
Explanation of the state of uBlock Origin and other blockers for Safari - n1000
https://github.com/el1t/uBlock-Safari/issues/158
======
Zelphyr
There is a lot of confusion around this issue. Some people are taking this to
mean that Safari has completely banned ad blockers, which isn't the case.
Instead they've switched to a model that matches what they've been doing on
iOS which is content blocking[1]. Content blockers give Safari a list of
triggers and actions to take when something matches a trigger.

For example; you can have a trigger which contains a regex that matches all
images and stylesheets for a given domain. The action can be one of several
options, one of which is to block that item.

One advantage this technique provides over ad blocking is that there's no data
to be phoned back home. It is, in essence, a mask that is applied to a web
page before rendering. Also, it's very lightweight. It's literally just a JSON
document which means Safari can perform better.

Now, I'll admit it's not foolproof. Apple and the content blockers have some
work to do on it. I'm noticing some issues with it myself after having
upgraded to Safari 13. But from a privacy perspective, I personally much
prefer this technique.

1:
[https://developer.apple.com/documentation/safariservices/cre...](https://developer.apple.com/documentation/safariservices/creating_a_content_blocker)

~~~
srbby
This is exactly what Chrome intends to do and everybody hates Google for it.
Defending this when Apple does it is a double standard.

~~~
wlesieutre
When Apple says "We're designing this API in a way that allows you to block
ads without having full visibility to monitor everything that any user does
every web page they visit" it's totally believable because it's in line with
the last 10+ years of their product direction.

Yeah, it makes ad blockers less powerful. It also makes them less of an
enormous security risk in that all of your web traffic is redirected through
them, and a compromised extension could do whatever it wanted with that.

People are more skeptical of Google's motives because nearly all of their
money comes from selling ads and for all we know they're more concerned about
their very very very large piles of cash than they are about browser extension
security. That's not a motivation that Apple would have for their Content
Blocker limitations.

~~~
michaelmrose
Adblockers don't redirect all traffic though them. If you think about it for a
moment you will see how absurd that idea is. This would incur one of the most
massive bandwidth bills on the internet for negligible financial gain.

Current ublock origin.

Your adblocker frequently updates lists of patterns to block via any of many
user configurable lists.

When you load a site ON YOUR COMPUTER it consults all those lists including
custom ones you create yourself for annoying elements on particular sites
before loading content. It NEVER sends said content to the adblocker or leaks
your information.

Ublock origin provides both the adblocking engine and the lists and can
innovate on the former and iterate on the latter as fast as you please.

New chrome restrictions.

Google provides an adblocking engine substantially inferior to ublock.
Extensions are able to provide only a list much smaller than current lists and
can only update that list when the extension itself is updated. They cannot
innovate on the adblocking engine as they are stuck with the crummy one an ad
company provides. This basically ensures that ad providers win the arms race
with adblockers.

Safari

Shares the same inherent flaw with chrome that Apple will be providing the
adblocking engine with the possible benefit that apple isn't directly making
money off ads and has less incentive to directly break adblocking.

~~~
wlesieutre
I don't mean that it sends the actual web traffic through some uBlock server,
I mean that the uBlock browser extension sees all of the requests to load a
webpage and decides what to do. It can decide to block them or not. It could
also decide to scoop up all of your personal information and do bad things
with it.

If someone were able to compromise the developer account and get a malicious
version distributed through the Chrome browser gallery, that would be a huge
problem. The kind of thing that has been making headlines with compromised npm
modules recently.

Google has reviews in place to prevent malicious extensions from being
distributed, but they can't be perfect. We've seen that repeatedly with both
Chrome extensions and Android apps.

Every extension with permissions set for "This can read and change site data
on all sites" has a huge target on it, and the fewer things using that level
of access the better. Ad blocking extensions are an obvious place to look for
improvement because they're so popular.

I hope that Google can put a blocking system together that will be able to
perform as well as existing solutions without adding any huge security risks,
but I also agree that it's problematic that their incentives are to do the
exact opposite.

~~~
hnaccy
So enforce human reviews for any update to extension with "read all requests"
permission and over X users.

~~~
Despegar
Nah. If they feel inclined to do something more powerful than the Content
Blocker API then they should build the ad blocker themselves into Safari. It
can be off by default and configurable by users.

It'd make the Content Blocker API kind of pointless but that'd be safer than
letting third parties in.

~~~
michaelmrose
I don't see much value in ecosystems that where only one party can build
powerful tools

~~~
Despegar
I don't think "ecosystems" are a priority in and of themselves for Apple.

