I switched to Wipr on my devices and ads are still blocked, for basic ad blocking it gets the job done easily and quickly.
I also did not join in the Chrome bashing as I personally prefer the "security" of content blockers vs. extensions. (Tho, I trust my goto extension uBlock Origin just fine.)
That many publishers don't do that already is a mystery, probably because visitors with ad-blocking are still a minority and publishers don't want to piss them off.
As a disclaimer I was in a team working on such technology. The hardest to beat is uBlock Origin, being the most capable from a technical perspective. And we left it completely alone, a good strategy for angry users having a last resort solution to migrate to instead of investigating why AdBlock Plus isn't working.
And also by not having a company behind it, a partnership with uBlock Origin for "acceptable ads" isn't possible. Which is why the whole industry, Google included, is scared of it and it's no wonder that they've taken steps to kill it in Chrome for desktop ;-)
I'm really glad you brought that up, because it's an interesting dynamic. Industries generally know how to deal with companies and senators. People like Gorhill though are hard to control using conventional strategies, because they're not getting any money out of it, they don't have supply chains or a duty to investors that you can exploit. They're just people doing stuff.
This can obviously be both a positive and a negative. But when people talk about competitive and regulatory forces, it's important to remember that some forces also come from outside of the system.
Adblocking is legal, but another good (less legal) example is Sci-hub. Sci-hub is just as large of an actor in the debate about academic publishing as any other official institution, but it refuses to be subject to the same rules as those institutions. If you're a traditional publisher, you can't reason with Sci-hub. None of the conventional strategies you would use on a competitor work for Sci-hub.
In general, if you're a business, you would prefer to only deal with other businesses and (to an extent) the government. Purely ideological actors, or people who don't pay attention to the conventional rules of engagement are much more annoying. You have to find some kind of leverage over those people so they can't cause as much trouble.
I don't doubt that part of the reason Google is locking down extensions is for security. I'm also sure that there are executives at Google who look at locked-down extension APIs and the inability to side-load extensions as a way of locking out people like Gorhill, and making sure the debate over acceptable ads is primarily restricted to industry players. For them, the fact that these policies improve some aspects of security is just a bonus.
Because that exact kind of supply-chain attack thing happened to the original version. (ublock)
Nor were individuals the only players to take advantage of the powers available to old extensions.
There are also legitimate security reasons why browsers such as Firefox have restricted side-loading add-ons on consumer operating systems such as Windows.
There's a debate to be had about whether security for most users is worth the trade-off in flexibility for power users. But regardless of any other reasons we might speculate, the arguments that have been presented in favor of such changes are already compelling enough on their own and need to be seriously addressed.
That they work for now is only temporary.
There's also the elephant in the room:
1. Those content blockers don't work in webviews and most apps on iOS open urls in web views with no way to choose Safari
2. Apps have no ad blockers either
Gmail on iOS is especially annoying because we often have to open links that require sign-in (e.g. Github) and there's no way to make it open Safari, but it does have an option for opening "Chrome" (also a shell around an iOS webview).
But I love seeing people sticking it to the man :-)
This is false. GMail has settings for choosing chrome or safari - settings > default apps.
I was mainly addressing the situation on desktop, such as Safari on macOS, since the previous comments were discussing changes to desktop browsers.
What's even the point of having a system-level solution if it doesn't work on system-level webviews?
Are you a Safari user? I'm trying to understand why you are so obsessive over this minor (to the majority of Safari users) "issue".
Regardless, we all deserve privacy and I suggest everyone use either an extension OR a content blocker. I don't care. Just stick it to those scum bags mining your data to send you "targeted" ads. That we can agree on!
edit: Cannot reply to bad_user for whatever reason. Regardless, I think we're both on the same page arguing about the same thing in different ways. Let's agree to disagree? <3 my man. Take it easy.
Safari's content blockers simply suck at what they do.
And yes, I'm an iPhone user.
