
Google Begins Testing Extension Manifest V3 in Chrome Canary - rahuldottech
https://www.bleepingcomputer.com/news/software/google-begins-testing-extension-manifest-v3-in-chrome-canary/
======
pen2l
This is not as terrifying to me as the other news brought to my attention by a
post in today's Reddit's r/YSK, that if you use Adblock, your gmail can be
closed.

In the new TOS of Youtube [1], it states that if your account is not deemed
commercially viable, your Google account (i.e. your Gmail, your Google Photos,
your Google Drive, etc.) can be closed down:

    
    
        YouTube may terminate your access, or your Google 
        account’s access to all or part of the Service if YouTube
        believes, in its sole discretion, that provision of the 
        Service to you is no longer commercially viable. 
    
    

Makes sense they would make this decision, as Youtube is a big money-loser for
Google and they want to do something about this. Still, this is more of a
wake-up call to me than anything else that I need to get off Google.

[1]:
[https://www.youtube.com/t/terms?preview=20191210#main&](https://www.youtube.com/t/terms?preview=20191210#main&)

~~~
haberman
I find that very worryingly vague. In my reading though, that only applies to
YouTube itself ("the Service"). It seems to be saying that your Google account
can lose access to YouTube, not that you can lose access to your Google
account.

~~~
falcolas
It's recently been proven that the two are one in the same (look up the
"Markplier YouTube Ban").

~~~
mcv
Wow. That is some heavy-handed, misguided "justice" there. Banning people's
Google (including GMail) accounts, even rejecting appeals, only for using
emotes the way it was requested and encouraged by the streamer they were
commenting on.

The thing that was apparently against unspoken Youtube policy here was this
kind of interactive, emote-driven streaming. But I get the impression
Markiplier didn't get banned, only their fans.

It's bizarre and alarming.

------
BurnGpuBurn
The biggest advertising company in history tries to kill blocking
advertisements in their browser? How am I not surprised.

I bet this move is also to kill the workings of extensions like DecentralEyes
and others that try to protect users from being tracked. The whole changing of
the API into a "sure we'll block that URL for ya, sometimes maybe" model reeks
of increasing user tracking. They'll work out the kinks to let AdBlockers
function again. But they'll have their tracking back.

~~~
vbezhenar
They are not trying to kill advertisements. They want to replace API to
provide better performance. That's about it. ad blocking extensions won't
disappear. May be some will, and new extensions emerge.

~~~
blep-arsh
Incidentally these new declarative rulesets are useless against some very
simple tricks. I know people who are working full time on defeating ad
blockers and the new Manifest v3 seems to have made their lives so much
easier.

~~~
blibble
this change is intended to move control over the blocking process from the
extension author to Google

once they're in total control of how the blockers can operate: I doubt they'll
be responsive to what the developers of the blocking extensions want...

------
mcv
I'm in the process of switching as much as possible to Firefox. I now use
Firefox Mobile on my smartphone, and my new laptop doesn't even get Chrome.
And in many ways, it's been a breath of fresh air. Firefox gives my much more
control over my privacy, and even recommends some extensions to improve it
further. A couple of websites are sadly broken on my Firefox setup, but I can
live without them.

I want to get back to the content-driven web rather than this ad-driven web we
have now. I want to read what people want to share, not what people think will
get them ad clicks.

~~~
fastball
Why not something like Brave which has the performance of Chromium (still
better than Firefox imo) because it's a fork but probably won't make similar
business decisions to Google?

~~~
apocalyptic0n3
Isn't Google introducing this change upstream in Chromium? This means that it
will affect downstream browsers, including Chrome, Edge, Brave, Vivaldi,
Opera, and a number of others[1]. The only way they will keep the old
functionality is if they fork it and maintain it themselves going forward,
which could potentially be made more difficult by further upstream changes
made by Google. A few have vowed to do so[2], but Google has too much power
controlling the upstream to guarantee they can continue it long-term.

Google has a stranglehold on the entire browser market through Chromium right
now. Switching to non-Chromium-based browsers is a must.

1:
[https://en.wikipedia.org/wiki/Chromium_(web_browser)#Browser...](https://en.wikipedia.org/wiki/Chromium_\(web_browser\)#Browsers_based_on_Chromium)
2: [https://www.zdnet.com/article/opera-brave-vivaldi-to-
ignore-...](https://www.zdnet.com/article/opera-brave-vivaldi-to-ignore-
chromes-anti-ad-blocker-changes-despite-shared-codebase/)

~~~
fastball
All Chromium "based" browsers are forks already -- how is this any different?

~~~
nvrspyx
They’re less so forks than re-builds. They rely heavily on upstream and Google
can certainly make it more difficult for them to maintain a “fork” that
diverges too much from Chromium proper. Manifest V3 may be something they can
easily keep out of their builds while maintaining the old method, but I’m no
expert so I won’t comment on that.

A fork implies maintaining most or all of the code base themselves, when in
reality, most Chromium derivatives simply change the “front-end” or the UI
while keeping everything else upstream, except for a few tweaks here and
there. To maintain an entire fork themselves would be a massive undertaking,
especially since Google now has a practical stronghold on the development of
the open web. “Forks” would have to ensure they work with the standards (and
non-standards) that are being pushed by Chromium and there’s no easy way to do
that besides using Chromium and “re-building” it with their broswer’s specific
features and UI. Google could make Manifest V3 harder to exclude from those
re-builds.

