I empathize with the developer, but Occam's Razor suggests this isn't anything more than a typically crummy vague Walled Garden app store rejection. I'd take their advice and re-submit.
However the email I received is titled "Chrome Web Store: Removal notification for uBlock Origin".
In any case, it's just impossible for me to figure what is the issue. I could spend a inordinate amount of time guess-shuffling code around for no result.
Assuming the email title is misleading -- let's say uBlock Origin won't be removed from the Chrome store, there is nothing special in 1.3.2 compared to any other releases, and from the look of it I won't ever be able to fix whatever is deemed wrong without specifics, and as a consequence, no updates lead to abandonware.
Edit: I will add that with Firefox and Opera, there has always been communication with specifics when I was asked to fix something, and I always did fix as demanded (or suggested).
Have you tried telling them that?
Failing that -- if it were me -- I'd resubmit perhaps with the only addition of a README that briefly explains the file layout.
I’d caution against the shuffling code around to try to reverse engineer the approval rules. I tried the same with a similar extension (Adblock Fast) that got rejected for similar reasons (no reasons as far as I could tell). Result: my dev account got automatically suspended. I had to get a Google friend to get me unsuspended. Google seems to have added very aggressive automated approval and suspension rules. I’d reply to their email and see if they reply back first.
Updating them at first start would fit the description of not having them visible in the package.
This demonstrates the problem here, we are left to speculate endlessly about what the is the issue(s) according to the Chrome store.
This is the same thing that we chastise other people for. Yet here we are ready to switch to FireFox and Edge due to what is surely an automated misunderstanding. We are better than this. If not, we _should_ be better than this.
In addition to UBlock Origin, I block DOM, HTTP/S referrer, CSS visited links (surfing history viewable by websites), block WebRTC (leaks private IP address schemas), and more. I have a right to a clutter-free Internet that is not tracking me, using my bandwidth without my consent, and doing everything to make money from me without my consent or sharing with me should it do so. No, thank you. I will continue to block all ads, tracking cookies, beacons, you name it. I somewhat enjoy the cold war between users and the ad companies.
I use Firefox and install the following:
- Ublock Origen (choose 3rd-Party block lists to suit.)
- Privacy Badger (no set up, just install, it learns as you go)
In Firefox, use about:config to change the following:
- Toggle dom.storage.enabled to False
- Toggle layout.css.visited_links_enabled to False
- Toggle media.peerconnection.enabled to False
- Toggle network.prefetch-next to False
- Toggle network.http.sendReferrerHeader to 0 (zero)
- Toggle network.http.sendSecureXSiteReferrer to False
These settings have worked for me with no issues. I bank, do all manner of things online with no issues. I do, however, see no ads, no tracking, faster page loads, clean experience all around.
Firefox lies to scripts that try to access the style-state of visited links. You probably don't need to set this.
Don't those settings have any adverse effect on any web services you use, such as say Gmail or any finance-related site you use, such as say Amazon? Everything works the same as before (except for now not getting ads and wasting bandwidth)? Pretty good if so. Not familiar with this area, hence asking.
> And, most importantly, they do not get in bed with the ad companies to arrange for acceptable ads.
Unless things changed, UBlock relies on some of the blocking lists coming from AdBlock so the sentence above might not be 100% true.
I'm aggressive with regard to ad blocking and use I use the majority of UBO's adblock lists except for the foreign lists.
I guess you meant UBlock Origin?
I'm close to switching back to ABP, but we'll see...
I haven't tried this, but it seems like it should work unless there is something specifically blocking that
See for example: https://developer.mozilla.org/en-US/docs/Web/CSS/Privacy_and...
Yes there are a lot of bad actors and general crap that has damaged the industry greatly but that doesn't mean the model itself is somehow broken.
Not sure this falls under "rights" either - you definitely have the ability to do it but not a moral or legal entitlement to it.
> I have a right to a clutter-free Internet that is not tracking me
This is where we disagree. No, you don't have such a right, not on other people's expense. What you do have is the right to not use services or products that don't follow your world view. You are free to choose and preferably vote with your wallet.
But you are not free to infringe on people's copyright. Do note that I'm purposely not using the word "stealing" because that's not the case here, but that doesn't mean that such actions don't harm other people or companies. And because of this mentality it's precisely why we can't have nice things.
Because you see, by using ad-blockers, we are not punishing the bad actors, we are not punishing the ones that sell people's activity to the highest bidder, we are not rewarding services like Vimeo which are asking for a monthly subscription, etc, etc. And this isn't just about ad-blocking. We can extend this talk to DRM just as easily. Besides a handful of exceptions, like Minecraft or Witcher, how do you like your DRM-enabled, free-to-play, pay-to-win, mindless counter games? Because I sure as hell am glad that I've outgrown this industry.