------
lmedinas
Well i have no complains about Safari but their Extension system is really
costing them users. At this point I uBlock Origin is by far the most reliable
AdBlocker you can find and my having the developers explaining that in the
future maybe only Firefox will support it it's kinda of sad.

Of course we know that Google has to make money from Ads so its understandable
but what about Apple ? They are putting heavy focus in privacy, would it be
good if they open their browser to make sure their users will not move to
Chrome/Firefox or other browser ?

~~~
kache_
The day ublock origin doesn't work on chrome is the day users will flock to
firefox. We have seen time and time again that users aren't afraid of
switching browsers. This is because since their core functionality is so
similar, small advantages will tip the scales.

~~~
dondada
You'd be surprised how many people don't use adblockers. There will be a few
people switching but I don't think anymore than 1% of total Chrome users

~~~
cooljacob204
Yes but power users do. And power users are the ones who set up and influence
their friends and families browser choices.

At least that is my theory on it.

~~~
glogla
Thanks, I just realized I have to switch my mother from Safari to Firefox now
that Apple decided to forbid uBlock.

~~~
geerlingguy
It’s less Apple forbidding uBlock, and more uBlock deciding to not turn itself
into a content blocker for the newer version.

~~~
input_sh
That's just wrong. It's impossible for uBlock Origin to turn itself into a
content blocker while retaining its current functionality.

Content blockers in Safari are limited to 50k filters. uBlock Origin's default
filters have more than that. Therefore, the choice is between a new, but much
less useful extension, or no extension at all. uBlock Origin decided on the
latter.

~~~
lotsofpulp
There’s a way around the 50k limit:

[https://backstage.1blocker.com/say-hello-
to-1blocker-x-8b55e...](https://backstage.1blocker.com/say-hello-
to-1blocker-x-8b55efe1ae36)

~~~
saagarjha
To be fair, multiple extensions is a huge hack and has complexities of its
own.

------
_Understated_
This is not good!

I thought Apple were way out in front when it came to tracking and whatnot...

My wife uses a MAC at home and was complaining about how slow our internet was
(70Mb down... not slow) a while back.

She mainly looks at news sites and when I saw what she was looking at I knew
the problem wasn't the internet connection.

The entire page, apart from a tiny bit in the middle, was cluttered with
moving shit!

I installed uBlock Origin and... the result was fantastic: pages loaded in a
fraction of the time.

When she realised that the articles were a tiny proportion of the downloaded
crap she realised she'd been missing out for so long.

Once, when the MAC went back for repair, it was replaced with a new one and
OMG the horror when she fired up Safari and it had no blocker... UBlock Origin
to the rescue.

I agree with one of the other comments on here: The web is utterly unusable
without it.

~~~
ChrisLTD
Apple is trying to thread the needle. They want to allow content blocking, but
they _do not_ want to allow content blocking plugins to see and potentially
report on what sites you visit.

Personally, I’m totally cool with the trade-off of having less capable ad
blocking functionality, if I can be sure my web plugins aren’t a security or
privacy risk.

~~~
commoner
uBlock Origin is completely free and open source.

[https://github.com/gorhill/uBlock/](https://github.com/gorhill/uBlock/)

It's a very popular project on GitHub with many developers scrutinizing any
changes to the codebase. Fears of uBlock Origin being a "security or privacy
risk" based on code in the extension are unfounded.

~~~
falcolas
So long as it’s not sold. It’s happened before - a popular ad blocker is
bought up for millions of dollars by an ad agency, and turned into an already
installed vehicle for new ads.

I see nothing about “free and open source” which prevents this.

~~~
somebehemoth
It can be forked?

~~~
saagarjha
The last fork of uBlock Origin didn’t do so well:
[https://ublock.org/](https://ublock.org/)

~~~
pwinnski
Didn't do so well how? It's very popular, used by many people who don't
realize how terrible it is!

~~~
saagarjha
Ok, let's say it didn't do good :)

------
simias
It's interesting that Google and Apple seem to be converging on this issue
(ad-blocking extensions) even though they're probably coming from two
different directions.

Google probably wants to discourage ad-blocking because it's a threat to their
business model. Apple just dislikes not having full control on what the users
run (and sometimes for good reasons, they probably want to avoid malware
extensions). Still, in the end they both end up with subpar ad blocking
facilities as a result.

Firefox really needs to become a worthy competitor once again. And no I don't
consider forks of Chromium to be reasonable alternatives in the long term, at
least until those teams prove that they can maintain a deep fork of the
browser on their own which will be necessary if they need to maintain
functionality that Google removes from upstream.