It’s this very reason that Microsoft moved to Chromium as they could not keep
up with the changes Chromium were pushing to the open web. They have also made
it very clear that they’re not “forking” Chromium for the new Edge, but rather
using it as their “back-end” so they can focus on their “front-end” while
contributing back upstream to improve the back-end. Too much of a divergence
would land them back to square one with the issues they had keeping up with
old Edge.

If a company the size of Microsoft are unable to maintain a “fork” of
Chromium, it doesn’t leave much hope for the smaller companies like Brave,
Vivaldi, Opera, etc. However, that does not mean that they are unable to
exclude the Manifest V3 from their builds, just that they’re still beholden to
the changes made to Chromium to some degree.

~~~
JohnFen
> If a company the size of Microsoft are unable to maintain a “fork” of
> Chromium

Microsoft is entirely able to maintain a fork of Chromium, or even their own
proprietary browser.

What Microsoft has done is a cost/benefit calculation and decided that the
benefit for maintaining their own stuff is not sufficient to justify the
costs.

The thing about those types of analyses is that they are very company-
dependent. That the C/B ratio is not good enough for Microsoft doesn't imply
that it can't be good enough for other companies.

~~~
nvrspyx
That was a poor choice of words on my part. Rather I meant, they themselves
stated it was not feasible for them to keep up using EdgeHTML and they could
not. The same may be true if they were to completely fork Chromium and
maintain their own version (ala Blink from WebKit) while keeping up with the
changes made by Chromium that in turn propagate to the entire open web due to
its dominance. It’s the reason they moved to Chromium and contribute back
upstream rather than “fork” it.

------
johnpowell
Back in the IE 6 days I was in charge of fixing my families computers, and my
family's friends computers. I was dealing with a few things a week, some
requiring a full re-install. This was back in the early 2000's. Eventually I
snapped and started charging hourly unless people switched to Gmail and
Firefox. I started getting a lot less calls since Gmail was pretty good about
filtering out malicious attachments and IE was, IE. I probably got around 40
households to switch to Firefox. The people that refused to switch financed a
lot of my undergrad, I charged 100 a hour. I don't like fixing computers and
the goal was to make things as painful as possible for them so they would stop
using IE.

Using a ad-blocker in Firefox was the #1 thing I suggested for safe computing.
And don't open unexpected email attachments. This killed 95% of peoples
computer woes.

So good job Google, you did it, from here on out whenever I see Chrome on
families computers I will strong-arm them into switching to Firefox. I did it
in 2005 and was wildly successful. I can do it again. And I think my Christmas
gifts this year will be domain names and three year subscriptions to Fastmail
for my immediate family.

~~~
9dl
I did it like this

Install FF

Set it as default

Change path on desktop shortcut for "Internet" to FF

And ofc do not forget to say that is new IE version

~~~
ifdefdebug
> And ofc do not forget to say that is new IE version

That's just plain dumb. Explain to your users what you are doing. You seem to
think they are stupid, well they are not.

~~~
frabert
Oh no, he doesn't think they are stupid, just that they don't know the
difference between browsers. If my mechanic mounted a new transmission or
something that wasn't the same brand as the one mounted before, and told me
"it's the new version", I couldn't care less as long as it worked as intended.
I don't know anything about transmissions, so from my point of view I have no
way of knowing if what he's telling me is the truth or not, I just trust him
to make my car work again.

~~~
ifdefdebug
If my mechanic mounted a new transmission from another brand without telling
me beforehand that he intended to do so, and I found out later, then I would
immediately lose all trust in such a mechanic.

~~~
tristor
Same here, and I understand cars. This is repair fraud, actually, and a
criminal offense in the US. If I paid for and was told I would receive an OEM
part and instead I got some aftermarket part off RockAuto, I'd be beyond
pissed off and I'd get my recompense somehow.

I understand the grandparent point, but their analogy is terrible. When you
are paying for a specific brand of item and you get an alternative brand
without being informed and giving consent, that is fraud. It is a crime, and
it is effectively stealing from you the difference in price/value/cost of the
two items, since you're paying for the other brand.

~~~
frabert
Never did I mention I had specified a model/brand. I just went to the mechanic
and asked him "fix my transmission". Whatever the way he does it, if it works
it's good to me.

------
me_me_me
Meanwhile me laughing in Firefox.

I hope no one here is surprised by this G was more and more anti ad-blocking
for years now.

This is only natural conclusion after u are a de-facto browser monopoly.

~~~
AsusFan
You won't be laughing for long, I believe.

See this FAQ:

[https://blog.mozilla.org/addons/2019/09/03/mozillas-
manifest...](https://blog.mozilla.org/addons/2019/09/03/mozillas-
manifest-v3-faq/)

Note how they say: "We have no immediate plans to remove blocking webRequest
and are working with add-on developers to gain a better understanding of how
they use the APIs in question to help determine how to best support them."

"No immediate plans" is weasel-speak, as is "[we] are working with add-on
developers".

If Mozilla was dead sure that they weren't going ahead with it, they would say
so, unequivocally. And I remind you that Mozilla "worked with add-on
developers" when they unilaterally decided to drop XUL and go ahead with web
extensions, while failing to include support for APIs that developers said
they needed to support functionality that their add-ons provided.

IMHO, adoption of manifest v3 is not a matter of "if" but rather "when".