Case in point - Google has had Google Apps. For $5 per user per month, which is the price of 2 coffees, you get an ads-free Gmail experience and a contractual guarantee that they won't mine your data, your own domain so they can't lock you in, plus support which is actually good these days. And if you don't trust Google, you've got trustworthy alternatives, like FastMail. Out of the pool of people using ad-blockers and complaining about tracking, how many of them are paying for their personal email account, or for their cloud storage account? I bet that only a minority.
The MPAA and the RIAA have always made the argument that piracy leads to billions in losses. I personally don't agree with their judgement, because obviously, just because some shitty movie is pirated by somebody, that doesn't mean that in absence of piracy methods the pirate would have paid. But you know what - losses do happen, because when your eyeballs and your ears are focused on some shitty piece, it means you aren't focusing on something else and there are only 24 hours in the day (same problem the food industry has, a problem called "inelastic demand"). And so the britney spearses and the beyonces and the star wars movies in our society are winning anyways.
And I must say that I consider people attributing moral values or rights to their usage of ad-blockers to be hypocrites. You know, there's nothing wrong with our human nature that wants free stuff, but lets be honest with ourselves.
Inelastic demand means that the demand for a product is insensitive to price changes (ie a steep demand curve). No idea how that relates to what you're talking about.
>And I must say that I consider people attributing moral values or rights to their usage of ad-blockers to be hypocrites.
Here's the deal: Anything that is open to me publicly through my browser is fair game. You don't get to control what I do over here as soon as that data enters my house. In the same way I watch TV, then get up and go to the bathroom, or read, or get food, when commercials come on. The cable companies don't get to tell me, "Hey, you have to WATCH the commercials."
If you are producing content and want to make money, take what you can get through ad support, or offer a subscription. If your content is worth it, people will buy it. Period. I have no sympathy for people who feel they have some sort of right to make money from website visits.
Ads have been abused by companies over the years but whitelisting sites that whose content and services you value and don't abuse you with those ads are the only reason they can afford to exist.
Edit: I get it, you don't want ads. People have abused them over the years and that's bad. My only point is that whitelisting (or donating/subscribing to where possible) the sites you value keeps those sites running. It's nice that some sites don't need financial support to pay for reporters, editors, producers, and photographers but that's not the case for many sites that do great journalism.
I guess the world we live in is pretty magical!
I'm all for blocking sites that abuse their users.
What about distraction? Is time free now?
And that's before we get into the malware vector problems. The few tenths of a penny you got for me seeing your ad is much less than my hourly rate for cleaning up a network infected with the latest 0day du jour.
Is your (the collective your) company going to compensate me when one of your ads destroys my machine? No? Then I'm forced to conclude that you want the benefit with none of the responsibility.
The blockers stay on.
*ed I realize this comment sounds mighty dickish but I'm quite tired of advertising apologists demanding that I sacrifice my privacy, security, and time to access their all-important text. I decide if and how my computer renders a given piece of markup - if your business can't survive that, welp, not my problem. Fix your broken business model.
> They all abuse their users in one way or another. Tracking me across the web? How about no? What about distraction? Is time free now?
But your comment reaches new heights of absurdity. Taking your attention is "abuse"? When you go to the store and they force you to pay for goods, is that theft and abuse? You're consuming a service for free, and the cost of that service is a modicum of attention. When we're not talking about the terms of the transaction being hidden from users, pretending that paying for services is "abuse" is frankly just pathetic. Grow up.
People who plaster ads up on their site and trust Google/Facebook/whoever to vet the ads for not being malware vectors are being irresponsible. Again, this respect is a two-way transaction, and the people who slap ads up on their site have demonstrated none for me.
2) You have to pay something for the content: a passive ad is far more efficient and actually more private than direct payment.
3) Malware/scams/etc are an entirely different problem. That doesn't mean the model is broken, it just means that there are bad actors that need to be effectively dealt with. Otherwise we could point to any industry and say it all sucks because a few bad guys did some bad stuff.
2) No, I really don't. I didn't pay anything to access HN, or Reddit, or any of the other sites I browsed today, including ads. Somehow, the system is still working, the incessant crocodile tears of the advertising companies be damned.
With a lack of understanding comes a lack of care and/or responsibility - and without that care and responsibility, why should I hurt my privacy, attention, and security just so you can get a few pennies?
Again you're pointing to a model when the issue is the bad actors and the poor processes. Advertising is fine, it's the industry that needs to get better at technology and enforcing rules. Part of the problem is that this is a global industry and there's little regulation.
Publishers are getting a few pennies so they can produce content and run the site which you can visit at anytime and consume. You can choose not to go to that site - but you are still going there so there MUST be value you find there and that is what the publisher is working to be compensated for.
That was precisely my point: there are other viable models than ad-supported.
> A lot of sites could never survive on those models or obtain the resources to manage them.
Not really, it might hurt in the short term but it only gets worse for users to have paywalled/closed access, which will actually lead to more ads and tracking.
