Along with sign-in-to-sync, AMP, URL hiding, upcoming manifest v3, Google is doing their best to benefit advertising and data collection. As the market leader in ads, it is textbook anti-competitive behavior, but the courts will have to decide if it is legally.
This isn't the highly visible anticompetitive behavior which might cause a backlash. Regular people, or even journalists or judges won't even understand what cookie clearing on exit means.
If there's antitrust sentiments towards Google, it needs to come from some where else.
On the other hand, a corporation cannot be allowed to continue its anti-competitive practice just because the subject is too complex for an average person to comprehend.
Techology isn't going away and is becoming ever more important. It seems obvious to me that we will need cross-domain specialists to handle cases such as this in the future -- someone with both a legal and computer science background.
> Many of the most important challenges confronting the legal profession lie at the intersection of science, technology, law, and policy. Emerging science and technologies, such as AI, big data, social media, genomics, and neuroscience, demand an interdisciplinary approach and visionary leadership. Students in the JD/MA in Bioethics and Science Policy program spend their three years at Duke focusing on these intersectional problems and preparing themselves for a seat at the table in these discussions for decades to come and earn an additional degree while doing so.
This is something I've often called a retreat into complexity. Classic example: food corpo gets flak for putting something nasty into their products. They then switch to using an alternative that's just as harmful, just with harder to spot effects.
People understand perfectly well when you abstract it by one level: Google's web browser ignore's some of the user's privacy settings on sites Google owns.
> Regular people, or even journalists or judges won't even understand what cookie clearing on exit means.
It's been almost 30 years since the Cypherpunks. When billions of dollars or existential business threats are at stake, regular people are motivated to find a technically-knowledgeable peer for advice. There have now been several generations of financially successful tech entrepreneurs, some of whom move in non-tech circles.
Although politicians and the court does not understand the cookie, That doesn't mean we won't have a backlash. It just doesn't guarantee the backlash is technologically sound. EU's cookie law, for example, is just stupid from the pure technical standpoint.
It's your computer that store a cookie to local storage. It's your computer that decide to send back previously stored cookie. And they're crying like they don't have a consent.
> It's your computer that store a cookie to local storage. It's your computer that decide to send back previously stored cookie. And they're crying like they don't have a consent.
Fortunately, EU regulators understand that non-technical users exist and need protection from abuse.
Combined with the latest twitter bout of censorship, the hammer is going to hit tech soon... very hard. They are running out of friends on both the left and right.
These types of social interactions aren’t fungible. There are a finite number of viable social interactions to be discovered. Once discovered, network effects push towards consolidation to one platform offering that experience.
If you consider “social media” as a market, it has healthy competitive landscape. If you consider different styles of social interaction as separate markets, they’ve cornered markets. I don’t see competition in these spaces. Facebook != Twitter, and I feel that is why both can exist. Behemoths in neighboring spaces opt to buy a social experience instead of trying to compete with their own.
The missing piece, IMO, isn’t regulation around “censorship” for these platforms. It’s regulation that results in a rich market of products around a single style of social interaction. Example: regulation around interoperability.
The social media companies are arguing that "social media" is not an industry by itself. They certainly aren't going to have to argue that they don't have a monopoly on a specific genre of social media.
Within businesses, people have evolved far past market definitions where widget x¹ competes with widget x². Our political savvy as consumers would improve if we could see that as well.
For example, why would Google approve a product like Stadia? What does it compete with? Nintendo, yes but not really, since so many Stadia players have a Switch also... just like most of us have Facebook and Twitter accounts. But maybe they're true competition is Netflix? Social media? Users are giving Google their time = data = insights = further monopolistic advertising power.
I am not sure exclusively is a requirement for being considered competition. Netflix and Disney Plus are competitors but that doesn't stop me from subscribing to both.
Can you please elaborate a bit more on the fungible interactions part? I am not sure I understand that bit.
Suppose Tesla tomorrow becomes the sole manufacturer of battery powered cars. However, the good (dirty?) old petroleum based cars are still out there and on the road (not a lot but still). However, everyone wants an electric car in future - will that make Tesla a monopoly?
How will it be different or same in this case of Twitter or Facebook?
It has to do with interchangeable goods. Typically, only interchangeable goods are in competition. I.e. if I want paper towels, I can buy Brawny or I can buy the store brand. I may have a preference towards one or the other based on price or performance or something else, but if the store is out of one, I'll just buy the other and move on with life.
A petroleum based car is largely interchangeable with an electric car, assuming we're talking one that will probably comply with environmental regulations over it's lifetime. I might prefer an electric car because of the environment, or to support the movement, or whatever, but at the end of the day, a petroleum car still gets me where I'm going. Tesla is unlikely to become a monopoly because even in the electric vehicle space, there are interchangeable goods. I'm not intimately aware, but it sounds like there are a couple other companies that make competitive models.
Where that interchangeability can get weird and not so clear is on a more specific market, where users don't necessarily have a choice. Tesla is the only company (afaik) that makes a fully electric truck. You could possibly argue that Tesla has a monopoly on fully electric trucks; I think the question becomes, are other goods interchangeable? Is a petroleum truck interchangeable? Is a fully electric SUV interchangeable?
Applied to social media, each of the major social media networks offers or encourages a substantially different type of social interaction. Twitter is largely for piecemeal content, and is largely more public than other forms of interaction. It leads to really high levels of engagement, and lots of flame wars. Instagram is all about photos, people go for the glamour. Facebook attempts to make you engage with your network more, I find people share more personal information there. Reddit is more anonymous than the other two, and builds around the concept of communities, which are featured more prominently than the other platforms.
I think we all agree nobody has a monopoly on social media. The question is whether it's possible to have a monopoly on a particular form of social media. Are Reddit and Instagram interchangeable for you? They aren't for me, so I would say that they aren't in competition and as such, the existence of Reddit doesn't prevent Instagram having a monopoly any more than the existence of Chiquita does.
"Social media" is an incredibly diverse category of services. Deciding the monopoly status of a company based on the health of competition in social media is like deciding whether to break up Standard Oil based on the health of the entire raw materials goods sector. It's not a granular enough measure, because it contains several non-interchangeable goods. If Standard Oil jacks up the price of oil, I can't just go buy iron instead; I can't put steel in gas tank. Likewise, if I get pissed off at Facebook and decide to quit, I can't just go somewhere else. My 80 year old grandma is on Facebook, teaching her to use Twitter is going to be a problem, and I generally don't know if I want to expose my grandma to the cesspool that Twitter can sometimes be. The services are not interchangeable to me, so Facebook has a monopoly on that service. My choices are to play by their rules, or to just bow out of the experience entirely. Let's say we ignore the legal technicalities of a monopoly for a moment; doesn't the outcome look remarkably similar? If this doesn't count a monopoly, it seems to lead to the same place, and perhaps it's non-monopoly status is due to a flaw in the law, rather than being expected behavior.
"Being a monopoly" isn't illegal; abusing a monopoly position is what gets you in trouble. What does Twitter do that would be considered abuse of their monopoly position on Twitter-like social interaction?
I’m not suggesting they’ve violated laws. I’m suggesting new regulation targeting “censorship” might not be the best approach. They’ve cornered a medium of communication. People are upset by their moderation policies. By breaking the users out of the Facebook silo, through regulation, you can create a marketplace of experiences where there was once a monopoly. Each experience comes with its own moderation strategy.
Based on what I see people complain about in twitter the criticism is on a different axis: selective and inconsistent application of rules to appease whatever group they are worried at the moment.
In terms of regulations this is within reach of possible changes to how the notorious section 230 is applied.
I don't think he understands the Streisand effect in this context. It was inevitable either way that the majority would hear about the fake Hunter Biden story the ideal case for both the truth and for Biden is that people hear about it in the context of it being fake crap being propagated by an unreliable source instead of having it laundered through a million and one personal contacts who can rightfully claim to be sharing a legit piece of news.
“A lie will go round the world while truth is pulling its boots on.”
C. H. Spurgeon,
Whereas a truth is may be amplified by ineffective blocking a lie may be irreparably damaged if the truth gets there first.
Regarding 230 the primary author of the statute disagrees with Thomas.
>Why was this? It is because Thomas is not a conservative but, rather, a radical—one whose entire career on the Court has been devoted to undermining the rules of precedent in favor of his own idiosyncratic interpretation of the Constitution.
Personally this sounds like an intensely editorial decision on Twitter side then.
Anyway what I was referring to was how Twitter's moderators decided to restrict this news based on it being obtained through hacking, but few days ago had nothing against Trump tax story that was based on illegally obtained documents.
I had a problem with the Biden hard drive story because I believe its a lie. I have no reason to believe the tax story was anything but honest. Twitter's difficulty is not wanting to admit why they censored it.
twitter isn't doing those, they're losing friends through censorship. which they legally have every right to, but the powers that be are now campaigning to change that legal protection (exemption? sinve no one understands the second amendment)
You’re allowed to say whatever you want and I’m allowed to sue you if you tell lies about me. Twitter and other social media platforms are made exempt from this because they are hosting other people’s content and they’d be sued into oblivion if they could be held responsible for what everyone posts on their service. But as soon as they start censoring whatever they want, they aren’t a true public platform anymore, the content you see is what they want you to see. So they should also be liable to civil suits if the information they allow to disseminate is not true. This isn’t about the second amendment, IMO.
They were NEVER a public platform they were always a private company. Its a commonly repeated untruth that as soon as they start moderating they cease to be protected. Nothing could be further from the truth 230 specifically protects their right to moderate.
People advocating that position usually have a very specific idea about how they want sites to be moderated, but section 230 is about not treating platforms as if they're the speaker when one of their users posts illegal speech, regardless of moderation. Of course, politically biased speech is not illegal, so it's really about punishing platforms for moderation somebody doesn't like.
A more reasonable target for a 230 carve-out would be recommendation algorithms. Those aren't merely passively hosting user-generated content, but actively selecting what they think you should see to keep you engaged with the platform. Featuring content rather than showing it ordered by some simple criterion like time should be treated as editorializing rather than moderation. If a human editor decides to feature lies I tweet about you on their "best tweets of the week" page, you may be able to sue them for libel. If twitter's algorithm shows lies I tweet about you to a large audience, you currently can't.
Arguing that the recommendation algorithm is editorializing is an argument for the choice of algorithm being an instance of free speech which would be protected from such meddling.
I don't think current law and understanding of same allows any major changes to how we treat platforms. I tend to think that any major changes in the law are liable to be for the worse because even well meaning law makers seem to possess a mostly incompetent perspective on tech.
The algorithm would have free speech protections under such a scheme, and it's likely courts in the US would conclude that it does under current law. Those do not necessarily extend to repeating lies that I have published about you, which are not protected as free speech.
The company has a free speech interest in choosing the algorithm to make it clear. Lies might be protected speech but 230 makes it very clear whom you are allowed to sue regarding those lies. Wishing the law was different doesn't change the law.
To use the actual text, it indemnifies them from lawsuits arising from:
> any action voluntarily taken in good faith to restrict access to or availability of material that the provider or user considers to be obscene, lewd, lascivious, filthy, excessively violent, harassing, or otherwise objectionable, whether or not such material is constitutionally protected;
So long as their actions are in good faith, and the content can be lumped into "otherwise objectionable" (as I'm sure most anything could), they are well within Section 230 protection. Even if they have an implicit bias in their moderation. Even if they have an explicit bias in their moderation that they put in their ToS. It specifically says "that the provider or user considers obscene...", which explicitly states the bias of the provider is considered.