~~~
distances
> Firefox really needs to become a worthy competitor once again.

For me it's always been, I've used Firefox without pause since it was called
Phoenix. I know there was a small exodus to Chrome when it had better
parallelization, but as far as I know Firefox is leading on that front again.

So what do you mean by "worthy"? Higher market share or some missing features?
I'm obviously biased as I never left for competition but I don't have any
complaints, neither on desktop nor with the Android version.

~~~
zcid
Same here. Crazy to think that I've been using it for over 15 years and never
had a reason to change. I've tried other browsers, but none of them gave me a
compelling reason to continue with them.

I think the most probable reason for that has been the complete support for
addons that no other browser ever did. For instance, why doesn't Chrome have
support for vertical/tree-style tabs without using a separate window? That one
feature alone keeps me on firefox. By removing the tab bar at the top of the
screen, you regain a significant amount of vertical space on a laptop.

~~~
laurent123456
> That one feature alone keeps me on firefox. By removing the tab bar at the
> top of the screen, you regain a significant amount of vertical space on a
> laptop.

Last time I tried tree tab, it wasn't possible to remove the tab bar. Has this
changed? And if so, would you mind sharing how to do it?

~~~
Ivoah
Just add this to your `userChrome.css` file

    
    
        #TabsToolbar {
            visibility: hidden;
        }

------
DCKing
I like using Safari and uBlock Origin. I notice that I am not a power user of
browsers - give tabs, a forward and backward button and any adblocker and I
used to be happy. This mean that I could easily use Safari and Firefox - I
prefer not to use Chrome derivatives to do my part in preventing developers
from forgetting about other browsers.

However, I have recently become a power user of uBlock Origin specifically to
curtail the general attention hacking on the web. uBlock Origin is already a
very great ad blocker in its default installation, but I've recently got into
using its powerful cosmetic filters to block out "attention hacking features",
such as (all of) YouTube's recommendations, comments on various sites, and
stuff like the "Hot Network Questions" on StackOverflow. Things I've
discovered that are too good at distracting my mind. With a few uBlock Origin
cosmetic filter rules, those website elements remain hidden when I visit them.

I wonder if it's possible to continue using Safari with my own distraction
filters. It's a shame if I have to stop using it.

~~~
twostoned
I need to block attention hacking features also, have been thinking about this
recently. Stupid youtube.

~~~
DCKing
In uBlock Origin settings > My filters, paste the following rules to turn
YouTube in just a search bar + video player:

    
    
      youtube.com##ytd-browse[page-subtype='home']
      youtube.com##ytd-watch-next-secondary-results-renderer
      youtube.com##app-drawer
      youtube.com##ytd-item-section-renderer.ytd-comments
      youtube.com##ytd-guide-renderer
      youtube.com##ytd-mini-guide-renderer
      youtube.com##ytd-topbar-menu-button-renderer
      youtube.com###buttons.ytd-masthead
      youtube.com##yt-icon-button
      youtube.com##.ytp-endscreen-content
    

Note this is only accurate at the time of writing, only works partially on
mobile, and may break some edge cases I don't use :)

[1]: [https://github.com/gorhill/uBlock/wiki/Static-filter-
syntax](https://github.com/gorhill/uBlock/wiki/Static-filter-syntax)

------
RodgerTheGreat
This is a serious impending problem for Safari users. The web has become
nearly unusable without a high-quality, uncompromised ad blocker like uBO.

~~~
dmortin
I use a blocker too, but the problem is if everyone starts blocking ads then
the current free internet cannot be sustained as it is today. We'll have to
move to a paid model, which won't be cheap if you choose to visit many sites,
like today, and also the clearing entity will know about what sites you
browse. It can't be anonymous, because in case of a dispute it has to be known
who paid for what.

~~~
chopin
Serve un-obstrusive first party ads. I have no problem with that. Otherwise,
go and die.

~~~
Jonnax
So only the websites that are big enough to make deals with specific
advertisers are allowed to make money on the internet?

~~~
chopin
So you're only allowed to sell stuff nationwide if you're big enough? Oh wait,
there's EBay... I am sure solutions for this will spring up if need be.
There's money involved, after all.

Edit to add: These solutions will not be as convenient as the current state of
affairs, I contest that.

~~~
iamnotacrook
"Oh wait"

Nobody needs to wait on the internet - you can just go right ahead and type!

"there's EBay..."