~~~
dessant
Mozilla is free to implement Manifest v3, while preserving the webRequest API
in its current state. Maintaining the blocking abilities of the webRequest API
would not introduce any incompatibilities with Chrome extensions, because they
simply would not use that part of the API.

~~~
zamadatix
I think the concern is they might also be "free" to find alternative sources
of funding if that were the case not whether or not it's technically feasible
to support an API that exists today.

~~~
dessant
Of course, I'm mainly pointing out that if Mozilla retorts to use
compatibility as a reason for deprecating parts of the webRequest API, they'll
most likely be dishonest.

------
nsomaru
First we started telling everyone about Firefox Then we told them about Chrome
Now we tell them about Firefox again

Google has officially reached 90s MS levels

~~~
eitland
I've been adding #chromeIsTheNewIE to related posts for a while. As someone
who worked at the end of IEs dominance that feels spot on:

\- lots of developers not caring at all

\- businesses being businesses caring that we don't spend time on it

\- ordinary people not caring even when the alternative is in another league

We got some work ahead. Hopefully Mozilla won't mess up too much during the
next few months/years and then we might pull it off again.

And feel free to reuse the hashtag above : )

------
moomin
This is the point in the dominance cycle where the dominant player decides
they no longer need to be the fastest or the most secure and that their
dominance will allow them to coast along doing their thing.

There’s nothing particularly inevitable about what happens next, but let’s
hope they get an IE6-sized kick in the teeth.

~~~
rusk
has anyone else noticed a marked decline in the quality of Google search
results over the last 12 months? I swear, around about 2011 I thought Google
was going to become self aware but it's declined from that high-point to a
point where duckduckgo has become a viable alternative for more than just
reasons of privacy. Which is a great thing!

Turns out "Don't be Evil" was more than just a feel-good marketing slogan. It
may have actually been good for business as well.

Bye bye Google. It really has been great!

~~~
geitir
I don't know about overall quality of search, but did stack overflow do
something to fall out of Google's good graces? I swear unless I specifically
include stack overflow in my search query it's either near the bottom or not
include at all. Instead it's a whole bunch of articles from independent
websites. This is for questions I know fit the bill for stack overflow too.
It's almost like Google is artificial lowering their ranking to decentralize
the source of knowledge. That or stack overflow lost 70% of readership in 4
months

~~~
DaiPlusPlus
No repro here.

Google knows I land on StackOverflow results so often that SO results appear
near the top, if not the #1 result, for terms that often have nothing to do
with programming or computers. I was recently looking for an online thesaurus
service and Google showed me an SO post about building linguistic/semantic
search algorithms. Hmmm.

------
jruz
Classic cat and mouse moves. Adblockers will move to OS level so google cant
do anything about it. Pi-hole and Network level blockers should also see a
rise.

~~~
mantap
Pi-hole can't filter out ads that are embedded into the page though. I think
adblockers have to be a browser extension to work conprehensively.

~~~
adrianN
Pi-hole can switch from magicking the DNS to being a proxy that rewrites HTML.

~~~
koolba
TLS makes that tricky as you need a MITM proxy.

~~~
TeMPOraL
And cert pinning in the browsers blows this out of the water, which is why I'm
of two minds about it as a security feature. It seems that a lot of security
these days is really about removing people's control over their own devices.

~~~
iwalton3
Certificate Key Pinning is in the process of being removed from browsers.
[https://developers.google.com/web/updates/2018/04/chrome-67-...](https://developers.google.com/web/updates/2018/04/chrome-67-deps-
rems#deprecate_http-based_public_key_pinning)

------
JulianMorrison
They are being very stupid. Switching primary browser isn't trivial, but it's
easier than wading through an ad-laden web. Goodbye Chrome, hello Firefox.

~~~
NieDzejkob
You're not their target. It's the less technical people they have in mind
here.

~~~
TeMPOraL
Fortunately, a lot of less technical people have technical people in their
immediate families and circles of friends.

~~~
breakingcups
The big question is, how many of those less technical people switched to
Chrome because of technical friends or family and how many switched because of
Google abusing its monopoly by displaying deceptive ads for their browser on
all web real estate they own?

~~~
JulianMorrison
Ads don't make people switch browser, it's enough of a fuss that only pain
will do that.

------
Ensorceled
Like so many others on this thread, this is my push to go entirely back onto
Firefox. I'll keep Chrome for the diminishing number of sites that don't like
Firefox.

~~~
square_usual
You can use Brave as your Chromium-based browser. It blocks ads natively, and
I've not yet run into a site that required Chrome that didn't work on Brave.

~~~
9dl
Whut? Sites require chrome?

~~~
Ensorceled
For the entire history of the internet, there have been sites that only work
properly with the dominate browser, starting with Netscape and then, famously,
IE6.

