed to get it working on my machine.
Associated Show HN post from 5 hours ago: https://news.ycombinator.com/item?id=44543094
Google isn't any less responsible just because somebody else also did something bad. Blame is not a zero-sum game
If we think your line of argument to the logical extreme, then being upset at at somebody who ratted out a Jewish hideout to Nazis would shift blame away from Hitler. That's obviously absurd. Both are bad people, and one being bad doesn't make the other less bad. And if one enables the other being more bad then that makes both of them worse, it doesn't magically shift blame from one to the other
> Maybe they'd even remove extensions that have (ab)used it from Chrome Web Store.
So now it's abuse to make the user's browser do what the user wants, for the user's benefit, to protect the user from, you know, actual abuse.
Well, I don't think so — hence the parenthesis. Although, I am pretty sure that's how Google looks at it, given all MV3 changes.
Really? You think Google is that dumb? As soon as any ad blocker that people actually use implements it, it'll be patched. It's not something you can exploit once and benefit from it forever.
Yeah, that was my take as well. OP did some free work for a megacorp and made the web a little bit worse, because "security, I guess" ?
Good job.
Sometimes you get $0, sometimes you get more. I would like to mention this stuff on my college applications, and even if I tried to gatekeep it, it'd eventually be patched. Not sure what your argument is here.
Incredibly impressive to do this sort of work before applying to college!
The author claims to be 8 years old in 2015. So that makes them still a teenager. It is pretty cool IMO.
Are you guys honestly arguing like the zero day industry would, for a vector that couldn’t be used by any ad blocking extension since Google has them under an electron microscope 24/7? To pick on a very young, enthusiastic programmer? What the hell??
Google would have found this bug if any extensions tried to rely on it and patched it instantly anyway.
I don't "bypass" Chrome when they want to melt my brain with their business model, I use Firefox. I don't "bypass" Windows when they want to melt my brain with their business model, I use Linux. No idea why so many "hackers" doing "bypasses" can't instead take action that is simpler, long lasting, and easier. Do people need to jerked around 50 times for 20 years before realizing it will keep happening and their "bypasses" are just temporary bandaids?
> No idea why so many "hackers" doing "bypasses" ....
Because that's what it means to be a hacker. Yes, installing Firefox is simpler (and I'm a Firefox user) but I respect the effort to overcome Google's measures in disallowing certain addons.
>But I don't know how to make an adblocker, so I decided to report the issue to Google in August 2023. It was patched in Chrome 118 by checking whether extensions using opt_webViewInstanceId actually had WebView permissions. For the report, I netted a massive reward of $0. They decided it wasn't a security issue, and honestly, I agree, because it didn't give extensions access to data they didn't already have.
The effort to overcome the community's chance at discovering the workaround?
It was never going to last long enough anyways, being sure to get patched as soon as any adblocker uses it.
It's however still interesting in the sense that it might be fairly trivial to change, so chances are the next adblockers are going to ship executable that wrap chrome, modifying something like that at launch, allowing their extension to make use of it.
Obviously Google is going to hate it when random popular extensions start nagging users to download and install "companion" software in order to work, since that will train users to not think twice about these things and bypasses legitimate security efforts.
But Google made their own bed - and that of their users. Now they all get to lie in it together.
Once the legitimate adblock extensions have made the tech news cycle by switching to an executable, all the sketchy adblock extensions will follow, and after them the downright malicious but heavily advertised adblock extensions. Before long Google will have plenty of examples to point to of adblockers shipping malware, allowing them to scare off all the tech-illiterate people (who are the vast majority of users)
Meanwhile, mobile Safari literally has a menu item to allow you to use Firefox for ad blocking.
The blog post shows clear effort that falls under the "hacker" umbrella. That I respect.
The author informing google of the exploit was not the complaint of the parent comment which I took issue with.
> use Linux
except that for a majority of users, windows is where their applications are at - such as gaming, word processing, or some other thing. Sure there are replacements (somewhat) for each of those categories, but they are not direct replacements, and require a cost of some kind (retraining, or a substitute quality). This is esp. true for gaming, and it's only recent that gaming has made some inroads via the steam deck (steamOS), which isn't available to a general PC (only handheld PCs with AMD processors iirc).
People who say "just switch" to linux hasn't done it for their family/friends.
> except that for a majority of users, windows is where their applications are at - such as gaming, word processing, or some other thing.
Until you switch to linux you won't understand how inferior your windows setup always was.
It's hard for us to tell you what you are missing out on, you simply need to experience it.
I mostly game in a Windows 10 VM running on my Linux desktop computer. Single keypress to switch to Linux workspace.
This is not because Linux gaming is horrible broken, but rather it gives me a fully separate leisure desktop, and my main Linux desktop is work only.
It also gives me 100% compatibility, unlike wine.
> People who say "just switch" to linux hasn't done it for their family/friends.
When we say so here, we are telling you to switch.
Nobody should be forcing anything on friends/family.
I always suggest MacOS for friends/family for ease of support. I would never recommend Windows to anyone.
> I mostly game in a Windows 10 VM running on my Linux desktop computer. Single keypress to switch to Linux workspace.
> This is not because Linux gaming is horrible broken, but rather it gives me a fully separate leisure desktop, and my main Linux desktop is work only.
> It also gives me 100% compatibility, unlike wine.
You would get a fully separate leisure desktop if you were running Linux in that VM so it sounds like you are running Windows in the VM because Linux gaming is not adequate.
> I mostly game in a Windows 10 VM running on my Linux desktop computer. Single keypress to switch to Linux workspace.
Apologies for hopping on this thread with off topic question, but would you mind describing your setup?
I haven’t tried this in years, but last time I did I had trouble getting pass-through to some of my hardware, in particular my nvidia card.
Agree with your approach 100%!
Of course it depends on what you're playing, but VM gaming is not 100% compatible, lots of anti cheats will ban VM users and it's a cat and mouse game to not get detected.
Can you comment more on your VM setup? Can it utilize the GPU properly? Any performance or compatibility issues with running windows in a VM? Etc.
That's so much less true nowadays,
Web has become the default platform, where most people run most of their app/spend most of their time. Even Microsoft has had no choice but to embrace it, and Outlook (as in, the one from Microsoft office) is now a web first app (normal outlook is rebranded "classic" and we all know where this is heading, for better or worse). In a way, that makes switching OS much easier.
If you add to that that Windows itself is getting major visual overhauls from version to version (sometimes even within) it's not like sticking with it protects you from having to learn different UX paradigms and habits.
And regarding gaming, well, linux with Proton runs games faster than Windows nowadays, that's how little Microsoft cares about gamers/how good Valve is (depending on how you look at it), but the fact of the matter remains.
I was going to post a rant on drivers in Linux, but on my newest Lenovo laptop Linux Mint/Ubuntu off the shelve driver support is actually complete and Windows 10 (unsupported by Lenovo) extremely lacking (no wifi driver, no lid driver, no proper standby). And there's no way I'm going to start using Windows 11.
So yeah, maybe this is the year of Linux. After decades on this planet :p
Thinkpad E14, same experience. Windows 11 installer doesn't even see the wifi card, under Ubuntu everything works ootb.
> (steamOS), which isn't available to a general PC
Most of its secret sauce is either in Proton or upstreamed into Wine, DXVK, SDL, etc. All available to a general PC.
Unless your focus is competitive online games, which often come with Windows-only anti-cheats, you've got a huge catalogue of great games playable on Linux distros. I did the switch about four months ago and I'm not missing Windows, the only pain point has been Nvidia drivers and I'll be solving that by switching vendors.
Proton is available for desktop Steam as well, just pick your distro and go.
I disagree that that's the majority of users.
The majority of users either use only web applications, or web applications and Microsoft Office.
The true majority of users are on mobile.
Windows is only unreplaceable for gamers. Which is fine, because Windows is a toy anyway.
>Windows is only unreplaceable for gamers.
And quite a few musicians. When they make my software for Linux - and, it works ootb - I/ we'll be willing to change.
> Microsoft Office
Doesn't even exist anymore. She's "365 Copilot" and web-first now.
Web version sucks compared to desktop version, unless you use the apps minimally. That said, the Winapps repo is a good linux solution, running a windows VM and accessing the office apps via RDP so they feel like a native app. As soon as it gets wayland support, I'm making the full switch. Winapps in Xwayland has some issues.
The day Linux will be used more than Windows, it will be in more trouble than Windows will.
Threat actors are attracted by the most used system.
Fedora Bazzite it's Steam OS. And with Flatpak and Lutris you can have that setup everywhere, but some distros optimize the setings and compilations for the desktop better than Others:
- Solus OS
- Fedora Bazzite
- Catchy OS
Fallout 4 is running better on Linux than on Windows these days.
I switched to Firefox, but I'm unfortunately stuck to Windows for professional work. I need several high profile software to get proper Linux support before I can make that jump.
When I eventually go indie, though: I am 100% making use of a Linux workflow.
>Do people need to jerked around 50 times for 20 years before realizing it will keep happening and their "bypasses" are just temporary bandaids?
Sadly, yes. The networkign effect is extremely strong. Twitter was complained about even before musk, but it still too 3 years before people really started considering the move. emphasis on "consider": because twitter still has a lot of foot traffic for what it is in 2025.
I get what you're saying, but the problem is the software does 90% of what I want really well and I like that they do that 90% super well and I want to keep that.
In your Windows vs. Linux example, Linux just doesn't do a lot of things very well on the UI/UX side of things (e.g., window management, driver support, an out of the box experience). Knock Windows all you want, but it honestly does quite a few pretty important things very well.
So that's why I'll spend some time to resist the negative changes.
>In your Windows vs. Linux example, Linux just doesn't do a lot of things very well on the UI/UX side of things (e.g., window management, driver support, an out of the box experience).
That judgement confuses me a lot. Window management, drivers and out of the box experience has been much better in Linux for the last 10 years in my experience. Sure, there are some companies that don't ship drivers for Linux or the configuration software is not fully fledged. Window management has almost always been better in Linux, but of course depends on the WM. Windows innovated one nice feature in Vista (aero snap) which most desktop environments has implemented since.
If you install Fedora, Ubuntu or Linux Mint, what are you lacking from that out of the box experience? Generally no driver installation needed, and no cleaning up of bloatware.
Have you ever used Linux with high DPI monitors? Windows handles them OK since Windows Vista, and really well since 8. I've seen the classic Windows XP bug of measurements not being scaled and labels being cut off on modern Linux.
How about mixed DPI multi monitor setups? Great since Windows 10. On Linux, you're screwed. X doesn't support this. Wayland does, but not all apps work well with that, and not all apps and GPUs support Wayland.
This is a bit outdated i run mixed multi monitor setup and for last year or two it has been working no issues. Linux moves slowly but steadily and things eventualy get pretty great (another example sound and pipewire).
I think people make mistake of trying Ubuntu LTS thats super conservative with updates so you are years behind. For desktop you really want Fedora or something even more up to date. I think people sould try Fedora silverblue or its derivatives (bazzite, bluefin) its “atomic” distros that cannot be easily broken (steamos does the same).
> How about mixed DPI multi monitor setups?
I've been using this since at least 2019, it's been fine. The only two issues are the mouse doesn't (always) align when moving across monitors and having a window across the display border has one side stretched, but why would you have windows like that?
You should read the article before commenting; your comment is a non-sequitur.
It's a oui-sequitur for sure.
I don’t know. Eventually you read enough of this stuff and you would rather the next breath be, take leadership on a real solution. To me it’s a “sequitur” to say, the biggest fuck you is to convince people to stop using Chrome, not to fix bugs for their extremely highly paid engineers for free.
Uh sir the article is about JavaScript Browser APIS
Right back at you. If you think my comment is a non-sequitur, maybe you didn't read the article?
People like the service/product, but don't like cost.
So the solution is mental acrobatics while using a backdoor for access.
They finally enabled per site isolation by default after years of Chromium having it - still not in mobile though.
Wonder what else I'm not aware of that they're slack on.
Another advantage of this approach is that collectively it applies pressure against such toxic business models. This pressure can have an outsized impact for the number of people that do it because it skews towards technical people who will naturally influence their area of expertise more than the same number of lay users.
It's more about the challenge of it than practicality.
> for 20 years ... just temporary bandaids
Using superior software for two decades is a very good bandaid
Not everyone has your luxury of being able to choose their tools.
If you are using Chromebook, switching the browser is not an option
What makes firefox better than brave?
Firefox is not a Chromium fork
For me, I like being able to set a default font/size/colour for all websites as an override. Chromium browsers don't do that out of the box.
I like that it quarantines most of Facebook's shenanigans with cookies and the like.