You're saying that for a business to be successful on the internet they need
to get their money from buying and selling goods on eBay instead of running
adverts? Or that they'll sell adverts on eBay? I'm puzzled.

~~~
chopin
No, I tried to give an analogous example. Selling goods <-> providing "free"
content. I am old enough to remember a time without internet where any
business had a really tough time to sell nationwide. Big players had a huge
advantage. With Amazon Marketplace or EBay that's much easier now. therefore I
am pretty sure when targeted advertizing gets more scrutiny that alternatives
will pop up. Heck, even Google might then provide such a service if their
current business model is at risk.

~~~
Jonnax
??????? The Google advert marketplace already exists.

------
oedmarap
A while ago I uninstalled uBO/PrivacyBadger and switched to using a
combination of NextDNS [0] and Brave for daily driving (Firefox for work
because FF containers) and the adblocking + browsing experience has been
nothing short of stellar.

NextDNS takes the load off outside the network perimeter and concatenates all
the many lists and trackers in one dashboard. I'm free to use other gentler
add-ons in the browser if I so desire, rather than have the DOM split apart
and my local machine do all the heavy lifting.

The best thing about using DNS-level blocking is that it's an elegant solution
across all my devices, especially when paired with a VPN that enforces those
resolvers.

[0] [https://nextdns.io](https://nextdns.io)

~~~
viraptor
Where that fails though is exceptions. Do you want to block ads, but follow
that one link you're really interested in? Sorry, it redirects via a
doubleclick site and you can't allow just that one entry. You also need to
leave your browser environment to find and unblock it.

~~~
dspillett
That irritated me once or twice at first, after setting PiHole to implement
DNS based ad blocking at the network level.

It hasn't bothered me long term though. If that happens and I care enough
about what made me follow the link then a quick search has always brought up
another route to that content or equivalent content.

Often I don't care even that much in which case I click the back button or
close the tab and get on with something else. In fact this "problem" might be
saving me wasted time that I can use/waste elsewhere. It might even be saving
money by reducing impulse purchases, if the links are ones I've followed to
see what the sales pitch is for a product/service that has been mentioned in
an article!

~~~
viraptor
For me it's the opposite. Not being able to bypass that doubleclick block
would mean that I lose the deal I'm trying to get and would lose money on
something I'm actually planning to pay for.

~~~
dspillett
I've never come across a product or offer I really wanted, that I couldn't
easily get to by other means. It is occasionally an extra couple of clicks or
a little typing to search, but that is a small price to pay for all the junk
(sometimes actively malicious junk, not just tracking stuff and irritations
like auto-playing video) that PiHole blocks.

Heck, it has at least once _saved_ me money, and not just because I gave up
trying to get information on how to spend it: searching for the product when
following the "direct" link didn't work found a better offer from another
source (in that case if was an offer on the particular variety of running
shoes that I currently prefer).

------
makecheck
This isn’t just about applying some regexes, it’s about disabling utterly
obnoxious “features” of web sites.

Until a content blocker can offer a right-click “block THIS element” feature,
they won’t come close to the power of uBO. The UI alone for highlighting the
exact offender in the document tree is brilliant. Every time a “newsletter”
pops in my face, I can banish it forever. Every unnecessary floating space-
stealing navigation bar, I can banish, returning the screen space that was
stolen from me. Every scroll-with-the-article Facebook/Twitter gadget can be
similarly removed.

~~~
barrowclift
While not a right-click, 1Blocker for macOS Safari does indeed a support
"block this element" feature with their extension.

------
wdr1
Interesting to see the difference in how HN reacts to changes like this in
Safari vs Chrome.

[https://news.ycombinator.com/item?id=18973477](https://news.ycombinator.com/item?id=18973477)

~~~
redacted
For whatever reason, HN is completely uncritical of anything Apple does. It
has gotten to the point that _/r/apple_ tends to have a richer debate about
the companies actions. It's a side effect of the lack of subreddit equivalents
IMO.

~~~
redacted
This story is a perfect example btw, compare
[https://www.reddit.com/r/apple/comments/d6v3mo/explanation_o...](https://www.reddit.com/r/apple/comments/d6v3mo/explanation_of_the_state_of_ublock_origin_and/)
to the multiple defenses of Apple in these comments

------
rubyfan
I’ve been using the MacOS Beta for a while and lack of uBlock Origin has made
browsing terrible again. Ads everywhere now and I had forgotten how bad it
was.

Firefox has gotten pretty good now, the only problem is no integration with
Keychain which is a serious downside. On iOS I use Safari but with BlockBear
and Firefox Focus as content blockers. So my experience there is pretty good.
iCloud Keychain makes my password situation a lot better going between iOS and
MacOS... I’m not sure I can achieve the same using Firefox right now.

