Hacker News new | past | comments | ask | show | jobs | submit login
Google proposes changes to Chromium which would disable uBlock Origin (chromium.org)
1527 points by Apylon777 on Jan 22, 2019 | hide | past | favorite | 739 comments

The design doc — the part quoted in the note linked here even — explicitly notes that it will probably be required to retain some degree of the existing functionality slated for eventually removal until the new API and other replacements cover all use cases; the response linked here appears to (not improperly, in the context of making a case for why much of the functionality is needed) ignoring that and treating the planned intent as removing all of the existing WebRequest API functionality that is not observational for a hard cutover to the new API which does not immediately supports large swath of currently used functionality.

I think the response is appropriate, energetic advocacy, but the HN headline is hyperbolic.

The uBlock maintainer specifically says that uBlock Origin and uMatrix use a different matching algorithm than the declarativeNetRequest.

The title isn't at all hyperbolic. You don't deprecate such important functionality without laying out a full plan for replacement.

Unless there is no such plan and in reality you want to screw uBlock Origin, which I might say is the most aggressive ad blocker available, and isn't owned by a company in bed with the ads industry, like AdBlock Plus.

Oh, the Google fanboys. “Didn’t you read the article? This is purely for privacy reasons.” Nevermind that this makes it harder to actually keep your privacy. Nevermind that this is exactly what people warned would happen in a browser monoculture controlled by an ad company. That’s just a coincidence. It must be, because Google are the good guys, am I right?

Supporting privacy would allow browsers to block requests, full stop. There's no way to spin this specific action as pro-privacy.

The design as presented isn't for addressing privacy concerns.

It still allows extensions to get a list of URL's accessed

firefox isn't that good with privacy either


This was a terrible mistake by Mozilla, but a test pilot for a limited number of users doesn't seem permanently worse than what Google does in regards to privacy.

Moreover, this presumably didn't affect users who installed via a package manager, while with Chrome the installation method doesn't matter.

However I wish Mozilla was publicly funded, so that they don't have to constantly search for alternative revenue sources.

Irrelevant whataboutism. It doesn’t matter what Firefox does, the article is about Google Chrome/Chromium.

It also spells out that the new API can consist solely of static, known ahead-of-time rules[1]. The rules are json, so that kills any logic beyond pattern matching. We already know that approach severely limits the effectiveness and usability of an ad blocker. It's pretty much the same as ad blocking with a hosts file, other than being able to also statically provide path info. Imagine a list of "bad sites" and/or "bad uris". Limited to 30k entries to cover the entire internet.

The fact that the plan ends with extensions still able to see all web requests, record all web requests, forward a log of all web requests to any arbitrary endpoint, etc...means the "privacy" angle is pure bullshit. I suppose the "performance" angle is somewhat true, but the net performance gain of NOT downloading all the ads makes up for any performance loss of processing/filtering requests. Sites with ads are faster when you load an adblocker.

The only thing being taken away is the ability to dynamically observe a web request and cancel it. Who uses that functionality outside of ad-blockers? Not many. There's no hyperbole in the headline.

[1] https://developers.chrome.com/extensions/declarativeNetReque...

> It also spells out that the new API can consist solely of static, known ahead-of-time rules

If it ends up as effective as Safari/iOS's content blocking, I don't see the problem.

> The fact that the plan ends with extensions still able to see all web requests, record all web requests, forward a log of all web requests to any arbitrary endpoint, etc...means the "privacy" angle is pure bullshit.

Yes, if you grant permission to access everything, it has permission to access everything. The benefit of the rule based approach is that the extension doesn't have to have access to everything.

The privacy angle is being able to move most extensions away from accessing all data in all tabs.

Safari/iOS's content blocking has a 50k limit, not a 30k limit. I don't own anything that can run Safari. Is there a credible comparison of how well it works versus Ublock Origin on Chrome? I'm skeptical that a static list would match up to the ability to dynamically make decisions. If I were in the ad business, I'd immediately make use of ads from the same root domain as the content, or subdomains mixed in with lots of random/changing subdomains for content like images, etc. Voila, static ad blockers thwarted.

Edit: I assume "right click -> hide and don't ever load again" becomes "right click -> load but hide" ? Also, related: https://apple.stackexchange.com/questions/337094/safari-12-c...

> how well it works versus Ublock Origin on Chrome? I'm skeptical that a static list would match up to the ability to dynamically make decisions.

The Safari content blocker is better than nothing, but it's extremely simplistic compared to uBlock Origin. It can't even block YouTube ads properly.

Apples rules are a huge pain. Exception handling gets extremely complex (block all urls matching regex R, on domain B and C but not on subdomain D.B). I have not seen anyone yet able to handle the full breathe of the EasyList format.

To get around the 50k limit added by Apple, you must use multiple lists, however domain exceptions must be included in the same subset as the parent rules, since rules do not combine once compiled.

Also, dynamically whitelisting a domain is annoying since you must remove all of the lists form the webview before loading the page. HTTPS-Everywhere is even worse to get operational using Apple's content blocking lists.

(edited grammar mistakes)

But the design document only mentions retaining the old API for features that aren't possible with the new API, such as onAuthRequired. So it would still cripple uBlock

I really like the point the uBlock maintainer's make:

"Extensions act on behalf of users, they add capabilities to a user agent, and deprecating the blocking ability of the webRequest API will essentially decrease the level of user agency in Chromium, to the benefit of web sites which obviously would be happy to have the last word in what resources their pages can fetch/execute/render."

I'm just waiting for the time until websites won't load at all unless you have hardware DRM turned on that will take all of your control away.

>Extensions act on behalf of users, they add capabilities to a user agent, and deprecating the blocking ability of the webRequest API will essentially decrease the level of user agency in Chromium

This is off-topic, but I felt the same way about most data privacy problems. It was my own browser that was giving out the information and I would still like to see better control over it by default. Data privacy laws are simply a bandaid that don't help at all against malicious actors.

> I'm just waiting for the time until websites won't load at all unless you have hardware DRM turned on that will take all of your control away.

I already leave websites that become unusable with adblock on, or without it on. It will just trim down on the amount of sites I go on.

Same here.

If it's something I'm particularly interested in, I look for a cache, snapshot or whatever.

Edit: Or just read HN comments.

Ah yes, I used Firefox' reader mode, but some news sites now don't even properly support that. I may have to remind myself not to go on those sites anymore as well.

> Firefox' reader mode, but some news sites now don't even properly support that

All sites which are on Google Amp. Google, whenever it can, "helpfully" gives me the amp site and then I have to find and click the link to the actual site to get to the "readable" version.

Excuse me, but I believe using a google website to get to content negates the whole discussion over how to prevent webscale surveillance by advertising companies.

In other words, if your "solution" to the problem as outlined in the OP involves google, you already lost.

I'm just waiting for the time until websites won't load at all unless you have hardware DRM turned on that will take all of your control away.

My money is on news sites and other paywall sites doing that first. How long before they stop letting us "open in new private window"? Washington Post doesn't even allow that anymore -- a shame too, since I haven't read a single one of their articles since then.

Extensions should act on behalf of users but, like websites, some don't. A questionable or poorly-maintained extension can do more damage than any single website, and browsers can support user agency by replacing APIs with better ones: an effective declarative API for content blocking would majorly speed up extensions like uBlock Origin and make it harder for other extensions to follow users around the web.

That said, we should all fight for changes that let extensions like uBlock maintain feature parity.

Disclaimer: I'm both a Chromium developer and a uBlock Origin user and speak only for myself.

If you create a superior api (esp w/regards to speed) people will naturally move to extensions which use that api. Then once usage of the old api has dropped significantly, you can deprecate the old api.

It has been proven time and time again, that that's at best only partially true. There are two factors:

If they have something working with one API, they have to have a good reason to re-implement it with a new API. It may be 'fast enough' and reliable, so why go through all that pain?

Or, it's just the long tail of API consumers (e.g. site on the web). Some things aren't maintained and updated, but they don't go away.

I would gladly live in the universe which is a smoking bomb crater of questionable and poorly-maintained browser extensions, than be a wealthy rock star in any universe of amazingly performant extensions, but which are using a browser API which has denied my right to self-determination on my own computer, effectively taking away my ability to say "no" to actions which are then forced upon me. This is like a kind of information rape. And here the suggested "alternative" of static, declarative, JSON-only filters means no programmatic ability to veto requests before they happen. It is effectively forcing users to leap before they look. And this completely arbitrary limit on the number of filters -- and it is completely arbitrary -- is the same kind of neutering mechanism, forcing me to "prioritize" a small number of request vetoes. In other words, it's forcing me choose the manner in which the rape happens.

I think this is the core difference motivating this change: do extensions necessarily act on behalf of users? If that were true, there'd be no such thing as extension malware.

Google's business model is exactly the same.

Is it perhaps time to return to using external tools such as Privoxy, Pi-Hole and the like? Privoxy appears to still be around, and (I think) was originally at the forefront of user-managed web controls.

Once the browser reaches its natural Borg-self, transparent user-level tools will be all that provide a semblance of control. Well that, and Firefox.

If a website shows a popover ad, it might be a first-party script putting up a modal, then a third-party iframe with the ad inside that modal.

Blocking at the network layer will leave the iframe blank, but the modal will still be present. It's not such a good user experience, especially for less savvy users who might be confused by a mysterious blank modal.