I can't compare Brave's adblock to uBlock Origin, but it's probably good enough.
It doesn't do crypto bullshit, for example.
And using Google Firefox instead of Google Chrome is more than a temporary bag aid?
The article is clearly not intended as an ad-blocking tutorial, it is an article about security research and API weirdness.
Sure, it inspires ad blocking meta-discussion, but if you're complaining that the author has a strategically suboptimal approach to blocking ads then you have missed the point.
Bro it’s for the fun and interest of figuring it out. That’s what hackers do. The writer obviously knew it’s a “temporary bandaid” — they notified Google about it themself.
Firefox still doesn't work.
1 - Google Meet consumes 40%-100% of my CPU on Firefox, and my laptop becomes a space heater
2 - My Yubikeys don't work. Touching them doesn't get into any of the websites I use that use 2FA.
So, no Firefox.
Is this on Linux? Do you have an example of a website where Yubikey does not work? I'm curious, because I use Firefox on Linux for years, also for work, and never hit a site where my Yubikeys would not work. (I'm also using Google Meet regularly for work from Firefox without problems)
Yes, Linux.
No site works for me. Facebook, Google, none of them work. Even the demo at https://demo.yubico.com/webauthn-technical/ does not work.
Both yubikes and gotrust idem kyes also work for me just fine. Maybe i am using them just for fido 2 factor and not some of the other protocols?
about:config
Search for accel, look up the 'layout...' key, set it to true.
Also, set the webgl force enabled... key to true too.
I'm with you with this idea but relying on firefox is not much better. I use PWAs a lot and Firefox decided that PWAs are not worth implementing or maintaining their past implementation.
I still use firefox 70% of the time but this is wrong and go against what the users want.
+1 to this. This is probably the only thing that keeps me from ditching Chrome/Brave and going back to Firefox.
Floorp is a popular Firefox fork with PWAs enabled.
Yep. That and stuff like the filesystem API. That thing is so useful for apps like excalidraw, photopea, etc,. They really need to implement it.
They should at least implement it behind a feature flag, if they feel like virtue signalling how they're oh-so-concerned for the privacy implications. (while simultaneously launching an ads business in the backdrop)
Billions of non-programmers, who have no idea what an extension manifest even is, use Chrome.
[flagged]
Great, except firefox is pretty bad nowadays.
Not their fault of course, with people not testing websites on non chrome derived browsers.
> except firefox is pretty bad nowadays.
Pretty bad as in that isn't true?
Firefox is the option that doesn't intentionally leave users vulnerable to hostile adtech. Firefox is the option with containers. Past that it is performant and reliable under a wide variety of user loads and platforms.
or Pretty bad as in Firefox+forks are better than the alternatives?
It is true that some unfortunate default options were recently added to Firefox configs.
Those options are unfortunate because they are variants of anti-user options baked into Chromium - options created to keep Chromium users susceptible to big-tech's worst intentions.
Those "default options" are precisely "intentionally leav[ing] users vulnerable to hostile ad tech" (e.g. PPA). It's built into the browser and on by default. Mozilla have very explicitly stated they believe ads are critical for the web. It is still better the chrome though (and a patch set like librewolf is better still).
Mozilla can have this position (and probably have it due to most of their funding coming from an ad company), but can still hold the position that the user must remain in control and be able to remove ads if they wish, even if it goes against the beliefs of Mozilla. Meanwhile, Google is actively working to make it harder to block ads in Chrome and in general work on technology which take away users freedom to control how their own computers should behave.
Like I said chrome is worse, but both are made by ad companies who sell their users. I use and recommend librewolf as a better firefox.
How? Seriously, I keep seeing this argument against using Firefox, but as a long time user I fail to see any glaring issues with it.
The only websites that break for me are those I broke on purpose by using ad-block.
> I keep seeing this argument against using Firefox, but as a long time user I fail to see any glaring issues with it.
No glaring or usability issues.
What happened is that Firefox added some defaults that mimic a tiny bit of Chromium browser behavior.
Recommend extensions as you browse
Recommend features as you browse
Send technical and interaction data to Mozilla
Allow websites to perform privacy-preserving ad measurement
I browse the web daily, and the number of website that ever gave me trouble on Firefox can be counted on a single hand. The website compatibility issue is vastly overblown.
> trouble on Firefox can be counted on a single hand
*over the course of a few years, seriously.
In particular, it's sad to encounter such a rare issue only to then discover its true origin - Firefox implemented a necessary functionality according to spec, whereas Chrome decided to do its own thing. Case in point video streaming with Motion JPEG, Firefox dispatches events on every frame and uses a lot of resources, but Chrome decided not to do that, against the spec.
I set my default choice to pro-privacy (Firefox) and occasionally give it up to some Chromium variant if I depend on a functionality and a website justifiable needs it. The disruption to my workflow here is such a minor thing compared to what I gain usability wise, especially in the long run. I would never treat a software program like some religion, and it saddens me that even computer-savvy people do just that.
> the number of website that ever gave me trouble on Firefox can be counted on a single hand
Also important is that they tend to be Google assets like Gmail.
Yeah, it's merely performance issues. If you used FF you don't notice it, but it's extremely apparent if you switched over from Chrome like me.
Nothing dealbreaking, and I get that this is all on Google. But it's one of the clearest examples of where FF falls short of Chrome.
It loads much slower, sometimes I even get a progress bar for a small blip.
I don't blame that on Fx, though, more Google doing something wonky just to show me a list of emails.
I've switched to Firefox 3 years ago now after using Chrome for a decade. The list of things I missed from chrome:
- Tab grouping, now added in Firefox as of a few months ago
- built-in translation services. Firefox is slowly introducing this, but its missing many languages. In the meantime, a translation extension works fine.
- Google products operating better... but the issue here is obvious and outside of Firefox's control.
- various micro quirks from random sites I might find during research. Nothing functionality breaking, just clear examples where there was likely hard coded chrome user agent business.
- the occasional extension on Chrome that didn't have a Firefox port. This happened maybe 4 times total.
so, 2 things that are fixed (or close to), one anti-competitive measure, and the 2 smallest nitpicks I could imagine. I don't know what the fuss is that justifies Firefox being considered vastly inferior to Chrome these days. Even thsoe small issues are far offset by the ability to have proper adblock. Using Adblock on Chrome for my work computer is miserable.
Firefox has been my main browser for almost 10 years and I haven't encountered any challenges other than availability of plugins, but even that has been a very rare issue.
FF is my daily driver and I don’t see any issues. Do you have examples?
No, firefox is great nowadays.
People shouldn’t be using chrome anymore. Not even the technologically illiterate. I’d go so far as to say even safari is possibly more private.
Haven't missed Chrome once since switching to https://brave.com/
In the "cons" column, Brave is still a for-profit and has a bunch of features that continue to give some people the ick. In the "pros" column, there's a bunch of "how to debloat Brave" content showing how to improve the default kitchen-sink confifguration. https://www.youtube.com/watch?v=W6cKFliWW6Q
I do turn off the wallet, VPN, AI and other bloat, but it's a minor inconvenience for a better browser.
That's an absurd amount of tuning to make a browser acceptable to use. What you're saying is that it's unusable as is out of the box.
It's the same Blink engine underneath. Talk about lipstick.
I'm not aware of a Blink-based browser that isn't dropping manifest V2. That would be a soft fork, and wouldn't survive long.
The point is you don't need to worry about manifest v3 interfering with ad blockers, because Brave has an ad blocker built into the browser. Also makes it a good Chromium-based option for mobile, since you can't install extensions on Chrome mobile at all.
> When Google removes MV2 extensions from Chrome Web Store, they will be disabled for Brave users as well, except for these 4 supported extensions.
Oh, thanks, welcome news! Wish Vivaldi did the same
Not being able to run Twitch on it has me switch for brief periods.
Heh, funny, Twitch was the primary reason I installed Brave because it was being glitchy on Firefox (at the time years ago - no longer the case). I've never had trouble with Twitch on Brave.
From my experience (as a Brave user), using a User-Agent switching extension and setting it to Firefox for twitch.tv gets around that :)
You're personally unable to look at twitch on it?
The adblock causes a twitch stream error. I can watch until the first ad. This is annoying, so I switch to vanilla chrome.
> Do you even try to use software you are using?
GL with whatever.
Brave runs of Chromium, it's the same thing as Chrome.. Manifest V3 will eventually be implemented.
Of all the browsers you could be using, giving your data away to sketchy crypto bros should really not be at the top of the list.
It's the top of the list because it works so well. I forget it's a different browser most of the time. I was able to turn off everything extraneous that I was concerned about. Brave is also Open Sourced.
I really don't care about crypto stuff. If you do, I can understand why that's a dealbreaker for you. But for me, it doesn't matter at all. I just turn the crypto features off and continue on my way.
Might as well edit and add some suggestions
Maybe take a look at Vivaldi, it's a continuation of the old Opera, with basically the same development team. It's the most user-friendly and configurable option at this moment, they're very responsive to feedback, and are the only organization that doesn't have some horrible privacy violations in the past (maybe excluding Apple, I don't know and don't care, 90% of users on this planet can't run Safari).
Also they are in Norway if you care about that sort of thing.
It's not FOSS, though, at least for now.
[flagged]
Shields can be turned off right from the url bar as needed.
>Brendan Eich's hateful hands
LOL California Proposition 8 was pretty mainstream opinion back then. Maybe stop with the ex post facto persecution?
Hate can be popular but that still doesn’t make it right. He knew that he was spending money hoping to take away rights from people he knew, to tell some of them that their marriages shouldn’t be allowed, and did it anyway. That’s hateful regardless of how many other people joined him.
Not what defines politics what do ever, politics by definition is the practice of trying to figure out ways to solve power and philosophical disagreement.
>Personally I'm 100% for letting everyone express their gender or sexual identities. But I'm not going to demonize someone for having a different opinion and making a small donation to support their political views.
You would never ever say this if it was about a person/movement that personally affects you or your way of life.
Perhaps you should. Some opinions and political views (such as those against human rights) are abhorrent.
Deciding that you will turn your head the other way and ignore those who act against human rights speaks to your character.
Just say what you really think.
Really? I turned off the crypto buttons once several years ago and it’s been just fine since.
Would love to give Firefox a chance but one thing that stops me (apart from occasional website loading bugs) is inability to install PWAs. Not sure why it’s not implemented like it has been for a long time in Chrome and all its forks.
I have found a 3rd party extension that claims to facilitate this (0) but still feel uncomfortable to use this for privacy reasons.
(0) https://addons.mozilla.org/en-US/firefox/addon/pwas-for-fire...
If you really care, it's ok to just Firefox for the majority of your web browsing activities but use Chrome or a fork for PWA.
Although using Firefox increasingly means a worse experience, including:
* infinite loop of Cloudflare verification * inferior performance compared to Chrome (page loading, large page scrolling) * subtle bugs (e.g. audio handling) * WebUSB support
I have personally run into all of them. Some are under Firefox's control but others are not. I do still use Firefox for most websites unless it's technically not possible, but unfortunately the exception is happening more and more.
I don't run into CAPTCHA loops with Firefox. Have you tried changing your user agent to pretend to be Firefox on Windows or Mac? I've heard Linux users are more likely to be interpreted as bots.
The machine is on a corporate network, that's the issue. I don't have issues when
1) using Chrome/Edge on that same machine on corporate network 2) using Firefox on Linux on corporate network 3) using Firefox on Windows on my own machine at home
Unfortunately.
You bypass it by installing Firefox.
Firefox is awful. Both as a browser itself and as a base for other browsers. Such a shame that Zen didn't use Chromium :(
Your comment is pretty meaningless without more specifics.
I switched to Firefox again back in 2017, I have 0 issues with it. If anything it's faster and less resources hungry than chrome in my usage. The extension ecosystem is now arguably better with MV3 being rolled out to chrome.
Probably the only annoying thing was learning where the buttons are in the devtools. They're all still there, just laid out differently. It took about a week to get to grips with that.
What exactly makes you say it's an awful browser?
I use Zen everyday and a love it! I am glad they chose Firefox as a base, otherwise I would have skipped it. Firefox is stable, I open it when I boot my PC which runs for weeks and never think anything about it. On topic of ad blocking, I think that there are more ways to anoy users using ad blockers today despite of which browser someone uses, with ad block detection and blocking access. If your browser is build by a ad company, expect these changes. For this reason I won't use these browsers
Weird, Firefox blows Chrome out of the water. What do you smoke?
The smoke on the water!