I'm always confused when people imply this isn't the case or start demanding
evidence. I'm bemused when they are surprised.

~~~
JohnFen
I intellectually know this to be true, but I have to take it on faith.

I've never been a Chrome user, and I honestly don't remember ever hitting a
website in the last 10 years or so that didn't work for me.

------
chronolitus
Welp, I've been putting this off for a few years, but this is as good as
moment as any to do it. Took me 10 minutes to import all bookmarks, set up
extensions, and customize one or two details but it is done. So long Chrome,
it was good while it lasted!

------
paride5745
Moved back to Firefox this weekend. It feels so much snappier than Chrome. So
far I only miss SuperSorter
([https://chrome.google.com/webstore/detail/supersorter/hjebfg...](https://chrome.google.com/webstore/detail/supersorter/hjebfgojnlefhdgmomncgjglmdckngij?hl=en)).

------
laichzeit0
Is the current fold at Google too young to remember what happened when
Microsoft tried this type of crap with IE6? History truly repeats itself..

~~~
gpderetta
are we in the farce stage already?

------
nottorp
A couple years ago my mac started to not go to sleep... I checked and it was
Chrome saying “webrtc has active peer connections”. No, you can’t disable
webrtc in chrome.

So I’ve been a bit ahead of the crowd and gave up on Chrome long ago.

This ad block scandal made me give up on Safari too though. Firefox seems to
be the only reasonable option left.

~~~
JohnFen
> No, you can’t disable webrtc in chrome.

Is this true? That's a complete showstopper for me.

~~~
nottorp
Was when I checked. Don't know now, haven't used Chrome in a while.

In any case, how do they dare disable my power management for something I
didn't start myself?

------
newscracker
I don’t care about Chrome (having ditched it long ago). On the other hand, I
do care about whatever Chrome implements having an adverse impact on Firefox.

Mozilla has said before that Manifest V3 is up for consideration in Firefox
and that “there are no immediate plans to remove” the existing APIs (mainly
webRequest). [1] If Mozilla makes the power of uBlock Origin untenable on
Firefox [2], that’d be a sad day for me, and I’d probably switch to Brave
(assuming it’s still able to support uBlock Origin, even though it has a
built-in as blocker).

If anyone from Mozilla or the Firefox team is reading this, please lead the
way on these changes in a way that improves security (one of the goals of
Manifest V3) while allowing extensions to remain powerful. Letting Google
dictate the terms or just following Chrome will likely make Firefox worse in
the eyes of power users and those who influence others to use it.

[1]: [https://blog.mozilla.org/addons/2019/09/03/mozillas-
manifest...](https://blog.mozilla.org/addons/2019/09/03/mozillas-
manifest-v3-faq/)

[2]: like it did with the XUL obsolescence (for good reasons) and the removal
of great extensions like Tab Mix Plus and Session Manager (without providing a
way forward for them to work; session saving extensions on Firefox are still
not as good as the mozdev Session Manager was).

~~~
snagglegaggle
Mozilla is full of either cowards or sellouts. When the page visibility API
was added to Firefox for Android and used to automatically pause nonvisible
YouTube pages they ignored user arguments for blocking it.

------
ulfw
And this is prime example number one why something as important as your
Browser shouldn‘t be the free thing you get from an ad company.

------
kmlx
hasn't Apple done the same with Safari?

[https://www.google.co.uk/amp/s/www.zdnet.com/google-
amp/arti...](https://www.google.co.uk/amp/s/www.zdnet.com/google-
amp/article/apple-neutered-ad-blockers-in-safari-but-unlike-chrome-users-
didnt-say-a-thing/)

curiously i haven't noticed any changes on my day to day browsing habits.

~~~
mrtksn
Yep, the hysteria has no substance. I'm using Safari both on mobile and on
desktop and use adblocker even though the evil Apple should have had them
killed.

If Anything, I am nervious of installing any ad-on that can access the web
pages I visit and send god knows what who knows were. It's almost as an
accident waiting to happen. The web is only secure when your browser is
secure.

I like the natively handled content blocking approach much better.

~~~
fwn
I'm not deep in the ecosystem and certainly no expert but I got one of those
small iPads for free and tried using it as a device for browsing the web.

AFAIK there is no way to make Safari execute any cosmetic filters at all. (My
uBlock Origin setup lists ~50k network filters and 150k cosmetic filters)

There are cookie notices, social media buttons, premium newspaper article
headlines, comment sections, fixed elements and content "suggestions"
everywhere. Unusable.

I use css filters in ublock origin to increase the font size of the HN comment
titles because I often miss the collapse or vote links. ...or to block the
food suggestions in Googles shoppinglist that, by appearing as an overlay,
always hide the first list entry to suggest me to buy "hamburger". (I'm not
joking.)

I still do have the device somewhere and I am open for suggestions on how to
get control over the content (or at least remove ads) on an ipad, but I don't
think there is currently any full content-blocking solution for iOS.

Which is a shame because (in my case unbearable software aside) the device
does not appear bad from a hardware perspective.

------
enobrev
I had already switched my mobile browser to Firefox explicitly so I could use
ublock. And now it's time to move to Firefox in the desktop. I appreciate
Google helping with the decision.

~~~
degenerate
And then you'll be able to sync your bookmarks and settings etc.

------
9dl
Well hello my dear Firefox

ms thought that ie will be at the top forever too

------
EsssM7QVMehFPAs
Couldn't some kind of graph compression algorithm preprocess the subscribed
rulesets into what fits 30k rules?