The only way Twitters moderation could remove their Section 230 protections is if they did it in bad faith. If they were doing it specifically to try to lose Trump the election, that might count as bad faith because it has nothing to do with limiting access. They are, however, free to remove everything he posts because they find him to be objectionable. Or to remove things they think they are objectionable. Or to only remove violations of their ToS when Trump does it, because they find him or his past patterns objectionable. Or because they find it more likely to lead to flamewars, etc on the site when he does it. Etc, etc, it's mostly a hypothetical because you have to prove bad faith, which is hard unless someone is dumb enough to write it in an email.
Twitter violating its own ToS and/or promises to the users sounds like an example of bad faith. (This would not apply if Twitter's marketing was 'Fuck you! we do whatever we want', instead they promote themselves as a fair platform)
Moreover the entire exemption does not apply when the `provider` is not a provider but is actually a publisher using editorial discretion.
(for example if twitter decided to ban false statements in tweets this would clearly put them outside of section 230 immunity)
I would recommend citing legal scholars instead of YouTube personalities. The person you are quoting its a Canadian lawyer of no meaningful repute who gave up his legal career of a paltry decade to become a YouTube influencer. He has never even been licensed to practice law in the United States.
His opinion is out of sync with what legal scholars and indeed an what an author of the law says the law means.
Just on a laymans reading of the text good faith isn't given in some universal context of fairness or fair play it is given in the sentence.
> any action voluntarily taken in good faith to restrict access to or availability of material that the provider or user considers to be obscene, lewd, lascivious, filthy, excessively violent, harassing, or otherwise objectionable, whether or not such material is constitutionally protected;
Good faith herein means actually because they found it objectionable not for some ulterior motive.
In order to assert that the removal wasn't protected under 230 you would be asked to prove the contents of the minds of the decision makers that the removal was NOT because they found it objectionable. They could literally argue that they found the effort to influence the election itself objectionable and suppressed it therefore and be safe within the boundaries of the law.
In fact good faith .... otherwise objectionable is so broad as to encompass virtually any removal for any reason
Furthermore finding that one removal wasn't protected under 230 wouldn't magically dispel all legal protection it would mean for the purpose of THAT removal someone could sue them if they had just legal grounds.
Personally* I have doubts[1] about this reasoning, in that it doesn't cover how this would not apply to the New York Times.
I can agree with your interpretation that where the protection of section 230 applies companies would be allowed to remove basically whatever they want.
But there need to be a criterion distinguishing why Twitter can claim this immunity while newspapers cannot. The rights granted need to have some kind of obligation.
From what I understand the people that are trying to attack this immunity have mostly given up with the argument "Twitter monopolized a space for discussions so it should be held to constitutional standards like telephone companies" or "social media platforms are clearly acting as publishers of their content" and are rather trying to push "social media companies falsely promised open forums to users and content creators only to hit them with draconian rules once a monopoly was established" (had facebook (or youtube) had the same ToS since its inception it would have never become a monopoly).
With this last argument the entire question of section 230 is sidestepped.
As far as I understand it will not actually accomplish anything soon; a lawsuit on these premises was successful against Patreon, but those were very special circumstances.
* I am even more remote from the US than a Canadian lawyer, but I do not see my role as telling the courts what they should do, but rather as someone that is trying to understand what is happening and trying to develop informed opinions.
You say you doubt my reasoning but substitute none of your own save for a stale youtube link to the diatribe of a non entity and a link introduced but then neither explained nor contexualized.
I honestly don't know entirely what it is trying to express. "Proving Too Much" seems to be a complete non sequitur I have no idea what you fallacy you are suggesting is expressed by the prior or any other post on this subject.
>But there need to be a criterion distinguishing why Twitter can claim this immunity while newspapers cannot. The rights granted need to have some kind of obligation.
You can institute new obligations as soon as you buy your own congress critter and get them to write new laws. If you believe such obligations are already expressed in law kindly cite the statute and section.
The distinction between the print copy published by the New York Times and say reddit/twitter/facebook is literally that this is the distinction the law makes. It doesn't have to make sense to you to be the law of the land. Particularly the short comprehensible section already the primary topic of discussion.
If you want to dig into why it seems relatively obvious. The finite first party content is dear and expensive and the act of curation is already inherently an expectation. Asking a publication to take legal responsibility for what they publish is a tolerable and reasonable burden.
Reddit/Twitter/Facebook solicit users to produce a veritable ocean of content for which they offer users a chance to communicate to their fellows and a small amount of server time which per unit is paid for by a slightly larger income from ads provided with that content.
Legal responsibility for content shared between you and I would be a herculean task, impractical, intractable, and expensive that would leave them with little choice but to cease operations.
Indeed few people actually want this what they want is 230 to be used like a club to keep people like twitter from shaping the conversation despite owning the property on which you expect discussion to take place and no law providing such a right to someone else's megaphone.
What I was trying to say is that there is a continuum between the New York Times kind of editorial control and Reddit/Twitter/Facebook moderation of content.
I am not saying that section 230 should not apply, I am saying that, to my knowledge, under current laws if a social media company decide to apply excessive editorial control (let's say twitter decides to only allow factually true tweets) they would lose the protections granted by section 230.
> The rights granted need to have some kind of obligation.
By "need" I meant that I believe these obligations already exist in laws.
> Proving too much
By proving too much I meant to say that since section 230 does not apply to newspapers the law must make a difference between them. To my understanding this difference is editorial control.
Finally I am not trying to have a debate over this, I am only trying to understand better the issue; I clearly have a side/bias, and I am trying to learn more about the many other facets of the issue.
> By proving too much I meant to say that since section 230 does not apply to newspapers the law must make a difference between them. To my understanding this difference is editorial control.
Instead of guessing what the difference is why not read the very short section 230? The difference is that 230 specifically deals with the web. The difference isn't editorial control its literally that the law directly speaks to the web. I would suggest in half the time required to watch the video one could read 230 twice over. This misunderstanding directly stems from concerning oneself with bad secondary sources.
>, I am saying that, to my knowledge, under current laws if a social media company decide to apply excessive editorial control (let's say twitter decides to only allow factually true tweets) they would lose the protections granted by section 230.
There is no clause that specifies that a company even can in a blanket fashion "lose protection" in such a fashion.
First relevant section.
(c) Protection for “Good Samaritan” blocking and screening of offensive material
(1) Treatment of publisher or speaker
No provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information content provider.
This is completely without qualification.
Second relevant section
(2) Civil liability
No provider or user of an interactive computer service shall be held liable on account of—
(A) any action voluntarily taken in good faith to restrict access to or availability of material that the provider or user considers to be obscene, lewd, lascivious, filthy, excessively violent, harassing, or otherwise objectionable, whether or not such material is constitutionally protected;
or
(B) any action taken to enable or make available to information content providers or others the technical means to restrict access to material described in paragraph (1).[1]
It says you can't be held liable for blocking something in "good faith" Nowhere on earth does it suggest that any action will cause you as an actor can lose protection under this act. It just says that no action taken in good faith can result in you being held liable for that particular act.
This means that in order for a party to sue they would have to prove both that they were blocked in bad faith AND completely aside from this title they possessed a legitimate cause to sue.
To be completely clear someone could post on reddit the libelous allegation that you ate babies causing you to lose your job at the day care a clearly obvious cause of action and then the ceo of reddit could personally block your profile to keep you from running against him for mayor of your little town. A judge could agree that your content was blocked in bad faith and you STILL wouldn't be able to sue reddit for the baby story.
If you don't like that reddit or facebook or twitter blocked your story your problem becomes finding a legal right to exercise your legitimate freedom of speech VIA their platform.
The DMCA has existed for 24 years longer than some readers here have been out of diapers and I can no platform has been censured yet for removing deplorables in a nation full of both deplorables and lawyers. It seems likely none ever will without a new law not a new interpretation.
It applies to the New York Times comment page or indeed places where they offer people who don't work for the times a place to communicate. When someone who is paid by the times writes an article for publication they are responsible for that work.
They have every right to do it legally and you're right that the rules will probably change. People say "just go and make another platform" but Google literally tried and failed to make their own (Google+). If they cant do it who really can? Its not happening or it will take centuries/enormous resources to gain traction and compete. So we are left with an oligopoly that is censoring in lockstep and that's an issue for all sides because eventually its not them, its you, with time (amongst other issues). I think the platforms are a huge threat to democracy personally and I hope the new rules are meaningful and not just a knee jerk makeshift reaction.
Social media platforms are mature enough that half hearted efforts like Google’s won’t work.
But tiktok and Snapchat work. You know: real sustained efforts. Instagram launched 9 months before google plus. That should give you an idea of the landscape that google operated in. Instagram— with 13 employees at acquisition in 2012– works.
Google isn’t a determiner of what works. They’re one of the laziest implementers of new services/startups.. they literally throw something out there and try to coast off their name. In markets where the customers are mostly satisfied, lazy stuff like that doesn’t create a winning product.
Sometimes a narrow lane is found in social media in general, but I would argue the competition is still minimal or non existent for crossing lanes. For instance Twitter and snapchat and Tiktok are very different. I view the social media landscape as an oligopoly rather than monopolistic and they rarely cross into each others territory. Also the rate of new meaningful competitors just is not occurring fast enough when a democracy like the US has elections every 4 years. Theres a mismatch in competitor lane crossing and the rate at which democracy operates. Theres been what...2 or 3 major new social networks with limited scope that dont really compete with each other in 20 years on the western side? Its just not enough to make an impact and give people choice especially as we see them act in tandum.
Google+ just wasn't very good, the argument that no one else can do it doesn't sit right with me because google was half assing that from the beginning.
I think those are the optics because it never took off so it looked half-assed but they made an effort (Google+ was also launched a long time ago so it looks antiquated by todays standards). Maybe a better argument is that its been decades and nobody is meaningfully competing with facebook or Twitter in their respective categories even though there is tremendous economic incentive to do so. Network effects are very difficult to break. When the president is on Twitter nobody wants to be on Bob's basement network. Its locked in a feedback loop.
Follow up comment here because Ive apparently reached my limit for a while: I believe you. I still think a Google half-ass is going to be a stronger effort than another start ups full out stab at it. Facebook is the biggest "country" on earth almost by a factor of 2x with 2.7 billion people. Its just other worldy large and difficult to compete with especially today. But I get what you're saying.
I was following pretty heavy at the time, and unfortunately "made an effort" looked pretty poor to me. You are right network effects are difficult and if google wanted to throw it's full weight behind the problem instead of just dipping their toes they had the capital to shift opinion. I think this is far more likely google didn't have the will to make that a fully focused problem.
That argument of "just go and make another platform" is misled anyways: Even if I build another platform: Twitter is still the primary communication channel of the US President. Which means that all secondary users (interested citizens, journalists, ...) hang out there as well. Thus whoever they block there or not has an impact, even if my competitor has a few hundred million users.
A separate platform requires a compelling story. Google proves merely that money and dev talent aren't enough no matter how much you have of either or both.
I agree that the second amendment is often debated as to its intended (or proper) meaning, but I think you're talking about first amendment protections here.
The powers that wont be are complaining about censorship but as we all look back on the last 4 years and all the dead people the people running the government for the last 4 years are more apt to ask social media why they didn't do more.
This may not directly relate to monopolistic behaviour - but I remember once (pretty recently) when Jack/someone in his team revealed a screenshot of an interface in their backend that literally allows them to control public mood and opinion- such as trends, shadow banning, etc.
To me, that is scarier than just being a monopoly. Imagine, you pull the right switches during an election campaign that could sway public opinions in the last minute (regardless of the political party you support).