More seriously, I'm a Firefox user since ~2006 but I'm about equally surprised by the statement that Firefox should blow Chrome/ium out of the water as that Firefox supposedly sucks. They're both browsers. I think Chromium is a bit faster in page rendering, whereas Firefox is more open, privacy-friendly, and customizable. Similar to how I wish consumers would not choose an anti-consumer organization (anyone who values a free market and general computation1 should not choose iOS), I think nobody should choose Chrome but, still, I can understand if someone does choose it because they've gotten used to how it works and they're not willing to change. It's about equal in practical functionality that 95% of people use, wouldn't you say? Or in what way is Firefox blowing Chrome out of the water?
¹ https://www.thekurzweillibrary.com/the-coming-war-on-general...
I remember back in the day, one of the big selling points for Google’s search engine used to be that the advertising didn’t get in the way. Imagine that.
I stopped saying this because no one remembers. Or the people I was talking to were to young. It’s way worse now than askjeeves ever was!
Luckily I only need to use chrome on my work laptop, I use Firefox everywhere else. Still sad to see uBlock origin stop working which was useful to keep a cleaner experience when browsing the web for work reasons (research, documentation, etc).
Google hijacked the Internet by dominating web standards and abusing their market position. We could vote on a new RFC and Google gets the veto vote merely if they don’t want to put it in Chrome.
I bypass Google's big anti-adblock updates by using Firefox
Just get AdGuard as it's a superior solution anyway.
And I mean the actual app that can modify responses, not a simple DNS filter.
So what’s the conclusion? Can we use a different Chrome based browser and avoid MV3? What’s the decision for privacy after this has happened?
This blogpost covers a workaround they discovered that would have let MV3 extensions access important functionality that was not normally available, only in MV2.
This workaround was fixed the same year in 2023 and yielded a $0 payout, on the basis that Google did not consider it a security vulnerability.
The conclusion then is that uBO (MV2) stopped working for me today after restarting my computer, I suppose.
Microsoft supposedly aligned with deprecating MV2 back when Google announced it but they've indefinitely postponed it. The KB about it still says "TBD", and there's zero mention of it around the actual browser. IMO it's a good alternative, if you trust Microsoft (I do).
I would interpret that "TBD" to mean the moment Microsoft pulls in Chromium 139 changes. Anything else would be to costly for a small amount of goodwill from a niche community.
Try installing uBlock Origin Lite and see if it works for your needs.
The little I've read bout this says that maintaining MV2 might be something as well.
If other chromium based browsers didn't have this issue, that would be great, but likely in time Youtube won't support browsers that don't have MV3. Probably still have some time though.
Switched to Firefox yesterday, I suggest you do the same.
Are they still funded to the tune of a billion a year by Google so that Google can pretend they don't have a monopoly? Are they still intent on redefining as an ad company?
The google money isn't any great gotcha. It's wrong of them to have grown to be so dependant but so what? All it means is that some day the funded development will stop, just like all the forks are already.
Let them take google money for as long as it flows. You can switch to librewolf at any time if FF itself ever actually goes bad in any critical way. But there's not a lot of reason to do so until the minute that actually happens. Go ahead and take the funded work and updates as long as it exists.
When the billion began Chrome wasn't even a browser yet.
If you're going to switch you should switch to a better option. I've been using librewolf for years since Firefox doesn't have the best track record either.
That's a good reminder to update Firefox.
I tend to oscillate back and forth every few years gradually.
Lately not Chrome proper, there are some neat browser takes worth trying out like Vivaldi, Brave, Arc, etc that are Chromium based.
Google using YouTube to block non-MV3 browsers, would be Google picking a fight with Firefox - who they use in court documents to say that they're not a monopoly. Their legal team will have a few words to say about it.
Reading the comments, I see a lot of hate for Firefox. What is the explanation for this (other than people not trying Firefox and assuming it's inferior)?
I love Firefox, I've bee using it for as long as it exists and Netscape before that. It's Mozilla I have a problem with. Mozilla has allowed itself to become controlled opposition rather than the aggressive underdog that it should be. Lots of the money they take in that could go to improving Firefox is spent on stuff I could not care less about. There is no way to earmark funds sent to Mozilla as 'browser only'.
Ultimately the issue is allowing Google to skirt around anti-monopoly rules by throwing money at Mozilla. Can't really blame the latter for cashing in when the rules fail at enforcing a competitive environment.
Hate the game, not the player, basically.
I love using firefox. Mozilla has lost all the trust I had in them. The biggest blow for me was them shutting down pocket.
Mozilla sells user data to third parties. Their statement:
The reason we’ve stepped away from making blanket claims that “We never sell your data” is because, in some places, the LEGAL definition of “sale of data” is broad and evolving. As an example, the California Consumer Privacy Act (CCPA) defines “sale” as the “selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a consumer’s personal information by [a] business to another business or a third party” in exchange for “monetary” or “other valuable consideration.”
Also their browser security always seems to lag behind…
Just for anyone here switching: Don't get firefox; get firefox developer edition. It's firefox but you don't need to pay Mozilla $20 and go through verification to local-load browser extensions you write for yourself. (you can do this on non-DE firefox but you have to reload extensions every time you restart browser)
I've been off Chrome for a while after using it for about a decade. Firefox is nice to have around, but ngl, it's behind on standards and some of its implementations are wack. Its performance on video is poor, and its memory management relatively awful, especially if you're the kind of person who leaves your computer on for months at a time; be prepared to open a new tab and copy-paste any "HUD" tab URLs you leave open (e.g. CNBC for the top ticker). I feel like the kind of person who buys an Intel GPU, and I have some thoughts about Nvidia for pushing me here.
> But I don't know how to make an adblocker, so I decided to report the issue to Google in August 2023. It was patched in Chrome 118 by checking whether extensions usin
Well, thanks for nothing?
Author here, sorry. I don't think any open-source extension (especially large adblockers with millions of users) could actually get away with using this bug, because Google is paying close attention to them. It would've been patched immediately either way.
That's why you should keep stuff like this quiet.
I see from the other comments here that you're still young, so I'll give you a word of advice: Google and the other megacorps are NOT your friends. Don't think that helping them and acting against users' interests will result in anything positive for you in the long term.
"The road to hell is paved with good intentions."
Hi, I appreciate your opinion, but really disagree. First of all, this is one bug, and most of the ones I find don't "act against user's interests" (not that this one could have been used effectively without being patched anyway). Doing bug finding is how I make a difference and a skill I feel proud of.
I USED to keep bugs (read: exploits) for myself without sharing them, but after a while I realized it was not worth it and my skills were basically going to waste. You can say philosophical stuff about ads if you want but bug finding for me is a fun challenge with a good community. I'm not pretending Google is my best friend.
Plus, doing this gets me a bit of money. It's either this or I work summers at a grocery store, and I prefer this.
s/mature/bootlicking/
Also, dude, from your other comments: "What a selfish dickhead, helping them make better nooses to put around everyone's necks (including his own)."
And "People like this are enemies of freedom and should be called out publicly."
What the ?
[dead]
You’re right, and good on you for paying attention to the human/business context behind the code.
i never made chrome my daily driver. firefox and safari are wonderful browsers.
finally switched to firefox. no regrets
Would it be possible to create a web browser where different tabs are running other browsers? Like I could have chrome in one tab and Firefox in another? Almost like a VM?
You used to have an activeX plugin for internet explorer that would selectively render certain sites using google chrome
Try Safari, Firefox, or any other non-Chrome browser.
1) A lot of ads are terribly overdone and even sometimes actively malicious (malware or tracking). It makes no sense to aggressively try to stamp it out like Google is doing
2) Aside from the Page/Brin stealing tech salaries thing (yeah it really did happen) what happened to Google? They've always been a bit incompetent but their behavior (ie Chrome and increasing censorship on Google/Youtube the last few years) has been really bad, I thought they were basically founded off idealism
> and even sometimes actively malicious
Most of the times. In fact, the situations where they are not actively tracking are exceedingly rare.
> For the report, I netted a massive reward of $0.
Sure, not a security issue. But given how much Google hates Ad Blockers, they could have easily given him some USD 50,000.
As an exclusive Firefox user, with really great ad blocking features, I didn’t notice that Chrome got worse on this front. I’m sorry to hear that. Perhaps it’s time for a change. Best of luck.
Even ignoring the adblock issues, Chrome isn't worth it... Google themselves spy on you with it. Cockblocking adblock just puts extra emphasis on what you should have already known.
And FF + UBO also works great on Android
Signed up to complain about this. YT is no longer worth watching ads for. Anything that is worth paying for, the money needs to go via Patreon so the publisher isn't demonetized at a whim. The rest is brain-rot, utter shit and a lot of damaging misinformation. I hope it dies. While it remains easy to do so, I will "steal" with yt-dlp and proudly watch it ad-free on VLC on my computer. If they break that then I'm no longer interested.
When this became adversarial, which was a battle that lasted the last year of inconvenience I ended up dumping every Google thing I have. So the Pixel is GrapheneOS now with no Google crap. Browser is Firefox. Email has moved from Gmail to Fastmail with a domain.
My Google account is closed after 20 years. The relationship is dead. They can do what they want. I don't care any more.
You didn't really mention what aggravated you.
Initially the increase in frequency of the advertising on Android youtube app. Followed by uBlock being broken in Chrome. Followed by uBlock being tarpitted in Firefox. Followed by FreeTube client getting 403 IP forbidden requests and DRM content shovelled down which could not be rendered.
They just did everything to make sure I watched the ads and burn all my bandwidth, which can be somewhat limited and expensive as I travel a lot.
Did you consider YouTube Premium? It works really well and no ads. Seems like a pittance for the service YouTube provides
The value is the content not the delivery mechanism.
$180 dollars annually is a pittance to you? So please enlighten us...? You could certainly change a persons life with that. It is not a trivial sum, so please do not insult poorer members of this community.
Why couldn't someone just compile Chromium and strip out webRequestBlocking from the code?
Good
Using ebpf to block ads would be fun !! Need a way to translate rules into blocking rules for ebpf
How would that work? Isn't having all the browser and doc context what makes UBO (MV2) the most robust blocker?
Would the browser be talking to the kernel through some back channel?
> I don't know how to make an adblocker, so I decided to report the issue to Google in August 2023.
> It was patched in Chrome 118 by checking whether extensions using opt_webViewInstanceId actually had WebView permissions.
> For the report, I netted a massive reward of $0.
Snitches get stitches, not rewards.
FWIW, on Windows Google relies on the registry to determine weather to use V2 or V3, and it can be reenabled: https://gist.github.com/MuTLY/71849b71e6391c51cd93bdea36137d...
No adblocking extension would ever rely on a clear bug to function. Google reviews extension code and would immediately patch the bug, and maybe use it as an excuse to kick the extension off the web store. I don't buy the idea that there was a viable second option here.
I did not even realize my ublock origin was turned off. My HOST FILE script did the same service: https://expatcircle.com/cms/privacy-advanced-ublock-origin-w...
More concerning is that social fixer was turned off: https://socialfixer.com/
MFGA Make Facebook Great again ;-)
Changing your hosts file helps but it would only block hostnames primarily used for ads and trackers - it wouldn't address those trackers and ads loaded from hostnames shared with actual content. The more sophisticated sites will proxy their tracking and ads through their main app:
E.g. www.cnn.com/ads.js
I prefer having multiple layers just in case anything drops off:
1. VPN DNS / AdGuard local cached DNS 2. uBlock Origin
It's like wearing two condoms (but it feels better than natural).
Why the downvote?
Google is here
Just use Firefox with ublock origin. On Android too. Nightly has tabs on tablet.
At work I use Edge (MS integration w SSO and all). Edge has some nice features like vertical tabs and copilot. (yes, email writing with AI is nice)
We are allowed Chrome and FF so have those too with ublock on FF. Chrome is 3rd choice if a site really needs it and for testing.
Firefox has had vertical tabs (and tabs groups) for few months now
Indeed. I love the FF vertical tabs too, I should say.
Too bad the work one is still locked to 128 ESR :(
[flagged]
If a major adblocker used a bug or security vulnerability to work around restrictions, it would have been patched away immediately.
The uBlock team was never going to ship code that depended on a bug to work.
I fully agree. The original comment and the other replies to it are bewildering. There was nothing to gain here, yet people are throwing ad hominem attacks left and right.
The exact wording was:
> But I don't know how to make an adblocker, so I decided to report the issue to Google in August 2023.
So why not go to someone that does know how to make a blocker? Nice snitch.
He was hoping to be a good boy and receive some cash from Google, as per article.
Well, in his defense it would have been patched immediately after the first adblocker used it, and he would have gotten nothing at all out of it.