And indeed there's the privacy angle, however... (1) laws like the GDPR are far more effective at fighting that and (2) ads don't have to actually do personalisation to work and indeed, now that GDPR is in, in the EU many publishers are turning to less intrusive advertising.
I also think many users block ads for reasons unrelated to privacy.
As proof, whenever a new restriction happens for a free service without ads, you only need to witness the outrage, like for example when Dropbox limited its free service to sync with only 3 devices, or when OneDrive lowered the storage provided on its free tier, etc. Also witness, for all the bitching and moaning about privacy issues, how many people here are still using a @gmail.com address.
Truth of the matter is many people want to eat their cake and have it too. Most people just wants free stuff without any inconvenience. and it's hard to take them seriously.
Don't get me wrong, I'm using an ad-blocker myself. However I'm also paying for the content I'm consuming whenever I can, if it has any value to me. I happily pay for YouTube Premium for example, also for Fastmail, Dropbox, Newsblur and others.
So how do I feel? I'm feeling fine to be honest.
Specifically, you used the word "harm" which implies that you understand that your actions can actually harm others. I'd give that a solid - "don't do it". Love thy neighbor, brother.
If you think back to the early days, ads were often just static images. If we could go back to that, I don't see much of a problem with them, other than being ugly. Ads would be acceptable to me if they just got rid of
2) user profiling,
Kind of like newspaper ads. They don't have to assault you and find out where you live to be effective.
Yes, it does ultimately make it easier to block ads, but
1) Users who want to do that are always going to, and I'll always stay on the side of freedom for the user. We might as well ditch ad blockers and their performance issues if we can.
3) Performance and privacy can be kept in the hands of the user. This also means GDPR consent and a whole host of other stuff can be handled directly by the browser too. Asking the user to allow ads can be built right in and privacy is preserved if they say no which is better than all the consent dialogs we've got today.
Would be interested in everyone's thoughts on this. My approach probably will result in it being more difficult to ask content, but it preserves privacy and performance to the extent the user is willing.
And I'm also no longer on that team.
Any site that goes through trouble of blocking ad blockers I just avoid.
It’s also nice that content blocker extensions work with mobile Safari, removing the need to install a third party browser and dramatically reducing cell data consumption when browsing. It’s frustrating how Chrome for Android has no blocking capabilities whatsoever.
Interesting, as the uBlock Origin author is pretty clear that uBlock Origin for chrome will cease to exist if/when Chrome implements the manifest v3 changes that make it "Safari like".
This seems like putting the cart before the horse, no? Apple is in a good position to change this and chose not to. Personally it changed the internet for me when I could right click → block content forever. Meanwhile I haven’t found any content blocker on ios or safari that successfully blocks all ads. Even firefox focus lets some through.
There’s a reason they’re focusing on “privacy” and not “ad blocking”.
This is why content blockers are actually better, extensions are huge security holes.
Setting aside the whole issue of content v ad blocking, anything that locks down the capabilities of extensions on your system is only a plus for your security.
"This is what's good for you, and you're going to like it!"
I hate computing nowadays.
In a way, I mourn the lost freedom, but on the other hand, the increasing scale and sophistication of bad actors make me want for more security. Yes, I know about old Ben's "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety" but in tech there are amplifying factors that can simply overwhelm even the most staunch defender of liberty. At this point you have to give up most uses of technology that have become socially ingrained, if you want to remain secure, yet have complete freedom about your tech. A lifestyle like RMS does not seem appealing to very many people.
A "caveat emptor" argument simply does not work with tech. No one can fully examine every piece of hardware and software, and determine it's secure, or find trusted and competent sources to vouch for everything with certainty. Even then, eventually tricky issues arise in time where subtle bugs can be exploited. By the time there's something for the emptor to caveat, their data has long still been stolen and compromised.
And yes, that would be a plus for security - and a negative for user freedom.
Which is different than any desktop OS.
It should remain an option, not a forced choice.