How they aren't under serious scrutiny after releasing such interfaces to the public is a grave concern to me.
I have even stronger concerns about Murdoch's media empire. Whatever Twitter might or might not be doing is child's play compared to what Murdoch is definitely doing.
From watching the past several times they've been called before congress, it's abundantly clear that several congressmen (mostly from one party) do not.
As long as the political "contributions" still flowing into the right politicians, you can bet if there is any change, it will be adding more regulation that is too expensive for small players comply.
I'm, sadly, not so sure that straw will come any time soon. Major tech companies have been under fire for years now and nothing managed to break them. Not saying it'll never happen but monumental shifts like that can take decades to pass.
There were plenty of last straws. The missing piece is a powerful enough entity that has interest in regulating them. No, despite the GDPR the EU is not that.
Exactly, compared to what could be the maximum fine, there are no high profile cases. This is the point, GDPR is as useful as much as it is enforced, which is lackluster at best. We are not talking about a one off, for example Google has been continuously violating GDPR for years at this point.
And another shitty thing is that I can't tell them to omit certain websites from my search results, while at the same time they insist they need my information "to improve my experience".
This is exactly it. There's nothing personalised about Google search results. It doesn't show what I want to see, it shows what they want to show me.
I'd like a search engine where I have some input on the ranking of sites shown to me. Some sites are crap and I never want to see them, other sites are ranked low but often have info I'm interested in.
Even just let me vote my search results up or down on relevance. I can vote on everything else, why not this? (Though ideally, I'd love to be able to devise my own algorithm for these things.)
My theory is that such a feature would take away too much power from Google being able to control the "sorting" of the search results and it would pull away the veil of what they really do (or don't do). I think the bulk of the common search queries and information on the web (that isn't exotic and super-unique) is accumulated at any one point by a handful of websites (think 100-1000-10000?).
It's highly conceivable that one could get a completely novel and diverse web and search experience if we were to exclude those concentrated websites entirely from search results. At that point, google can no longer slide on just showing the top results from a tiny subset of their index, and would be forced to always show results from the entire index. As opposed to now where 99.9% of the time, they mostly show you results from that smaller subset and 0.1% of the time show you the rest (that is of course only if you have a super-specific query or you force them with some of their remaining search modifiers).
I worked around that by briefly enabling history, setting the Home address and then immediately turning history back off. Obviously not ideal but it solved the problem for me.
What data? The location history feature in only on briefly while you are setting your Home location and once you turn it off again it stops collecting it. You also can go into your Google account and verify what information (if any) was collected in that window and delete it if you really feel that strongly about it.
This is really just Google using hostile UX to badger people into enabling location history and (in their eyes - hopefully) leaving it on.
It might still be processed in aggregate, but they stop associating years of precise locations to your account.
I’d be surprised if they don’t follow that wish just for PR and legal reasons alone. The fewest people will actually opt out or if they do accidentally opt back in since the “enable web and location data” action appears anywhere from Maps to Google Home setup.
I want to tell Google where I live so I can say "ok Google, navigate home" and get directions home without having to touch my phone. If there's a phrase that gets hands-free directions for starred items without having to say the whole address, Google doesn't make that easy to figure out.
Everyone who uses their phone while driving thinks they're one of the few who can do it safely, whether they're fully engrossed in a text conversation speeding down the freeway, or tapping an icon while stopped at a traffic light. Deep down, I think that too. That's why I can't give myself excuses to do it.
Home and work are very "special" cases in that it's someplace most people regularly go to and from. So the app sends you personalized driving alerts/reminders, traffic updates, etc. There are definitely reasons for it, it's just not worth it to some. Others just have no idea that some of these nice goodies are helpful and not eerie and "privacy invading". So what if Google knows where I live and work? Frankly, that's something the government should know anyways, and it's failing abysmally judging by the amount of crime it's missing.
I like declarativeNetRequest and think that the tradeoffs are reasonable, especially after the last revision[2]. Ad blocker extensions are a major security risk, and this fully eliminates the risk without breaking most of the functionality.
Adblocker extensions need full access to all network traffic and all it takes is a single person's account or machine to be compromised to get access to millions of browsers. Chrome extension compromises are a somewhat common occurrence - see [1] for a recent example.
I want ad blocking without giving the extension access to my cloud accounts, bank statements or company intranet.
My current solution is to use the ExtensionSettings[3] Chrome policy to blacklist extensions from particularly sensitive domains like accounts.google.com, my bank and the company intranet, but it's a clunky solution - I still want tracking and ad scripts blocked on those!
There's a lot of hyperbole and exaggeration thrown around the subject of manifest v3 and declarativeNetRequest, but everything we've seen so far suggests that it really is an attempt to restrict ad blockers to a level Google is comfortable with (the level of Google's existing partner, AdBlockPlus).
Some relevant points:
- Google still hasn't raised the rules count like it announced last year in the blog post you linked. The current API is still limited to 30k rules. (the dynamic rule count is ridiculously low too)
- Even if the rule count were unlimited, having a static list of rules handicaps more complex algorithms like those used in uBlock Origin, that aren't limited to "if URL in URL_LIST then block". For instance, a Levenshtein-distance-based algorithm can't be implemented with declarativeNetRequest.
- Manifest v3 doesn't seem to prevent extensions from examining traffic, just blocking it. So Google's stance that its API is against data mining, not ad blockers in particular seems hypocritical.
- Similarly, its stance that the proposed API is more efficient is extremely dubious. Modern WebAssembly has close-to-C++ performance, meanwhile ads and analytics are one of the biggest source of slowdowns of the modern net. The idea that restricting adblockers would improve performance in the general case is absurd.
Overall I have the same view of adblockers as I have of pirate sites: they're very convenient for me and I like to have them, but I don't begrudge corporations for doing everything they can to get rid of them. In a world where most of the internet is funded by ads, I understand why Google would want to find ways to make adblockers just a little less powerful.
But Google's insistence that it isn't doing exactly that, and that its API is technically motivated, reads as corporate nonsense. They haven't responded at all how I'd expect them to if the whole controversy was just a misunderstanding.
> Even if the rule count were unlimited, having a static list of rules handicaps more complex algorithms like those used in uBlock Origin, that aren't limited to "if URL in URL_LIST then block".
Google is deeply afraid of machine learning based ad blocking. You can only camouflage ads so much before they don't serve their purpose. Forcing ad blockers to use a primitive blocking method prevents smarter ad blockers from being built.
> - Google still hasn't raised the rules count like it announced last year in the blog post you linked. The current API is still limited to 30k rules. (the dynamic rule count is ridiculously low too)
Manifest v3 is still in development, so I'm assuming that this simply hasn't happened yet. It definitely needs to fit uBlock Origin's default rule set and I don't see them backtracking on the 150k announcement.
> - Even if the rule count were unlimited, having a static list of rules handicaps more complex algorithms like those used in uBlock Origin, that aren't limited to "if URL in URL_LIST then block". For instance, a Levenshtein-distance-based algorithm can't be implemented with declarativeNetRequest.
This is the explicit trade-off that is being made. I'll gladly accept this limitation in exchange for not having to trust the ad blocker extension.
> - Similarly, its stance that the proposed API is more efficient is extremely dubious. Modern WebAssembly has close-to-C++ performance, meanwhile ads and analytics are one of the biggest source of slowdowns of the modern net. The idea that restricting adblockers would improve performance in the general case is absurd.
The blog post explains this - the issue isn't the (in the case of uBlock, carefully written and very fast) extension code, but the IPC overhead in routing all requests through the extension. The Chromium teams loves metrics and they wouldn't make this claim without having substantial data to back it up - it's not a matter of opinion, but objectively quantifiable.
> - Manifest v3 doesn't seem to prevent extensions from examining traffic, just blocking it. So Google's stance that its API is against data mining, not ad blockers in particular seems hypocritical.
The blocking version sits in the critical path, the non-blocking one can be called asynchronously. This is consistent with their reasoning.
One point, Google regularly makes false announcements about unpopular changes. When they changed search results to better hide which ones are ads they announced they’d backtrack on it, then didn’t. When they started hiding parts of the URL they backtracked on it, waited a few months, then re-implemented it. When they decided “don’t be evil” isn’t really appropriate for them any more they said it’d only apply to Alphabet not Google, then waited a few months, then applied it to Google.
> the IPC overhead in routing all requests through the extension
The case has never been made that this is the issue of why wesites take long to load nowadays, and rather the finding is that content blockers help significantly page load speed.[1]
You seem eager to uncritically accept Google claims while leaving out the views of the critics.[2]
There's no good reason for us to not be able to have 150k (or unlimited) rules now. The fact that we have this completely arbitrary and far too low restriction clearly shows that Google is not making even a passing attempt to enable adblockers to do their job.
This is only true in the sense that an all-purpose browser is "a major security risk". That is to say, it's not true in any coherent sense.
Yes, the ad blocker needs to be trustworthy, and there are a variety of approaches for furthering that goal.
> Adblocker extensions need full access to all network traffic and all it takes is a single person's account or machine to be compromised to get access to millions of browsers.
Again, you could say the same about the browser itself. Even if it were infeasible for extension developers to implement more security safeguards, that would be a flaw in the Chrome Web Store, not in the concept of web extensions.
A trivial "backspace to go back" extension needs access to all sites. Fraudsters buy semi-popular extensions and load them up with tracking and link rewriting malware, unhindered by Google.
Their continued "refinement" of the core ad blocker APIs while all these abuses and deficiencies go unaddressed is extremely suspicious.
> A trivial "backspace to go back" extension needs access to all sites.
Yes, this is bad and a big security risk. I don't use any extensions that request this permission. My company even pushes a Chrome policy that outright blocks them.
Manifest v3 fixes this by taking away blanket <all_urls> permissions. This would break ad blockers, so they add declarativeWebRequest and remove the blocking webRequest API that would be useless anyway.
Chrome is a security risk. Blocking extensions because "security" is just taking away control from the user. Why should Google be the arbiter of whether something I install is secure or not?
As far as I can see, Manifest v3 addressed all the major concerns. It was a developmental spec and they adapted it based on feedback. What problems still remain that you take issue with?
Where have you seen any source that isn't Google or Microsoft say that it "addressed all the major concerns"?
And what exactly has changed in the past year to do so?
My understanding is that webRequest blocking is deprecated and a limited size static list will replace it. No?
Edit: spec still shows ~35,000 total block entries, far too few. A medium sized marketing firm could, on their own, set up 70,000 distinct s3 bucket URLs, or a large one could easily justify that many distinct domains. Many existing block lists and uBlock's dynamic (uncountable) behavior far outstrip these limitations. This spec will break the back of ad blocking for good, and Chrome engineers and PMs know it.
Google is the one that made the changes in response to feedback. If you're rejecting them as a source of those changes, then you're setting impossible goal posts.
The changes included greatly increasing the rule list size, allowing dynamic rules, not requiring the list be included in the manifest (for independent updates), and the ability to adjust some network headers.
As I said, they addressed all the major concerns that I saw raised.
uBlock currently has ~75,000 rules. That list isn't getting smaller, so which 50% of the rules would you cut?
In a few years, which 2/3 of the rules would you cut?
How is this a win for consumers? How have they addressed those major concerns?
Edit: That was stock, I just added a few lists and passed 100,000 network filter rules. Please explain to me slowly, as if I were a child, how a static limit of 30,000 rules is a bigger number than 100,000, and why my computer with 128GB of RAM memory can't possibly support more than 30,000 rules?