Oh wait he got nothing at all anyway ;)
Would be quite different if they patched it and broke important extensions, possibly facing serieous outcry and bad publicity.
I agree that would change things but I can't picture an open-source extension with millions of users pivoting to rely on something that's clearly a bug.
At that point it's a feature, not a bug.
Having millions of users on your side is great ammunition.
Important extensions like, dunno, uBlock Origin?
Yeah, surely if chrome broke important extensions people will get mad and switch.
That's what they already did.
Not really, this sort of fame farming is what makes candidates stand out in infosec interviews. A bug in Google systems is good for his future career.
The post says they had another bug with a large bounty in the same year, so it doesn't seem very useful for CV padding either
What a selfish dickhead, helping them make better nooses to put around everyone's necks (including his own).
[flagged]
[flagged]
Dude, what.
Think about who you're helping and who you're fighting against.
No judgement but I would love to hear from Google employees who worked on this. Do they believe they are improving the internet in any way?
There is also an argument to be made that adblocking is immoral. I think the idea is pervasive enough to fill a team of willing people, especially if you pay them 100k/year to at least go along with it for the time being
I haven't made up my own mind about it yet, just that this might be a factor in why one would move the facilitating technology backwards in this way (and forwards in other ways, apparently: some people in the thread are reporting that uBlock Lite is faster. Not that I can tell the difference between a clean Firefox without add-ons (I regularly use that for work reasons) and a Firefox with uBlock Origin (my daily driver) except if the page is bogged down from all the ads)
I don't think ads are immoral but I think the way FAANG does ads and tracking is immoral. Google does not do enough to vet ads for malicious activity such as scams and viruses. The FBI in recent years has started recommending an adblocker for that reason.
Lol. Treating cancer is immoral. Miss me with this shit!
They are being paid to think what they're told to think.
"Job's shit but pays a lot"
[dead]
I switched away from Chrome years ago. Not because of their weird anit-adblock moves. Just because the quality of their software dropped. Because of various UI bugs of their tabs that didn't get fixed with updates. I remembers that when Chrome came out it was rock solid and fast so it's a huge disappointment.
I tried out Firefox again and nowadays it is as fast and as solid as Chrome used to be. Never looked back. I still keep Chrome for cases when somebody YOLOed their website, but I use it the way I used to use IE, briefly and with distaste. With the next upgrade I might just start using builtin Edge for that and not bother to install Chrome at all.
So theoretically Chrome is open source.
Open source is supposed to prevent issues like this, as it is possible to fork Chrome pre-MV3 and preserve this functionality.
However, this appears to have not happened.
Perhaps we need a better definition of “open source”, or well-funded organizations that are adversarial in nature to the maintainers of open source commercial software.
Lots of f/oss has malware and misfeatures in it, hiding behind the guise of “open source”. It doesn’t count unless there are non-corporate interests at work in the project that are willing and able to fork.
Chrome is open source just like Russia and Iran are democratic dictatorships. Just in the naming.
open source only means you can use and fork it without too many restrictions. it doesn't mean open governance or did the greater good.
I notice people being very reserved on their criticisms of Google, knowing Google can end their careers in an instant if it chooses to.
Just use uBlock Origin Lite.
Google is running an experiment: how much ads crap users are willing to tolerate before they switch supplier.
I was able to bypass the chrome changes by installing firefox. Honestly it's better than I thought it would be, and I have no serious complaints, or broken sites. Yay web standards.
I absolutely love that people are downvoting this. What is wrong with this site now?
Somebody should probably fork chromium.
I remember when Firefox was getting traction, it had a killer feature: speed.
A chromium fork could come with a simple killer feature: bringing back the possibility of blocking requests.
I’m pretty sure it would quickly gain traction.
That's Brave, a fork with native AdBlock.
Exactly... brave is the de facto choice for cryptobros. The copying of UBOs work is a nice addition too.
who uses browser level Adblockers anymore?
Just use Pihole.
Traveling? VPN home then Pihole
Safari + Wipr2 FTW!
I got downvoted for commenting this, why can't we make a ManifestV2-like framework using .DLLs ? This can enable network control for ad blockers and Google can do nothing about it.
I think the trouble is that certain adblocking features (like skipping ads on YouTube, Twitch, etc) require modifying the page you're viewing in your browser; just filtering network requests isn't enough. So right now a browser extension is the most natural choice for an adblocker, but honestly that might change if browsers keep being so hostile towards them.
expose DOM and JSON to external .DLL then
browsers should have open Web standards as well as open local runtime.
I honestly thought reading this blog post was quite refreshing and I had a little smirk at the caption of the photo. Thank you for sharing!
Author here, thank you! A lot of the comments here are more general arguments about MV3 and Google (which I kinda expected) but I'm glad see someone who liked my post :)
I’ve been happy with Orion on macOS. I get it’s WebKit but at least it’s not Chrome. Brave was also good if you must have chromium.
> It was patched in Chrome 118 by checking whether extensions using opt_webViewInstanceId actually had WebView permissions
soo will this still just work if we give uBo webview permission?
Unfortunately extensions can't have webview perms :(
"'webview' is only allowed for packaged apps, but this is a extension."
:( but maybe Vivaldi and Brave could remove this check just for fun.
Why not use DuckDuckGo?
I use Safari.
[dead]
[flagged]
[flagged]
[flagged]
Our ideals do not simply change the fact that chrome and its derivatives are the most used browser by a big margin at this moment. And, looking at how this came to be and how things were with IE before it, they are going to stay a bit longer still. Stop being in denial about the way most people function: they don't care, they will eat the most convenient slop they are being served and not question it much. Because it doesn't matter as long as it allows you to browse your socials.
I hate to use this word but this is a huge amount of projection in response to the comment you replied to, which did not seem to make any of the points you ascribed to it.
> unless you're still using the spying machine
So a computer?
If you use a free operating system https://www.gnu.org/distros/free-distros.html then you have less chance of being spied on. At least you can check
Yes you can, but do you?
Tracking typically works through fingerprinting. Using free software alone won't magically protect you against this, every website's a program with JavaScript on. Lots of free software is also multiplatform. You'll want to apply additional defensive measures, but you can apply those even on Windows, running Firefox or Chrome. Mind you, you'll then stand out for using those defensive measures.
I generally appreciate source code access and independent auditability, and I do have an appreciation for the intent. But the way people discuss these topics is downright embarrassing, which is what I was hoping to shake out of this. "Just install Linux bro, it's better than pussy bro. What, u still got dat spyin machine goin on?? [links a 30 minute Mutahar video with him faffing about with some technologically trivial bollocks he visibly barely understands]" Please. I think it's pretty agreeable at least that this about as far removed from well supported decision making as one can casually get to be.
Most people switching to Linux and free software alternatives in hopes of better privacy do so based on vibes, not on any rigorous research. And that's fine. Just wish they didn't pretend it wasn't the case.
If I say yes, you’ll just call me an extremist and make fun of me. If I say no, you’ll call me a hypocrite. So I refuse to answer
> At least you can check
I don't think they enable me to inspect e.g. my CPU's firmware, or that they're able to provide any guarantees about the hardware itself.
So it still just makes for a large shopping bag sized trust-me-bro box executing hundreds of billions of instructions a second. But now with a false sense of comfort.
I'm more than happy to concede on this being overly dramatic though, provided you concede on having been engaging in a similarly unserious hyperbole of your own.
> I don’t think that free software is an unserious hyperbole, actually.
Me neither, considering that doesn't even work grammatically. Very clearly I was referring to "unless you're still using the spying machine" being the unserious hyperbole.
> It really does exist, even though big tech wants you to think it does not.
I must have been continually missing "big tech's" efforts on that front. They do engage in other efforts that go against either the spirit or the proliferation of software freedom, but what you describe I legitimately have not witnessed at all.
I'd gladly pay for YouTube without ads if I trusted that it would remain ad free, but the track record from various companies on this is not good.
I tried paying for YouTube premium then they fucked around by not giving me all the features I paid for when I was visiting another country. There's no winning with these people.
I paid premium a few months, then they added shorts and there was no way to block them, so I installed a blocker and stopped paying for it.
Yes me too, and they fucked me.
I've been paying for YouTube premium for probably 2 years now. Never had any inserted ads. Only the "this video is sponsored by" stuff, which you can just skip over.
I can't possibly go back to non-Premium YouTube, and if they mess around with Premium I'll probably be moving on from YouTube.
Youtube premium has been ad-free for 10 years. What kind of track record do you need? 20 years? 100 years?
Youtube premium is still an ad driven business model. They are the ones making the problem worse so they can sell you the solution. The more you pay for Youtube Premium the more incentive they have to make ads worse.
It has never been ad-free, sponsored segments have always existed
you should blame the creators for being greedy, not YouTube for that
YT sets the rules of what content is allowed and sets the level of deception in their marketing regarding this "ours vs theirs" distinction in ads, so feel free to blame it as well.
Netflix and other streaming sites have ads on some paid subscriptions. First they start with ad free subs, then introduce ads and introduce a higher priced tier to get rid of ads
Can't you just stop subscribing when that happens? You aren't signing a 5 year contract.
So if one supermarket sold expired food, we should avoid another supermarket that has not been doing that for 10 years? Google/Youtube doesn't own Netflix. If anything, the reasonable response would be to unsub Netflix and sub its competitors, like, uh, Youtube.
No, if all the big supermarkets sell expired food from time to time to meet profitability expectations, there is no reason to believe one will be so unique as to be able to resist using the same industry standard, especially when it already has a much bigger expired food business
I just pay them until it works, and I'll reconsider once it changes. Don't worry about track record, you can stop paying anytime.
Paying to avoid ads just makes your attention even more valuable to them. Always block them unconditionally and without any payment.
Ads are a violation of the sanctity of our minds. They are not entitled to our attention. It's not currency to pay for services with.
Ads are social cancer that's spreading without any attention nor control from the authorities. Just like cigarettes 30 years ago.
Or rather, don't use YouTube without paying.
Youtube isn't free, and unlike a simple blog, requires tons of infrastructure and content creation. None of that is free, and people wanting that to be free is why we're in adscape hell.
Edit: I'd love for a competitor to youtube, but there isn't. Rumble isn't a real competitor, and none of my favorite channels place their content there either.
I wish there was a youtube alternative that was more of a federation, but every attempt I've seen of federations have been mess.
> Youtube isn't free
Then charge for it like the other streaming services. If they send me ads, I'll block and delete them, manually or automatically, and I won't lose a second of sleep over it.
> requires tons of infrastructure and content creation
Not our problem. It's up to the so called innovators to come up with a working business model. If they can't, they should go bankrupt.
That’s quite a stretch. I loathe ads as much as anyone else here, but I don’t consider being exposed to them as violating the sanctity of my mind (is my mind even sacrosanct, such that it could be violated?) it’s just something I don’t like.
And yes, attention is absolutely a currency that can be used to pay for things. Like any other voluntary transaction, no one is entitled to my attention unless we both voluntarily agree to it.
That implies voluntarily paying attention to adverts, as an informal contractual obligation. You aren't allowed on Youtube any more because you haven't been allowing the adverts to influence you enough. You can't look away or think about something else, that's cheating on the deal.
Advertisements have been proven countless times to be a form of psychological manipulation, and a very potent one that works very well. After all, if it didn't work we wouldn't be seeing ads crop up literally every-fucking-where, including these days even in our very own night sky in the form of drone lightshows. The ad companies have huge teams of mental health experts in order to maximize the reach & impact of their advertisements on the general populace.
Ads are so powerful that they've even managed to twist the truth about plenty of horrific shit happening to the point of affecting the health and safety of real people, sometimes literally on a global scale. Chiquita bananas, De Beers, Nestle, Oil & Gas companies, and must I remind you of Tobacco companies (and surprise surprise, the same people who were doing the ads for Big Tobacco are the ones doing ad campaigns for O&G companies now)? There have been SO MANY examples from all these companies of using advertisements to trick and manipulate people & politicians, oftentimes just straight up lying, like the Tobacco companies lying about the adverse health effects despite knowing for decades what the adverse health effects were, Or Oil & Gas companies lying about climate change via comprehensive astroturfing & advertisement campaigns [1].
This all barely scratches the surface, too, especially these days where you have platforms like Google and Meta enabling genocides, mass political interference and pushing things like crypto scams, gambling ads and other similarly heinous and harmful shit to the entire internet.
The TL;DR of all of this is that yes, advertisements absolutely are psychological warfare. They have been and continue to be used for absolutely vile and heinous activities, and the advertisers employ huge teams of people to ensure that their mass influence machine runs smoothly, overtaking everyone's minds slowly but surely with nothing but pure lies fabricated solely to sell people products they absolutely do not, and will never need.