~~~
chrisseaton
> Firefox has gotten pretty good now

But it burns through the battery!

~~~
DCKing
That is true currently. Know that this problem will be strongly reduced in the
next version of Firefox, to be released on October 22nd.

Firefox will use much less power then, on par with Chrome (haven't seen direct
comparisons to Safari). Unfortunately by the time it's released Catalina will
be out for a month already.

------
kgwxd
Apple's goal is not hackability, it's to provide a safe environment for users
to generate revenue. It's Dave & Buster's. That was the idea for mobile from
day one. They did a great job out of the gate and they're getting better at it
every year. They've had to work backwards in desktop because people used to
expect full-control of those machines, but they're slowly bringing users
around.

If you want to practice self-defense and weaponry, don't do it at Dave &
Buster's.

------
hackworks
I went through the process of tearing away from Chrome. I only aspect that was
holding me back was my stored passwords in Chrome and shared seamlessly with
Android password manager.

Exported the passwords and imported it into Enpass. That was the first step in
liberation.

I then decided to keep my personal and work related browsing separate
especially since both require a google account (Gsuite at work). I wanted an
ability to open the browser of my choice based on the URL I click and work
anywhere on MacOS.

I implemented a simple URL handler that I register as default browser and that
opens the clicked URL in appropriate browser:

[https://github.com/hackworks/chromer](https://github.com/hackworks/chromer)

It is not a very polished implementation but has been working reliably so far.

With that, I am now able to switch between any browser without any lock in.

~~~
mfcl
Have you looked into Firefox Containers for separating your personal and work
accounts?

~~~
rcarmo
Another vote for Firefox Containers here. I do use Safari for my personal
stuff, but Firefox Containers is _extremely_ useful when you work with
multiple clients and have to switch between contexts for the same site (in my
case the Azure portal and various e-mail accounts).

One container per customer, and it's all neat and tidy.

------
Wowfunhappy
One alternative I haven't seen mentioned is Glimmerblocker[1]. There may be
good reason for this—it looks like the last commit was a few years ago—but I
know it still works in High Sierra at least. However, it's been a long time
since I used the program regularly.

Glimmerblocker is unique in that it doesn't use Safari APIs—it creates a proxy
to filter traffic before it gets to the browser. Despite that, it's quite
powerful; I remember using it to make an extensive Javascript patch for one
site.

(I vaguely remember something about Glimmberblocker needing SIP to be
disabled, but there's nothing about that on their website now, so I'm not
sure. I keep SIP off anyway, so I wouldn't know.)

\---

1: [https://glimmerblocker.org](https://glimmerblocker.org)

------
Someone
So, if I understand things correctly, the change is from “browser passes URL
to blocker, blocker runs arbitrary code to decide whether to block it” to
“blocker passes description of URLs to block to browser, browser runs code”?

In the (somewhat) analogous case of antivirus tools, that change is from using
heuristics to detect viruses to using fingerprints. I’m not sure that makes
much of a difference there (but possibly I’m wrong)

Also, the risk here is lower, so not taking the risk to run arbitrary code in
exchange for somewhat better ad blocking may be the better choice.

So, what are real-life examples that the uBlock Origin currently blocks that
new blockers won’t be able to block?

~~~
Miraste
Safari now only allows up to 50k blocked elements. If there are more than 50k
things you wish to block (my lists currently have >200k and uBlock Origin by
default is over 100k), Safari won't let you.

~~~
djrogers
That’s 50k _per list_ \- many blockers (like 1Blocker) simply have different
lists for each category of blocked elements. Works well.

------
marmada
I don't understand why this is a good thing. As a user, I can make my own
choices on what type of as blocking technology I want to use.

I'm sure most people on HN would support legalization of marijuana even though
it is arguable that smoking marijuana is bad for you. Same thing applies here,
I should be able to choose what ad blocking technology I want to use.

~~~
bonestamp2
> I can make my own choices on what type of as blocking technology I want to
> use

True, safari may not be for you then (it's not for me either). But for many
people, especially those who don't understand how to get good privacy online,
safari takes that guesswork out of the process. Apple applies similar logic to
other security related choices they make for users too. It's not for everyone,
but it is arguably good for many.