If that's the case, why is Safari already worse than manifest v3, already hiding URLs, already promoting Apple News (more anticompetitive than AMP), and not even offering the ability to clear storage on exit?
Because Safari is a niche player. Anti competitive behavior matters a lot more when you have a stranglehold on a market than when you are just a bit player.
That's not for me to answer, but for Apple I guess. Maybe someone who works there can shine a light on this. Speculation about the URL bit would probably center on Apple tending to put form over function. Promoting Apple News -> because it cost them a lot of money to get it in the first place and they are trying to recoup that money. Not that I would ever even look at it, I don't think a hardware manufacturer is the best place to get my news fix.
I doubt that there can be much of a legal angle: the defense would be to think of Chrome as a client software for Google services. That client software can additionally interact with many third party services if they follow open web standards, but why should that have legal implications on how it interacts with their own services? It's a very dissatisfying situation.
Web standards are not laws. Would I be outraged if a car's design language would follow some aesthetic conventions (another set of "rules" that are not laws) but not others?
I'm certainly not happy with how Google is using their position, but is it illegal? Should it be? Even a Pixel phone can install and use Firefox. You might perhaps make a case out of how all SDK WebViews end up being Chrome (-ish), but as long as a third party app embedding their own web view would not be rejected by Play, that's still more open than significant other parts of the smartphone market. Sure, Google is using a position of power and everybody who isn't a major shareholder shouldn't exactly be happy about it, but itvit abusing? In a way assailable on legal grounds?
1. I tested with many different sites and configurations in order to narrow down the issue. The screenshots in the article are just a small sample of my tests, for illustration.
2. I'm not logged into Chrome or any Google services. I've gone through chrome://settings and disabled everything Google-related. Nonetheless, although I'm not using those Chrome features, this issue obviously could be related to the existence of those features in Chrome.
3. My goal in publishing the article was to get the issue fixed ASAP. I'm a browser extension developer, so I'm constantly testing with different browsers, including Chrome, Firefox, and Safari. It wasn't my intention to start a browser war.
4. I believe that Chrome is entirely open source, so I hope that someone familiar with the code base will take a look at this issue. The sheer size and complexity makes it a bit daunting for an outsider, but since Chromium has been adopted by other browsers such as Brave and Edge, there are outside developers already working on it.
Chromium is the open source bit, Chrome is Chromium plus a bunch of proprietary changes that google adds. You can run Chromium- it is a browser by itself- but it's not the same thing you'd download and run if you grab Chrome.
The "proprietary changes that google adds" are API keys[1], branding, and external plugins like Flash/Widevine. Other than those, the source code is identical.
You could decompile, inspect, and debug chrome if you must, but doing something so easily viewable and auditable would be a huge blow to their reputation.
Chromium has no auto-updater on Windows and macOS. Unless you have a package manager that compiles updated versions for you, you're better off using Chrome.
I use Firefox. But, I'd be willing to install a version of Chrome if it came without all of the Google garbage pre-installed. I was hoping that maybe Chromium could fill this role.
I use Firefox as my primary browser and Chromium for testing things for Chrome. The only downside to Chromium is you have to update it manually by downloading the package and dragging it to your applications if you use Mac. Other than that, it works perfectly. I trust Chromium more than Chrome if I want to let it run in the background.
ungoogled-chromium is a project that removes Google integration from Chromium. Here is the patch they use to remove this special treatment of Google sites:
From my experience, they tend to ignore those forever, and then they use the fact that the bugs haven't been touched in a long time as an excuse to close them as WontFix.
Not that I agree with it, but I think the argument is that any workflow but Chrome-first is naïve. Hacker News' righteous fury won't do much to change the fact that 2 in 3 people use Chrome.
Of course something can be irresponsible for many reasons but I think there is a solid argument that making a website that works better in Chrome than other browsers is morally irresponsible because you are encouraging more users away from more open browsers. (Which I guess is mostly Firefox at this point? :'( )
Over the last few months I have had ~30,0000 visits to my website, almost entirely from HN, and I was disheartened to find that 52% of visitors were using Chrome[1].
Given the pro-open-web and anti-FAANG sentiments that's shared on HN I had expected slightly different results.
Worth remembering is that the commenters on the site are the minority. There are a lot or lurkers on HN (possibly orders of magnitude more lurkers than commenters), so "the pro-open-web and anti-FAANG sentiments that's shared on HN" may be a vocal minority.
The people commenting probably varies a lot depending on the topic, too. There are certain topics where you know what the comments are going to be like.
There's no reason to believe that lurkers have substantially different behavior than commenters. More likely is that those who use firefox are more passionate and informed about browser issues.
Commenters are extreme outliers. Only a tiny single-digit percentage of forum readers online ever comment. HN is also a highly regarded, particularly alienating site with a strict tone expected from commenters. I'd imagine the ratio of lurkers to commenters is 100:1.
No it isn't you are incorrect. I now present my essay on why you are incorrect. Now we argue for hours on semantic differences and then call it a draw. And then dang shows up and gets mad that the comments aren't following the rules shown on that really, really ugly and vague faq guidelines page.
Wow this comment is getting downvoted a lot. I think I wasn't clear with what I meant. What I meant is that there's no reason to believe that lurkers have big difference in which browser they use.
Commenters by definition have substantially different behavior than lurkers: they comment.
Furthermore, people tend to be louder about things they perceive as threats, such as corporations dominating the internet. Those who comment about those threats are likely to be the same ones taking active steps to mitigate them.
I'm using Safari by default simply because Chrome is a CPU hog on my machine and I can notice my PC heating up considerably faster when running it.
I considered Firefox and tried to switch for a month before but the recent reorg + the stuff about their top officer pay makes it seem like it's a cushy position some people entrenched themselves in and the org is completely lost - the browser experience was inferior and I don't have sympathy towards them so why bother.
Chrome has plenty of forks so I try to run those on other platforms.
Yeah I’m amazed how many Mac users use Chrome when it’s such a resource hog. Safari has better privacy and battery life as well. Maybe people use Chrome syncing or something and that’s why I don’t understand but it seems like they went out of their way to get a worse experience.
Chrome has such a myriad variety of extensions that using Safari is simply not feasible.
1. uBlock Origin - the content-based blockers on Safari are not nearly as good
2. Zotero connector - for my academic work
3. Session Buddy - for saving sessions
4. Proxy switcher - for selectively using my uni proxy for academic resources
Do you really want to allow a myriad of extensions access to your web browser data? I can understand if you have a couple you like but personally I find extensions only make Chrome slower and I don’t trust most of them because of the deep access you need to grant. I’d just as rather turn my proxy on for a minute at the OS level and not have a permanent extension running in every single Chrome tab.
I could see using Chrome on a desktop Mac maybe, but yeah it obliterates the battery on my MBPs so badly that it's impractical to use unless I'm alright with being tethered to the wall.
It's kind of exasperating how low of a priority efficiency is with both Chrome and Firefox.
I was trying to switch my wife to use safari on chrome (because battery usage), but her argument is that "safari does not display favicons near here bookmarks" and it's big no-go for her. Makes you think about reasons of regular users when choosing browsers.
That's so interesting. I'm very computer literate, and a huge reason I couldn't stand Safari is because it didn't show it didn't show favicons in the tab bar. I typically have dozens of tabs open, and really need some way to tell them apart quickly -- such as favicons showing up. (I did find a hack to do it, but didn't love it.)
You might ask her to try again. Safari 14 actually shows favicons, and that is such a welcome relief.
It goes back and forth. As of a couple years ago, Safari sandboxed the network process which Chrome did not do. Chrome also sends a significant amount of personal data and usage data to Google and potentially other parties which significantly harms the supposed security. Having an always on data feed of the users actions (to enhance your advertising business) is not good security practice.
A ton of sites work better with Chrome than Safari because engineers often don’t put in the 20 min it would take to fix minor issues with Safari and build only for Chrome on the Mac.
It happens occasionally but “a ton” is probably overstating it. Any major website that doesn’t work on Safari for Mac and iOS is going to get bug reports pretty quickly unless it’s a Google product and they just don’t care
According to the article, its privacy is worse. Also, its implementation of ITP leaks more information when it is enabled (the default) than when it is disabled.
Your linked article is some Google researchers reporting some bugs in Safari which were mostly patched a year ago. It seems like they disagreed about whether some were patched initially.
That doesn’t mean Chrome is more secure. They literally install user tracking and tie you to your Google account so they can advertise to you and better sell things. There is nothing secure about a browser built to monetize your data and send it to the cloud for analysis and machine learning. Meanwhile they have their share of bugs as well. What do you think about this one which is more recent?
A vulnerability in Google’s Chromium-based browsers would allow attackers to bypass the Content Security Policy (CSP) on websites, in order to steal data and execute rogue code.
The bug (CVE-2020-6519) is found in Chrome, Opera and Edge, on Windows, Mac and Android – potentially affecting billions of web users
That Chromium bug has been fixed for monts. The Safari bugs in my article still haven't been fixed, causing users to leak more information in the default Safari setup than users who have disabled ITP and much more than users of other browsers, who have working tracking protection. As Justin Schuh pointed out, the changes that Apple made to Safari did nothing to address the issues discovered in the paper.
It’s one bug. Sure if it’s still open (the article was from January) then that’s not good but Chrome has thousands of open bugs as well and likely some that would give me pause. The fact that Google is the one giving Apple a hard time might indicate a bit of an agenda since it’s their competitor..
Google literally sends your browsing habits from pages visited to mouse movements to their servers where they link it with your other Google info like Gmail, Google Calendar, and Google Maps GPS tracking via your phone. Google products “leak” all the users data back to the mothership as a feature. And Chrome users tend to use a lot of random extensions which means the data usually leaks to a lot of unknown third parties as well (see DataSpii for one example which effected millions of Chrome and Firefox users)
So yes let’s expect higher standards from all browser developers. But realistically Apple likely fixed the bug or has a very good reason why it’s difficult to entirely patch yet. Google has had many extended data leaks as well but they actually build tools to gather your data up in the first place which makes it that much riskier should it get stolen or misused by Google or Google employees.
It's a security bug that leaks information about the user. It reduces privacy for the user to any website they visit. Chrome and Firefox fix these security bugs immediately upon learning about them. Safari does not because it had hyped ITP and is more interested in security theater, which makes for great marketing, than actual security.
I don't know why you are trying to redirect the conversation to services that can be accessed from any browser. The topic of discussion is which browsers are more secure and offer better privacy.
“Chrome won't clear your Google and YouTube data — even if you tell it to
Browser retains site data in defiance of privacy settings”
Every week there is a new scandal with Chrome privacy and usually it’s Google to blame and not a bug. I’m sure they’ll tell us this was another honest mistake that tracked billions of people for ten years but NEXT time they’ll put our privacy first. Meanwhile we all know our data has been the goal since day one and Google Chrome is the Trojan Horse to get the tracking onto our computer
You realize that the article you linked to is about the exact same thing as TFA, right? Then you must also realize because I've already told you that Safari doesn't even give you the option to clear data on exit right? That makes it strictly worse for your privacy.
> Chrome has plenty of forks so I try to run those on other platforms.
Safari’s Webkit engine has plenty of browsers using it — in fact IIRC Chromium began as a fork of at least part of it — eg. GNOME Web/Epiphany, Luakit, Surf, et. al.
The only thing that annoys me about Safari is that there's no way to disable or configure alternate search engines for the omnibar. Sending mistyped intranet urls directly to Google (or DuckDuckGo) search is a huge privacy hole.