> I don’t consider being exposed to them as violating the sanctity of my mind
I do. I think it's a form of mind rape. You're trying to read something and suddenly you've got corporations inserting their brands and jingles and taglines into your mind without your consent. That's unacceptable.
> attention is absolutely a currency that can be used to pay for things
No. Attention is a cognitive function. It has none of the properties of currency.
These corporations are sending you stuff for free. They are hoping you will pay attention to the ads. At no point did they charge you any money. You are not obligated to make their advertising campaigns a success.
They are taking a risk. They are assuming you will pay attention. We are entirely within our rights to deny them their payoff. They sent you stuff for free with noise and garbage attached. You can trash the garbage and filter out the noise. They have only themselves to blame.
Not mind rape, actual rape.
Can you elaborate a bit? Why would that make my attention more valuable than other's?
If you are a paying subscriber, you are self-identifying as (likely) a higher net-worth. The problem for ad platforms allowing paid opt-out is that the most valuable users leave the network.
Then they have to go to advertisers and say, “advertise on our network where all the wealthier people are not.” A brand like Tiffany’s or Rolex (both huge advertisers) aren’t going to opt into that.
It's a decent chunk of change for the sole purpose of avoiding ads on a single platform that barely pays the people actually producing the content. If you're looking to access premium content and YouTube Music, it's a slightly better value proposition (but only slightly, because YTM sucks, especially compared to what GPM used to be). For that ~$120 a year, you could buy a bunch of Steam games to occupy the same amount of time as your YT habit. Or you could buy a sub to services like Nebula which actually pay content creators decently. Or you could buy an external hard drive, install yt-dlp, and embrace Talk Like A Pirate Day, Groundhog Day-style.
Because by paying you are demonstrating you have more than enough disposable income to waste on their extortion. You're paying for the privilege of segmenting yourself into the richer echelons of the market. You're basically doing their marketing job for them and paying for the privilege.
At some point some shareholder value maximizing CEO is going to sit down and notice just how much money he's leaving on the table by not advertising to paying customers like you. It's simply a matter of time.
Take a third option. Don't pay them and block their ads. Block their data collection too. It's your computer, you are in control.
I don't use Youtube at all, but I keep thinking I'm missing out and should make the effort to find a way to circumvent tracking. I can't see that the morality points to an obligation to absorb adverts. There can be no contract on the basis of what your mind must do.
Edit: let's step through this. If I use a towel placed over the computer to block ads, that's morally the same as using blocking software, I think? If I block the ads by putting my fingers in my ears and staring at the ceiling, also the same thing, morally. If I block them by watching them in a negative frame of mind, saying that I dislike ads and won't do what they suggest, I'm still doing the bad thing, the same as using an ad blocker - if it is a bad thing. My obligation, if it is an obligation, is to be receptive. Otherwise what, it's a sort of mind-fraud?
There is nothing immoral about this at all. They're the ones who chose to send people videos for free, gambling on the notion that people would look at the ads. Nobody is obligated to make their unwarranted assumptions a reality. They are as entitled to our attention as a gambler is entitled to a jackpot.
If someone gives you an ad filled magazine, you can rip out the ad pages and throw them in the trash, leaving only the articles you actually want to read. Same principle applies here. If some random person on the street gives you a propaganda pamphlet, are you obligated to read it just because some businessman paid for it? Of course not.
It is still my right to murder to uphold your lack of morals
The point is most people will never pay. That makes the Adblock/anti-adblock war inevitable for them. If you can afford it, you sidestep it. If you can’t or won’t, you don’t. Pretending there is some point where those folks would pay is a little delusional in my view.
I'm not pretending. I know most people won't pay. The point is it doesn't matter.
They're giving their stuff away for free instead of charging money for it. They gambled on the notion that people would "pay" by watching ads. Unfortunately for them, attention is not currency to pay for services with. We will resist their attempts to monetize our cognitive functions. The blocking of advertising is self defense.
They have absolutely nobody but themselves and their own greed to blame. Instead of charging money up front like an honest business, they decided to tap into that juicy mass market by giving away free sfuff. Their thinking goes: if I give them free videos with ads, then they will look at the ads and I will get paid. That's magical thinking. There is no such deal in place. We are not obligated to look at the ads at all. They don't get to cry about their gamble not paying off.
> They have absolutely nobody but themselves and their own greed to blame
They’re one of the most profitable media platforms on the planet. They’ll be fine. Nobody is crying. There are just willing participants—as you say, on both sides—in what I consider a pretty silly battle one can opt out of with a small amount of money.
So pay now and stop paying if they introduce ads? It's not like it's a lifetime subscription.
I've been paying for it for a year+ for my girlfriend who was watching more ads than content and we've never seen ads since.
That's good to know. I was hoping for a reply like yours. I will subscribe. YouTube is an amazing resource for human kind and I agree those of us who can afford it should pay to support it.
Seems strange to me to support Google with your money from a moral perspective. It is a spyware company.
Totally, there's not a lot of places to vote with your dollars to get rid of interruptions like Ads, and also get back a lot of time of your life.
Don't let everyone responding gaslight you. YouTube Premium is absolutely stuffed with ads[0] (sorry, 'promoted content' / 'sponsorship'). The only probable explanation I have for this is that Google has successfully boiled the frog and people mentally don't even register these things as ads anymore.
And that's not to mention pretty much every single creator stuffing sponsored sections into their videos now. We have Sponsorblock for now, but I imagine Google will try to introduce random offsets at some point which will render Sponsorblock mute. Maybe an AI blocker will rise up in the future?
At any rate, fight fire with fire. Just use every bit of adblocking on desktop, Revanced on Android and hope that Revanced or Youtube++ comes to iOS 3rd party stores at some point.
[0]https://imgur.com/a/3emEhsF
Edit: since people are too lazy to click on the link and instead ram the downvote button in blind rage, image 1 and 4 contain straight up ads, unconnected to creators.
I think people just decided it doesn't count as ads when it's the creator doing it. And it feels more tolerable since the money is going to the creator that they probably like instead of megacorp Google.
1 and 4 contain straight up ads.
I'm honestly baffled why anyone who objects to ads would still want to use any of the official YouTube clients. Whether or not they show ads to you on YouTube, they still track your every move and use it to improve their profile of you so that they can show you ads on any of their other platforms, sell your data, or whatever other shady business they do behind the scenes to extract value from it.
Adtech cannot be trusted. I refuse to support their empire whether that's financially or with my data and attention.
And that's not to mention pretty much every single creator stuffing sponsored sections into their videos now.
Fortunately I mainly watch the videos which are not made by "creators" looking for $$$ but just people sharing something interesting and useful; the ones which have no annoying intros or outros, "like share and subscribe" drivel, and are often not much more than raw unedited content. They still exist on YouTube.
They rolled out the Chrome "kill adblockers" update globally then unleashed the new wave of YouTube "anti-adblock" a month later. While in a literal losing court case thats suggesting Chrome be split out from Google as a whole. They must be so confident nothing can touch them.
Youtube premium has remained adfree as far as I know.
Best to try it out yourself. I can't watch Youtube with Ads ever anymore.
If a 100% Ad-free youtube premium at the current price point ever went away, something would have to change about the ads.
Nah, Firefox with ublock origin is better than giving money to google.
You also give money to the creators you watch by watching ads or watching with YouTube premium.
You also can't block ads on iPhones, which a majority of the developed world uses. My girlfriend has never watched a YouTube video on something other than an Apple device for example.
https://www.enterpriseappstoday.com/wp-content/uploads/2023/...
Basically any rich country has a majority of iPhones. And let's not even talk about tablets.
>You also can't block ads on iPhones, which a majority of the developed world uses. My girlfriend has never watched a YouTube video on something other than an Apple device for example.
People really live like this... ? Like those who watch movies on their phones lmao.
Also, Brave works on iphone -> m.youtube.com adfree :)
Then again I went years not using conditioner and moisturiser for my skin, only deo... We all need tips from people who know better you know. (Im white.)
I get an ad-free YouTube experience for $0 with software. Why do you pay for it?
Because I want to actually support content creators. I also want it to be more normalized to pay for things vs having ad supported content.
Their business model is already in line with my values. I give them money and in exchange I get an ad-free experience. They don't need to change.
It’s an opt out fee from Ads.
I don't think you're normalizing ad-supported content when running an ad blocker
As for paying for the content you consume, most of the costs aren't on Google's side. I can understand paying for Youtube as a shortcut to hopefully giving some pennies to each person you watch, though, at least for those with no moral objection to making Google's/Youtube's monopoly in online video stronger
I was a bit surprised to find that Patreon also keeps a pretty large commission. But, yeah, at least it's not owned by Google and what else are you going to do when most creators list this as their only option. I'm just confused when there's easy options like sending cash directly to their IBAN or using a nonprofit like Liberapay (they just have their own donation page and, instead of taking a cut, make money that way: https://liberapay.com/Liberapay)
I also back people on patreon. Isn't it irrational to expect something for free? If you don't like the service or it doesn't align with your values, simply don't use it.
Also, isn't patreon also a middleman by your definition?
Patreon and BuyMeACoffee are middlemen...
It’s a personal choice.
Once someone reaches a level of individual support that’s fine.
YouTube remains a place for discovering channels and people and some people especially the majority who are not technical, can outwit a simple family fee.
I use YouTube premium more than I ever used for paying Netflix for far longer. Value (and proven convenience) is in the eyes of the user.
Plus you can block shorts. You can't do that with premium.
I got fed up and stopped paying for premium, now I get no shorts and no ads, it's a win-win.
I pay for YouTube premium for my family and there haven’t been any injected ads at all. Only the ones that the video themselves have in, which are also very annoying.
I can’t speak for the future, but I’ve had this for probably 5 years and I haven’t seen a single ad, only the videos that I’ve asked to see.
That's what sponsorblock is for
Same experience.
The family plan is nice to share with family to reduce how much everyone's exposed to ads.
In-Video sponsorships are a pain, sometimes they are chaptered out enough and can be skipped.
If I could pay for an ad-free google search I probably would. Off the shelf, not doing API calls.
<cough> SponsorBlock (https://sponsor.ajay.app/) <cough>
It works amazingly well provided a video's been out for at least a half hour or so. It also has the option to skip the "like and subscribe" parts too.
I also tried the https://dearrow.ajay.app/ extension to replace clickbait titles, but decided I'd rather know when a channel/video is too clickbait-y so I can block/unsubscribe.
Yeah, this can be a consideration, and also a non-issue with Youtube Premium
If you simply add a `-` (en-dash) between the `t` & 2nd `u` in the URL, your viewing experience automatically skips all external ads, without login/premium.
Syntax: www.yout-ube.com/watch?v=XqZsoesa55w
This also works for playlists, and auto-repeats.
edit: is this getting downvoted because it works and people are worried this service might disappear should this bypass become too popular..? Just curious.
Chrome full on blocked uBlock Origin (and others) this week. There is still four flags [1] you can play with that will allow you to re-enable it again, but this is a losing battle of course. The inevitable is coming.
Nothing comes close to Safari battery life on MacOS, followed by chrome, followed by firefox in last place (with all its other issues - those claiming otherwise have stockholm syndrome). I've tried taking Orion for a spin which should offer the battery life of Safari with the flexibility of running FF and chrome extensions - but it hasn't stuck yet. As much as I'd like to use FF, I really don't want to shave 10-20% (?) off a battery charge cycle when I spend 90% of my day in the browser.
[1] https://www.reddit.com/r/uBlockOrigin/comments/1lx59m0/resto...
>>with all its other issues - those claiming otherwise have stockholm syndrome
What issues? Works just as well as Chrome ever did (before they started blocking extensions at least) for me.
And I value FF way more than an hour of battery.
All day every day my computer works fine.
That difference in battery, if it exists, doesn't actually materially manifest anywhere. But the difference between FF and anything else matters basically every minute all day.
On top of that, even if I ever did actually run into the difference, needing to plug in before I would have anyway, it's an annoyance vs a necessity. The ability to control my own browser is frankly just not negotiable. It doesn't actually matter if it were less convenient in some other way, it's simply a base level requirement and anything that doesn't provide that doesn't matter what other qualities it might have.
You might say "a computer that's dead doesn't work at all" but that never actually happens. I'd need an 8 hour bus ride with no seat power to get to the point where that last missing hour would actually leave me with no computer for an hour, and that would need to be a commute that happens twice every day for it to even matter.
For me that's just not the reasonable priority.
This should lead to a full-on antitrust breakup of Google. Period.
They own the web.