I have no idea about the domain but 30k rules seems more than sufficient to
map from a 150k set of uncompressed wildcard patterns.

~~~
kretor
The 30k rules limit is not final.

> we are currently planning to change the rule limit from maximum of 30k rules
> per extension to a global maximum of 150k rules.

([https://blog.chromium.org/2019/06/web-request-and-
declarativ...](https://blog.chromium.org/2019/06/web-request-and-declarative-
net-request.html))

~~~
GraemeL
I currently have 135k network rules active in uBlock Origin without having all
of their lists active. Your 150k proposal is nowhere near enough.

------
wffurr
What a needlessly hostile title that editorializes and doesn't match the
linked article.

@dang can you change it to match the site? I think this submission violates
the site guidelines on titles. The original title is "Google Begins Testing
Extension Manifest V3 in Chrome Canary" and doesn't include the ad blocker
flame bait.

"Otherwise please use the original title, unless it is misleading or linkbait;
don't editorialize"

~~~
khrbrt
The bit about adblockers provides context on why this article is worth my
attention. I'm not an extension developer, so "Extension Manifest V3 in Chrome
Canary" means nothing to me.

But this:

>The most controversial aspect of the extension manifest v3 is the upcoming
changes to the webRequest API. In v3, Google has changed the API so that
extensions can only monitor browser connections, but not modify any of the
content before it's displayed.

>Instead Google wants developers to use the declarativeNetRequest API, which
has the browser, not the extension, strip content or resources from a visited
web sites. This API, though, has a limit of 30,000 rules that can be created.

>Unfortunately, this change will break popular ad blockers such as uBlock
Origin, which rely on the original functionality of the webRequest API and
need more rules than are available in the declarativeNetRequest API.

Is very worrying. So thanks to the submitter.

~~~
wffurr
It's also completely misleading and perhaps willfully so.

The limit's been raised. The removed API is used by half of all detected
malicious extensions to spy on users. Ad blockers will continue to work fine
with the new API, just like they do on Safari now.

~~~
fwn
> The limit's been raised.

I thought the worrying thing isn't whether it's a 30k or 300k limit but that
Google itself chooses the amount of filters users can apply.

It feels to me that this is just asking for the abuse of power.

I don't think the specific number itself is anyones primary concern.

------
wy35
I didn't use an adblocker until every single site began competing on how much
of my screen can be a billboard telling me that I won't last two minutes
playing their game. If the new changes make it past testing and there's no
strict anti-ad abuse policy put in place, I'm jumping ship.

------
tablethnuser
I'm the one who switched my whole family to Chrome back in the day to get them
off IE. I have no problem doing it again this holiday season. Firefox for
everyone.

No idea what Google is thinking. In one short decade they've become the new
villains of the internet.

------
radEd
This was the nail in the coffin for me, as of last night. Writing this on
Firefox :)

------
pragnesh
time to move to firefox

~~~
moomin
Way ahead of you...

~~~
petepete
I moved earlier this year, it's been a good experience overall. The dev tools,
which were what was holding me back, are _excellent_ and improving all the
time.

Only thing I'd really love to see are container-specific windows, so 'Work'
tabs would open by default in my 'Work' window.

~~~
PorkBoneSoup
Perhaps something along the lines of this? [https://addons.mozilla.org/en-
GB/firefox/addon/multi-account...](https://addons.mozilla.org/en-
GB/firefox/addon/multi-account-containers/)

Full disclosure: I love this extension.

------
bufferoverflow
That's how you make people switch to Firefox, Brave, Opera, etc.

~~~
the8472
The last two are chromium-based and thus will likely follow chrome's extension
system too.

~~~
DiabloD3
Both of them have already said they will not implement these changes in their
Chromium branches.

Unfortunately for Google, Chrome is open source, and Google will no longer be
the dominant Chromium branch if they keep making mistakes like this.

~~~
duiker101
I am afraid that won't be enough
[https://trends.google.com/trends/explore?geo=US&q=%2Fm%2F01z...](https://trends.google.com/trends/explore?geo=US&q=%2Fm%2F01z7gs,%2Fm%2F04j7cyf)

------
fergie
Might encourage more users back over to Firefox, which would make this good
news on balance.

------
firefoxd
On mobile i use brave, and when things break I switch to chrome. I tried
Firefox multiple times, but I can't help but miss the swipe the address bar to
go from tab to tab. I always revert back to chrome. So it's more of a
convenience for me.

But if I had to choose between adblock or swipe to switch tab, then they made
the decision for me. There is no way I can ever browse the web without an
adblocker

~~~
rozab
...But mobile chrome doesn't support extensions anyway?

I use Blokada for adblocking on Android btw, and this change wouldn't affect
that. Works fine.

~~~
square_usual
Brave blocks ads natively, even on mobile. It's a pretty nifty browser for
when you want chromium. Firefox mobile is slower in comparison, but their
extension support is killer tbh.

------
Kipters
I've given up on Chrome a long time ago (using Firefox now), but I think the
best way to block ads for good is to use Pi Hole as DNS. I've set it up a
couple months ago at my home, plus a Wireguard tunnel so that all connections
from my laptop and phones go through that DNS (with the added benefit of
encrypting all my traffic over unsecured networks).

~~~
9dl
DNS blockers are nuclear option

Sometimes they are useful but in most cases you need more flexible solution

~~~
Kipters
Why should it? Most ads are toxic. Even if the site is well-intended and
doesn't put too many of them, the few ads are still going to track you and
disregard your privacy.