Tools such as Pi-Hole cannot block YouTube ads effectively.

AFAIK Privoxy isn't actively maintained.

I think you are correct, and that may be an opportunity.

That's what the DNS-over-HTTPS is about - so your local DNS won't be consulted, instead it will be drowned in the HTTPS traffic. Remember, SNI is going to be encrypted too, so your router cannot distinguish DNS and regular traffic.

What if someone would create a pull request to implement unlock origin natively inside chromium, instead of an extension. If such a PR met all technical criteria, would Chromium project accept it?

No. Google would not include, as a built-in part of Chromium that is installed by default, a feature to lower their ad revenue.

Doesn't Chromium already lower their revenue from other lacks of integration that are included in Chrome?

Next to no one uses Chromium. The integrations usually start in Chrome, leaving Chromium pure, allowing Opera etc to forge their own path. This is a disturbing trend to change the course of the project, likely due to Edge being based on Chromium.

I bet a decent chunk of the MS engineers lobbied to adopt Gecko instead of Chromium when they decided to move away from EdgeHtml. I wonder what the reasoning was for not going that route, it seems like a huge miss and a total acceptance of a browser monoculture.

Gecko is deep in to a transitional phase. Once it comes out the other end it may be simple to embed but it's currently far too early for that.

On the other hand Chromium is relatively simple to adapt with many real world examples to learn from.

(Personally I think they should stick with EdgeHtml but it seems that ship has sailed).

I wish they would have thrown in with the Servo project, but Chromium is ready now and Servo isn't, so I'm sure that factored in.

I wonder how quickly servo could become feature if a major player decided to adopt it.

nodeJS uses Chromium and not Gecko. I suspect MS’s requirements basically necessitated the use of Chromium.

However, this does provide an opening for MS edge, if MS forks Chromium for Edge and excludes user hostile “features” such as this.

Sadly the only use of Chromium among regular non-tech people is in spyware/malware installations.

There is a quite a bit of adware which uses unsigned Chromium to push their wares.

That is the malware installs a modified Chromium with all the "extras".

So anecdotally, when I see Chromium on a users computer I assume the worst (that I have a cleanup task ahead).

Brave browser may be what you are looking for.

Isn't it also based on Chromium?

Sure, but this change might cause a hard fork. VC investment in browsers has been a long time coming.

Of course not.

I'd love Chromium feature that uses system password manager (macOS / iCloud).

On the flip side Chrome's profiles are nice and I wish macOS supported more of it.

If you want something like that, get Brave. It's Chromium-based that has privacy and ad-blocking built-in.

Is there a chance that Google's changes here might disrupt Brave's integration into Chromium? I mean, they might be using this WebRequest API to do their built-in blocking.

There are four listeners with blocking ability on the webRequest API.

The design document says "potentially removing blocking options from most events". There is one mention that the blocking ability of webRequest.onAuthRequired may still be required.

From this I deduce that the plan is to remove the blocking ability of the three remaining listeners with blocking ability

uBlock Origin uses two of these remaining blocking listeners, uMatrix uses three of them.

To interject with a potentially inconvenient fact, I think the premise that ad blocking (request blocking) is now obstructed, is incorrect. Therefore this response seems exaggerated to me.

This is because Chrome extensions can use the 'debugger' API to send remote debugging protocol commands to a page, to intercept and filter / block all requests.

There is no need to use the provided Chrome extension APIs for blocking. Google can remove all of them, I think, without effect.

This is because there are multiple ways to do the same thing. Authors/engineers complaining that now they are impeded, are in fact mistaken.

Disclosure: I know this because I have actually re-implemented the blocking from AdBlock Fast using CRDP Network domain.

I'm interested in this. What's the CRDB equivalent of onBeforeRequest()?

I don't know, you should have a look yourself. I know that you can intercept requests, and block, provide other payloads etc.

I'm interested in that even tho this is factually correct, it's ignored / downvoted because it goes against the prevailing narrative. Discourse here can be pretty 1 dimensional, it's more like a confirmation bias machine / echo chamber, than a discussion. Just like the rest of the net, no matter how 'smart' the people here are. The same behavior pattern occurs here as everywhere else.

It would be interesting if this can be solved in discussion forums of the future.

An alternative explanation is just that people assume if ad blockers move there, Google will deprecate that API for the same stated reasons.

I did find it, it's called setRequestInterception(). It's marked as experimental, and has a note that it disables caching, but there's some debate as to whether it actually does.

I think most of the meaning here isn't found in a design document


Please don't do this here.

Google is an advertisement publishing company. All the things they do, they do to earn money, not to give people anything. When Chrome first appeared, I was wondering about the extremely huge cost of building the browser and how Google wants to earn from that. Then it started to be obvious: it's all to spy on people. Not from the beginning, but slowly... the google account integration... the forced logging into the account... adding custom adblock (which doesn't block most of the ads)... and now this: disabling adblockers.

I'm glad that I stopped using it.

I once read that Chrome was created by former Firefox developers. Google is infamous for its code reuse.

Many web commentators continually sound the alarm on Google's increasing leverage and control over a variety of "components" or "intrastructure" essential to the www.

But controlling the browser is, I think, the ultimate control over the web as users know it. Browsers seem to fall outside the purview of www standards. Are there RFCs that tell people what browsers must or should do? More likely, there are standards that focus on servers and seek to accomodate whatever browsers are doing at the time.

The browser can override anything. It can easily modify user intent in subtle, "hidden" ways. It can rewrite "default behaviour" overnight.

To give an example, users probably think little of something like the feature known as "Omnibox", if they even know what that is, but this sort of browser "feature" is of enormous value to a company trying to gather information on what users are looking for.

Imagine the number of DNS queries this bypasses, redirecting what is typed by the user to a default search engine, conveniently preset to point to a Google server.

Recall that Chrome was made when IE still had a dominant marketshare.


IE was stagnating, slow, and extremely vulnerable to malicious behaviors. The net result was that the web became a very hostile place, while Microsoft was pitching various "post web" strategies like WPF. Google had been a big financial supporter of Firefox but not to a degree where they could direct the project or push their own agenda. At the time many viewed Firefox as slow and bloated.

So Google made their own thing, and it worked admirably and we might be in a very different world if they didn't. They dramatically improved the state of the art for JavaScript, added intrinsic hostile activity and site blocking, started dramatically accelerating the adoption of technology improvements (by implementing very early proposals, often to much consternation), etc.

The web was less dangerous. Google's cash cow was protected because there was less of a draw to go to alternative platforms.

That, I think, was their primary intention and it was aligned interests with users. Everyone is happy with the web.

And honestly I do think this ad blocking thing is a bit of "fake news" (e.g. it is being grossly misreported). Google is proposing a solution that offers more privacy from the extension, and it seems very similar to what Safari has done (and which is very widely viewed as a great design).

"Google is proposing a solution that offers more privacy from the extension, and it seems very similar to what Safari has done (and which is very widely viewed as a great design)."

It would only provide more privacy if ad block extensions go solely with static lists of uris. If they want to retain features like right-click block, or allowing users to customize the list, static blocks don't work.

These changes do nothing to inhibit the ability to log/store/etc requests anywhere you want as an extension author. They are only removing the ability to cancel in flight requests.

What's your source that the Safari ad blocking approach is viewed as a great design? Everything I look at shows it was a regression in effectiveness. Certainly the various adblock authors weren't thrilled. How well, for example, does it work with YouTube ads?

IMNSHO, Google's obsession is artificial intelligence. They have build a search engine to prove they were better at understandanding content of web pages. To improve their AI, they need to spy on every aspects of our life. They spy on all our web activity, on our phone contacts, on our mails, on our documents and on our deplacements (waze). The fact that this search engine has generated so much money was an accident. Now, Google fights are: political lobbying to avoid being destroyed for monopolistic behaviour, protect and increase their spying means, improving their AI.

> I was wondering about the extremely huge cost of building the browser

Chrome was originally based on WebKit and many other open source libraries, and some parts still are. The only major initial investment was V8.


Don't forget the people who had it installed because it was bundled with some other software during installation...

Yea, this is also quite terrifying that many companies trick people to install Chrome while installing their software. Trick - because the option is too often checked by default, and sometimes it's hidden in the text so it's hard to notice.

Not sure why this is downvoted, ask the average person how chrome got on their PC, they wont know...

All the I-have-nothing-to-hide people, please publish your bank account, address, SSN, passwords and other information the bank can ask when trying to transfer the money.

Yea, I know... so they really have something to hide, right? So why not to start caring about the privacy and start thinking?

> I-have-nothing-to-hide

Not one of them, but I hope you realize that this 'example' is completely off mark.

I have nothing to hide if we are talking about that new hifi system I was looking on Amazon, I don't care if google knows what did I have for breakfast, I might even be ok with you knowing my address, but this is fundamentally different from you haveing keys from my apartment or my bank account.

I'm not necessarily of this opinion, but his view is that knowing what you had for breakfast and your address is the same as your bank account # or house keys; it's just that people haven't realized this yet.

Their argument is that the reason why people say house keys, or bank act # is different is because they are protecting something of value. His argument is what you do on a daily basis is just as valuable you just don't know it yet.