------
yladiz
It was asked in the Github comments on this issue, but I want to clarify for
myself: is the main difference between "content blockers" and "ad blocker"
that works like uBlock Origin the way that they handle blocking content? What
are the downsides to the content blocking plugin model?

~~~
tbrock
In my limited understanding content blockers seem more sane as they doesn’t
give the extension cart blanche to read your pages and write to the DOM.
Instead it passes links to content the browser wants to load into the content
blocker as a filter function.

The seems very sensible given extension owners could start injecting malicious
content on the page. Nothing prevents them from selling out — it’s happened
before.

I use uBlock origin and love it in Chrome but I can also see where Apple is
coming from here. This will probably protect the greatest number of their
users.

~~~
roblabla
The way adblocks like UBo works isn't by injecting stuff in the DOM. Instead,
they look at requests going out, and can ask the browser to "fail" it. It can
do that based on custom logic - a piece of javascript code runs for every
requests.

UBO also has the facility to delete/hide arbitrary nodes from the DOM in order
to hide ads that might come bundled with the page.

None of those functionalities can really be used maliciously. At best you can
break websites by denying them the ability to load stuff. The problem is that
both functionality are bundled with other privacy-invading things (like
injecting or reading). But that's of no fault of UBO, it's just the way Safari
and Chrome decided to set the permission granularity.

You could have a secure, restrictive API without blocking the best features of
UBO. Google chose not to because it's potentially damaging their business
model, and Apple probably chose not to out of simplicity.

~~~
sigotirandolas
I think that this, i.e. with request and element filtering, is how it works
the majority of the time. However, uBlock Origin can (and sometimes does)
inject arbitrary scripts into the page. They can it "scriptlets", see this
link: [https://github.com/gorhill/uBlock/wiki/Static-filter-
syntax#...](https://github.com/gorhill/uBlock/wiki/Static-filter-
syntax#scriptlet-injection) . You can see some usages in the "uBlock Filters"
filter list included with uBlock Origin. I think it's more the exception
rather than the norm, but it's there.

My fear is that if extensions are crippled and mainstream ad-blocking
standardizes on those kinds of restricted "content blockers", it's possible
for ad companies to implement an effective technical bypass for them, since
they can execute arbitrary scripts, but "content blockers" can't, unlike
extensions. You would need Apple/Google/etc. to play the ad-blocking arms
race, and they probably won't have incentives for it.

------
oomkiller
Heaven forbid users choose to trade performance for a more usable browsing
experience. Ads/tracking vs blocking is a war, and preventing blockers from
running arbitrary code will cripple blockers, allowing technology to be
developed by hugely funded ad companies that effectively bypass blockers due
to these limitations. Providing a blocklist is completely insufficient for
totally blocking ads and tracking, as anyone that has used the content
blockers on iOS has observed.

~~~
saagarjha
> Providing a blocklist is completely insufficient for totally blocking ads
> and tracking, as anyone that has used the content blockers on iOS has
> observed.

I have used a content blocker for more than four years and I would have to
disagree.

~~~
hu3
Well of course, content blocker audience is still scarce vs ad blockers,
hardly worth investing.

That will change if content blocking is the norm.

------
jkp56
Everybody misses the point.

The declarative API takes control away from the user. Currently you can block
everything except the useful content. With the declarative API you can block
only trackers A, B and C, but not C and D, because C and D weren't added to
the global list of trackers. Moreover, you won't even know that C and D exist.
With the declarative api, trackers get a trivial way to bypass adblocking:
they can just change the domain name. This is the true goal of declarative
API, not performance or security.

Why does the declarative API still allow to monitor your traffic? This sort of
contradicts the security selling point, right? Because corporate users need to
monitor activity of their employees: they install a corp extension that
monitors traffic. They don't need to block anything, but they need the
monitoring ability.

The argument that adblockers can route all your traffic thru their servers
simply doesn't stand. If this was a concern, the browser could refine the
permissions model: an extension can monitor and block any traffic, but it
doesn't have access to the internet. Just like in Android you can uncheck the
camera and mic permissions for any app. Problem solved.

~~~
floatingatoll
If you could declare a sufficiently advanced Lua script, that would negate all
incompatibilities while still allowing complex blockers to function.

Why hasn’t the blocker community proposed such yet? It seems like it’s the
missing piece: How little scripting capabilities are necessary, etc.