~~~
9dl
This is tech limitation

If site has ads served from main domain you can't block them

You can block ads with some static files on subdomains/domains, and this
drastically change content (like how is image sites looks like without
images?)

So, using DNS filtering for big ads providers is OK

For small and smart ads providers will not work

And I mean ads and tracking the same thing. While you can block all kind of
"analytics", at the same time you can't block web-server logs with your IP
(cookies, etc)

~~~
Kipters
That's why I use it in conjunction with Firefox (set to the strictest anti-
tracking level) and uBlock Origin

~~~
9dl
And this is right way to use it

------
iamgopal
They don't realise how easy is to swtich, and ads already started to anoy
almost all. Searching for Subscription model or other model is the key here.
Apple with their lower price iPhone 11 sensed it, and acted to increase their
service revenue while Google yet to have streamlined payment gateway let alone
reliable subscription service product wide.

------
eyegor
Now that they're pushing forward with the artificial limits, I'm looking
forward to moving back to the days when large software was deployed on
floppy/discs. I can see it now: "ublock origin part 1", "ublock origin part
2", ...

------
mda
Does it really kill adblockers though?

~~~
reagent_finder
In current form, yes. The article pretty clearly states:

>Instead Google wants developers to use the declarativeNetRequest API, which
has the browser, not the extension, strip content or resources from a visited
web sites. This API, though, has a limit of 30,000 rules that can be created.

>Unfortunately, this change will break popular ad blockers such as uBlock
Origin, which rely on the original functionality of the webRequest API and
need more rules than are available in the declarativeNetRequest API.

Looking at an old picture of ublock origin block lists:
[https://www.bleepstatic.com/images/news/u/1100723/uBlockOrig...](https://www.bleepstatic.com/images/news/u/1100723/uBlockOrigin-
content-blocker.png) we can see 150,000 rules. The whole point of a rules list
(easylist/easyprivacy) is that they're easy to maintain, since it should be a
surprise to no one that adding new ad domains is trivially trivial. EasyList
alone is 30,000 rules and it alone is woefully insufficient for a modern-day
browser. The declarativeNetRequest only allows for ONE type of filter to work.
The static kind, i.e. the old, deprecated, bad, insufficient kind.

Recommended reading: uBlock Origin developer's comments on this change
(unanswered by google ofc)
[https://bugs.chromium.org/p/chromium/issues/detail?id=896897...](https://bugs.chromium.org/p/chromium/issues/detail?id=896897&desc=2#c23)

~~~
onion2k
The way ad-blockers work at the moment is that the authors of ad-blockers work
hard to not break the websites they block adverts on. This is good for users.
This change means ad-blockers will need a different, simpler approach that
_probably_ will break far more websites. For example, you could write a very
simple ad-blocking script that just denied requests to load JS from any third-
party domain. That would break a lot of websites, but you wouldn't see many
adverts.

I'd rather have lots of broken websites than websites with adverts. I suspect
a lot of web users feel the same way.

~~~
bigiain
Hmmm, I wonder if you could globally block 3rd party javascript, then use the
30,000 rule limit for your whitelist of places to allow js from?

I seriously doubt I'd be left with any "broken sites" I care much about by the
time I've whitelisted 30k 3rd party javascript domain/paths?

------
hendersoon
Everybody saying declarativeNetRequest is sufficient and Apple's Safari
content blocking works perfectly fine is entirely missing the point. Both of
those statements are true enough, _for right now_.

Losing the ability to modify content in this manner means adblockers can't
compete in the arms race against advertisers. Anti-adblock scripts running
locally with randomly-generated names will render this sort of declarative
content blocking ineffective.

------
mehdix
I am so glad that it's a while I have started migrating off Google, Gmail and
Android and I am Chrome-free for almost two years now (Syncthing and DecSync
helped a lot).

However, I think Google will exploit their browser-market-dominance to bend
web tech to make escaping from ads impossible, same as what they did with DRM.

------
notkaiho
All the more reason to use a DNS level ad-blocker and clear all cookies on
browser exit, I guess...

------
wffurr
Half of all detected malicious extensions used the web request API to spy on
users.

The rule limit has already been raised to 150,000.

Plenty of ad blockers will still work in Chrome.

This thread is chock full of motivated reasoning and deliberate
misinformation.

~~~
jddj
Can you spell out what you are implying here?

Is it that the people posting in this thread are.. authors or stakeholders of
malicious extensions? Do they all work for Mozilla? Are they a part of some
rival industry which stands to benefit from the fall of adtech? Have they
shorted GOOG?

Surely it would be strange to class arguments from users who want to continue
to block ads in their browsers the same, effective way that they have been for
years as _motivated reasoning_. What sinister motivation am I missing?

~~~
wffurr
For whatever reason they all seem determined to put Google in the worst
possible light and ignore any arguments to the contrary. I can't speak to the
motivation other than "hate Google".

~~~
jddj
If you consider your own reasons (which only you are privy to) for supporting
Google's actions in this case, you _might_ find that you're stretching to meet
a narrative. And sure, they might be too, but we can't really claim that
fairly without peeking inside their minds.