The other argument against is "yes my privacy/ daily activity may have 'value', but unlike my bank account or house keys people can't take something from me from knowing it. " That's more up to opinion, but the argument is knowing you so well, someone can take your independence. A bit dystopian, but imagine n years from now, ML is good enough to predict your responses and behaviors to 80+% of things. Companies now use it to effectively get you to make decisions they want. Combinations of timing, placement, location, repetition, persuasion, counter-argument all to produce a desired result, but unlike present day extremely effective and possibly without your awareness. If there is a way to get our wet ware to do it, ML will figure it out.

Advertising/Marketing/Sales become a game of Go, where you're the Go board. Best ML wins.

We like to think we're fully in control of our decision making facilities, but study after study shows that's mostly an illusion. Our sub-conscience mostly decides for us, and then our brains rationalize this away after the fact.

The fear is that by giving away your emotions, your responses, your ocean 5 factor model, your preferences, your habits, and a playground to test all of this in you are potentially giving up your independence at a future time.

It's all dystopian, it's not guaranteed, but it pans out as all likely directions and very probable tech.

At a certain point, is that necessarily a bad thing?

If the AI knows me so well, it's probably something I would buy/want anyway. If my house starts cooking bacon and eggs in the morning based on it's analysis of me, and there's a 90% chance that's what I want, awesome.

A lot of people already do it with driving. On my commute to work every day, I go the way google maps tells me to. Google is effectively controlling traffic patterns, but it's made driving to work faster.

I realize it could possibly be used for evil, but by the time we get there, most if not all, of the people reading this will be dead by that point, so we'll never know.

Because to a company using ML to impart control over your behavior, you are a $. They want to extract value from you, just like every other company, government, etc... If they become really, really good at this, you are going to have a low standard of living (because you are being mined for value), and make noncoherent decisions constantly (you will no longer be rational, nor have a functional personality).

To some degree, this has already been happening for decades, since psychologists began formalising advertising into a science. Look at the increasing percentage of lower class families and how diminished their average value is. This isn't caused by time localized events, like a 5 year recession or a housing market bubble. This is the result of extremely fine-tuned and effective advertising, that has caused cultural shifts towards greater and more irrational consumerism.

ML allows the advertisers to be much much more effective; they no longer even have to manually understand their market to manipulate it. Again, look at the growing disparity between the richest 1% and the rest of the schmucks. That 1% is soaking up the profits of extremely effective advertising, which the rest of us are paying for.

It's not that they know what you want, it's that they make you want it. And that destroys individuality, creativity and the last bit of freedom we still have.

To add to what @neuralRiot, the mistake in your thinking is that you're imagining AI as your assistant. But it won't necessarily be your assistant, since you don't actually own it and especially if you're not paying money, you're not the customer.

To give an example, imagine if Google Maps took you on an alternative route, not because you'd arrive faster, but because on that route there are ads you need to watch, or because GMaps wants to free the road for some high profile travelers and you're just getting in the way.

Waze is already serving commercials while you're driving. And given the weird routes it has taken me on, I now have no idea if Waze's algorithm chooses certain routes because it would be faster, or because it wants me to watch ads, or because it wants to take me off the main road to clear it for others.

Companies are already doing evil shit with real consequences. Facebook for example did experiments on manipulating people's feelings. Target figured out a girl is pregnant before her father. Plenty of other examples. It's just that people aren't paying attention.

I find the attitude of "I go wherever Google maps tell me to go" problematic. We should be asking more questions. When we don't, we are basically complying to what the government/corporations are asking us to do. That's not freedom.

It needs regulation. In other areas there is also, e.g. cigarettes, alcohol. 'We' don't allow people to e.g. freely consume drugs. The pressure is not (only) on the individual (your: 'start thinking'), The society as a whole has made rules what goes and what not.

There are comparable issues with Google and Facebook. Let economic instruments fix the problems. Tax advertisement. Heavily if necessary.

If I want to drink a Whisky there is a lot of tax (to 'help with my thinking'..;). The same needs to be done with advertisement, imho.


You: "I care about my privacy" ... "I use chrome"


I feel a lot less concerned about this than who knows what google is doing.


"Cliqz does not build browsing profiles for individual users and discards the user's IP address once the data is collected," the firm added."


"Consequently, aggregation of user's data in the server-side (on Cliqz premises) is not technically feasible, as we have no means to know who is the original owner of the data," Cliqz says. "This is a strong departure from the industry standard of data collection."

And here's Mozillas info about it: https://www.mozilla.org/en-US/privacy/archive/firefox-cliqz/...

Why should I be concerned? Given this information, why would I choose Chrome over Firefox for my privacy?

jqt, any chance you work for Google? Because, not to be rude, but this is something someone from Google would say to try to, oh idk, demonize Mozilla so everyone will forget that Google has marketing profiles for ALL OF US. So if you do work for Google, you should probably give a disclaimer, or just not comment at all.

I think you misunderstood my post. I am arguing that I would prefer Firefox to Chrome.

Nope, I intended it in response to the comment you were responding to, but it went dead before I could submit it. So I just addressed it to that poster, and used your comment as a surrogate. Sorry for the confusion!

I guess you don’t use Chrome either then? Because it also sends user data to an advertising company…

So what do you use instead?

I do use Chrome. I know my data stays with Google and won't be siphoned to a third party that I don't know. I don't trust Google much but I trust them more than I trust a random third party, "better the devil you know than the devil you don't"

I think it is more a "better the mobster with a vacation home in town" essentially - while a bad actor's interests are aligned. They may still screw you over but if they are greedy ironically on your side.

> I know my data stays with Google and won't be siphoned to a third party that I don't know.

How can you be so sure about that?

You can't. But Google is an ad company and an ad company does not just give away their most valuable resource, the data. So it's more about the devil you know then the devil you don't know.

An ad company can sold your data in various forms and formats. Maybe it won't sell your raw data, but will sell you nevertheless.

Even if it doesn't sell your data, it can use your data to make their ads more efficient for you and people similar to you. While that's their business model, they are borderline abusing you in the process. This not something I'm comfortable with.

They sell recordings of your activity for money, and you don't even get a cut. No royalties, no nothing. So they are profiting from your actions, without paying you. Bit unethical right? I generally consider my time valuable enough to sell it, and my actions even more so.

> and an ad company does not just give away their most valuable resource

Correct. They sell it for money. How exactly is that better at keeping your private data private? Google's power doesn't reside in the fact that it keeps your data private but in the fact that they have a constant flow of up to date data. When you hand over data to a company whose revenue (also) officially comes from monetizing it your privacy is forfeited.

I can't in the same way I can't be sure the Mozilla Corporation isn't pulling another Cliqz on me. So what's your point?

The point you made is (simplified) "Chrome is better than Firefox for privacy". Yet you brought nothing to support this beyond "the devil you know is better". Especially since Google is heavily relying on marketing your data to the point where they gather it covertly or force users into privacy breaking situations.

Common sense would lead anyone to assume they don't collect it just to flip bits on a storage device. Just when you thought you knew the devil. Knowing this guess you'll drop Chrome now, right?

[0]-[over 9000]

So tell me about this devil you know and how exactly knowing all that still pushes you to believe it's the better option?

[0] https://news.ycombinator.com/item?id=18042802

[1] https://news.ycombinator.com/item?id=17942252

[3] https://mashable.com/article/google-chrome-69-forced-login/?...

[4] https://gizmodo.com/google-stores-location-data-even-with-lo...

[5] https://mashable.com/article/google-android-data-collection-...

[6] i can go on but I'm pretty sure a modicum of good will from your side would be enough to get the point.


> 4 and 5 are not Chrome

Ok... I'd read it for you but that's not how it works. So here it is in nuggets:

> "Both Android and Chrome send data to Google even in the absence of any user interaction," the study finds. "Our experiments show that a dormant, stationary Android phone (with Chrome active in the background) communicated location information to Google 340 times during a 24-hour period, or at an average of 14 data communications per hour."

> So yes, fuck Mozilla, they can burn.

Ah, ok, I was waiting for you to change the narrative from "Mozilla bad, Google good" to "I have no argument, I just don't like Mozilla".

And don't get me wrong, you have every right to like whatever you want. Just don't pretend you have valid objective arguments.

Sure, if you disregard the entirety of my post it looks like Mozilla is full of saints. The truth is that they've backstabbed me several times and I won't allow them to do it anymore. Take from that what you will. Maybe, if the Mozilla Corporation changes hands, I will trust them again, but as it stands now, no way.

Wait, I thought you are are using Chrome because unlike Firefox they (Google) never backstabbed you. Except they actually did so your argument turns into "Mozilla sometimes employs the same tactics as Google but I'll pretend Google doesn't do it to justify my personal taste".

I have 0 interest in telling you what you should like or use, or pretending that Mozilla always plays fair. I just felt compelled to point out that the justification you presented here is horse manure. You use Chrome because you want to. Don't try to sell it as an objective conclusion even if it's written in the same sentence as a related objective argument. One is not based on the other.

Objectively both Mozilla and Google resort to trickery, only the scale is vastly different for the company that lives on monetizing your privacy. And mind you, I use Chrome 90% of the time. But I'm not fooling myself with explanations like "Google will protect my privacy" and "the devil I know must be good".