I can build my business brand, own my own dot com, but then have to pay Google ad extortion money to not have my competitors by ads well above my domain name. And of course the address bar now does search instead of going to the appropriate place.
Google is a scourge.
A monopoly achieved thanks to everyone that forgot about IE lesson, and instead of learning Web standards, rather ships Chrome alongside their application.
> instead of learning Web standards, rather ships Chrome alongside their application
I am confused.
- The "shipping Chrome alongside their application" part seems to refer to Electron; but Electron is hardly guilty of what is described in the article.
- The "learning web standards" bit seems to impune web developers; but how are they guilty of the Chrome monopoly? If anything, they are guilty of shipping react apps instead of learning web standards; but react apps work equally well (or poorly) in all major browsers.
- Finally, how is Chrome incompatible with web standards? It is one of the best implementer of them.
Devs, particularly those with pressure to ship or who don't know better, unfortunately see 'it works in Chrome' as 'it works', even if it is a quirk of Chrome that causes it to work, or if they use Chrome related hacks that break compatibility with other browsers to get it to work in Chrome.
- Sometimes the standards don't define some exact behavior and it is left for the browser implementer to come up with. Chrome implements it one way and other browsers implement it the other way. Both are compatible with the standards.
- Sometimes the app contains errors, but certain permissive behaviors of Chrome mean it works ok and the app is shipped. The developers work around the guesses that Chrome makes and cobble the app together. (there may be a load of warnings in the console). Other browsers don't make the same guesses so the app is shipped in a state that it will only work on Chrome.
- Sometimes Chrome (or mobile Safari) specific APIs or functions are used as people don't know any better.
- Some security / WAF / anti-bot software relies on Chrome specific JavaScript quirks (that there may be no standards for) and thinks that the user using Firefox or another browser that isn't Chrome or iOS safari is a bot and blocks them.
In many ways, Chrome is the new IE, through no fault of Google or the authors of other browsers.
On the contrary, they are the last one standing fighting Google takeover of the Web as ChromeOS development platform.
Without Safari we are done, just close shop on the Web standards group.
Web Standards™ [1]
__________________
[1] some feature a Chrome engineer decided to implement, to boost their yearly performance review
Even in portugal/spain se have to worry about this. Safari mobile users are a minority here but they usually spend or have more money to spend
> how is Chrome incompatible with web standards? It is one of the best implementer of them.
They have so much market share that they control the standards bodies. The tail wags the dog.
They are at the edge of transforming the Web into ChromeOS Platform, with the complacency of everyone that helped it become a reality.
> Firstly, a lot of web developers have stopped caring about the standards process. Whatever functionality Google adds is their definition of “the web”.
Businesses who hire such web developers will loose huge amounts of sales, since 90% of visitors are on mobile and half of those are on Safari.
Web features being pushed by Google via Chrome, aren't standards, unless everyone actually agrees they are worthy of becoming one.
Shipping Electron junk, strengthens Google and Chrome market presence, and the reference to Web standards, why bother when it is whatever Chrome is capable of.
Web devs with worthy skills of forgotten times, would rather use regular processes alongside the default system browser.
Are we really trying to argue about cross platform GUI in 2025? This was solved decades ago. Just not in ways that are trying to directly appeal to modern webdevs by jamming a browser into every desktop application.
I don't even hate Electron that much. I'm working on a toy project using Electron right now for various reasons. This was just a bizarre angle to approach from.
The alternative already exists, processes using the system browser, for several decades now.
Or actually learn how we use to ship software on the glory days of 8, 16 and 32 bit home platforms.
Now I do agree there are no alternatives for people that only care about shipping ChromeOS all over the place.
I’m actually working on an alternative called Slint => https://slint.dev
Consumers never really pick products for ideological reasons, no matter how galling that is to ideologues
You should block adds for practical reasons too though, not just for moral reasons.
I can't fathom how there are so many devs that don't use adblockers. It is so strange and when I look over their shoulders I get a shocking reminder how the web looks for them.
Except, many developers contributed to the actual situation.
The same excuse was given regarding IE.
I think ads go well past "ideaology". very few like ads, and they have only gotten more persistent over recent years.
Oh no, instead consumers pick products because of advertising.
What an improvement.
But consumers pick products for convenience reasons and Chrome updates crossed PITA line. Even my "boomers" family switches to FF.
Chrome was made to fracture, and everything started with the aptly named “Atom” editor (they “invented” Electron).
Everybody choose convenience over efficiency and standards, because apparently nobody understood what “being lazy” actually is.
Microsoft invented Electron, when Windows Active Desktop came to be.
Mozzilla also invented Electron, when XUL applications were a thing.
Both failed, as shipping regular processes with the default browser kept being used.
IE was far less user-hostile than Chrome.
> IE was far less user-hostile than Chrome.
What exactly do you mean by this?
IE was horrible to use which is why so many people switched to Firefox. It wasn't because of web standards.
IE didn't have tabs when every other browser moved to that.
IE didn't block pop ups when every other browser would do that.
Only because Microsoft got slapped on the wrist way back when.
Google should get slapped too, and they might be headed that way...
https://www.npr.org/2025/04/20/nx-s1-5367750/google-breakup-...
Safari is also pretty user-hostile, which is why Apple is getting sued by the DOJ for purposely hobbling Safari while forbidding any other browser engine on IOS. They did this so that developers are forced to write native apps, which allows Apple to skim 30% off any purchase made through an app.
You don't think Microsoft is doing mass surveillance? They own Outlook and Teams, and Windows 11 is quickly turning into a platform for training AI on your data. I doubt Edge is going to be much different. It's the reason I'm switching to Linux.
> Apple is getting sued by the DOJ for purposely hobbling Safari
I don’t believe the lawsuit claims this, does it?
> which allows Apple to skim 30% off any purchase made through an app.
This is untrue.
- Most developers pay 15% for in-app purchases. Only the tiny proportion of developers earning more than a million dollars a year pay 30% and even then, it’s 15% for subscriptions after the first year.
- This is not any purchase made through an app. This only applies to digital goods and services.
The main wrong lesson learned was to promote Chrome instead of Firefox (also in what many HN readers have been guilty of).
Excuse me. If it's on MDN, I'm going to use it if it's useful for my app. Not my fault if not all browsers can keep up! Half JK. If I get user complaints I'll patch them for other browsers but I'm only one person so it's hard and I rely on user feedback. (Submit bug reports y'all)
The issue is completely different if the users of an app or a website are customers. Then you have to make it work for them or you'll lose sales. If it's non-commercial project then it doesn't matter if it works with all browsers or not.
Why not only use features that are compatible with all browsers? You don’t need to use every bleeding edge feature to make a website.
Welcome to Microsoft world of IE.
Not everyone. Some of us used Firefox all along and didn't just go with the "default" invasive thing.
The answer is antitrust.
The FTC / DOJ should strip Google of Chrome.
Honestly, they should split Google into four or five "baby Bell"-type companies. They're ensnaring the public and web commerce in so many ways:
- Chrome URL bar is a "search bar"
- You have to pay to maintain your trademark even if you own the .com, because other parties can place ads in front of you with Google Search. (Same on Google Play Store.)
- Google search is the default search
- Paid third parties for Google search to be the default search
- Paid third parties for Google Chrome to be the default browser
- Required handset / Android manufacturers to bundle Google Play services
- Own Adsense and a large percentage of web advertising
- Made Google Payments the default for pay with Android
- Made Google accounts the default
- Via Google Accounts, removes or dampens the ability for companies to know their customer
- Steers web standards in a way advantageous to Google
- Pulls information from websites into Google's search interface, removing the need to use the websites providing the data (same as most AI tools now)
- Use Chrome to remove adblock and other extensions that harm their advertising revenues
- Use Adsense, Chrome performance, and other signals to rank Search results
- Owns YouTube, the world's leading media company - one company controls too much surface area of how you publish and advertise
- Pushes YouTube results via Google and Android
... and that's just scratching the surface.
Many big tech companies should face this same judgment, but none of the rest are as brazen or as vampiric as Google.
Yes to everything except the first statement:
> The answer is antitrust.
Anti-trust is crucial to make the capitalist economy work prperly, I agree
But another answer is "Firefox"
I would love if some of these projects that fall backward into loads of money would stay lean, and invest that money in a way that allowed them to become truly independent. So when the money dries up, or the funding becomes dirty, they have the freedom to cut ties and continue their lean operations, self-funded by the interest from their investments.
Controlled opposition to avoid anti-trust is a MegaCorp's standard operation procedure.
> So why do people choose Chrome?
It’s actually kinda simple: they don’t, at least not continuously. It’s “what you use” because you decided that’s true at some point in the past. All you have to do now is decide that some other browser is “what you use”. You can even take it a step further and decide that Chrome is “not what you use”.
(And actually, if you go through with it, you might discover reasons for why you don’t want to switch like “bookmarks” and “saved passwords”. In my opinion, if it is not easy to transfer those things, that is further reason to switch because vendor lock-in is user-hostile.)
> If you only want capitalism
Yeah, I prefer not to die in a coal mine at ripe age of 14, so a coal baron can increase their wealth by 0.001%.
It isn't a coincidence that Google continue to fund Mozilla: Firefox is, arguably, a fig leaf. A few hundred million a year is a small price to pay to Google if they have even a semi-willing participant in allowing them to bulldoze through the standards bodies.
PROXOMITRON!
Local proxy filter that is like a Pi-hole, but locally!
It's OLD, and became obsolete when browser plugins were invented, but now more relevant than ever!
Because it's between the server and the client - it can do what it wants!
Wow, that brings me back. I used to use Proxomitron before plugin ad blockers were a thing.
A gift to reduce global CO2 search emissions...
https://en.wikipedia.org/wiki/Proxomitron
https://www.proxomitron.info/
This wasn't really the point of the article, which in fact says the workaround was patched in Chrome 118.
Because the author reported it. Personally I would have told the ublock origin developers instead of google.
To what end? So Google can see how it works and still patch it?
Yeah, this was my thought process. I get the appeal, but I don't think a million-user open-source extension is gonna start relying on a clear bug to function.
At least it would make them work for it.
We need webmasters to nudge people away from Chrome. E.g. show an annoying popup on opening the page or add a small delay.
We also need Google to stop showing annoying pop-ups every time someone goes to their homepage, Gmail, or any other site they own. They also need to stop promoting users on mobile to open links in Chrome, when the user doesn’t even have Chrome installed, and has chosen the “default browser” option 100 times already.
I’m so fed up with these nudges.
Better yet, include some piece of code in your webpage that is dynamically loaded from e.g. EFF.org or mozilla.org.
That way, you give these organizations the power to nuke Chrome, one day.
This can also be seen as a kind of mutually assured destruction approach, to keep Google in check.
Most complainers are hypocrites who are complaining for the sake of complaining, too lazy to do anything and just come up with excuses to avoid this.
I think you’re missing the point of the article.
Isn’t really about bypassing it to support the development of new extensions. It’s more just a blog about a new bug that the author found during their security research.
It’s really more a fluff piece promoting themselves than it is anything else. And to be honest, I’m fine with that.
My bigger takeaway from that article was how impressive this individual already is. They’re still a student and already finding and reporting several bugs in major platforms. Kudos to them.
What browser would you suggest? Firefox is a privacy nightmare as well.
Websites I use regularly for banking don't work outside of chrome. I've done the pure firefox forray recently but after 6 months it gets tiresome to have 2 browsers and 3 weeks ago Ive admitted defeat for the second time and went full chrome. Who am I lying to -- market cornered, ggwp. It's like trying to eat food without paying a cent to cargill.
Treat it as isolating banking from the rest of your browsing, there are enough CVEs coming out for Chromium in spite of (or maybe because of) Google pouring billions into it.
This is what I do. Chromium for Facebook, banking, and Google (photos and map). Firefox for everything else. It's a very tiny inconvenience to switch between browsers for these tasks.
Why not switch banks or move to a credit union?
Really? I've been FF only for years and everything works reliably, including banking sites (Australia & New Zealand).
Really? Which ones are broken? Every banking website I use works in Firefox.
I can’t imagine voluntarily using a browser without working ad blocking.
ABNAMRO in nl, for starters. Their transaction form breaks somewhere halfway if you are not using Chrome. I've found a workaround (the transaction gets archived, so you just click on the list of transactions once more and then you can continue). It's annoying though and they do not respond to reports of it breaking. They also change the site more and more to work better on chrome so now you can no longer cut-and-paste a number of transactions in Firefox (handy during tax season) but you have to download a badly formatted CSV with way too much information in it, strip that and then you may be able to import it.