I am a member of many communities whose hosting costs are paid by the communities, the administrative tasks are shared by members of the communities, I "consume" many sites which only exist because their authors want to express themselves, I use sites that exist because people feel the need to share their knowledge and collections of bytes. They all exist without a single ad. They exist because someone wants them to exist.
This comment was written and shared for free on the web without restrictions because I felt the urge to write it.
It seems like you just cherry picked a few small sites and claim that if they can do it, everyone can.
Sure hosting costs are ridiculous cheap and now anyone can publish for next to nothing. But do you get all your content from your friends posts on Facebook? There's a reason why real original and valuable content requires dedicated staff to do it and that does cost money.
You don't look at movies and think "well that could just be done for free if they really cared about it" so why attribute that to good content that just happens to be in another medium?
The whole point is content does cost money, regardless of medium. Just because it's an article online doesn't mean it's free.
If you prefer a certain type of medium that's fine, but that doesn't mean other types aren't valid or hold value.
It's possible that journalism becomes supported by patronage the way art once was.
The majority of online journalism seems to be regurgitated news agency reports and stuff that no one needs (or can get free from communities elsewhere).
lots of forums, blogs and aggregators perfected clickbait and cat picture distributions a decade ago.
Ads from newspapers are one of the biggest vectors for malwared ads, because they have so many viewers. You're a very efficacious channel for the malicious. Because newspapers have proven incompetent at not endangering their readers.
If you have an exciting new method of not malwaring your readers, that hasn't occurred to every newspaper that's malwared their readers so far, we'd love to see it in action! Until then, you really can't expect readers to just assume your competence in the face of overwhelming evidence.
Possibly you need to explore business models that don't risk malwaring your readers.
This is the policy it "broke" apparently. Despite the entire app being open source and commented, someone at Google could not understand his code and hence found it obfuscated or "suspicious".
Google could eliminate all adblocking extensions from the chrome store instantly if they wanted to - but they haven't. This seems like, and now proven to be, just a mistake.
>We apologize that the update was rejected due to an snag >in the review system. The updated item will be available >in the Chrome Web Store within 30 minutes.
>Thank you for your cooperation,
>Google Chrome Web Store team
so a non story?
I have to add my shameless pitch to this thread, and I hope that fellow builders/entrepreneurs/startup-ers will emphasize with the fight to get attention/users:
uBlock is a great tool but it doesn't offer any network-level services, so you're still exposing IP/geo-location and potentially content sent over HTTP (as opposed to HTTPS). My company, RedMorph, will soon offer in-extension encrypted (AES-256) proxy at the first paid tier (we need to charge to cover infrastructure cost, it's still in beta) but you can download our free tracker blocking extension in the meantime. It's designed with usability in mind, so the average user can "plug-and-play". We're especially interested in empowering non-technical parents and children.
I'll be adding uBlock to this comparison soon:
Thanks for your time, I appreciate thoughts and feedback!
Still worried about these "goofs" from walled gardens… Most of the time there is simply no way out for small developers.
>"Where possible, make as much of your code visible in the package as you can. If some of your app's logic is hidden and it appears to be suspicious, we may remove it."
Which maybe true, but odd as the project is publicly hosted freeware. It could be a case of simply an automatic algorithm making an incorrect call.
Its also worth considering Google's primary revenue stream is advertisement, which uBlock attempts to subvert to a degree.
Maybe he could try that?
What does it even mean for code in a packaged program to be "visible"? It should be invisible! That's the whole point of packaging!
This is regarding the chrome web store, not the play store. Also, I'm aware of Apple taking a pretty heavy handed approach, but I'm not convinced Google has a history of this.
> What does it even mean for code in a packaged program to be "visible"? It should be invisible! That's the whole point of packaging!
Perhaps you are assuming this is the play store instead of the chrome web store? Web store apps are just web pages. They want to ensure the packages are easy to inspect and understand. It's a rule that appears to be attempting to maintain open web standards. Given that this is HN, I assume that's enough of a justification for anyone reading this comment.
Chrome web apps support NaCL. Why do JS-based apps need to have readable source code?
We can't allow technical oligarchies control over what we do with our computing, enacting stupid policies, with no outside visibility or accountability.
Apps that do controversial things end up on the front page of Hacker News/Reddit, so you actually hear about them. The other apps just... die.
We apologize that the update was rejected due to an snag in the review system. The updated item will be available in the Chrome Web Store within 30 minutes."
> Never attribute to malice that which is adequately explained by stupidity.
In the medium term, yes, because if this issues can't be resolved then the Chrome version will be stuck on that version and lag behind other browsers.
And while there are hoops you can jump through, if it's not approved on the Chrome Web Store, it's not getting in your Chrome.
On the plus side, sounds like good news for Opera.
> However the email I received is titled "Chrome Web Store: Removal notification for uBlock Origin".
(I developed a few Chrome extensions 5 years ago and used to distribute them "by hand" to users, but haven't much followed what has happened since).
Surprised by the downvotes, wasn't the question legitimate? Or is it obvious and old news for anyone but me...?