Here's a short list of other horse manure conclusions that can be extraneously drawn from accurate and objective arguments:

-I drive a VW car because GM was once caught cheating on emission tests

-I use an Intel CPUs because AMD CPUs once had a bug

-I use Windows because Linux had a vulnerability once

-I use Chrome because Mozilla once gave/sold my private data to some 3rd party

I care about my privacy and I'm still using Chrome. On a Chromebook and a Pixel device. Speak for yourself.

|I care about my privacy

I don’t think that means what you think it means.

>people who dont care about their privacy will keep on using Chrome.

Which browser are you using?

I think some people who care about privacy have just been worn down to the point where they've given up and don't necessarily believe they gain much from the inconvenience of avoiding things that work for them. I'm not sure that's totally irrational.

Once upon a time, you could tweak your HOSTS file and/or install some basic software, and adopt a few behaviors to get reasonably strong privacy.

Now, between all of the data breaches, tracking at the device/ISP/carrier level, nefarious privacy policies (including IRL), business models that depend on collecting, selling, and protecting data, app glut, sophisticated malware and fraud, etc. ad nauseum: it's like a multi-front war to keep your PII. Truth be told, most of us have shockingly less knowledge than we think WRT how much of our data is "out there" and who has access to it.

Through this lens, it's understandable that some might care but think it doesn't make a tremendous difference whether they use Chrome or some other thing.

Not to say it's hopeless, but at some point certain "precautions" inconvenience us more than they provide any marked improvement in our overall privacy. I'm not even sure which browser to trust more than Chrome anymore. So, I use Chrome for its features, active maintenance, and standards compatibility.

EDIT: I'd be curious to know what others are using.

Chrome doesn't log you in automatically, it just shows your Google account in Chrome if you've already logged in to your account. There's no sync happening.

When a company tells me where it's going by increasingly "encouraging" certain behaviours as their product matures I take them at their word.

Profiles went from optional, to on-by-default but could be disabled via chrome://flags, to on-by-default but could be disabled via command line arg, to cannot be disabled, to logged in by default but not syncing. Where this progression is going and what it's trying to promote is not rocket science.

Another reason to be glad that Firefox is still standing.

I really just don't understand the obsession with Chrome, especially in hacker communities. Sorry Google, I feel "icky & gross" when I use you.

> I really just don't understand the obsession with Chrome, especially in hacker communities.

Chrome used to be very lightweight, fast and basically unseated IE as the top browser. It got that love because at the time Firefox was bloated and IE had a stranglehold. Chrome was also safer with a process per tab. Chrome made web browsing/dev pleasant like Firefox/Firebug did and it really took off being based on Webkit like Safari which also worked well on mobile. Chrome (and Safari) or Webkit pushed HTML5/Canvas/WebGL/SVG into real world use which changed the landscape of browsers.

Nowadays Chrome is bloated like Firefox was, has a stranglehold like IE did, is now pushing its own market standards and breaking existing open/market standards and generally being a forceful, non respecting to standards, web browser. It sure is unfortunate and another sign that bizdev/marketing/executives rule over engineers at Google now.

This is bad history.

Firefox was top dog when chrome came out - it had unseated IE already for many users fed up with XP-era crapware.

Firefox was not simply 'bloated', but designed for classic HTML rendering at a time when javascript (aka 'web 2.0 ajax') dev was taking off and memory was not as abundant as it is now - though slow, it was more that the core architecture was out of date than it was 'bloated'. Indeed firefox was already a stripped down version of 'the mozilla suite' (see also seamonkey, thunderbird, etc - all of which predate chrome).

Chrome then came in, borrowed another project's browser engine, and decided to say 'screw memory, just fork processes' and avoided the whole multithreaded thing all together, oh yes, and open blank tabs faster with a little animation for perceptions sake.

This facilitated html5/javascript bloat, and by extension kept it in the lead as the only browser that could handle it.

of course I'm biased here (as is parent) - but chrome unseating firefox which unseated IE is born out by the facts.

> Firefox was top dog when chrome came out - it had unseated IE already for many users fed up with XP-era crapware.

Maybe in mindshare for devs but Chrome officially unseated IE browser saturation in 2012. Firefox didn't pass IE until 2015 [1].

Firefox was amazing on its resurgence in mid-2000s but did get into memory/bloat stages that opened it up for minimal/performant Chrome that was also more secure at the time primarily due to the process per tab. This possibly did lead to more js bloat later, initially it was lightning fast and also had a debug console and was based on Webkit which was better than Firefox rendering.

Firefox definitely saw Web 2.0 come in from 2006 on and was revolutionary in web development/debugging with Firebug and eventually that was part of the browser and is now industry standard to have a console/debugger on the browser.

Most developers were using Firefox by 2005-2006 and then Chrome a couple/few years later and it has been top for almost a decade now.

[1] https://en.wikipedia.org/wiki/Usage_share_of_web_browsers#/m...

> Chrome made web browsing/dev pleasant like Firefox/Firebug did and it really took off being based on Webkit like Safari which also worked well on mobile.

This is the big one for me. When I'm not developing I actually prefer to use Safari-- I like it's interface better and it feels more at home in macOS. It's "good enough" too.

What I'm really a user of is the Chrome Dev Tools. Firefox's are looking quite solid lately but I just haven't switched over.

What I'd love is to have Firefox dev tools functionality in Chrome.

Firefox highlights the edge lines of the selected element automatically, and in all directions (if I recall correctly). I have to use an extension – VisBug – to achieve that in Chrome.

There's also the fonts window, which lets you in on what fonts are used on the page, and lets you modify the selected element's font settings – size, weight, slant/italic etc.. I pay a lot of attention to typography, so that part is important to me.

Why not just use Firefox?

My liking one thing about Firefox needn't entail my wanting to use the whole browser.

There's plenty to like about Firefox, like the Awesome Bar, has better bookmarking, is able to handle a huge number of tabs, has the "Multi-Account Containers" extension (with its offspring, e.g. "Facebook Container"), or the "Tree Style Tab" extension, just to name a few.

Also that it's not Chrome or based on Chromium is reason alone to like Firefox, because we need diversity for healthy web standards. That Chromium is open source is a red herring and open standards are more important.

I know developers have been preferring Chrome and for good reasons, but I've switched back to Firefox for the last 3 years and personally I find it hard to use Chrome these days, because Firefox has a better UI.

The only downside is that Chrome's dev tools still has some capabilities that Firefox lacks, but Firefox has been improving a lot, as you have seen.


A person politely making some points in favour of Firefox in a discussion about browsers does not merit a rude response.

1. I never asked for any of that response, nor did the situation imply that I needed to learn about the points stated to make a better decision.

2. There's a general passive-combative conversation about browsers going on ("I like Firefox, I don't get why people like Chrome" and vice versa) that I never wanted to be a part of, mostly because of how disrespectful and counterproductive it is.

3. In a thread about ad-blocking, I got what is effectively an ad for Firefox.

I don't want any of this nonsense on my side of the table. "Use my product because I value it!" No, go away, I don't need this.

My choices are rarely uninformed. I spend time considering what to pick where I'm able to. I'd like my choices to be respected as such – not have my face plastered with someone else's unprompted opinion.

Here's an example of a better conversation:

– I liked this part of Firefox, and I wish it was in Chrome too.

– Do you not like Firefox whole, then? If so, why?

– Because of X, Y, and Z. I used it intensely for a month or so, so I got a good look at the way it behaves. I know X is solvable, but not Y or Z (I tried), and they're critical to my browsing experience.

– Okay, I see. I hope you consider (browser diversity, or whatever issues using Firefox's supposed to solve), because they're important.

– Oh yeah? Can you tell me why?

...and so on. A respectful conversation that sparks curiosity and provides context, without annoying any of the parties in the process.

Otherwise, you get what you give. Seems a fair approach to me.

Nobody here is nearly as combative as you. Look up projection.

You'd like your choices to be respected, but you are incapable of offering civility. Is that also a choice we should respect, or is it beyond your control?

Like I said: you get what you give.

Yes you said it but it makes no sense in the context. Perhaps try another line?


"My name is Bond. James Bond."

you should try it again.

and basically unseated IE as the top browser

And didn't get to this spot on any kind of technical or feature merits, but essentially by relentless nagging on the Google search page to have users install it. Sure, devs/geeks etc were eager early adopters, but the bulk of users were steered this way by Google.

I got the "love", because it was (and still is) advertised on google.com. Most non-technical people readily install malware when prompted. If malware is advertised on google.com, they will install it more quickly.

Microsoft have been stalling IE development for years, which allowed Mozilla to gain huge marketshare. This resulted in a lot of people learning, how to install a third party web browser. By the time Chrome was unveiled, Mozilla have coincidentally slowed Firefox development to a crawl. I remember the point, when the stable Firefox version was close to unusable, while everyone technologically proficient used a development release. It have been so bad, that some addons simply recommended not using the stable Firefox version. Btw, things have only gotten worse since then.

Chrome's dazzling success is result of it's aggressive advertising as well as sabotage and mismanagement, that killed off alternatives.

I feel the same. I keep Chrome around, though, because it seems to be the new IE in the sense that I frequently encounter sites that simply don't work properly in either WebKit- or Gecko-based browsers. It's also the new IE in the sense that I get incessant reminders about how I should be using Chrome when I access Google-administrated services, which feels like a surprisingly blatant if still implicit admission on their part that an open web simply isn't a concern or interest of theirs. I never really believed otherwise, but still.