Lots of us do. Firefox is my browser on all my devices. I do use Chrome when visiting Google Docs which I assume is deliberately sabotaged on Firefox though.
Might just be that Google doesn't test on Firefox and also maybe are "to smart for their own good" coming up with out of the box solutions that can be more likely to fail to begin with. Maybe I'm being overly optimistic, but I kinda read myself as saying "they probably just don't give a sh!+."
It's not deliberate; it's lack of investment. Docs is complicated enough that the small deviations in browser implementation add up---to make something as complex as Docs not work in Firefox, all you have to do is be willing to publish without hating new features on FF end-to-end tests.
I have a different experience with that: on a current MBP, Google office suite software (docs, slides, agenda, mail etc) regularly uses 100% cpu in safari for no apparent reason, and clearly also has some memory leaks were single tabs bloat to 2-3 gig memory... Have to kill the the threads manually. I would say it’s fairly unoptimized / pushes you to chrome
I second the experience of the other commenters. Keep it open long enough and it sucks up all the resources in non-chrome browsers. I also include Google Slides in my experience btw. It is more severe with Slides than docs.
I work in tech, and people are very surprised to hear that I use IE. When they ask, I tell them it's because I do not like where "modern" browsers (and software in general, but that's another can of worms...) are going. IE11 is the latest browser to have things like user stylesheets and per-zone security configuration by default. It's a small rebellion, but nonetheless an act of opposition to the increasing corporate monopolisation and bloat of the web.
One can be anti-Google and still use Google products. The browser is an exceedingly important piece of software. For some people, the cost of switching to something other than Chrome is too great. Maybe Firefox doesn't work well. Maybe they hate Safari. Maybe their favorite extensions aren't available. Whatever the reason, the cost of switching is greater than the price they put on their anti-Google stance. And that's okay.
Personally, I switched from Chrome to Firefox a long time ago. But I still use plenty of other Google products. I'm overall anti-Google, but I'm not a religious about it. I disconnect from Google where I can, and support products that match my views when I can.
If anything, I'm surprised the percentage of non-Chrome users your site encountered was as high was it was. Makes me kind of hopeful.
Firefox can be kind of annoying to use on HN, at least if you post often.
I use Firefox for most of my personal browsing other than Fastmail's webmail interface, and most of my general work browsing.
I use Chrome for a lot of testing and development at work and for dealing with PayPal. These things all get separate profiles, and Chrome handles multiple profiles better than Firefox. Yes, I know about Firefox containers, but I need separate bookmarks and history. Containers just deal with cookies and maybe cache.
I've been tempted to switch to Chrome for at least HN and Reddit because I tire of dealing with Firefox's spell checking. It regularly tells me things are spelled wrong that are not (such as "webmail" in this comment). It's not just that it is terrible that irks me--it is that it is inexplicably terrible.
What I mean by inexplicably terrible is that they are using Hunspell. That's the same open source spelling engine that is used by Chrome, and LibreOffice, and MacOS. Those all have great spell checking. I thus infer that Firefox's problem is not an engine problem. It's a dictionary problem. So why don't they they grab the ones LibreOffice uses?
Here are some words that came up in comments of mine either here or on Reddit that Firefox incorrectly told me were spelled wrong. Each one interrupted my writing flow as I had to stop and go look it up elsewhere to make sure that I had it right.
There's an issue in the Bugzilla for reporting misspelled words. I've reported all of those there so they should eventually be fixed. I'm not sure how long that takes.
Here's a bunch I indirectly reported earlier, that are now fixed:
A tangent but, a lot of google's sites disobey browser standards and rules like for example sound autoplay on load. When you visit https://santatracker.google.com/ or youtube, it automatically plays sound without any user interaction, which is impossible for non Google sites to do
> But they purposefully use CLS in Search to increase clicks on Ads
You present this as a fact, but it would be absurd that Google would use such a cheap and easily detected trick to increase CTR. It would be bordering on ad fraud and I'm sure that Google, of all companies, knows better than that.
Occam's Razor says that this is a stupid async content loading bug, which they subsequently fixed. I've never seen this happen and when I just tried it without adblocker with that exact search term, it didn't - the page loaded with the ad.
> You present this as a fact, but it would be absurd that Google would use such a cheap and easily detected trick to increase CTR.
3 years ago and I wouldn't believed it at all but around 2 years ago I saw it happen consistently with a colleague at the desk next to me.
I cannot say for sure that it wasn't an extension in his browser but I can say for sure that I think Google has been really busy tearing down the mountains of trust they had before 2007 - 2009.
Similarly, thanks to async ad loading, gmail replaces first two items in my email list with ads with such a convinient delay that I accidentaly click on the ads more often than I would like to. Occam's razor would say that if it can bring more money, it is not accident.
Accidental clicks are invalid clicks according to Google's own documentation[1][2].
For this to not be an accident, one would have to assume that Google actually makes more money from those invalid clicks, and that someone decided that yep, rendering ads asynchronously was a decent and legal approach at increasing advertising revenue, and requested the GMail team to implement it.
This kind of corporate misbehavior is not unheard of, but I just can't imagine it happening at Google.
It's much more likely that this is just unfortunate UX design to "improve" rendering performance without considering users on slow connections.
(I can reproduce this one just fine in desktop GMail - on the first render of the "Promotions" tab, the ads render asynchronously)
"No you don't understand: invalid clicks are things that happen on other peoples properties. You definitely meant to click that ad in gmail. We know, we're google, you can definitely trust us about this"
'Unfortunate UX design to 'improve' rendering' is the plausible-deniability they can use to justify this.
> This kind of corporate misbehavior is not unheard of, but I just can't imagine it happening at Google.
I definitely can, I don't think anywhere is immune to this once you reach a certain scale. They have a profit-motive to make money, they will absolutely try and get away with as much as they possibly can.
For example, the scourge of "people also ask" at the top of search results, that appears synchronously where the top result was a second ago, and has a randomly-generated container ID to prevent easy blocking. Not an ad, but, equivalently, content that I didn't ask for but that Google, for some reason, clearly really wants me to click on.
The android gmail app is horrible with this. They load a couple of your emails above ads so that the ads start on the second or third row.
And the re-ordering happens as your mails and the ads are loading! You might be about to tap your email, then the ads load in and you suddenly click on an ad. Or you want to tap the top row, but the app decides to put a different email above the ads and you end up tapping into the wrong mail because it was reordered just before the tap.
> [...] which is impossible for non Google sites to do
No, they don't. This is false. It's a mechanism called Media Engagement Index, Google properties have zero advantage, and any site can get a high score.
Chrome ships with a preloaded MEI assembled from global telemetry data, which is then trained locally:
This is part of the plan, but I find this angle to give too much credit to Google.
Once they reached a dominant ad network position their whole strategy has been “advancing the web is advancing our revenue”, and it bled into mobile to the point where building and maintaining a whole ecosystem for free makes sense as long as they stay the search and ad engine of choice (that’s the only thing they’ll fight to impose).
Chrome is built in the same optics: push forward the web and webapps as long as search is theirs.
I read somewhere - I believe on HN actually, some time ago - that a number of high profile sites were exempted from this restriction, Netflix among them. Really, wasn't this a thread right here on HN, saying that this was anti-competitive, oligopoly essentially, making any other sites of smaller competitors and upstarts automatically worse off? I'm sure someone will be able to provide a link...
There are other examples where only the large sites benefit while everybody else has to play by stricter rules: "EU Parliament bans geoblocking, exempts Netflix and other streaming services" -- https://www.dw.com/en/eu-parliament-bans-geoblocking-exempts...
EDIT: User teraflop posted a link to the list of "sites that are allowed to autoplay video even without any prior media engagement" right here in this thread https://news.ycombinator.com/item?id=24818178
Reddit and Twitter starts video with muted sound on my browser (Edge).
My guess from someone who had to develop a web video player at work, many websites will attempt to autoplay the video with sound and if it fails, it's easy to catch the failure event, they will mute the video and try again.
I'm talking specifically about Chrome. There's no web standard that says what a browser must do about autoplay requests, and Chrome permits a large number of sites to autoplay with sound on.
Web browsers are also capable of determining that autoplay on technically-not-load-but-automatic counts as autoplay. (There's even text in the spec about it.) In particular, they can tell whether it is in response to a user action/gesture on the site or not.
Chrome has some special logic about autoplay. The following page describes them, but I feel like it's a bit more complicated in more recent versions of Chrome.
Wow, this is terrifying. I am a big supported of Google and dislike the recent attacks on FAANG, but this is shocking to me. If they are exempting themselves from this, what else could they be doing?!
The comment implies that this is somehow hardcoded just for Google sites, which is not true. Autoplay is allowed for sites with a high enough media engagement index. You can check chrome://media-engagement.
The media engagement index is based on a user's past activity on a site, but Chrome has a special list of "preloaded" sites that are allowed to autoplay video even without any prior media engagement.
One has to wonder whether they intentionally obfuscate this list. It sounds like they “trained” a browser, and captured the resulting state. I’m sure you can argue this makes things more fair (we trained it using real world behavior!), but I really can’t give them the benefit of the doubt anymore.
It's generated by a Python script [0] from a list of URLs, but the input list doesn't seem to be included in the Chromium source (only the binary output of this tool).
> The pre-seeded site list is generated based on the global percentage of site visitors who train Chrome to allow autoplay for that site; a site will be included on the list if a sizable majority of site visitors permit autoplay on it. The list is algorithmically generated, rather than manually curated, and with no minimum traffic requirement. With the implementation of the autoplay policy for Web Audio in M71, Web Audio playback is also included in calculating the MEI score for a given site.
Will this not have some kind of self-reinforcing behavior, as the measurements are biased towards sites that are currently unmuted by default?
According to the MEI it actively measures user behavior and one of the most important measures is that a video is unmuted. From the document:
“The MEI is meant to allow media heavy websites (e.g. YouTube, Netflix) that rely on autoplay for their core experience. It is a non-goal to allow websites with a “good media behaviour” to autoplay without restrictions”
It doesn’t sound too good, and still doesn’t really explain how everything is seeded.
Amazing. I once built a web app with autoplay, which worked for me, probably because I was using the app a lot which gave it high media engagement, but didn't work for others, and I never figured out the problem until now.
That site doesnt even load in my browser... I only see the Google wave (Firefox mobile v6x)... but on the other hand, there are Firefox extensions that make websites load as if you were using Chrome.
The underlying problem isn't that Google sites are directly excluded, it is that Local Storage, Database Storage, and Service Workers aren't cleared by that setting, and that Google uses those for persistence.
Is this being evil or was support just not added when those were introduced? I have absolutely no idea. But I agree with fixing the underlying bug in Chromium either way.
> Local Storage, Database Storage, and Service Workers aren't cleared by that setting, and that Google uses those for persistence.
I always search with a specific Google.ca domain with cookie and javascript disabled. It worked really well and Google knew zero shit about my search habits on my Gmail account.
~/chromiumDefault is the dir as it was created when I started Chromium for the first time and set all settings the way I like it. I update it every once in a while when I tweak a setting.
So, honest question, because I'm genuinely bewildered: why would you bother doing this, when Firefox exists, is perfectly functional, and isn't made by Google?
I’m back to Firefox after many years, it’s quite good and I don’t miss anything from Chrome other than one click translate page button. Also looks like FF has caught up Chrome performance-wise. It’s fast, it respects your privacy, very nice!
I've been using Firefox as my daily driver for perhaps a year or more now.
As well as the translate page button, the other great feature chrome has that I miss dearly is the highlights chrome has in the scrollbar when doing a ctrl-f find-in-page. That is super-useful and a real pain in the arse that Firefox does not support it.