(As long as Firefox still exists and can run on desktops, there will still be a choice... but it’s still unfortunate and a disturbing trend to see more companies making moves against user freedom on their PCs.)
If the 50k limit isn't sufficiently high, I don't think, "they're trying to restrict blockers, but don't worry they're bad at it" is a great defense. And if the 50k limit is high enough, and it's a reasonable tradeoff between privacy and performance, then why are content blockers putting in extra work to bypass it?
Should we expect that Apple will block the limit workaround in the future?
Without a limit, developers would probably default to a massive append-only list that takes a minute to compile.
With a limit, developers have to shard their rules which lets them at least compile them in parallel. For example, you need to recompile the list if you want to support on-the-fly customizations like "whitelist this site."
> when Apple rolled out the new Content Blocker API, it enforced a maximum limit of 50,000 rules for each new extension that wanted to block content inside Safari.
Check again? You're probably thinking of how classic extensions used to work.
Eventually more rules will cause a performance impact.
Ads tend to have far higher performance and power consumption impact than this. Do Safari or Chrome force downscaled pictures and videos on you because it's faster? How is any other software "limited" for performance? And if this is a performance issue then why a fixed limit instead of one that varies with your system's performance?
Edit. HN is "hinting" at me that a developer setting arbitrarily low limits "for performance" and not allowing a change is reasonable and expected. Strange place to be told that manufacturer defaults are sacred and the "advanced settings" checkbox should be abolished. For performance, stability, all that. :)
The elegant solution would be to start with a sensible preset for your device, allow you to change it if you want, and then warn you if some noticeable delays are detected. IE used to do this with addon loading.
Do you know if/what are the differences between what Google done in Chrome and what Apple done it Safari? Are this changes affecting only ad blockers or other useful extensions?
I am curious, why is that ?
While I occasionally switch my browser I never ever browse without uBlock Origin. As far as I am able to evaluate, its author and sole administrator (goes by "gorhill") is very transparent and continuously demonstrates an aligned interest with myself as a normal web user.
...which is a quality I not always see with Mozilla and never ever assumed with Google Chrome product management.
I would rather rely on both a good permission model AND a transparent well meaning author than only one of the two, but I can see how it can be enough.
The issue is that even considering that this person is indeed honest (and to be clear I absolutely don't intend to smear them, I have no idea who they are), they can one day decide to stop developing the extension and leave it to somebody else, accept external contributors that might be malicious, etc
I never understand why the sorts of people who engage in geek posturing even bother with iOS. Apple's whole theme since 1984 has been ease and simplicity of use.
A lot of it is people who read something anti-iOS that sounds vaguely technical on another web site, then parrot it all around to make themselves sound like power users.
But if they really were as technical as they portray themselves, they'd be rolling their own Android distribution with all the features they claim they need, instead of moaning that iOS doesn't work the way they want it to.
I think selective geekery has become a thing as technology now pervades all aspects of our lives. There's just not enough time to tinker with everything all the time.
Maybe most users are simply not aware of this? As a Safari user, I did notice that Adblock wasn't working so well lately. I didn't know it has to do with Apple, I just assumed that I had to wait for the next update.
This motivates me more to move over to Firefox permanently. Battery life might take a hit, but the philosophical and political motivation is too high not to use Firefox.
Before my next trip I want to get a VPN configured so that when I am remote I can 1, access my home network/lab and 2. Take advantage of pihole (not to mention encrypting my traffic)
I’m making it sound easier than it is, but it’s still pretty straightforward. There’s actually a doc on the official pihole site that explains how to do this but I haven’t read it completely.
Then there is tracking and sometimes even malware...
Plenty of them out there for iOS and macOS and they work well.
And whatever adblock works on mobile Safari (I'm using Refine, but haven't looked at others) is already pretty good.
I accidentally used the web for about three minutes a few weeks ago without Ghostery installed, and the experience was quite miserable. It actually led me to finally buy a Raspberry Pi and put PiHole on my home network.