> Websites I use regularly for banking don't work outside of chrome.
What countries banks?
I am in New Zealand and have not had that problem in years.
15 years ago I had to edit my user agent string to look like IE (IIRC) for the University of Otago's website (PricewaterhouseCoopers getting lots of money for doing a really bad job)
Makes me wonder have you tried that trick? Less tiresome than switching browsers....
> only correct course of action is to ditch Chrome
There is more Chrome than Chrome: Edge, Chromium and all their forks.
It's 2025.
Here is a list of great browsers committed to MV2 support. If anybody from Google tries to gaslight you with "but security..." review this:
https://www.ssllabs.com/ssltest/analyze.html?d=gmail.com
and ask them why do they still support connection with so many insecure tls suites ;-)
Firefox: https://www.mozilla.org/en-US/firefox/new/
Vivaldi: https://vivaldi.com/download/
Brave: https://brave.com/download/
Waterfox: https://www.waterfox.net/download/
LibreWolf: https://librewolf.net/installation/
Pale Moon: https://www.palemoon.org/download.shtml
Thorium: https://thorium.rocks/
Ungoogled Chromium: https://ungoogled-software.github.io/ungoogled-chromium-bina...
Floorp: https://floorp.app/en-US/download
Its not happening
I switched to Firefox and it's been wonderful. I wonder why I didn't switch earlier. It's only been a couple of months, but I can't imagine going back to a browser without multi-account containers.
> I switched to Firefox and it's been wonderful. I wonder why I didn't switch earlier
Maybe because a few years ago it could be very annoying? It was mostly pretty good at rendering web pages but it had many UI problems that could really get on your nerves after a while.
For example somewhere around late 2020 or early 2021 after several years of using it as my main browser on my Mac I switched because a couple of those problems finally just got too annoying to me.
The main one I remember was that I was posting a fair bit on HN and Reddit and Firefox's spell checker had an extraordinarily high false positive rate.
This was quite baffling, actually, because Firefox uses Hunspell which is the same open source spell checker that LibreOffice, Chrome, MacOS, and many other free and commercial products, and it works great in those with a very low false positive rate.
Here's the ones I hit and reported: ad hominem, algorithmically, all-nighter, another's, auditable, automata, backlight, ballistically, blacksmithing, bubonic, cantina, chewable, coaxially, commenter, conferenced, counterintuitive, dominator, epicycle, ethicist, exonerations, ferrite, fineable, hatchling, impaction, implementer, implementor, inductor, initializer, intercellular, irrevocability, licensor, lifecycle, manticore, massless, measurer, meerkats, micropayments, mischaracterization, misclassification, misclassified, mistyped, mosquitos, partygoers, passthrough, per se, phosphine, plough, pre-programmed, preprogrammed, programmability, prosecutable, recertification, responder, retransmission, rotator, seatbelt, sensationalistic, shapeshifting, solvability, spectrogram, splitter, subparagraphs, subtractive, surveil, survivorship, synchronizer, tradeoffs, transactional, trichotomy, tunable, underspecified, untraceably, untyped, verifiability, verifier, webmail.
The only time I've used anything but firefox for the last. Well probably since netscape honestly? I am so old. Is to get the in flight entertainment to work on american, but firefox has worked for that for a few years now. People say chrome is faster and in the early 2000s I might have agreed, but now I really don't understand why anyone not on a mac or iphone isn't using Firefox. It is great.
Orion browser using Firefox plugins I have found to work quite well on iOS
I recently discovered that my jetkvm won't work on chrome, firefox or safari in macos, even after trying various workarounds to enable webrtc. The fix was to boot up Fedora in parallels and use Firefox there. In fact I'm thinking about shifting all my browsing to that combination just for further isolation.
Can you still get real Firefox on mac? I thought they forced chromium on there now too? The only time I got MacBook I put linux on it within a few months.
They just don’t know. If you show them internet without ads they are amazed that something like that is possible.
I still find some pages don't work 100% correctly in Firefox. But not nearly enough to keep me from using it on my personal machines. (My employer doesn't allow any browser except Chrome and Edge). For me, the most important feature of a browser is the web experience. I guess it should be security but I try to be careful about what I do online, regardless of what browser I'm using.
Many years ago I used to run the Firefox NoScript extension exclusively. For sites that I trusted and visited frequently I would add their domains to an exceptions list. For sites that I wasn't sure about I would load it with all scripts disabled and then selectively kept allowing scripts until the site was functional, starting with the scripts hosted on the same domain as the site I wanted to see/use.
Eventually I got too lazy to keep doing that but outside of the painstaking overhead it was by far the best web experience I ever had. I started getting pretty good at recognizing what scripts I needed to enable to get the site to load/work. Plus, uBlock Origin and annoyances filters got so good I didn't stress about the web so much any more.
But all this got me thinking, why not have the browser block all scripts by default, then have an AI agent selectively enable scripts until I get the functionality I need? I can even give feedback to the agent so it can improve over time. This would essentially be automating what I was dong myself years ago. Why wouldn't this work? Do I not understand AI? Or web technology? Or are people already doing this?
> I still find some pages don't work 100% correctly in Firefox.
Sometimes this is simply because the site preemptively throws an error on detecting Firefox because they don't want to QA another browser with a smaller market share. Usually those sites work fine if you just change the user agent Firefox reports to look like Chrome (there are add-ons for that). Personally, I haven't had to resort to a non-Firefox browser or user agent spoof even once in well over a year now.
https://hn.algolia.com/?dateRange=all&page=0&prefix=true&que...
I definitely run into pages broken in firefox desktop or especially firefox mobile. Extra especially on proofs of concept advertised here on HN.
Yes, it is a thing. I open ms edge every time i want to view logs in our spring boot admin. Same one for one of the jira ticket workflows. Might find the time to look into it someday...
It's rare. But it does happen. Razer had this problem until recently. Looks like they fixed it because I just checked and it seems fine now.
Sometimes devs rely on Chrome specific quirks, or are shipping broken apps that Chrome manages to make the correct guesses for it to be functional.
Many see 'it works on Chrome and mobile Safari' as 'it works' and they can get project signoff / ship / get paid / whatever and don't care about other users
The company that has the application may not know until a few users complain (if they complain) and by that point it could be too late due to the contract, or they may not understand what a different browser is or care either.
That's nice for you, but the monopoly is still there. In fact, you've strengthened Google's side in antitrust proceedings where they pretend they are not a monopoly because a small number of people use Firefox.
Google is already doing what the hell they want on the vast majority of people's computers. (As are Apple and Microsoft)
Sure, go ahead and install Firefox, LineageOS, etc. (I did so too and am a happy user of both). But I'm just saying that this is not fighting the monopoly in any way, it's just retreating into a bubble where we can ignore it for a while.
I have no answers as to what to do instead, but I think acknowledging that a strategy has failed would be a useful first step.
Yeah I'm surprised Google isn't imposing the same policies on Firefox. They ought to have considerable influence on Mozilla.
Multi-account containers are brilliant. I recommend the following extensions:
You really shouldn't double up on ad/tracking blockers. That can cause problems for the predefined filters. Go with one or the other. I prefer uBlock Origin personally.
I recommend uBlock Origin, Multi-Account Containers, NoScript Security Suite, CanvasBlocker, and Decentraleyes.
I also love Multi-Account containers, but the UI is a bit of a mess. I get annoyed each time I have to futz with it.
I'd also recommend Consent-O-Matic for auto-clicking through most GDPR cookie notices ;)
If you choose Firefox, you can take advantage of the security vetting extensions must go through to become one of their recommended extensions.
https://support.mozilla.org/en-US/kb/recommended-extensions-...
Ditto - I’m on Zen browser a FF fork, it’s a clone of Arc and quite love it. No way I’m going back to chrome or any chromium browsers.
How do multi-account containers differ from Chrome profiles? I hadn't paid much attention to Firefox outside of Linux installs as I mainly use Safari with Chrome as a backup, but I'm interested to try again.
First, they are color coded / icon specific tabs, not full windows like chrome. I have used it a lot in the past when I'm doing sso testing at work, or logging into 5 or 6 different AWS accounts at the same time. It's really nice to jump from the green tab (Dev) to the red tab (prod) to check some settings or logs. They feel a lot lighter then full on chrome profiles. You can also tie each to specific proxy profiles, so in my last setup we used ssh tunnels to access different environments, so each container connected to different ssh tunnels.
The main thing holding me back is lack of pwa support, since there are a few apps that i need to use that only exist as progressive web apps on Linux. And using another browser for pwa has shown to be a bit cumbersome.
I know pwa is coming back to Firefox soon-ish.
Firefox on Windows has PWA support at least
Some of us never left !
[flagged]
The Mozilla foundation is overtly political. The fact that they also support a browser is secondary.
I'll bite - if you dont use Firefox because of "questionable ethics", then I am quite surprised you decided to use Brave, considering their controversies. Also Brave is still based on Chrome's engine, and I dont think they'll be able to maintain their fork long-term, so if the reason to switch was to break the Chrome monopoly, then I'm not sure this switch really counts.
Brave = Chrome
I'm sure Eich has political opinions, but he doesn't use the Brave blog to push them and he doesn't impose them on his contractors or customers in the way Mozilla does.
[dead]
I don't know, I switched to Safari and it was painful for like two hours and then I stopped thinking about it. The only thing I somewhat miss is the built-in page translate, but I don't need it often enough to be bothered much.
I find switching from chrome to safari essentially doing nothing. If you switched to a non-big-company owned browser, it would make sense but Apple has plenty of lock in which is as bad as chrome lock in.
Orion is the only viable option on iOS IMO. The fact that, to this day, Safari has no way to block ads on iOS means it's just awful. Before Orion, I avoided using my web browser like the plague, because the experience was just bad.
Now I'm on Android, and Ironfox is pretty good and Firefox is also available. The browser story on Android is leaps and bounds ahead of iOS.
I don't use any Apple product, so no Orion for me
This is not accurate. Safari had webRequestBlocking functionality from 2010 to 2019 and indeed a version of uBlock Origin for Safari. What is true is that Safari was the first browser to ditch webRequestBlocking, replaced by its Apple-specific static rule content blocker API.
Otherwise, though, Safari still supports MV2. Everyone seems to think webRequestBlocking is the only relevant change in MV3, but it's not. Equally important IMO is arbitrary JavaScript injection into web pages, which MV2 allows but MV3 does not.
MV3 is so locked down that you can't even use String.replace() with a constructed JavaScript function. It's really a nightmare.
Google's excuse is that all JavaScript needs to be statically declared in the extension so that the Chrome Web Store can review it. But then the Chrome Web Store allows a bunch of malware to be published anyway!
I don't think in this case your argument is as clear cut and the use cases that people have today arent solved by the choices out there.
George Carlin: "You don't need a formal conspiracy when interests converge. These people went to the same universities, they're on the same boards of directors, they're in the same country clubs, they have like interests, they don't need to call a meeting, they know what's good for them and they're getting it."
The interests of APPLE (who makes money on hardware, and credit card processing) don't align with the interests of Google (who makes money on ad's). I am all for open source, I'm all for alternatives. But honestly if you own an iPhone and a Mac then safari makes a lot of sense. I happen to use safari and Firefox on Mac and am happy to bounce back and forth.
I also keep an eye on ladybird, but it isnt ready for prime time.
And I'm still going to have a chrome install for easy flashing of devices.
> Apple isn’t selling my data
Sorry to break it to you, but yes, they are.
https://ads.apple.com/
No company sells your data. They sell access to you based on the data they have about you. Apple is no different
The lock in is a downside.
switching to safari because chrome disabled the good adblockers is completely counter-productive. safari has never supported the good adblockers.
Safari has had built-in page translate for years now. It’ll detect different languages and show a translate option in the site tools menu. Works well.
I'm aware of this, but in my experience it's pretty bad. It doesn't even cover all European languages, never mind the rest of the world. For the languages it does support, it's always a lottery whether it works with that specific site or not. I've tried using it a few times, but it's not even remotely close to what Chrome does.
It definitely is, buy I think the silent majority just don't care all that much. Is that what you're referring to?
It happened before, multiple times.
Ditching Chromium for Firefox isn’t much better since Firefox sells user data.
Next would be Safari.
Firefox only shares anonymized data with partners. Is there evidence OHTTP can be deanonymized?
Hit then where it hurts would be political action, not individuals switching to Firefox, that does nothing.
like most solutions to complex societal/economic issues:
it’s almost certainly going to take both of your ideas, more diversity in the browser space and political actions. and then other actions as well.
the collective We have fallen into a trap where we consistently talk down other important ideas because we think ours is important too (and it is.) i definitely catch myself doing this far too often.
i just hope We can get back to a place where We recognize that different ideas from our own are also important and will need to be used in our effort to solve some of our issues. because so many of these cracks we’re facing will require many many many levers being pushed and pulled, not one magic silver bullet.