I played around with prototyping an extension to replicate it (or as close as I could get) but it was hard to nicely override the ctrl-f hooks.
It actually feels faster than Chrome to me. I've been primarily on Firefox for the past few months and was really surprised to find Chrome not feeling as responsive when I tried to use it recently.
I'm slowly cutting the cord with nearly all social media sites and other sites that track me for any reason, and as part of that, I'd like to get away from Chrome and use a truly open and privacy-focused browser. Every time I start Firefox, I'm turned off by how unpleasant it looks. The UI is just bad. Sharp corners, asymmetrical margins, crowded menus, lack of whitespace. The rendered colors don't match Chrome. Fonts aren't as smooth. It's like switching from MacOS to Linux. Things just don't look good, and that matters.
I am not entirely confident in this but from my perspective, a simplistic reading of what you say appears to be "I want privacy but only if I don't have to endure even minor inconveniences for it."
This may never happen unless privacy was as profitable as selling data on people's behaviour.
You put a gram of sarcasm on your simplistic reading, but I think you need to realize that anything people use daily, even hourly, needs to make them feel comfortable. For whatever reason, the poster you're replying to is bothered by him but for something he has to deal with so often, it's hard to override that feeling.
I guess what I'm really saying is that frequently used things probably involve human phycology and emotions just as much as someone's intelligence.
That’s awesome. I took that cord cutting one step further.
I completely stopped using all products and services from FAAMG and committed to a complete digital detox plan. Using my devices with a clear intention in mind, rather than getting sucked into a dopamine driven vortex of dark patterns, has changed my life for the better.
For email, I made a protonmail and I’m still in the slow process of changing my email over on all the critical websites I depend on. For my phone, I got a Light Phone II. For my desktop and laptop OSes, I use Linux distros (Solus and Manjaro are my favorites). For GPS, I use a Garmin, and for reading, I use a Kobo e-reader.
It’s ironic that devices that do everything for us, instead of specializing in one important thing, have negatively impacted our lives when they were supposed to improve them.
For me sadly it's the WebSpeech API. A lot of sites that use speech-to-text and text-to-speech break on FF and also the voices FF aren't nearly as good as Chrome.
This bug has been pending for many years now and I don't think it ever going to be on their priority list soon.
I have an intermittent issue in FF across platforms/networks where I can watch in network console as I enter a URL, and I can see it not even trying to send the request. All I can find is a fixed issue from 2017 and I don't have the time nor inclination to try to figure out why this would be happening. Searching for a cool new browser for the Linux box but I might just install Chromium and be done with it.
I'm having a similar issue with FF. When I open FF and go to gmail.com, it doesn't load. I filed a bugzilla some time ago and it's still not fixed yet. FF is not usable for me so I switched back to Chrome.
There are some convenience issues with Firefox that bother me:
- It starts slower then Chromium.
- Right click and "Open in new private window" actually opens in a new private window. I prefer how Chromium does it, grouping all sites opened like this as tabs in one window.
- In Chromium, I can easily set any URL as a custom search engine with whatever parameters I like. In Firefox, I can't.
In my experience, Chromium renders and is interactive ~~faster~~ earlier, but they have about the same time between launch and browse. On Chromium, I launch, type in a site, hit enter, and wait and wait as it finishes actually starting up. FF takes longer to appear but is ready to browse as soon as it does. Or at least it did until some time in the last year or two, at which point it started taking a page out of Chromium's book. But honestly, I don't do cold starts that much so it doesn't bother me much one way or another.
While I dont think you can set any url as a "search engine", you can set any url as a parameterized keyword bookmark. Create a bookmark, then edit its properties, put %s in the url, and assign it a keyword. This behavior is more straightforward to setup in chrome but it at least exists in firefox.
I can't remark on the first two (I don't start my browser that often, it just status open, and most of my private browsing use cases are covered by the temporary containers extension), but the search engine issue (which is super annoying) can be solved with an extension:
Im back to FF for almost a year now. I am experiencing a lot of hiccups, freezes and crashes. I think FF should concentrate to improve the browser first and foremost. They’ve been adding a lot of useless (to me) features but the broswer is still buggy. It’s their time to claim their market back from chrome, or it will start happening soon and I think they should just concentrate on the browser.
Are you on Windows by any chance? I experience that with Firefox only when I use Windows (i.e. almost never, fortunately). I switched to Firefox on my main computer (Linux) a year ago and I could not be happier. It consumes much less memory than Chrome, it's way faster (that's my impression, I haven't measured that in any way) and it is a lot more customizable. I removed a lot of stuff from the context menu for example.
As a bonus, it isn't made by Google. I was a hardcore Google fan a few years ago, but after seeing what they are doing with Chrome and the internet, I just could not keep using Chrome any longer.
> Also, I block firefox myself. It phones home a lot, even when you tell it not to.
Do you have sources on this? I use Firefox on Mac OS with Little Snitch and have never had Firefox try to phone home with analytics disabled (a one click decision on first start of the app).
Shavar is the server from which Firefox downloads update to its Safe Browsing and Tracking Protection site lists. “Shavar” is the name of the differential update protocol Google designed and uses for Chrome Safe Browsing site list.
aus5 is the server from which Firefox downloads new Firefox updates. “aus” stands for Auto Update Service.
I’m not exactly what data is downloaded from firefox.settings.services.mozilla.com.
Settings one is interesting, it does appear that you cannot block it[0] and that is sad.
The other two appear to be safe browsing and automatic update related. Those two services can be disabled form the regular settings UI, I think? Have you found that to not work?
I really really really tried to give Firefox a chance, but gmail and some other sites are unusable, 40% are slower and admittedly the other 50% work just as fine as in Chrome.
I have had some problem with Firefox for many years, maybe 5 years since I've tried to use it.
The problem is whenever I start FF it hangs for 30 seconds before I can type the first url in. That duration and the fact that it's consistent means it's clearly a network timeout.
I have a locked down computer, layers of security enhancements so I kind of understand something I've done is causing it.
However, why should it lock up for 30 seconds if it can't do some background thing! On startup! It's an atrocious UI failure. And it's been this way for 5 years that I've been counting, through their Quantam speedup etc. Major flaw and unfixed for aeons of 6 week release cycles.
Btw it's not updating as it still updates ..
It's actually really bad design to have a lockup like that, and especially on the critical hot path of the first time you use it! It's a sign actually of bad user experience design, and it's one of a number of bad anti-user things I've found about it. Things that Chrome gets so right!
I want to ditch Chrome because of the many Google anti-features, but UX is also very important to me I use the browser all day every day and I'm extremely fast at the UI with advanced shortcuts etc. Firefox locking up for 30 whole seconds before I can use it not only destroys my flow but is actually an eternity - I could have about 40 chrome tabs opened with urls types and autocompleted or pasted into the url bar in that time ..
Sadly Firefox blows on a large number of design decisions. I get the impression that user experience is down the list at Mozilla, below either Google donations or SJW antics. Whatever, but they consistently fail on important points. I wish it wasn't so I truly do. I'm in the process of moving to Brave in anticipation of uBlock finally being sabotaged by Google.
I have the opposite problem, strangely: Firefox always starts instantly, but at some point in the last two months the autoupdate feature stopped working. A minute or two after starting FF, I get an in-browser popup that the autoupdater couldn't download the latest version automatically (even if I am on the latest version as I now update it manually).
It seema like a losing battle trying to make Google products not act as malware when they are designed for that purpose. It is so much easier to just use Firefox.
That's a little unfair. Emacs has bad defaults because some person, somewhere, fourty-ish years ago, honestly thought they were good (probably correctly for their use-case). Chrome has bad defaults intentionally, to benefit a corporation.
Obviously tab behavior in Emacs c-mode is not a comparable default
to how Google configures Chrome(ium).
It was more of a joke as the answer to "How do I make Emacs do this" could resolve in a "Easy, just do this" followed by some arcane lisp macros that would have taken two years of research and experience to be able to compile.
And on the day that “mktemp” fails for some reason, that script will then delete your entire home directory.
That's a good point but an incredibly lazy comment. I think the possible failure of 'mktemp' could be protected against by using 'set -e' at the start of the script.
Wow, that UI looks deceptive. Maybe if an organization like the FTC “nudged” Google with fines, or DOJ looked at other options, the smart folks at Google would get better at these sort of things once they’d had the proper incentives given to them.
It's amazing the amount of crap people put up with in exchange for some comforts and conveniences these days (google, apple, amazon). Sad that so very few people put values first
Could it be it's just peoples values are like that? That regular consumers are ignirant and short-sighted and care more about funny games and easy apps instead of privacy or quality?
It’s not either this or that. It’s simply that people really don’t care about privacy on the internet, apart from situations they have been taught to be careful (eg internet banking).
They simply don’t think about their internet browser, their privacy and Google, in the same way most people don’t care about how toilet paper is made. Sure you can make a strong case why something is bad, but in the end people just keep buying the same brand of toilet paper.
"Ah okay, thanks for the clarification. Sounds like that doesn't apply to the internet then, because I'm just loading websites in a browser, I'm not talking to anyone. Thanks again for clearing that up!"
defining privacy in a contextually relevant and concise manner is hard.
Yep. Your problem is you're hiding all the inconvenient logging and generation of metadata propagating knowledge of my communication with your website beyond the scope of what was intended every time you propagate out metrics logs, or transaction data out to other third parties.
If you stop at "oh, an HTTP session happened", you're being a disingenuous maker and perpetuate of strawmen. It's almost always what happens with data by actors you invite into that "seemingly private HTTPS transaction" that violate the simplestsocial precept of the technical exchange.
Things branch off from there. If you can't see that as a fundamental breach of privacy and professional discretion, then again, it's likely you have a vested interest in not seeing it. It's damned obvious to anyone who doesn't.
Why would Google be interested in getting consent for something they can force without you being able to complain about it? That makes no business sense, and the only thing that makes Google change things is if there are dollars at stake.
And then only dollar amounts that move the needle (and if your choice negatively impacts the business by only a million dollars ayear, that's an irrelevant difference for Google. They literally don't care, because a million is peanuts, and does not move the needle)
That's _your_ definition which may have pretty much nothing to do with how other people see it. We won't be able to have a clear conversation about privacy until every person is on the game page about that.
Until you understand that, you'll continue to be "surprised" when people say they care about privacy but not the pet peeve you have.
Maybe if apple or google or FB or any of the massively profitable big tech cared to pay back fairly to creators there would be quality content. Right now with things as they are nobody seriously wants to join the crowd of beggars.
From my experience the majority of non-tech people do not value software or online services and will balk at paying even a couple bucks for an app.
The other problem is that every service out there will pretend to treat you with respect and it's only when things go wrong that you learn the truth, by that point it's too late.
So you need to 1) look beyond the price and 2) know which companies lie and which don't when it comes to their marketing (or have a previous experience with them), otherwise they all pretend to treat their customers with respect.
There's a huge, billion dollar niche where Google used to be :
1. A box on a web page
2. Customers write words
3. Your software return a list of web pages that contain said words plus relevant ads.
Since sometime 2007 - 2009 and Google has dropped the requirement that results actually contains the word and it is extremely annoying.
I use DDG these days. They are just as bad, not better or worse but it is faster to add !g to a DDG search than to retype the query in DDG aftee first trying Google.
First other search engine to recreate the Google experience from before 2007 can charge me $10 a month and show ads on top of it and still get me as a happy customer.