If Safari doesn't continue to support ad blocking for when I'm outside my home network ("Ghostery Lite" is in the App Store, but I haven't fully evaluated it yet), I will switch away from Safari as a primary browser - probably to Firefox.
I'm not sure I view this in the same light as a Google, however. There is a content-blocking API which seems to work OK, and Apple do not rely on privacy invasion for a substantial portion of their income.
Well then, even less of an incentive to ever use Safari again. Already I started it only when I actually wanted to be tracked (with referral-generating sites like quidco and so on), now I’ll just never use it. And to think I even went to the trouble of building an extension for it, so many years ago....
Apple really, really hates the desktop these days.
I have been using it for a week or so now and other than the known issues mentioned it works the same as before.
Swapping out one app for another that's almost identical but with less CPU usage seems like a no-brainer. Though I do keep Chrome around with a couple tabs open for its development tools during work.
Safari even uses fewer resources when watching Youtube/Netflix at the same resolution. I first noticed this while using a dual monitor setup with a fullscreen game on one and Youtube/Netflix on the other. I noticed my game's FPS would improve if I merely changed from Chrome to Safari when watching video. Did some more scientific measurements and never looked back.
Firefox is nice and chrome is ok but they're a distant second at the moment due to the ecosystem with iOS
Is the problem of content blockers using rule lists? Or, is the issue that Chrome proposes to limit the number of rules. Quickly looking at Safari there isn't this limit to the number of rules.
I understand change being a problem and maybe uBlock Origin can't work in the new Safari model. But, could a new project do just a well based on similar blocking ideas?
I believe ad blockers like uBlock Origin also do some dynamic detection of behavior so that certain types of ad-serving that come from hosts you do not want to block. CBS Sports, for example, requires special handling -- in Google Chrome, accomplished by a separate extension for uBlock Origin -- to properly block ads on their site without destroying login and video functionality. This kind of blocking cannot be performed with host lists.
Similarly, Chrome's initial proposal suggested a limit of 30k, which has since been revised upwards to 90k to 120k based on feedback.
I wouldn't say the article is wrong, just that a workaround exists.
Safari content blockers are okay, but not great, and 1Blocker didn't block nearly the amount of ads that were blocked by uBlock Origin on Firefox/Chrome, so I just decided to stay with Chrome/FF.
And when running uBlock Origin on Safari became untenable, I switched to Firefox full-time and its been great.
It uses WebKit, like Chrome, so it renders pages the same, but I simply find the app much simpler, faster, and comfortable to use.
Give it a try some time.
What they have not done is cripple Safari's web extension capabilities. Correct me if I'm wrong, but I am sure developers can still use the exact same blocklists that they used before.
Same as documented on https://developer.apple.com/documentation/safariservices/cre...
Comparing this to what Chrome pulled is not fair - I think Chrome actually crippled ad blocker capabilities, while Apple only changed the format of a packaged extension.
The relevant thing that's provided here is a content blocking extension point. Unlike ad blockers providing a bundle of JS that may or may not block ads, record your browser history, etc, the content blocking extension point is a pull-based system. Safari asks the app for its list of content to block, then computes that into a fast lookup table of some sort, and never talks to the app during browsing. This means ad blocker app built with the app extensions API is more secure, more private, and in all likelihood, faster. Potential complexity is reduced, but that may be worth it.
such a content blocker method doesn’t work for chrome because ghostery and the like won’t work. with safari it doesn’t matter as much (if at all) because the core browser handles this much better.
Brand cheerleading is, and always have been, alive and well.
How is that different from what chrome is doing? There's a deprecation plan, it doesn't appear to be significantly shorter in time scale than what apple did.
Advantages: privacy, efficiency
Disadvantages: lack of flexibility, some things they just can't do
I only ever read that hypothetically it could be more efficient but never stumbled upon actual measurements/benchmarks.
Also, extension adblockers are already so efficient that I would doubt there is a perceptible difference.
Safari has functioning content blocking.