If you had MATCH expressions, CASE statements, and $1/$2/... capturing
backreferences, would any of this even be a problem?

~~~
jkp56
I don't understand your point. It doesn't matter what the language is: JS,
Lua, Python, C++ or even Rust. What matters is the API the extension has
access to: tab URLs, web requests, storage, network, DOM read only or read
write. Just like in mobile apps: it doesn't matter what language it's written
in. It only matters what system apis it has access to.

------
halostatue
I have used Better ([https://better.fyi](https://better.fyi)) on the Mac since
the content blocker system was introduced and have never had a problem.

------
WA
I use AdGuard on iOS and you can use very similar block lists as uBlock Origin
for macOS does. Besides ads, I block social media on third party sites. This
kind of tracking is just outright evil.

I'll give it on macOS a try, because the other day, I noticed that uBlock
Origin didn't detect one specific tracking URL, but Firefox did (and it
clearly was in the network tab of the Safari developer tools). Now it's clear
why: uBO is outdated for Safari.

Anyways, thanks for the port and maintenance all those years when I could use
uBO!

~~~
saagarjha
That’s surprising, as I’m sure even an outdated uBlock Origin should fetch an
up-to-date EasyList.

~~~
WA
I thought so too, but the version number was the only difference. If I find
the link again, I can post it here.

------
happybuy
There are plenty of good ad blocker alternatives available for Safari on macOS
and iOS.

I’ve created one that is updated regularly, has a free option, respects your
privacy and doesn’t take any $ from advertisers to let ads through the ad
block rules [1].

Simply search on the App Store for a variety of alternatives.

uBlock Origin is good but it’s not the be all and end all of ad blocking
especially on Apple platforms.

[1] More details at [https://www.magiclasso.co/](https://www.magiclasso.co/)

~~~
sascha_sl
You've got pretty bad reviews, mostly because you seem to hide essential
features behind a paywall. I can't tell which features those are because your
site is not really transparent about that either, probably in a weird attempt
to hook whoever is reading it on the bold "free" part of the page.

Not great.

~~~
ihuman
The website is pretty transparent about what is paid. The features page has
some features listed as part of the "pro" subscription. It seems that the only
paid additions are automated rule updates, a whitelist, and early access to
new features.

[https://www.magiclasso.co/#features](https://www.magiclasso.co/#features)

------
jmnicolas
I find a bit strange that he didn't think of Pihole as one of the alternative.

[https://pi-hole.net/](https://pi-hole.net/)

~~~
GuB-42
There is an overlap in features but these are different, and possibly
complementary things.

Pyhole vs uBlockOrigin:

\- is hardware based

\- works on a global scale, including the browser, apps, and the OS itself

\- can only block domains, not full URLs

\- doesn't have cosmetic filters

\- works at home, not really on the go. there is a VPN, but it still uses your
home connection

The intermediate solution would be hosts-based blocking.

------
zw
This is a mind-boggling level of FUD. Content blockers have been noticeably
superior on both macOS and iOS for years. They’re not “limited”, they’re
rational. It’s abjectly absurd that traditional ad blockers can consume as
much CPU as they do on every single page load. I hope everyone in this thread
jumping ship to Firefox in a panic enjoys their shorter battery life.

~~~
Nextgrid
Disagreed. Content blockers are "dumb" as they just provide a list of
URLs/regexes to block, which doesn't always work and doesn't allow behaviour-
based blocking like "dynamic filtering" that some Javascript-based adblockers
have.

Sure, it's technically possible for a JS blocker to use more CPU, but 1) it's
a trade-off the user should be allowed to make (I'm happy to sacrifice some
CPU in exchange for better ad blocking and privacy) and 2) I never had a case
where a JS-based blocker noticeably impacted performance.

------
blacklight86
Time to start avoiding any browser that limits the power of extensions.

Browsing the web today has become a dirty business, it's easy to be tracked,
and users have the freaking right to defend their privacy when browsing, and
to do it in whichever way they like.

I'm tired of these paternalistic and uningenuous claims from Google and Apple
that sound like "but we do it for you, you know, adblockers really hurt the
performance of your browser". Something hurts my browsing experience? Well, it
should be my call whether the pros outsize the cons or not, it should my call
whether to use it or not, not the browser's developer call. After all, the web
browsing experience today is way more compromised because of the huge amount
of third-party scripts that run on most of the pages, surely not by
extensions, but browser producers don't seem to put the same emphasis on the
need of reducing the use of third-party scripts and trackers.

To me decisions like blocking external web API calls in extensions just
because "they may slow down your browser or put your security at risk" sound
like if the Linux kernel suddenly decided to disable the support for network
sockets because "you know, hackers might use them for backdoors, or you might
end up connecting to an extremely slow server and hurt your experience": a
complete nonsense bullshit.

Plus, browsers like Brave have recently proved, with its native content
blocker developed in Rust, that it's still possible to use a traditional
adblocker without compromising the browsing experience.

Time to uninstall Chrome. Time to uninstall Safari. Time to ditch away all the
browsers that do their best to limit your freedom on how you surf the web.
Extensions are among the foundations of a modern browser, and limiting their
power to static lists of rules is an immoral decision that deserves a serious
boycot act from users.

------
protomyth
Let me get this straight, because Apple is worried I might leak private
information to the Extension Developer, they came up with a new "content
blocking" scheme that is not as capable so now my risk has increased for every
website I visit? I think I would like to take my chances with the Extension
Developer.

------
a012
I didn't know this first but spent awhile after installed Safari 13 and
noticed uBO wasn't there anymore and spent time searching for alternative
options and valuating those mentioned in the post but decided I'll go with FF
and only use Safari with some websites those I'm working with them.