Apple is the one looking to expand into health and wellness. The data Apple can harvest is going to become more and more valuable. They're rolling out home speakers and the Apple Watch is increasingly becoming a DYI diagnostic tool. I think it's a bit naive to think that Apple is somehow more altruistic than any other big tech company.
It's not altruism, it's just their business model happens to be more compatible with people's rights: Apple sells hardware at a premium price. Google monetizes data to push ads. Ads aren't a big part of premium experiences, Apple recognizes nobody likes them.
Which is why Apple devices generally only have ads in third party experiences, and Google shoves ads right in the default mail app.
Apple's business model is more compatible with rights YOU care about, but it is false to say it is compatible with "peoples rights"
Apple is more compatible with Privacy rights, but wholly not compatible with ownership rights, portability rights, free speech rights, etc.
Their draconian ecosystem policies around payment, hardware lock in, and platform lock in are IMO just as bad if not worse than Google draconian policies around data privacy
It seems however you do not place any value on anything other than privacy
This is an important point. There are no good guys in cell phones right now, at least none that are large enough on the stage to really scare Apple/Google.
EDIT: I feel like I should give a shout-out to Pinephone, LineageOS and GrapheneOS as some better options, although they are all obviously not mainline.
Exactly. Which is why I buy iPhones rather than Android handsets. I'll support Apple as long as their business model is privacy orientated but once they pivot (and I'm sure they will at some point in the future) then I'll switch to the next platform that supports my privacy -- assuming by that point that there are any such platforms left...
Which is why I think projects including PinePhone and Librem 5 are important, as they are privacy orientated and they need community driven support now to be usable in the future. The only other projects that get close are ones that use AOSP as a base like GrapheneOS or LineageOS with MicroG. But this introduces the same issue that Chromium forks have, which is the increasing maintenance burden.
I personally think that the whole "privacy" thing started because their ecosystem is in trouble.
They created the app store and made apps ubiquitous.
Honestly, computers used to have so much promise. They helped us, and made us better.
But nowadays how many people have you heard say "I don't WANT to install an app". (I know, lots of people don't care)
And apple is trying to restore (a little) trust by saying they're for privacy.
Thing is, they have to play both sides. And they really can't be for privacy (like allow a firewall or block network access for an app) because then developers won't do anything on their platform.
There have never been third party ads in any default application on MacOS or iOS and I feel completely confident saying that.
You could make an argument of upselling, the music app prods your for a subscription to Apple Music or to buy songs on itunes- you could argue Apple TV shows content from providers you’re not subscribed to (next to ones which you are)- but those are first and second party ads.
> the music app prods your for a subscription to Apple Music or to buy songs on itunes- you could argue Apple TV shows content from providers you’re not subscribed to (next to ones which you are)
They don’t have to be altruistic as long as their interests align with those of their customers. So far on privacy they’ve spent billions of dollars building a reputation for protecting user privacy, fought court cases and probably given up billions more in potential revenue from user data monetisation. I’m not about to give up using a smartphone or online apps, so given I need to make a choice, I’m happy with the one I’ve made so far.
All you have given is possible reasons Apple might compromise, but those have applied for many years. If they do start compromising then sure, let’s re-evaluate.
They have spent on _marketing_ privacy. Their court cases were a great exercise in PR. They still have the highest compliance rate with US government for turning over user data, which they hold the keys to, and the Chinese government. User data monetisation is not the only danger to be wary of, it just happens to be the one that gets trotted out most often.
The time to re-evaluate is already here, it's just hard to do so when you're already locked into their ecosystem.
It’s not as simple as taking the compliance rate. The question is, how much data do they hold that they can tune over. How much of it is client-side encrypted.
Twitter handing over the DMs for a user: very much problematic- they’re plaintext. Apple handing over the iMessage history for a user: much less problematic, it’s E2E encrypted. (though still an issue - metadata may still be plain)
Fundamentally it boils down to some trust level - how much of what apple says about their data storage is true?
I don’t understand how complying with the law and not criminalising their employees is a ding against them. I don’t think I’ve ever seen that used as a criticism of any other company, but it’s regularly used against Apple. It’s really bizarre. If you dont want companies complying with the law surely what we need to do is change the law and challenge governments. What matters is what they choose to do within the law, and as a customer I’m satisfied.
The difference is their business model. Google offers you free things, in exchange for showing you ads. Same with Facebook. This incentivizes them to find more ways to get more data about everyone.
Apple mostly makes money by selling you goods. Privacy can become a feature of those goods, increasing its value. They are incentivized to protect privacy.
This doesn't make Apple better. It's just that they're in a different market.
Except in the name of privacy they are now using it to expand its services to other sector. Payment, Cards, TV, Music, Wellness, what's next?
(Especially true when you see people continue to think their business model is still to sell you iPhone, Apple is no longer just an iPhone company anymore )
Many of these makes me uneasy. Especially when we have caught Tim Cook lying multiple times.
Well, depends on how you define "alternative". If they were browsers, then perhaps NYTimes would only work in Firefox and WSJ would only work with Chrome. Technically, you can treat either as a replaceable commodity good as well...
I was thinking about The Fall of Google in the shower today and how it could happen while seemingly more evil Amazon is flourishing.
The reason I think comes down to Google's unwillingness to let engineers talk to customers. If even 10% of the engineers at Google were talking to customers inbetween sitting on multi-coloured bouncy balls and having political in-fights with PM competitions for who could destroy and relaunch Google Chat the fastest, they would still be winning instead of me typing this in Mozilla Firefox on an iPhone with DuckDuckGo as the default search engine.
Google customers are corp's marketing departments, not people. People are natural resource for Ad data mining, which usage should be taxed or licenced by govs, btw, like oil. Amazon just sells stuff, so customers are people.
You still gotta 'manage' your natural resources. Lumberjacks try and keep the forest from burning down. Miners keep their tunnels from collapsing. Similarly, google should manage their users better.
'Should' here is not meant as a moral imperative. It is meant as "If you want decent profits, you should do this".
They do, they insert "privacy" in all comms, fancy new switches in apps, trying their best to look concerned. And it works, people feel good after flipping off yet another "privacy" switch.
Non-Chrome user here - does clearing Google cookies on exit sign you out of the browser-level account? If so, I could see some world where they wanted to avoid that UX. Of course, there are more honest ways to present this: e.g., a toggle in the same settings screen that gives you enough context to be able to opt in/out.
Endure the broken sites and sometimes poor support and download Firefox.
If that doesn't work, like it kind of won't for me either, go with Microsoft Edge. They're currently based on Chromium but that's only because they're trying to embrace and extinguish Google Chrome. It's another big giant but at least we're giving Google a run for their money.
Also, if a page doesn't work, and it's not essential to you (like, 99% of news sites) simply close the tab. And leave a ranty comment on the HN thread for bonus points :P
I use Firefox since 2005 as my main browser (I had a brief affair with Chrome between 2009 and 2012), and never experienced broken sites and poor support. Firefox works just fine.
To me it seems to be that way if you logged into chrome (and therefore into all google services). It seems reasonable that it does not log you out(e.g. delete cookies) when restarting the browser, even when setting it otherwise.
But those things are why i don't use chrome anymore so I can't verify it.
[Article author here] I'm not logged into Chrome or any Google services. I've gone through everything in chrome://settings and disabled all of the Google-related settings.
I think this test should be performed when you logged out from
the Chrome profile. Youtube, Google Docs and Google search automatically pick it when you logged in.
a corporate strategy. We cannot blame engineer because we are made to believe they made it because of their manager. And we cannot blame those manager because we are made to believe higher manager did it. And ultimately we cannot blame anyway and just say Google did it. And now nobody cares because people think google is very large organization we cannot blame whole organization for small things.
I will blame them for making such system. If we blame them I think ultimately this issue is going to be solved?
Elsewhere, it seems that `CONTENT_SETTING_ALLOW` causes cookies to be persisted even when you enable "Clear cookies and site data when you quit Chrome".
Doesn't look like it's working as expected, but it seems like a leap too far for the author to make the assumption that Google sites are somehow specifically excluded from that small of a trial. Several others have posted chromium bugs that indicate it's an issue with the file system more generally affecting many sites.
From the outside looking in I always wonder why anyone uses chrome. I'm not a web dev but do use devtools. Why use Chrome over something like Firefox, Vivaldi or one of the other browsers? Genuine question, what makes it so good.
Ff extension management is unusable for 5 or more extensions.
Need extensions to prevent sites from blocking select, copy, paste. I want an extension manager extension that let's me quick toggle extensions but ff apis don't currently support this from what I understand.
Chrome creates a unique ID for each user (there has been much discussion about the entropy vs the uniqueness for the install key), they have been found to give a pass for Google Analytics when visiting from Chrome, etc. And what else do you expect when it is in their interest to track you (and to have a excuse to justify their knowledge when found out in other grey areas).
EDIT: The quote above is from Casablanca, was once very famous [1]
I wonder if they short-cutted the logic because the Google domain stores state for the Google account, which Chrome itself ties into as a browser feature?
There could be some sort of hardcoded list of domains in the browser for this to happen (even if obfuscated), and if so, that should be rather easy to find... or it might be a complex combination of conditions leading to this, which is great evidence for the argument that browsers are becoming far too complex.
If this isn't anti-competitive, anti-trust behavior I don't know what is anymore. Obviously, my opinion does not matter and courts would have to decide that. But I've been saying it for years. If you care about the open web please stop using Chromium browsers.
Why? Because they can. And we can, although in a very small part, blame also Mozilla for this.
Firefox back then had a bright future since any Windows user comparing it with IE could immediately notice how it was leagues beyond in features, security and stability. There was a problem though: it was slow as molasses on normal machines, so when Google published the first Chrome version, it was like someone turned on the afterburner on web surfing.
That was back when "do no evil" was still part of Google's mission and when I and many others would gladly do crazy things to work there, so it wasn't much of a problem to migrate to it, which I did and kept using for a few years.
I don't know the reasons behind Firefox slowness, probably the XUL engine and/or the lack of optimization, but alas this was very noticeable, especially in multitab sessions which for me are the norm. Then Google completed its transition from a techies heaven to a corporation, with the inevitable changes to their politics, which made me and others migrate back to Firefox even before it was rewritten to become much more snappy. The rest is recent history.
Nowadays Firefox and Chrome are pretty much equivalent wrt speed, although Firefox seems still faster and better suited to sustain lots of active extensions (currently I have 24, 21 of which enabled), but of course privacy plays a major role here, and I wouldn't go back to Chrome even if it still was much faster than Firefox. Lots of people's mileage will vary of course.
What I wonder is however what would have happened, had back then Firefox been already written with speed in mind; could Chrome easily take the top position in an era when Google wasn't today's Google? I think not. At least not that easily.
The bottom line should be: optimize your damn code even if a 10% slower competition doesn't make it a top priority, before a new unexpected 20% faster product catches you unprepared.
Instead of breaking it apart, which would cause extraneous expenses, turn it into a non profit: Pay out all creditors (regardless of immediacy of the debt), executives and shareholders in the process. Then turn it into a non-profit with a primary purpose of "furthering the public access to knowledge of mankind in any suitable manner, including web search and cloud computing".
Do no evil has been replaced by abide by both the letter and the spirit of the law: "We rely on one another’s good judgment to uphold a high standard of integrity for ourselves and our company. Each of us should be guided by both the letter and the spirit of this Code."
Why is anyone using Chrome at this point? I use Firefox and honestly, I wouldn't even know the difference if it weren't for a few unique UI features. Old habits? If that's the case, you deserve what you get for your laziness.