What is the point of your comment?
Chrome does not to my knowledge provide an API like this, and extensions are still roughly a JS bundle that defines blocking rules at runtime, slowly, using more energy, and potentially having access to your browser history while it does it.
Chrome has not changed how extensions work yet. That's all in the future. Currently, nothing has been turned off and the "old" mechanism still works. Eventually that will change, just as Safari has already done.
ANY processing is a battery killer. It's as if people forgot every single thing done on a computer system STILL REQUIRES ENERGY TO DO.
Yes, Firefox does drain MBP battery, that's sad, but they promise to fix it.
"I don't trust ads, so I'm going to run all my internet traffic though this rando VPN in the Middle East."
AdGuard and similar apps such as Blokada function as local VPNs, as mentioned, so most traffic does not pass through any particular external server.
The AdGuard app does use AdGuard's DNS servers, so DNS traffic passes through their servers in Russia: https://community.spiceworks.com/tools/ip-lookup/results?hos...
AdGuard says they do not log DNS queries.
The company was founded in Moscow in 2009. In 2017, they changed their official headquarters to Cyprus: https://adguard.com/en/blog/the-chronicle-of-adguard/amp.htm...
Well, no it does not if you don't explicitly choose AdGuard DNS among other DNS servers. It filters everything locally.
> through their servers in Russia
I see no servers in Russia on the map:
You're an AdGuard developer, I take it? Based on your Show HN post: https://news.ycombinator.com/item?id=18238503
Would you happen to know why AdGuard's IP addresses point to Russia, if you no longer have servers there?
The link I previously posted is simply a tool to look up AdGuard's DNS address: https://community.spiceworks.com/tools/ip-lookup/results?hos...
Any HN users can look up the same information themselves.
The link shows the owner of the AS, not the location of the servers.
The IP address itself belongs to an AS (https://en.wikipedia.org/wiki/Autonomous_system_(Internet)) that belongs to a Russian hosting company, and we have a long term rent contract on this subnet (with a purchase option), and we'll eventually acquire it.
To check where it really leads you should see the output of `traceroute 18.104.22.168`. However, this is also not the best option because AG DNS uses anycast (https://en.wikipedia.org/wiki/Anycast), and the route depends on your location.
I'll have to take your word for it that the Russian IP address you use does not mean you have a server there. Thanks for the explanation.
Because that's where the company is headquartered: Cyprus, which has Turkey, Syria, Lebanon, Israel, and Egypt for neighbors. The Middle East.
Why not just say "Cyprus" rather than using the "Middle East" appellative?
- The app is a local VPN so your data doesn't leave your device, except for their DNS feature.
- Cyprus is in the EU, so it's not what most people would think of as the "Middle East". The boundaries of the Middle East are man-made, not natural, and Cyprus is often considered closer to Europe these days.
- There may be concerns regarding certain states in the region, but implying "Middle East" is a pejorative is a bit crass.
TBH I'm more worried about AdGuard's Russian connections, though an AdGuard developer offered reassurances above.
If you're going to raise concerns about AdGuard, at least make them accurate.
FTFY: in the EU.
Or to be more accurate: in whichever country you reside. Because the VPN is local.
I believe pervasive, omnipresent advertising is bad for society, even if it's native, and even if it respects people's privacy. Even in the real world, if there was some way of blocking billboards or posters on the subway, I'd be all for it. I really don't like companies inserting themselves into my life without my permission.
I don't know how typical that is -- almost certainly people like me are a minority, but I suspect that there's a non-trivial number of people who feel the same.
I'd rather have display ads like we've got now just to avoid having to do mental gymnastics to check if an article is an advertisement or not.
At least with the current situation things are separated.
In all seriousness, I think the performance issue of ad-blocking is much more beneficial to me than the cross-site tracking. While cross-site tracking may end up being more nefarious or theoretically worse, the slowdown in reading and interaction is a definite real-world pain solved by blocking ads, even same-site ones.