~~~
vuln
I started downloading the update while read another thread. I immediately cut
off the WiFi and stopped the download. I also downloaded Firefox to check it
out and it seems pretty good.

------
jedberg
FWIW, I've been on Catalina for a couple of months now, which means no uBlock,
and the web has been pretty usable. Safari alone seems to be doing a pretty
good job with isolating the worst ads.

That being said, this post reminded me to install a replacement, so I just
installed Adguard. We'll see how it goes.

~~~
lethologica
Are you not concerned by the permissions Adguard requires?

~~~
3JPLW
I installed Adguard myself after reading this post — it appears as though
they've split the functionality into many extensions, and only a few require
full-page access. I'm trying it without those "advanced" extensions enabled
and it seems to be doing just fine.

------
PStamatiou
For those looking for a related alternative/supplement.. consider a privacy
DNS solution. I've really been liking NextDNS lately. Lets you customize a ton
of stuff:

It launched on HN a while back:
[https://news.ycombinator.com/item?id=20012687](https://news.ycombinator.com/item?id=20012687)

[https://nextdns.io](https://nextdns.io)

~~~
plopz
Isn't the main issue with DNS blocking the same as this "content blocking",
i.e. it cant work for things like blocking Twitch's SureStream ads?

Interestingly I found this while looking around for the answer:
[https://github.com/uBlockOrigin/uAssets/issues/5184#issuecom...](https://github.com/uBlockOrigin/uAssets/issues/5184#issuecomment-475864036)

------
shujito
There's the option for hosts-based blocking, too; unified hosts[1] for example

[1]
[https://github.com/StevenBlack/hosts](https://github.com/StevenBlack/hosts)

------
mukundmr
There are ways to make AdBlockers work with Safari 13. It is a question of
someone taking the effort to adhere to the new design enforced by Apple for
Safari extensions.

I switched to AdGuard from uBlock Origin.

~~~
zerealshadowban
I've made the same switch to AdGuard after upgrading to Safari 13, happy so
far. (I've loved uBlock Origin for many years.)

------
bberenberg
Does anyone have a local proxy that can do this instead? I am aware of
GlimmerBlocker, but would love to hear broader feedback on the topic.

~~~
proaralyst
There's pi-hole but it's only a DNS blocker

------
leemailll
As it mentioned, it will not work in future release of safari and chrome. So
only choice will be Firefox on Mac?

~~~
pedrocx486
If Chrome/ium forks decide to maintain the needed APIs they will still support
it. There's also Brave. In the meantime I'm with the new Edge (forked from
Chromium) in hopes MS won't be stupid.

------
jokoon
I'm starting to hate the internet

------
twsted
I've seen that now Little Snitch (4) has the possibility to load community's
blocklists.

Any feedback on this?

~~~
jen729w
I use this with Peter Lowe’s blocklist [0]. I’d share the exact setup but I’m
not near my Mac just now.

It’s great, but I also use 1Blocker — have since its release, also use it on
iOS — and I _think_ it does most of the work. I’ve only recently added the
blocklist to Little Snitch and I don’t notice much difference.

Of course Little Snitch is blocking _all_ network traffic, including Firefox.
I use Firefox as my dev browser and don’t have any blocking extensions loaded.

It’s in the category of ‘why not’ for me, I already have Little Snitch so I
may as well load in these rules.

[0]: [https://pgl.yoyo.org/adservers/](https://pgl.yoyo.org/adservers/)

------
sooheon
I've found Ka-block! to work well enough that I'm happy waiting until a clear
winner between 1Blocker and AdGuard emerges. OTOH, the bigger annoyance has
been the fact that none of the vi key extensions for Safari seem to work
anymore.

------
untitled87
Safari is the new Chrome

------
eduardo2002
Wow