Stop complaining about Google and start using Firefox. Simple. If it's not simple and you find yourself tied to Chrome then you dug your own hole. This type of thing has been going on a long time.
You can use Firefox (or Brave) and still point out Google's privacy violations and self-dealing. These positions aren't mutually exclusive, and are more productive than 'stfu n git gud. git f1r3f0x.'
1.) Not everyone is going stop using Chrome. It's better to let Chrome users know what they're getting into.
2.) Pointing out Chrome's privacy issues gives an extra push to stop using it. This post may be just the push someone needs to overcome the inertia built by using the same program for years.
Since I see some agreeing comments, I'll throw out a bit about why I disagree.
Like shopping on Amazon, or buying from China, I'm going to do what's best for me as an individual. It's government's job to step in and tweak the playing field to keep it competitive, and I'll happily vote to regulate the very things that serve me today, whether that's breaking businesses up, preventing mergers in the first place, having businesses pay for their externalities, etc.
I would guess the OP is making the argument that as a single-mover he wouldn't see much benefit. But where institutions and governments intervene, they can encourage competition, and so improve the state of the lesser player, in addition to potentially crippling that of the dominant one.
An example to which I could relate in terms of this line of thinking is plane vs. train travel. Were subsidies to flow towards the train rather than the plane, it would make it more affordable for me to the environmentally better thing. However, as things stand, I frequently find it hard individually to justify the often much higher cost AND longer duration of the train over the plane.
>> If these things are good for you as an individual (cheap, convenient), why would you want the government to step in and mess them up?
I can't speak for that commentor but from what I've seen most people who say things like that just dont want to take any responsibility. The attitude is: I do what I want today based on my immediate wants. Its maximum freedom! But I want the government to protect me from others bad behavior. And if they do try to regulate or break up a company that's giving me what I want, imma complain about it because it may interfere with my choice.
It's a combination of narcissism and lack of personal responsibility.
Edit: and that last part sounded really shitty. Maybe I need to change who I hang around so I see less of that.
This question cuts right to the heart of individualist/libertarian ideology.
All sorts of ramifications of the current system are awful for me as an individual. I don't want pollution, slavery, and all sorts of other problems, some of which directly affect me. But within the existing system, it might be my best individual choice to still buy a product that has those problems in its production because the alternatives available give me a worse experience.
The whole point of government intervention is to change the situation so that we don't have this dilemma.
I don't want the externalized costs of certain cheap conveniences! But if everyone else keeps doing that and I refuse to go that way individually, I still get the externalized costs anyway! I don't HAVE an individual choice that will eliminate those costs. If I did, I actually WOULD choose that over the cheap conveniences.
The problem with this sort of liberal belief in the functionality of the current iteration of representative democracy is that pollution, slavery, and all sorts of other problems are not awful for you as an individual if they give you slightly more comfort than the alternatives. If you're not willing to be inconvenienced in any way[$], your material actions are going to be to support polluters and slavers. Polluters and slavers will then be put into the position to determine the government.
Liberal ideology requires a god-blessed sovereign that lives outside of the system and has no motivation other than the common good for his subjects - whether that's a king, a magical computer that makes provably optimal inhuman (i.e. objective) decisions, or an army of biracial, bisexual, ungendered university professors who were in the top 2% of their class in elite colleges. There is no government, and no means of governance, that lives outside of the human struggle for power. Governance is the wielding of power.
You can't just wait for power to be placed in the hands of the just. The just are the ones who are willing to forgo power for the sake of the good. There will never be a magic button that you can push to make everybody stop benefiting from the bad thing at the same time. The kind of government intervention you're asking for is divine.
You have to take a risk, to be weak on purpose. Hobbes said it best in Leviathan: you have to make a "covenant" with the world, a contract that you will follow for the sake of others whether or not others follow it. An oath that obligates you and no one else, with the hope that others will be inspired by your vision for the world and live the oath themselves. The combination of you and those others creates power.
[$] Everybody is willing to be inconvenienced in some way for some value, everyone has some value that when violated will effect their personal comfort more negatively than some marginal degree of convenience will improve it.
That's all insightful and interesting stuff, but it doesn't change the fact that collective-action is distinct from just the aggregate of individual-action.
Regardless of all these other things, there are also situations in which the collective-action any individual might choose (even for selfish reasons!!) if they had the magic button is not the action they would choose as an individual without the coordination of others.
So, however it is accomplished, in whatever political system, there are cases where merely enabling a group of people to act in coordination allows them all to pursue their individual interests more effectively.
The core point being: you cannot merely judge that people who refuse to unilaterally follow a contract that others reject means that those people do not support the contract.
Put another way: Kant's categorical imperative is a nice concept, but it's delusional to actually think it represents reality rather than just a mental model.
If I self-sacrifice without collective action, I might very well reduce my own capacity for other positive actions and convince others by my example that self-sacrifice is counterproductive.
Firefox has been great for me lately. I use iOS, so I can have password synced cross platform, and I honestly feel like Firefox performs better than Chrome on my PC. Chrome eats up RAM, and it runs in the background unless you manually configure it otherwise.
I won't try to sell anyone on it, but it's awesome. Politics and Mozilla's laughable behavior aside, it's still a damn good browser.
I am sorry, but that hasn't been my experience at all. Both on Windows and Android. I've noticed that Firefox eats up far more memory than chrome with way lesser open tabs on both the platforms. I've had tabs die on me multiple times that I simply could not recover. At this point I am very conscious when I am using Firefox because I don't want too many open tabs or leave them open for too long.
I'd love to use Firefox and ditch Chrome completely, but I don't think its there yet.
I'm down to using Chrome for Google Properties that I use (Gmail, Drive, Meet), then Edge for regular browsing on my PC, and Firefox for browsing on mobile.
It's a reasonable amount of work to manage your privacy these days even for someone with the knowledge. So many users either (1) don't know, (2) find out and don't really understand how to fix it so they don't, or (3) find out and don't care.
Without some level of accountability at the public policy level we won't see a level playing field. Google is doing with Chrome what Microsoft did with IE (back in the IE4/5/6 days). If they continue while public agencies move slowly they'll catch up eventually and I believe we'll see some level of enforcement action.
Chromium works better. Those who care should build a better browser. People will not migrate to inferior products. If privacy is the concern you can use brave.
It is not as bad as Google, but mozilla also does some shady stuff that I find annoying and eroded my trust in them.
When I go to the extension store (as a developer) and click on "Manage or submit extensions", they automatically get my email and credentials from my Firefox sync account (the one registered in my browser). I understood that by trying to use this store with multiple accounts in multiple containers, but it is impossible. You cannot get the normal and neutral connection screen to login to any account, they grab your credentials without your consent anyway.
True, but I think a better argument can be made that an addon website is an integral part of the brower itself, as opposed to an unrelated website like Search or YouTube.
google knows it should do these things slowly. Nice in future my insurance company will show me ads on basis of how much fit i am by watching my computer usage. If i see computer for more than 8 hour they think i am unhealthy and will not give insurance. Good job google. And to all those people using chrome you are reason this is happening.
The Chicago School invented the “free markets can do no wrong” ideology that denies the possibility of monopoly, but Bork is the one who weaponized it to cripple antitrust, in plain violation of the statutes. The article is from a right-wing site, BTW.
I just switched to Firefox. Haven't used it in a long time. The one feature that helped me switch that wasn't there in the past was the Password import feature. Done and done. Goodbye Chrome after 12 years.
Chrome is the Internet Explorer of this decade. I’m old enough to remember when some developers defended IE when it was hot trash. There’s just no excuse for using it.
Presumably related to their linking of browser sync with the site-level Google login. That was an unnecessary change, and this is a good example of why a separation of concerns is important.
We need to start lobby governments to make this data collection and processing business illegal. I think all the platforms like Google, Facebook, Instagram and so on should be forbidden to collect the data they don't need to conduct business. That is they should not be allowed to package the data and sell or develop new products using this data.
Otherwise we should consider whether people using their products could be considered their employees and had to be paid appropriate wages? In the end entering data to their systems is a job.
God, people are so quick to jump on the Google-hate train and then advocate for a politicized justice department to hop in and somehow make everything better. Mozilla is just as guilty as Google. Mozilla has Firefox sync and Chrome has its own sync. This is basically to stop clearing browser data from automatically disabling sync, which most people would want. There are a plethora of third-party tools that allow you to clear your browser data completely if you want. There is nothing stopping you from using them, and you'd also be surprised how much you can do (including disabling Google Sync) from a simple policy file.
Stop waiting on your government to fix things because they aren't going to. If you want to fix things, then build your own tools to abstract syncing, bookmarks, and other features from the browser. They exist, whether you've ever taken the time to look or not. Somehow it is easier though for people to simply say... The government will fix it for me, rather than fixing things yourself.
The author posted elsewhere in this thread that they were signed out of Google entirely. So sync was disabled.
>Mozilla is just as guilty as Google.
Since Mozilla doesn't do anything similar when not signed into their sync service, this is plainly false.
>If you want to fix things, then build your own tools to abstract syncing, bookmarks, and other features from the browser. They exist, whether you've ever taken the time to look or not.
If you're not highly technical, you're not entitled to privacy?
>Somehow it is easier though for people to simply say... The government will fix it for me, rather than fixing things yourself.
It's simple. Some of us believe that a base level of privacy is a human right. And the only entities capable of facilitating those human rights are governments.
> The author posted elsewhere in this thread that they were signed out of Google entirely. So sync was disabled.
I once had an issue similar to this, and it turned out to be an issue with my profile. Once I manually deleted the site data the problem didn't come back. They admit that this may be a bug and I wouldn't be surprised to find out it is, but regardless there are plenty of other options including ephemeral profiles that you can use by setting a policy. If they aren't signed into sync, then I also suggest they disable syncing from the settings and the policy as well.
> Since Mozilla doesn't do anything similar when not signed into their sync service, this is plainly false.
They _just_ install Pocket and a bunch of other unrelated services and send your DNS queries to third-parties, as well as opting you into recommendations and telemetry.
> If you're not highly technical, you're not entitled to privacy?
You don't have to be highly technical. There are a lot of options for Google accounts to disable ad personalization, history, third-party access, etc. In fact, I find it much easier than almost every other company I come across. The documentation is easy to follow and is so easy my kids could do it. I'm all for privacy, but at the same time the rules need to be applied equally to all companies. Just attacking Google isn't going to fix the issue, in fact it will make it worse by giving a politicized government the ability to go after anyone that they feel doesn't represent their political goals.
> It's simple. Some of us believe that a base level of privacy is a human right. And the only entities capable of facilitating those human rights are governments.
We don't live in a socialist society that believes that humans have fundamental rights to basic necessities. I'm all for privacy being a human right, but shouldn't housing, healthcare, etc also be human rights? Google gives a lot away for free. Until we start addressing other issues, privacy as a human right will never be on the table and when it happens you can't just apply the rules to one or two companies. It has to be equal.
I honestly don't know how to debate someone who would equate the privacy invasions of Google with Mozilla. You say in one comment that "there are a plethora of third-party tools that allow you to clear your browser data [...] you'd also be surprised how much you can do [...] from a simple policy file." and in the very next comment insist that "it's easy!".
Lastly, your suggestion that we shouldn't enshrine privacy in law because we haven't enshrined other important things is nonsense. As you well know, enshrining privacy in law would cost the taxpayer $0 while the others you mentioned would literally cost trillions.
Mozilla does not have other websites and an advertising platform tied to your browser history, and bookmarks. Firefox Sync is basically a standalone service.