In a democracy it’s actually the other way around, over time at least. Politicians follow votes.
> Politicians follow votes.
we have enough data to show that this is not the case, in general.
Perhaps a better way to phrase it is to simply say that politicians are elected, and are nothing without votes.
A politician isn’t even a practicing politician without votes. Democracy is ultimately driven by citizens. Of course politicians will do their best to influence public opinion (it’s their job) but are ultimately in service to it though elections.
It’s why what people think (and vote) matters in a democracy.
And back to the point, why voting with your feet (switching to Firefox) actually means something.
A lot of people seem to believe that switching to a de-Googled Chromium-based browser isn't good enough. I think that's a psyop promoted by Google themselves. Firefox is different enough from Chrome that it's a big jump for people who are used to Chrome. Brave, custom Chromium builds, Vivaldi, etc. are all very similar to Google Chrome, they just don't have Google spy features.
The argument that "Google still controls Chromium so it's not good enough" is exactly the kind of FUD I'd expect to back up this kind of psyop, too.
> Firefox is different enough from Chrome that it's a big jump for people who are used to Chrome
I find this notion completely baffling. I use Chrome, Firefox and Safari more or less daily cause I test in all 3, and other than Safari feeling clunkier and in general less power-user friendly, I can barely tell the difference between the 3, especially between chrome and FF (well, other than uBlock working better in FF anyways).
I agree, there's little to no friction in switching to Firefox and I have never, not even once, noticed a difference with websites. The same is not true for Safari.
I'm sure they exist, I've just never seen them. I use banking and websites like Netflix, too. And, if I had to wager, you could bypass a lot of this "doesn't work on Firefox" by just changing your user agent.
I think it's a case of yes, it does work, but web developers don't think so, so they implement checks just for kicks.
There are definitely sites which block firefox, even though they work fine in firefox. Most of the time, the block can be bypassed with simple user-agent spoofing.
What part of the Verizon website doesn’t work on Firefox? I am curious if it’s actually the browser or its the aggressive privacy options.
> a well known kindergarden
I am baffled by the choice to include this laughably obscure example alongside a major telecom. Surely there are better options less likely to be the fault of a random lazy web developer.
Youtube, for example seems deliberately hampered on non-chrome browsers.
Google has a history of sabatoging Youtube on Firefox. See for example https://www.tomshardware.com/news/youtube-responds-to-delaye....
It isn't unique to youtube either. Gmail offline mode only works on chrome, even though other browsers have the necessary APIs. And menu copy and paste in google docs uses a special chrome-only extension that google pre-installs in chrome, instead of the clipboard API that works in other browsers as well.
Firefox has multiple, user-affecting, memory leaks related to Youtube (unconfirmed if just youtube), going back at least 7 years. Tab scrollbar as no option to be disabled, so I had to write CSS to get tabs into a form close to what I would like similar to chrome. Tab mute icon has no (working) option to disable the click event, so I had to write CSS to remove it.
I made some other changes, but I forget what. At least FF still has the full uBlock Origin.
I can confirm the youtube issue. No idea if it might be some edge case with my distro or hardware. Forcing a GC collection helps but input events to the entire browser still feel laggy until I restart it. It's been going on for years now.
It occurs to me that it could be a pathological edge case triggered by ublock and youtube interacting. I'm not going to disable it to find out.
Bro you probably have a monster mac pro with 256gb unified ram. I'm typing this on a N100 minipc. We're not the same. I just tried to switch to firefox (with 3 tabs including HN and youtube) and my load topped out at 2.5. I'm back to chrome now with the same tabs (and a couple more) and it's hovering at 1.
Firefox now has vertical tabs built in. Not as feature filled of course though tab groups and vertical tabs together replaces all the functionality I needed from Tree Style Tabs.
"memory leaks related to Youtube"
News to me.
If this is even true, in the end it's still "so what?" Meaning, the alternative is even worse so, let's say granted there is this problem. Where is the better alternative that does not have this problem? Chrome doesn't have other equivalent or worse memory problems? Even if not leaking, it simply uses so much it's the same end result.
I've never consciously noticed a problem with youtube so if there is a problem, it's not one that necessarily matters.
Me too. On mac, FF and chrome basically look and feel identical. Only devtools are quite different.
The stuff INSIDE the viewport is pretty much the same across them all, but on the daily it makes a big difference how your other services integrate with the browser. Someone who is all-in with iCloud, macOS, iOS etc might find it annoying to use Firefox without their personal info like password and credit cards and bookmarks. And the same would be true I guess for Google fans switching to Safari and not having those things.
I once made a comment along these lines (de-Googled Chromium-based browser isn't good enough, as it supports the browser monoculture and inevitably makes Chrome as a browser better) and got a reply from from Brendan Eichner himself.
His point was that there isn't enough time to again develop Firefox (or ladybird) as a competitive browser capable of breaking the Chrome "monopoly". I don't know if I really agree.
Evidently, Google feels like the time is right to make these kinds of aggressive moves, limiting the effectiveness of ad blockers.
The internet without ad blockers is a hot steaming mess. Limiting the effectiveness of ad blockers makes people associate your browser (Chrome in this case) with this hot steaming mess. It is difficult to dissociate the Chrome software from the websites rendered in Chrome by a technical lay person. So Chrome will be viewed as a hot steaming mess.
I guess we will soon see if people will stay on Chrome or accept the small initial pain and take the leap to a different browser with proper support for ad blockers. In any case the time is now for a aggressive marketing campaign on the side of mozilla etc.
I am in no way affiliated with Google. So if you still think this is a PsyOp, please consider Hanlon's Razor:
> Never attribute to malice that which is adequately explained by stupidity.
Although, please also consider that Hanlon's Razor itself was coined by a Robert J. Hanlon, who suspiciously shares a name with a CIA operative also from Pennsylvania. It is not unimaginable that Hanlon's Razor it in itself a PsyOp. ;)
Though his brave is a relatively small company, they have enough resources to have developed, and continue maintaining their own low-level ad blocker, which IME has been just as effective as uBO, but is supposedly more efficient (since it's written in the R-word language and compiled into native code integrating deeply inside the browser):
I can't imagine what hoops Google would have to jump through to block third parties from integrating their own ad blockers. You don't need MV2 for that AFAIK.
https://github.com/brave/adblock-rust
I also installed Brave on my partner's iPhone and I agree there are no big qualitative differences in the blocking.
Probably for Google the easiest way to keep 3rd-parties from integrating native ad blockers is through licensing agreements for new code/modules in chromium. At this point there will be a fork of chromium, taking the latest non-adblockerblocker-licensed version and the two versions will start to diverge with time.
My point however was not that Google might one day block 3rd-parties from integrating ad-blockers in their own chromium variant. My point was that building on the chromium-base will improve the chromium-base, which will improve Chrome and additionally allow them to claim they haven't monopolized the browser market.
Genuine incompatible-by-time forks of chromium are not in Google's interest and thus Google needs to balance their competing interests of maximizing ad revenue, but also keeping Chrome a high-quality product and not being seen as a browser monopolist.
Isn't that the exact argument behind the Serenity project? I legitimately feel there is a grave issue with the internet if one wallet controls all of the actual development of our browsers. Control over virtually all media consumption mustn't be in the hands of a corporation.
> I legitimately feel there is a grave issue with the internet if one wallet controls all of the actual development of our browsers.
Aside from Ladybird and Servo, it mostly is one wallet. Chrome and Firefox are both funded by Google, and Apple also receives significant funding from Google for being the default search engine in Safari.
Btw, some informal estimates at team sizes (full-time employees) of the various browsers (by people who have worked on them / are otherwise familiar):
Chrome: 1300
Firefox: 500
Safari: 100-150
Ladybird/Servo: 7-8 (each)
Which gives you an idea of why Chrome has been so hard to compete with.
The argument just doesn't hold water, though. That's like saying Y Combinator shouldn't be the only company paying for our tech forum. It's perfectly fine unless Y Combinator decides to ruin HN it somehow. And, if they did, wouldn't people just switch to one of the many HN clones overnight? That's what's known as FUD - "Fear, Uncertainty, and Doubt". FUD is often spread about the present, but it's often just as useful to spread it about the future. "Don't use product X, the company that owns it could make it unusable someday". Part of me thinks Google keeps threatening to disable adblocking (but never actually does it) as part of a grand strategy. But part of me thinks it's just a coincidence that Google isn't capable of pulling off such a tricky psychological operation.
Somewhat related - is Microsoft Edge a set of patches on top of the latest Chromium release or is Microsoft running a hard fork from a X years old version?
Users were supposedly massively exiting Reddit when that cesspool imploded, but if you find one of those threads through any search engine and click around on usernames who were leaving their "last messages ever, fuck reddit, I'm out", I'd estimate about 95% of them never left.
Do it if you have 10 minutes to waste, it's easy to check and changes your opinion about how much people are willing to endure to avoid actually doing anything.
Has any chromium based browser committed to continue supporting MV2 or building an alternative API for ad-blockers to intercept web requests in MV3 even after the code for MV2 is removed from upstream chromium?
If not, then no, switching to another chromium based browser is not enough.
And fwiw my experience trying Brave was that the user experience was actually more different from chrome than Firefox.
> Google still controls Chromium so it's not good enough" is exactly the kind of FUD
Ok, so which of the forks plan to support MV2?
[dead]
> Hit them where it hurts and take away their monopoly over the future direction of the web.
Because that has worked so well so far...
Also if you don’t like advertising then hit the back button on advertising heavy sites.
“Sorry, we don’t support any browsers other than Chrome”
I agree exploiting a bug isn’t a sustainable solution. But it’s also unrealistic to think switching is viable.
Keep chrome installed and fall back iff forced to. That way the majority of usage statistics show up as other browsers so when developers are making guesses at which browser to support, those statistics will push them away from chrome.
Additionally: you would be surprised how infrequently you have to switch to chrome
Can't remember the last time I actually had to open a website on chrome for compatibility reasons. Is that still a thing?
The F1TV site didn't work on Firefox earlier this year but send to be fixed now, other than that I haven't had any issues.
I only have to switch to chrome for e-transfers. Everything else seems to work
Btw, the 'website requires chrome browser' problem is often solved if you just make Firefox user agent say it is Chrome.
The problem is this needs to be a standard Firefox feature.
There's one site I have to switch to Firefox for. And it's a big one that handles a lot of money, so that's kind of surprising. Can't log into their site in chrome, no matter how hard I try. Nor edge.
Find who is responsible for such sites and send them strongly-worded emails. If it's a commerce site, tell them they just lost a potential customer. In my experience it's usually the trendchasing web developers who have drunk the Goog-Aid and are trying to convince the others in the organisation to use "modern" (read: controlled by Google) features and waste time implementing these changes --- instead of the "deprecated" feature that's been there for decades and will work in just about any browser, and the management is usually more driven by $$$ so anything that affects the bottom line is going to get their attention. I've even offered to "fix" their site for free to make it more accessible.
By that logic attempting to change anything at all is not viable; e pur si muove.
For me “switching” is to start using something else rather than Firefox, so switching from Chrome is viable.
"This site requires Internet Explorer 6 to work"
Most sites let you ignore that, but just keep like Ungoogled Chromium around as a backup
>the only correct course of action is to ditch Chrome
History shows mere boycotts to always be abysmal failures one after another. The only few examples of ostensible outcomes were critically meaningless and necessitate zero-friction alternatives, like when bud light was encouraged to spend a bit of its marketing budget differently — wow, really showed them!!
There's no detour for politics.
>like when bud light was encouraged to spend a bit of its marketing budget differently
But that was the whole point. They were marketing to children. They still haven't recovered from that backlash. Anheuser-Busch took a pretty damning financial hit and it sent a message to all the other companies not to pull this kind of stunt because it's bad for business. Changing their behavior was the entire point.
> History shows mere boycotts to always be abysmal failures one after another
The South African apartheid regime was brought down by boycotts.
The Israeli genocide regime will suffer the same fate if there is any justice left in the world.
Boycotts are very powerful. Users boycotting ads is dismantling the surveillance web.
It wasn't just boycotts, however and unfortunately. The South African army was defeated militarily by FAPLA-Cuba. There's a reason why Nelson Mandela's first visit as chief of state was to thank Fidel Castro in person.
South Africa didn’t have the U.S. Government and its allies actively propping it up, and punishing anyone who tried to boycott it.
[dead]