Latest breakage I noticed is spacebar not pausing YouTube videos on Firefox but works fine on Chrome.

Firefox just doesn’t have enough advantages yet that would convince someone comfortable with Chrome to switch over. While privacy is an ever growing concern, it isn’t a strong enough feature for most people.

> While privacy is an ever growing concern, it isn’t a strong enough feature for most people.

At the end of the day, this is the end-all-be-all argument to the Facebook and Google duopoly. People just don't give a goddamn (excuse the language) about their data - they simply do.not.care.

I believe my generation (Y), and possibly a few after us (X, etc), will be known as the generation(s) who didn't think privacy/data was that big of a deal - until one day it was.

We are the guinea pig.

I don't think fatalism is the philosophy to adopt here.

I switched because Firefox has Multi-Account Containers, which was extremely compelling.


The Temporary Containers was a nice add-on built on top of that.[0] While it's a pain in the aspect of cookie-use across domains (like logging into Azure), it's other features out-weigh the initial nuissance - like automatic deletion of the container, as soon as the last one for that particular domain is closed. All of this is, of course, configurable.

This wasn't meant to be a plug, just a happenstance of "if you like 'x', have you seen 'y' based on it?". =]

[0] - https://addons.mozilla.org/en-US/firefox/addon/temporary-con...

They're a nice feature, although after a long while of trying, I ended up using just the Facebook container. The main container extension felt like too much work in regular browsing, and the tracking protection seems otherwise adequate when combined with uBlock.

Sadly, Mozilla also seem to promote containers as an alternative to user profiles, while they're nowhere near as full-featured - sharing saved logins and bookmarks between my "personal" and "work" containers is almost never desireable. Managing and switching profiles, on the other hand, is virtually unchanged since the Netscape Communicator days.

That's because you weren't properly setup with containers. I have 4 sessions going on right now, without any manual intervention. Facebook, work, Google and default. All interacting as intended with their assigned domains as isolated sessions.

Well now Firefox will have ad blocking plugins that works and Chrome will not.

We'll see how long it lasts.

Firefox has mostly strived, in the Quantum era, to stay mostly-ish compatible with Google's interpretation of WebExtensions, from what I can tell.

They do have some parts that are Firefox-exclusive. This is an easy advantage to have over your competition practically for free. I hope they see that.

Judging by how mindlessly mozilla has been copying chrome anti-features, expect this in firefox too.

A major problem is also that google websites run like crap in firefox. Gmail takes 20 seconds to load and don't get me started on youtube studio. Even the "feedback" button is broken in firefox so I can't even report the bugs I find.

I'm at the point of installing chromium just to be able to manage my videos, but I refuse to give in.

I find Google websites run like shit in Chrome too, just slightly less shit than in FF.

Plus Chrome just works better for a lot of sites. That might be because the site isn't properly coded, but users don't care. They just want something that works and more often than not, that's Chrome.

My main browser is Firefox, but I have to switch over to Chrome more often than I would like. Electron is also based on Chromium, isn't it? IMHO, the rise of Electron just reinforces Chromium's status and I think Microsoft is going to accelerate that trend (I'm guessing MS adopted Chromium because of Electron).

I don't know about "a lot of sites". Very few, I'd say.

Other web developers may want to chime in but I rarely have cross-browser problems between Firefox and Chrome. I can't recall the last one.

The only time I encounter a problem with Firefox is looking at people's codepens where they're using webkit only prefixes or a draft API.

In a couple of projects I'm currently working on, the CSS for them was causing me problems between the 2 browsers. Willing to admit that I don't have an intimate familiarity with CSS best practices. I look up what I think I'm trying to do, and then implement what I've found. I primarily use Firefox while I'm coding, and then only check with Chrome and Safari periodically. I've had to circle back to fix CSS issues specifically for WebKit not rendering as expected. Eventually, I can get to something that works across all the browsers I have access (no Android devices anywhere).

Youtube runs noticably slower on Firefox for me, regularly climbing up to 30-40% cpu and activating the fan, while Chrome handles it with 15-20 cpu.

It's the same for Gmail, but this isn't Firefox at fault. It's Google doing this on purpose by using the old, experimental, non-standard ShadowDOM V0 API, which only Chrome supports, and then using that across its products to break non-Chrome based browsers. Please don't reward them by using Chrome just because of this. That only shows them that such abusive behavior works.

That is very interesting, thanks for sharing that information. I never did use Chrome other than testing it out for less than a day, finding issues with various sites and uninstalling it. Firefox instead since it was in beta (Phoenix) and never left. Never had a real problem with it.

I do use Gmail, and don't have any but have long planned to move to Outlook.com.. perhaps knowing about this ShadowDOM issue will spur me on to make the move.

Google only has one product that's truly best-of-breed (Maps) and I don't mind using it, but don't want to be entirely in any one vendor's ecosystem. I would say Youtube is the best of its kind, but it's really held up by its community, not functionality as Maps is. Outlook may not be the absolute best for privacy either (it's also no-charge), but it at least gets me to a place where I'm well diversified.

Google Maps, Youtube, InoReader, Outlook, DuckDuckGo all on Firefox with containers is a good enough of a spread for me.

Enough people use Gmail and YouTube that maybe it would make sense for Firefox to add support for ShadowDOM V0 API? It might not be a W3C standard, but if Google uses it heavily then it's a defacto standard.

They could, except that would effectively show Google that it can dictate what other browsers implement, alter its products on rapid basis to regularly break them etc. and at that point there's almost no point to an alternative, since we'd we're fully back in the IE era again, which is why I don't think it's a good idea.

If one cannot avoid it, I think it's a better idea to create Chrome desktop shortcuts for Gmail/YouTube and use Chrome exclusively for that, if you cannot use a desktop email client for Gmail and VLC/mpv/youtube-dl for some reason.

Firefox doesn't have the market share to push back on Google. The best way for Firefox to grow is to make the best browser from the user's perspective.

I get that, but this seems like controlled opposition.

Moreover, once you give in on this, what's Google going to do next? Use APIs only in Chrome that Mozilla needs to implement only after they're made public in Chrome by literally looking at the source code? There's always going to be a lag if that's the dynamic, so there's always going to be the perception that Firefox is behind.

Moreover if Firefox adopts it, it makes it more likely to be adopted by Apple too, since Google's now not the only kid on the block to support it and now you turned it into a de-facto standard.

Mozilla already partially caved to Google in pursuit of the "best browser" as perceived by the average user. That was on DRM. Now I say partially because at least they made it opt-in, but so they caved and next Google came up with this thing.

If you going to keep paying ransom, you're going to have a lot of hostages.

> IMHO, the rise of Electron just reinforces Chromium's status

+1. I'm hopeful of Servo. So far it (ServoShell) also a good 50MB smaller than Electron which would be a very good reason for developers to switch. It'll all depend on API compatibility at the time of release I guess.

Interestingly, this is the opposite of my experience. I browse solely on Firefox and don't encounter sites which only work on Chrome at all (at least as far as I can remember right now). I wonder what's different between our browsing habits that's causing this.

What sites?

I was doing some work with very large data sets in Google Sheets last week. I started hitting row and cell limits. Personally, I think a database is more appropriate for what I was doing, but spreadsheets are more grokable by non-techies.

In Firefox, macOS was showing 4+GB of memory usage and formulas would take hours to run. I switched to Safari where memory usage was closer to 1-2GB, but it had this habit of refreshing the page as soon as you switched away (before a formula would finish running). I finally switched to Chrome and memory usage was about 1-2GB and heavy formulas behaved in a way more predictable manner.

Do you have examples which aren't Google sites?

Is that really relevant? I'd be happy if you could point me to a more capable tool. Zoho and Excel Online have never really made it onto my radar, but if they perform better in this situation I'd check them out. A lot of people are tied to the constraints they have.

Using both for years, Chrome has just been faster and more reliable. I don't do web dev professionally, but I use multiple browsers in tandem and often try to use one full time every once in awhile. On my old laptop, I'm pretty sure Chrome was the only one to support webGL for whatever reason. At work we're stuck with Firefox 38.3.0 ESR (Cent6/7) and Prometheus Alert Manager (and I also believe Prometheus graphing interface) has broken widgets, but Chrome works. Chrome has always seemed to better support the very few websites that require crazy performance. This was even the case when we would have an ancient version of Chrome and a new version of Firefox. It sucked when Firefox switched plugin architecture and Google Hangouts never added support. Now Google Meet does not support Safari.

I'm not saying any of these comparisons are "fair" but its what I deal with day-to-day.

> Is that really relevant?

Kind of, only because Google uses the ShadowDOM API to break its product on competing browsers and playing into it will only reinforce this behavior.

I get issues almost daily with well respected sites not working in Firefox.

Today I'm browsing the Adidas website, and the images don't load for any of the products in Firefox.


Apparently they're WEBP images and my version of Firefox (version 64) doesn't support them, but searching online I read that the upcoming Firefox version 65 is suppose to fix that issue.

Strangely enough, the images were working fine a few weeks ago on the Adidas website, but I had a different Firefox issue. When I clicked the images to see the fullscreen view and zoomed in, they wouldn't pan or drag correctly, so 80% of the image was hidden off the screen. In Chrome, they worked as expected.