All we really know is that they are annoyed that Google is neutering an
extension which they like to use, which makes enough sense that speculation on
their motivations isn't really justified.

------
clickme_zsh
I use Firefox as my main browser and have Vivaldi, Brave, Edge, Installed for
testing purposes. I just need to migrate my email away from Gmail hmmmmmm. Any
good suggestion?

------
bambax
> _Simeon Vincent, a Google Developer Advocate for Chrome Extensions_

One has to love and admire the use of Newspeak by big companies... How is this
Mr Vincent an "advocate"? He's in charge of destroying extensions!

On his Twitter bio [1] he also says he likes "helping people" and "the open
web". The cognitive dissonance must be hard to bear.

[1] [https://twitter.com/dotproto](https://twitter.com/dotproto)

~~~
fauigerzigerk
Even if you don't share their opinion, you have to accept that some people
honestly believe that advertising is necessary for funding the open Web and
keep it open for people who either can't afford tons of subscriptions or hate
them for privacy reasons.

Realistically, Mr Vincent is not in charge of being an advocate for anything
other than Google's corporate interests. But he is not in charge of destroying
extensions either. He may well be in charge of destroying ad blockers though.

~~~
otabdeveloper4
> ...advertising is necessary for funding the open Web and keep it open for
> people who either can't afford tons of subscriptions or hate them for
> privacy reasons

That's a minor issue. The bigger issue is the fact that, if adblockers become
truly popular, websites will go back to serving opaque binary blobs instead of
HTML+CSS+JS.

Remember Flash and 'Flash pages' back in the day? That, except worse.

~~~
big_chungus
I don't think sites will bake ads into the blob. It's too much server-side
hassle. The equivalent today is just serving the ads from your own domain, and
precious few people do that. The other option is a binary blob making a
network request to an ad server, which can be blocked.

~~~
blep-arsh
I know people who are building this as a service. It renders this new
adblocking API completely helpless. Since it's just a proxy with relatively
low CPU load, it's feasible e.g. Cloudflare could also build something like
this.

------
znpy
Google Chrome is the new Internet Explorer

~~~
anoncake
That's an unfair comparison. IE wasn't a good browser but at least it wasn't
designed to make people suffer from ads.

------
bit_4l
I found Brave more trustworthy than Chrome and better usability than Firefox.
Just made a switch to it.

------
jillesvangurp
I find it interesting that Google thinks they are going to get away with this.
I'm afraid they might be right.

I've been on Firefox since they launched their quantum version a few years ago
after a few years of using Chrome. I like Firefox but I notice a lot of people
around me seem to default to Chrome. Things work well enough on Firefox that I
don't consider compatibility a problem. But I do get a lot of raised eyebrows
from people who consider this an extreme thing to do. Just like back in the
day where I was doing most of my browsing with alpha builds of Mozilla Phoenix
instead of just using IE like world + dog.

But what matters is that the market has changed. 15 years ago when MS made
their anti competitive moves with IE and in the process helped Mozilla survive
their Netscape implosion through reinventing themselves through their Phoenix
-> Firebird -> Firefox reinvention (I used all of those). However since then,
the market has consolidated around just 3 browser engines: Chromium,
Webkit/Safari, and Firefox. Of those Chromium essentially powers all of the
Chrome alternatives that aren't Firefox or Safari (Edge, Brave, Opera, etc.).
Another change is that the web has imploded to just a handful of websites
gobbling up most of the traffic. Yes there are a lot of websites but mostly
the way to them leads via Google, Facebook, Apple, or MS owned properties.

Finally the ad market has changed. GDPR and related efforts in other markets
(including the US) are pushing the market towards more responsible behavior
with respect to getting users to opt in and to ad experiences that are
increasing harder to block because they don't necessarily come via separate
websites and domains.

~~~
buboard
There's also the giant shift to mobile. Google and apple would like you to use
phones and tablets to the expense of desktops because they can control those
platforms better. So they are building their platforms with those in mind,
unintentionally-or-not crippling desktops

------
badrabbit
How impossible is it to fork Chromium and maintain a privacy friendly branch?

~~~
freetonik
There's one popular effort: [https://github.com/Eloston/ungoogled-
chromium](https://github.com/Eloston/ungoogled-chromium)

------
noobiemcfoob
The only feature keeping me on Chrome is web bluetooth.

------
butuzov
I can't use firefox since they decided I need to enter 6 char code to verify
my password. Oh... this code never arrives to my google mailbox.

------
enriquto
ublock origin is non-negotiable

so long, chrome!

------
vkizl
Off-topic: because of this, I was thinking of moving to Vivaldi and it's
really sad how unpolished and slow their UI is... it's almost as if it was a
beta, still. I wonder if they use it themselves...

It seems to me that they want to reinvent the entire Chrome UI but they don't
have the necessary manpower to do it properly.

------
sub7
Sooner we move off ad renvenue based products the better. Surely there's a way
to get people to pay a tiny bit to get great quality products that don't fuck
them in the arse.

We need some benevolent dictatorship in tech to sponsor this ecosystem.

~~~
Nasrudith
We have seen that floated many times but I am afraid it is a non-starter. It
has the same exact issues as Clickbait but calls for a large infastructural
change. Just having a convenient pay mechanism would be an in practice
security vulnerability from scareware. Plus like subscriptions the owner
practice often will be "do both at once"!