That's one example, but as I said, I get these kind of issues almost daily from companies that should know better. I still primarily use Firefox because I have no trust in Google, but I'm forced to open Chrome on a regular basis to resolve random quirks.

> Apparently they're WEBP images and my version of Firefox (version 64) doesn't support them

I loaded the page with Firefox 65 beta and all the images worked for me. The site doesn't seem to be serving WebP images to Firefox. When I checked all the image types via Page Info they were mostly JPEGs with some PNGs and one SVG image.

There's probably some other reason why the site is broken for you. Have you perhaps changed your browser's user agent string and so the site is giving you WebP images because it thinks they will work?

It's a pretty standard Firefox installation (I also tried disabling uBlock and resetting my privacy settings), and I just confirmed the user agent looks normal, Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:60.0) Gecko/20100101 Firefox/60.0. I think it broke when I moved last week from one EU country to another. Why that would make a difference, I don't know, but Adidas is now serving me WEBP images in Firefox 64 regardless of my browser settings, whether I clear cookies, use a private window, or choose different regional versions of the website.

So, I'm left scratching my head and using Chrome to browse the site.

I'm on Firefox 64 and all the images load for me.

I'm using Firefox 60 in this Debian VM, and that site is definitely serving WEBP, which I can't view (on anything).

I am able to access the website just fine. All the images show up for me (Firefox 64.0.2).

My own personal anecdote is that Firefox spins my laptop fans audibly, while Chrome does not.

I was working on my taxes last weekend and I hit a bunch of them. ADP, the 401K and FSA provider sites, Aetna, and a 529 saving plan site are all ones I can think of off the top of my head.

What are the advantages of Chrome over Firefox?

You get to view ads, apparently.

Translation is the only thing I open it for. The Google Translate website doesn't work as well as the real time functionality in Chrome.

Firefox does not stack tabs like Chrome does and does not load all the restored session tabs at once either. Aren't these dumb design decisions enough to switch to a product where people actually think about how it's going to be used?

> does not load all the restored session tabs at once either

As someone who always has too many tabs open, I consider this a plus.

I do however think you can disable this in about:config : browser.sessionstore.restore_on_demand

also, if you use Autodiscard plugin, you will find that FF use less RAM and Ru. more faster. Essentially discard and suspend tabs that you aren't using.

Laying all the trans at one cripples my core i8 system for some time. Firefox's lazy tab loading is a much better user experience. Together with TreeStyle Tabs and the recent multi-container add-on, Firefox is just a better experience.

I used to be a fanatic about tree style tabs, but due to the new api, it's unusable with containers. I recently switched over to vertical tabs for that reason. I miss the tree layout, but at least now my tabs maintain their ordering.

All of my TST issues have been related to the layout cache. You can disable it if you right-click the toolbar icon.

Thanks for the heads up. I'll play around with it sometime later this week. I would love to have it working consistently again.

What are you talking about? I've been using TreeStyleTabs with containers for a good year or so.

I'm sure you're aware that not every user will have the same experience with a piece of software. There are a couple of bugs referenced in the Github issues for TST relevant to containers. There is a workaround, but I experience the issue again within a half hour. Not worth it to me.

Alright, it's just that the phrasing - blaming it on the new API - made it sound like an inherent flaw that would affect everyone, which definitely isn't right.

> and does not load all the restored session tabs at once either

For what it's worth, Chrome stopped doing this for me in a recent update (I think version 71).

.. and Chrome doesn't have container tabs, which for me are a killer feature.

I use Chromium on linux because Firefox doesn't have touch-screen support and smooth-scrolling feels a little rough. I wont hesitate to switch over if these changes are made though.

I've had great success getting touchscreen scrolling to work with https://superuser.com/a/1155441 (Surface Pro 3 running KDE Plasma)

Add 'export MOZ_USE_XINPUT2=1' to ~/.xsessionrc and disable “Use smooth scrolling” to get the real smooth scrolling.

+100 This is the first setting I change on a new Linux laptop install.

You can also disable smooth scrolling only for the touchpad in about:config to keep the animation for scrolling with the keyboard. Search for "smooth"; I think it's the mouseWheel one, but I'm not at home to verify.

I find the touchscreen support to be pretty good with Fedora's patches running on Wayland. I think these patches are slated for upstreaming, so get excited!

Disclaimer: I contribute to Firefox and enjoy it quite a bit.

>Firefox doesn't have touch-screen support

On Ubuntu and Kali (both debian-based), it most certainly does.

I know. Apple, too. Can't get more closed and locked-in (outside of Oracle).

Chrome is still the best performing browser (even if it's a resource hog).

I tried using Firefox for Linux for about 6 months last year, but had to give up. I got frustrated with the random UI pauses/latency, random crashes, and broken web rendering (not its fault). On the other hand, Chrome just works, and provides a very smooth, low latency experience on Linux. I don't like that I have to give up my privacy for a decent browsing experience on Linux, but that's the state of things.

To be fair that seems anecdotal. I've been on Firefox since v57 on Arch Linux with no major issues.

Yeah, it's totally anecdotal and just my experience. I would really like to use Firefox. I may try it again. Quantum made such a big improvement on Linux which is why I gave it a shot and stuck with it so long. But it still had issues for me.

Out of curiosity, what distro, display server and GPU drivers do you use?


Hmm...that is super strange then. Intel has definitely been the most solid for me when it comes to GPU stability, including in Firefox. I primarily use a workstation with an AMD GPU, but have a secondary laptop with Intel and had no issues with Firefox there whatsoever. I am also on Arch. The only time I ever experienced frequent crashes was when I was testing the Wayland build early on, (they still happen sometimes on Wayland, which is still experimental in Firefox, but on X things have been solid for me).

I am honestly perplexed what the issue could be then, I was sure you were using an NVidia with the proprietary drivers or something like that, as such setups have caused me trouble in the past.

The only thing is I wouldn't recommend turning on WebRender for everything yet, but it's not on by default so I doubt you had it on.

I'm currently running the experimental branch of Firefox on Linux and IMO things have improved a lot since then. I had similar issues, especially with tabs that crashes / get stuck when watching 3 or 4 twitch streams. With the latest releases almost all has gone away (cant remember any crashed tabs in the last few months).

The dev console is better than Firefox one. It's faster. Minimalistic interface is great. HOWEVER - Firefox console is catching up. Firefox is fast enough. Chrome is getting more and more bloated and interface is starting to suck compared to initial version of Chrome. Now they're trying to do stupid things and promote ads more and more. It gets worse every day and hopefully, they'll screw up to the point it dies. I loved Google before, now I'm disliking them as much as I do Facebook. I root for Firefox, but it's still not there yet.

Guys who maintain Firefox - thank you. I hope I'll join the FF users once more in the near future.

Most young devs use a mac. And from what I understand Firefox is slow on macOS.

It's still slower than other platforms but it's much faster than it used to be. I've been using Firefox exclusively on OS X / macOS for a year. The only problem I've seen is that it sometimes uses more CPU than is reasonable, which often appears to be due to Gmail's terrible implementation.

Since they made the big changes and become faster, I found Firefox faster that Chrome, except for Google pages.

Chrome is notoriously power inefficient, though, relative to Safari at least. One would think developers would notice.

It's hard to notice power efficiency when you always have your laptop plugged in.

Sorry Google, I feel "icky & gross" when you use me.

Most of my logins have been syncd via Chrome. Makes logging into a new computer a breeze, or if I need to borrow someone else's stuff really quick.

Firefox also has password/history/bookmarks sync between devices.

I've always wondered how Chrome and Firefox password storage fare in safety. Are they both equality trustworthy? Are the encryption technologies comparable?

You can read about Firefox Sync here: https://hacks.mozilla.org/2018/11/firefox-sync-privacy/. It is also possible for you to run your own sync and account servers: https://mozilla-services.readthedocs.io/en/latest/.

I assume that Chrome has a similar design, but I'm not familiar with it.

auto-fill of CC/billing information is the feature I wish FF had.

Firefox has this in nightly too (possibly only in US). It's been there a while and works well, I don't know why it hasn't moved on from nightly, to be honest...

I use the BitWarden Firefox extension for this.

I've been using 1Password for years now, and it has extensions for both browsers. Now I'm portable and not locked into a single browser. I had a friend nag me for a long time because I was too lazy to try it out. Once I did, I have never regretted it.

Use an extension instead. It's more portable, you have control over it, and don't have to feed Google more data.

That's really how I feel about all browsers since Opera did a U-turn and re-made their product into a Chrome clone. Firefox can get quite close with a bunch of add-ons, but not enough.

The great dev tools and overall design is pleasing.

frankly, I love the UX and developer tools in Chrome more than FF... however, this would have me jumping back to FF as my daily driver.

On second thought, I might switch to Brave like I did on mobile.

It's a better browser. It's faster, more cutting-edge features.

Check their dev blog, they add cool features every couple of weeks:


I think chromium devtool is still much better than firefox's ones.

tbh, nobody gives a shit what "hacker" communities think, that is precisely why Firefox exists

It's Chrome devtools really

I'm invested in the Google ecosystem, and have recently got myself a Pixel Slate that I carry everywhere as my primary computing/ media device (no more separate laptop and tablet). It would now be silly of me to use Firefox in place of Chrome. Moreover I have got nothing to hide, so all these privacy-fears don't concern me; in fact I often feel like they are being overblown.

  > I've got nothing to hide.
I'm sure you believe that's true, but I suggest that your belief is based on a certain confidence that the people pouring through your data are fundamentally acting in good, or at worse neutral faith.

However, if this data ever gets into the hands of someone acting in bad faith, even the most innocent behaviour can be weaponized against you. Let's say, for example, that you are wrongly suspected of committing a crime, and the investigating police are more interested in cooking up a conviction than determining if you actually did it.

All sorts of details about your life can be leaked and "spun" to make you look very, very bad. You went to a bar on a certain evening? So did these known crime figures. Were you meeting them?

You spend time on Hacker News. HACKER NEWS. You could find yourself the target of a smear campaign designed to turn public sentiment against you.

"If you give me six lines written by the hand of the most honest of men, I will find something in them which will hang him."—Cardinal Richelieu

If you hand over your data without hesitation to a nation-state or to powerful and unscrupulous corporations, I believe you will discover that there is no such thing as "nothing to hide."

That's not an unreasonable point, but with that alarmist logic why are you then not living off the grid?

This seems like a fallacious argument in that you’re attempting to conflate “alarmist” with “extremist”.

Someone could be alarmed about the state of privacy in society and not want to take an extreme action.

It seems entirely reasonable to want to remain a part of civilization and advocate for change on a topic you are passionate about.

Because the only 2 possible options is to hand over all your data or live off the grid

People who feel that they have “nothing to hide” don’t quite understand the extent to which they’re being mined for personal data. Google offers all of this amazingly polished software for free so naive people like you will feed them your browsing history, email, location and search queries. They will then monetize that data by targeting ads to you, which generates over 80% of their revenue.

If you are ok with that and still think you have nothing to hide, ask yourself if you’d be ok with this trove of data ever being exposed publicly.

Ever googled something embarrassing? Perhaps a medical condition or symptom? Sent a very personal email? Visited a less than savory location, or lied to an employer about your whereabouts?

I’d be willing to bet most people have some data that could be weaponized for blackmail.

Surely many people (especially the ignorant) will find Google’s products and services “worth using” but privacy concerns are anything but overblown.

I did a factory reset on my Android phone today and was depressed when I realized the vast number of settings I have to change in order to get even a small semblance of privacy. App permissions, location history, disabling of default apps; the list goes on.

> ask yourself if you’d be ok with [your browsing history, email, location and search queries] ever being exposed publicly.

I already did, and the answer was "Yes, I'd be okay" (although the likelihood of that happening is extremely rare).

> Ever googled something embarrassing?

Use incognito mode.

> Perhaps a medical condition or symptom?

I have only one medical condition, which I'm not embarassed to talk about publicly (I already do it).

> Sent a very personal email?

I rarely send "very personal"/ intimate information over email in lieu of just talking over phone.

> Visited a less than savory location,

Never in my life.

> or lied to an employer about your whereabouts?

I never had to do it (why would I?).

> I’d be willing to bet most people have some data that could be weaponized for blackmail.

If--note "if"--I were to engage in an activity that could potentially be used to blackmail or harm me in any way, I would of course be doing it in as private manner as possible. However it would be silly to spend the rest of my normal life cowering and being phobic to technological advances.

> Surely many people (especially the ignorant) will find Google’s products and services “worth using” but privacy concerns are anything but overblown.

You confuse being naive (in its original sense of the word) with being ignorant. But I guess that's what fear does to one.

>Use incognito mode.

All this means is that it's not stored on your computer/history. This doesn't mean Google doesn't still have everything from those periods.

Google does not track your incognito history and cookies unless you actually sign-in to your Google account in the incognito window of course.

Of course they do.

Yes, they are likely tracking users in incognito mode. You're still loading google analytics or doubleclick resources on many, many sites. Merely making that request (or any request to a google property) gives them your IP which is static enough to identify a household or corporate complex based on previously gathered data. From there these javascript libs phone home every bit of data they can from your browser, including UA string/browser minor version, plugins, resolution (fingerprinting). This can further narrow things down to an individual device you have used before, especially if you're just popping in and out of incognito.

Google also operates some of the most popular DNS services, which can capture domains you query from your IP.

There are various measures you can go through to stop this to some degree, like DNS blocking, client-side ad/tracker blocking, VPNs etc. but to go all-out is very cumbersome and I'm not convinced that it would even be 100% effective. Google's business DEPENDS on collecting your data and tracking you, and they are very, very good at it. I highly recommend reading "The Age Of Surveillance Capitalism".

Do you have evidence? Or is it all just fear mongering?

Here is a recent article suggesting that that's at least somewhat true:


Somewhat true, but not actually true.

This is a flawed study by a Google's competitor (the for-profit organization called DuckDuckGo). FTA:

> Following the study’s publication this morning, Google told The Verge in a statement that it found the methodology flawed and the findings misleading. “This study’s methodology and conclusions are flawed since they are based on the assumption that any difference in search results are based on personalization. That is simply not true,” a Google spokesperson said. “In fact, there are a number of factors that can lead to slight differences, including time and location, which this study doesn’t appear to have controlled for effectively.”



Facts won't change being facts no matter how many times you downvote them. :-P

It is a shame that you are being downvoted. I (like a lot of people here) disagree with you, but you have a point of view shared by a lot of people. It's an important point of view to consider and engage with because my impression is that it's the majority view from the population - based on their actions, they don't care about their data privacy if it gets them gmail for free.

For a lot of people they possibly hold that view due to a lack of understanding about the situation, but some people like you understand the situation and still are OK with it. That's an entirely reasonable point of view which should be eagerly debated with.

> It is a shame that you are being downvoted. I (like a lot of people here) disagree with you, but you have a point of view shared by a lot of people.

People are notoriously bad at acting in their own best interest. I recall reading a forum, where a guy asked for medical advice, because he was diagnosed with fibrosis (his lungs basically got scarred all over). His work required him to continuously inhale toxic exhaust, and he wanted a way to avoid further health complications (but keep a work!) because "the pay was good".

Fibrosis causes you to cough non-stop and significantly increases probability of dying from lung infection. Compared to that, using Google's products does not result in any visible long-term effects on health. Therefore, it is natural to conclude, that using Google's sites and services is safe, healthy and should be widely encouraged. It does not matter, that Google uses anti-competitive practices to monopolize market, restrict user freedom and lead us to future, when we won't be able to refuse shoehorned "services", shoved in our face, right?

Please stop with those creepy "understanding" antics. Encouraging self-harm is bad, and wishing to view advertisements is definitely a form of self-harm.

This is such a patronizing point of view.

You are essentially deciding for me that what I choose to do with my technological choices is "a form of self-harm" (when in fact I only experience total pleasure).

Is it really that hard to comprehend that, when one does not share the alarmist feelings of the crowd, they will make intelligent choices based on personal preferences?

> Moreover I have got nothing to hide

Don't mean to insult you, and some people just have an easier time opening up about everything, but a life with nothing whatsoever to hide sounds limited, uninventive and uninteresting.

No insult taken.

> a life with nothing whatsoever to hide sounds limited, uninventive and uninteresting.

Ever familiar with the phrase "un unexamined life is not worth living"? Here, of course, the thing to be examined is your belief that a life with nothing whatsover to hide is limited, uninventive and uninteresting.

The right to free speech is important even if you don't have anything to say. Privacy is no different.

> I have got nothing to hide

So if you don't mind would you share some nudes, your CC numbers and your medical history with us?

What about his address, and his family and friends' addresses, as well? What about his income, where he works, the time he leaves for work and the time that he gets back? And the street he grew up on and his mother's maiden name?

> It would now be silly of me to use Firefox in place of Chrome.

Why? In what ways is Chrome more useful than Firefox on Chrome OS?

Chrome is deeply integrated in ChromeOS devices (should be obvious from the naming), of which the Pixel Slate is what I own. A bunch of PWAs (arguably the future of android apps) also require Chrome.

Moreover I use Chrome to sync my Google account, including passwords (which I can't live without) and browsing history.

Moreover I have got nothing to hide

That's not your call to make.


People who own more guns than you do are the ones who decide whether or not you have "something to hide."

It fast. That most important thing.

Firefox with uMatrix will smoke Chrome without it, in nearly any real world use-case.

This is an excellent point. There is absolutely no way a browser which loads and executes ad-loading and tracking script can be possibly be faster than one that doesn't.

It's the same reason why Firefox for Android it's faster that Chrome android

Yeah, even with all the speed increases from the rewrite, Firefox still feels awkward and slow at times when compared to Safari and Chrome. Every time I decide to try and switch over from Safari, I get pages where scroll performance is a lot slower than what I'm used to and then I get bothered by it and switch back.

It annoys me because I really want to use it. I'm very happy that we have it and I hope that the wider community will hold Mozilla to account every time they try something shady to protect the best free and open browser we have. If we lose Firefox, we lose the Internet to corporations.

This is strange, because Firefox is much faster than Safari for me. Have you tried Firefox Nightly?

I haven't but I'll give it a shot, thank you!

If you want to try their experimental GPU rendering (webrender) you can enable it via about:config -> gfx.webrender.all = true

It works well on windows, I don't know how far the mac support is.

Note that the WebRender can only be enabled in the Firefox Nightly channel. To confirm that it's working, flip the pref, restart Firefox Nightly, and then search for "WebRender" in about:support.