------
cotelletta
I wonder how much of this is actually about Adblockers... vs Googlers just
wanting to make some performance numbers go up in aggregate to make their own
internal company stats better.

Cos sure as hell no user is waiting for this.

~~~
cromwellian
Apple/Safari adopted pretty much the same architecture on Ad Blockers. Maybe
just maybe the conspiracy theories are all wrong, and there was actually a
legitimate, technical reason for choosing a restricted API.

~~~
pilif
Safari has a much larger limit for blocking list entries though.

~~~
saagarjha
It’s not all that much larger; the limit is a combination of a hard cap of
50,000 rules and what Jetsam will let you get away with.

~~~
hombre_fatal
You can bundle many rule lists inside one extension. It's how 1Blocker works,
and I did it myself for my own adblocking extension.

I'm not sure if this is possible in Chrome's proposal though.

Maybe this change will finally get people to prune Easylist which had 30%
outdated cosmetic-filter cruft when I last sampled it along with hobby horse
websites <0.00001% people would ever visit. Right now it's basically like an
append-only legacy CSS file.

------
LeonM
Wow, the amount of negativity here is awful. I looks like most commenters have
not even read the article...

First of all, the HN title is not the title of the article. HN mods, please
change it to reflect the actual title of the article.

Second, to me this does not seem as some attempt by Google to actively block
Adblocker extensions. They are _proposing_ a change to the API (Manifest) to
no longer allow manipulation of content, which I think is a good thing from a
security standpoint. They also _propose_ reducing the number of content
stripping rules to 30k. Now, I'm not familiar with add-on development, but
this sounds like a constraint that was implemented for performance reasons.
This constraint will break add-blockers in their current form, but there is no
reason for me to believe that this will make content filtering impossible.

It is also clearly stated that the V3 manifest is in early testing phase.
Nothing here is set in stone.

~~~
TeMPOraL
As 'yipbub says, the amount of negativity here is appropriate. The topic of
Manifest V3 has been discussed to death over the past months, and the
conclusion is, it does cripple ad and tracking blockers. The security benefits
of this change are at best dubious[0], the performance argument is nonsense,
and it really does look like the primary goal of this proposal is to make it
impossible for browser extensions to effectively prevent users from being
tracked. In the months since the initial proposal, Google has done nothing to
suggest this is not their goal.

\--

[0] [https://www.eff.org/deeplinks/2019/07/googles-plans-
chrome-e...](https://www.eff.org/deeplinks/2019/07/googles-plans-chrome-
extensions-wont-really-help-security)

------
cletus
Did anyone actually read the submission? The title is clickbait that doesn't
reflect the content.

The change here moves modifying content of the webRequest to the browser from
the extension. This is fundamentally more secure. Allowing third-party
extensions to inspect and _modify_ arbitrary HTTP requests is nothing short of
dangerous.

The new declarative API (from the article) limits such extensions to 30,000
rules. I honestly don't know what impact this will have on ad blockers. At
worst it seems like ad blockers will become less effective as simple logic
tells you that some rules matter more than others and the least used rules
will simply be dropped.

So rather than be alarmist and use this to feed into the tired narrative that
"Google is killing ad blockers because it's an advertising company"
(paraphrased) we should be pushing for changes that make this workable, such
as:

1\. Having a higher limit than 30,000; and

2\. Working on ways to condense N rules into <N rules. There must be ways we
can be more expressive so that we don't require as many rules, no?

I honestly don't like the fact that I have to give a third party developer so
much privileged access to run an ad blocker and I'm surprised anyone else is.
Extensions can be compromised.

~~~
malvosenior
> _So rather than be alarmist and use this to feed into the tired narrative
> that "Google is killing ad blockers because it's an advertising company"_

That’s not alarmist, it’s the obvious truth. As a user I should have complete
control over what runs on my machine. I don’t need Google “protecting” me (by
breaking ad blockers). Google is the single most destructive force in the tech
industry today. Very much like Microsoft in the 90s. We should resist their
attempts to embrace, extend, extinguish and we should be insulted that they
couch these changes in marketing speak that pretends to be pro-user when it’s
the exact opposite.

~~~
cletus
> As a user I should have complete control over what runs on my machine.

You do. By running Firefox. This level of control might be useful to you but
it's not to most users. As much as power users chafe against things like the
App Store, for example, this is clearly a win for most users. Limiting what a
malicious extension could do is very much the same because I can guarantee you
there are scams to get users to install malicious extensions.

How Firefox should respond here is to make ad-blocking a first party solution.
In that Firefox itself is responsible for the blocking and all extension
writers are responsible for are the rules.

At that point you will have a solid story that FF is putting the user first.

~~~
malvosenior
So it’s safe to say that people _are not_ being alarmist about Google and
_should_ switch to Firefox.

I don’t think it’s “clear” at all that most users benefit from monopolistic
app store practices. I think the giant tech companies do though.

~~~
cletus
"Should"? I wouldn't go that far. I will say however that people are the
uproar is somewhat overblown for three simple reasons:

1\. Google wants people to use Chrome. It's clearly of benefit to them (and,
for the most part, to users, at least for now);

2\. Alternatives exist; and

3\. Switching to an alternative is essentially trivial.

This just isn't a Microsoft Windows monopoly situation.