WebRender does work on macOS (and Android and maybe Linux), but Mozilla is prioritizing a Windows MVP first (because something like 90% of Firefox users are on Windows). Work on macOS, Linux, and Android will then resume.

Also good to start with a fresh profile[1], lots of times you may have some cruft built up in an old profile.

1: https://support.mozilla.org/en-US/kb/profile-manager-create-...

> I'm very happy that we have it and I hope that the wider community will hold Mozilla to account every time they try something shady to protect the best free and open browser we have. If we lose Firefox, we lose the Internet to corporations.

Yet how long will we have it if everyone keeps using excuses to continue using Chrome?

Firefox on Windows is no slower as far as I can tell, and renders fonts better.

Firefox on Mac is noticeably slower.

In my experience Firefox on Mac got a good amount faster in the last year.

Agreed. While I still use it, Firefox on Mac just hangs on some js-intensive sites.

Came upon this review the other day, that placed Firefox on #1. Didn't read the detailed report (I'm on FF and feeling happy), but maybe worth a look: https://www.toptenreviews.com/software/internet/best-interne...

Hey, you should give w3m a try then.

Icky, gross and violated.

I am pretty sure that most of the people using firefox right now are from the hacker communities though.

I find it rather odd that Googling "uBlock Origin" from Firefox does not return links to addons.mozilla.org - at all. The top result is of course the Chrome addon. The third result is the website for "uBlock" which is the unmaintained fork. Three pages in and you're getting dubious-looking repackaging sites, but no official addon.

How on Earth does "Comorbidities Associated with Plaque Psoriasis | Dermatology Times" on page 10 have a higher PageRank and relevance for the search query "uBlock Origin" than https://addons.mozilla.org/en-US/firefox/addon/ublock-origin... ?

That's sort of weird. Searching DDG for "ublock origin" gives me:

1. Chrome web store

2. ublock.org

3. Microsoft store

4. Wikipedia

5. Mozilla addon, and finally

6. Gorhill's github for ublock origin.

Can we finally say that DDG is better for some searches than Google?

>Can we finally say that DDG is better for some searches than Google?

I think we're close. For some things, it's still not the best but instead of going to <insert another search engine here>, I try to modify my query to scope to what I'm looking for.

In a crude example, if I'm looking for the "LoadCrashDump" method,, which is specific to ClrMD[0], I can simply construct my query as "ClrMD: LoadCrashDump".

[0] - https://github.com/Microsoft/clrmd/blob/ac36603e37ef7c8ba05d...

Bing pretty much returns the same as the above

Not too surprising, since Bing is one of the engines DDG uses under the hood.

I had to go to the last page and click "repeat the search with the omitted results included" to make it show up at all. After doing that it was the third result.

Yep, made the switch to Firefox with DuckDuckGo little less than a year ago. It was surprisingly fast to get used to and I haven't been more at ease since. I highly recommend trying this out for at least 1 week for everyone out here!

With the news that Edge would switch to chromium, Firefox is really the only thing preventing a complete web browser monoculture. Support Firefox if you can!

Thanks for the reminder. I try to give a little to Mozilla and Wikipedia on a regular basis. So far they are living proof that there is a way to make this whole mess work at a high standard of quality without resorting to the advertising model, which seems to become more heinous by the day.

Please everyone help the other options survive, even if you don't personally like them or use them. There is no way legislators are ever going to catch up on their technical knowledge enough to manage even the most blatant monopoly. Who am I kidding, they wouldn't care anyway. Somebody has to get in there to offer competition and keep things honest. Having options improves all of the options.

Edge moving to Chromium has handed Google a lot of extra power which gives them the ability to make changes like this.

> Firefox is really the only thing preventing a complete web browser monoculture


I use Safari as my preferred browser and I'm really happy with it, it's become a lot faster with each update, noticeably so. But I don't trust Apple any more than I trust Google to fight for a free Internet. We need an open browser.

We sure do, but Apple is trustworthy. Their business is not grabbing user data but keep it as private as possible. That sells devices.

Trading Google overlords for Apple overlords does not seem like an upgrade.

With Apple, you're the customer, not the product. For one, Apple defends and doesn't sell your data.

Unless you happen to live in China.

> For one, Apple defends ...

It's fairly likely that's just PR. They're a US headquartered place, so would have to comply with NSL's (etc) just like every other US company.

Yes, they have to comply with NSLs. Difference though is the level of data they harvest on you. Google's business model requires they harvest as much as possible and in a way they ensure they can read it. Further, the bigger risk to most users is not NSL's, it's having some dodgy ad-corp buy your data and sell it to even dodgier companies.

> and sell it to even dodgier companies

And banks and insurances for credit ratings. And for screening companies, that are contracted to evaluate your job application on basis of your purchases, locations and so on

That's totally fine, but it's still disingenuous to claim that Firefox is the only other browser out there.


Internet Explorer--------10.83%





Safari will survive since Apple is their patron. Obviously Internet Explorer is only a lumbering undead husk at this point, and it's pretty shameful that it's still outgunning Firefox by a small amount. Even more sad that it's got over twice as many users as Edge, lol.

Your numbers are off by a bit.

I work for a website with around 1.2 billion annual pageviews. Mobile Safari is about 55%, Chrome (mobile & desktop) 35% and everything else gets the leftovers. Samsung browser is growing fast while IE, Edge, macOS Safari and Firefox are rounding errors.

Kindle browser does better than IE. It’s amazing how far and hard it's fallen.

These numbers do not appear to include mobile browsers. Mobile browsers are just as important as desktop browsers these days, because a lot of people use them as much or more than they use desktop browsers.

If you include mobile browsers, Safari's market share is closer to 17%, which makes it the #2 most popular:


Ah, I was getting my data from the same site but I forgot to toggle mobile browsers. Wonder why that's not the default option? That's silly.

This is fantastic, actually. It flies in the face of end users, and there will be blow back.

Power users won't stand for this sort of thing and will switch to Firefox. Firefox, in turn, will gain greater development mindshare.

In aggregate, these privacy and "ads above all" stories will continue to taint the Google brand. Many of my layperson friends are starting to worry about their privacy when using Google products--it's a good thing!

I really don't understand why people prefer Chrome to Firefox, it's a better browser all around in my experience.

I use FireFox full time, but I think it's inferior to Chrome. It's uglier, slower and clunkier. I use it because although I'm more than happy to hand a lot of my digital life over to Google (and I'm really not a zealot about this), the ability to observe every single web site I visit ever and every interaction I have with those sites is just a bridge too far.

Prior to 60x I would agree, but nowadays I personally prefer the look and feel of FireFox. I haven't noticed any real clunkiness outside of Google sites like Gmail either. Chrome might still be smoother, but I haven't used it in over a year now, and I don't miss it. That's the key part for me, FF works well enough that I don't feel like I'm settling.

And I completely agree with you regarding ideological reasons to use FF. You don't have to be a zealot to value your privacy.

Also a good time as ever to donate to the Mozilla Foundation. They are basically our last hope at keeping the web open as we know it.

I’ve been off of Chrome for almost a year. Don’t miss it at all.

Someone correct me, but can’t ad blockers just be installed through the OS and not be dependent on the browser?

I recall this is what I had to do for Safari since there wasn’t a supported extension for the new browser yet.

This would lessen our dependency on a browser for ad blocking in this ongoing browser war.

You can block the network calls to ad networks on the OS level by intercepting the DNS requests. That's a lot cruder and less flexible than the fine grained control over the DOM provided by a browser-based ad blocker though. If DNS level ad blockers became prevalent websites would also move to circumvent them, which would be a lot easier than with browser-based ad blockers.

It's better to just not let a browser that's user hostile enough to prevent ad blocking win a browser war.

That doesn't get you close to what umatrix offers.

I can throw facebook's servers into my hosts file, but what if I want to permit connections to facebook servers if and only if I am on facebook.com? uMatrix makes that trivial.

That can only do blocking at a coarse dns level. The browser extensions do a lot more. If you want to do everything at the OS layer without browser extensions, you'll have to MITM your ssl connections by trusting your CA and set up a parallel engine that does what extensions do right now.

Congratulations, you have correctly identified the reason Google is pushing DNS-over-HTTPS via Chrome.

I think it can be done through /etc/hosts or similar yes? The downside is maintaining the blacklist, but I believe it’s still doable.

how does this interact with TLS, particularly DNS over TLS? An OS level http proxy would have to MITM the TLS stream.

I worry that Mozilla will copy the API changes ("for compatibility!") and disable ublock on Firefox too, as Mozilla gets most of their funding from advertising companies too.

If the new API get's ported (which is likely to happen), it does not mean the existing API will get crippled. After all, they are different implementations and it's Mozilla who's behind that. I trust them to not deprecate the old API until all use cases, especially concerning privacy, are taken care of in the appropriate way.

Let's hope I'm right. :)

They didn't care too much about making APIs equivalent the last time they broke everything API related.

The question then will be which fork of Firefox becomes the most popular.

In time it will go the way of edge. Reimplimenting the same features over and over makes no sense.

I really want to like Firefox, but it has basic bugs that make it unusable for me. E.g. waking up macOS from sleep, or switching between two active users in macOS stalls Firefox regularly and requires restarting it.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact