Hacker News new | past | comments | ask | show | jobs | submit login
uBlock Origin works best on Firefox (github.com/gorhill)
1595 points by anonymfus on April 9, 2021 | hide | past | favorite | 509 comments



Wow, what an awesome dive into some of the technical aspects behind one of my favorite tools for using the web. And I do think of it that way these days, it's fairly stunning on some sites to switch off all the block and see how they become genuinely unbrowsable. I remember seeing Gorhill discuss a few times over the years some of the reqs for uBO during certain times (like why it could no longer work with Safari following changes Apple made a while back), but so cool to have it all collected in one place.

Having said that I've also been fairly stunned recently to see how much difference a simple DNS blacklist system can make too. Not because it's a big technical achievement but because it isn't and in principle seems relatively trivial to work around. But as I've been switching all my routing from UniFi to OPNsense, I've gone ahead and tried out Unbound's basic built-in blacklisting. While it's no uBO, it works on every single device and browser including in apps and it seems like it really shouldn't, that more parties would just be proxying ads through their own infra and DNS. Been kind of an interesting illustration of technical vs economic influences in an ecosystem. I can see how proxying would add complexity and cost to setup so it must just be that few enough people do it the ad industry can't be bothered.

But should that ever catch on (and it could, Raspberry Pi seems fairly well known) I expect uBO to be able to keep up with the cat-and-mouse long after DNS has been left behind. This piece helps underline how incredibly important maintaining a critical level of diversity in the browser ecosystem is. Just shortly ago there were a bunch of complaints again about Apple not allowing Chrome to be on iOS because it "holds back the web", but what "holding back the web" looks like is certainly a matter of perspective...


Funny, I see the possible future differently. I am inclined to predict that the option to use ad blockers may come to an end because browsers and other software financed with online ad-derived revenue have full control over what extensions users are allowed to run. They have full control over that system for extending the functionality of their software.

Whereas the system for supplying software with IP addresses should continue to remain controllable by the user.^1 The online ad ecosystem has never had full control over that system.

1. If they so choose to exercise said control. As cited, probably most users are not currently exercising that control. This allows online ad tech to operate with relative ease, at relatively lower cost.

As much as anyone loves their ad blocker (to be clear, I think they are great), we really cannot dismiss the role of DNS in ad blocking. After all, it is DNS that is being used to bypass uBO on browsers other than Firefox. The only reason uBO can achieve a 70% success rate^2 blocking CNAME-cloaked ad/tracking on Firefox is because Firefox has a "DNS API". As such, uBO can check the results of DNS lookups for ad/tracking server hostnames/IPs.^3

Of course, a user who blocks ads/tracking outside the browser by controlling her own DNS lookups also has access to those results. No API needed. (Although I think it's a great project, I personally do not use Pi-Hole. I was using DIY DNS (without dnsmasq) long before Pi-Hole.)

One solution I can see to a future where ad blocking extensions are banned is a user-controlled proxy that performs similar operations, but outside the browser.

(I make most HTTP requests for recreational web use outside the browser, through a proxy I control. For recreational web use, I do not use a major browser to make HTTP requests to the proxy. The programs that I use have no financial dependence on online advertising/tracking/data collection like the major browsers and many mobile apps do.)

2. According to the paper cited on Github page that comprises the OP.

3. According to some uBO users sometimes the uBO-triggered lookups are undesired, e.g., when using proxies/VPNs.


> I am inclined to predict that the option to use ad blockers may come to an end because browsers and other software financed with online ad-derived revenue have full control over what extensions users are allowed to run. They have full control over that system for extending the functionality of their software.

I have a feeling that if Chrome (for instance) went that route it would quickly become Internet Explorer'd. If you recall, IE was the Chrome of its day for a good while until it slowly eroded away all its goodwill.


That worked back then. Ten years ago, browsers were, compared to today, ridiculously simple and thus could easily be replaced. I wouldn't be surprised if today's Chrome had more LoC than Linux in 2010.

Also, the mobile platform might be a good indicator of what ordinary people are willing to put up with. Chrome doesn't support extensions there, so everybody and their uncle is browsing the web with the full ad experience. I've never seen a non-tech savvy person use Firefox, or just anything but chrome (or the system browser), on an Android device, which easily allows to install uBO. Yet on the desktop somehow even those people somehow learned to install uBO or ABP. It appears that "apparently you cannot do this on your phone" is an acceptable answer to most people.


Let's get that quantified:

Chromium LoC: 34,900,821 [1]

Linux 2010: about 12 million [2]

It appears that Chromium has more LoC than Linux. (With LoC being a bad measure, Linux being GNU/Linux, blah). Browsing is hard.

[1] via Google since OpenHub appears down [2] https://commons.m.wikimedia.org/wiki/File:Lines_of_Code_Linu...


I'm afk so I can't check the current numbers, but as of a year ago Linux was up to 27.8M loc: https://www.theregister.com/2020/01/06/linux_2020_kernel_sys...


It would be hard to write a browser from scratch now that had the features of a modern browser, but creating a first-class browser is much easier than it has ever been because of Chromium and Firefox.

I agree that mobile is the direction many things are headed, but currently it's very easy to install any number of (sometimes shady) browsers from the Google app store that include ad blocking.


But don’t forget Microsoft let IE rot for years and that is what drove the interest - and the protest - for alternatives and helped Flash thrive.

Today Chrome is a fairly good platform, tons of support for all sorts of html extensions, and a very strong commitment to security.

It’s a really nice product, except for the strings attached.

Alphabet should be broken up and Chrome (OS) spun off into its own business; the tracking should be made completely transparent and optional on a subscription base.


Interestingly, this type of perspective is only gained in hindsight.

For example, I could see a future, say in 10 years, where we have a vastly better way to browse the web and then we will look back on today and think that Chrome(ium) was coasting on its past success and only providing minor new features (while ensuring that ads continue to be as profitable as possible).


I definitely remember takes in the genre of "who cares if IE is never updated. What else could you possibly do on the web?" back when websites were mostly static, JavaScript was still a toy, and all the people who could imagine better were trying to convince everyone to switch to [Phoenix, Firebird, Firefox]. Microsoft had the inspiration for XMLHttpRequest right there and couldn't see past its Windows-centric strategy.

There's an alternate timeline where Microsoft leaned on anyone implementing it. We never would have gotten as far as Sun suing Google over the Java API because no one crossed Microsoft.

No AJAX. No web 2.0. No SPAs. It would be a different world.


> No AJAX. No web 2.0. No SPAs. It would be a different world.

Is it better this way? I'm not so sure.


Uh? Did you even remember IE? How are the two scenarios even remotely comparable? It was abandon-ware, after Netscape was crushed Ballmer couldn’t imagine anything useful for IE.


Broken up by politicians? Ya, hard no. Just stop using it! Stop forcing your choices on people. No one has to use chrome, google search, gmail, etc. There are alternatives to all your problems, open source ones too.


The government is chosen by the people and enforced by their choice to make decisions. A company without control is cancer. Just look at Nestle, Facebook and Google and plenty of others abusing their size and that people are NOT rational entities en masse. A government should (and they are the only thing that can) step up against these abuses.


Products are chosen by 'the people' (consumers) too.


Products are chosen by a weighted sample of the people, according to how much money somebody has access to. "Vote with your wallet" means that different people have different sized votes. "Vote with your wallet" is an inherently anti-democratic phrase.


How much money somebody has access to is directly correlated with how much time (of which everybody gets the same 24 hours a day) they spend on trying to earn money. People who care less about money will earn less and that is their own fault.

The same is true in politics. Those who shout the loudest, win. A big wallet helps too. Ever heard of lobbying?


Factually incorrect. Some people have different hourly incomes, by several orders of magnitude. Some people have passive income, which no longer requires any time input. Some people have inherited wealth, which is entirely uncorrelated with their own efforts.

While I can see some benefits to having a proportional vote that can be allocated to different issues, money isn't such a vote because it isn't equally distributed. Between this and your reply to kaba0, I have a very hard time believing that you are arguing this in good faith.


There's no such thing as passive income; there's only delayed income. You're not getting paid for nothing; you're getting paid for putting in the work ahead of time. What's wrong with that?

I never claimed everyone has the same hourly income. Nor should they. Some people work hard (on their career - not necessarily at their current job!), others take it easy. Both are valid options, but there will be consequences for the respective groups (both good and bad).

If you're against inherited wealth, I expect you to leave none to your own children. Respect if you actually go through with this.


Again, incorrect in every way.

> There's no such thing as passive income; there's only delayed income.

Wrong. If you have $500k in assets, that yields an average of $35k/year, market average over interest. You get paid money for already having money. This is not additional work. This is additional money as a result of having money.

> Some people work hard (on their career - not necessarily at their current job!), others take it easy. Both are valid options, but there will be consequences for the respective groups (both good and bad).

The difficulty of work is absolutely unrelated to the amount paid. Many low wage jobs, such as customer service, landscaping, or meat packing are absolutely ruinous on one's physical and mental health. They are high effort, and low pay. Other jobs are low effort and high income.

Edit: For comparison, Jeff Bezos is 57 years old, and has $192.5 billion. If he were working 24/7 throughout his entire life, that comes out to $107/second. That is 53,140 times the minimum wage. There is no humanly possible amount of effort that is 50 thousand times harder than a minimum wage job.

> If you're against inherited wealth, I expect you to leave none to your own children.

Complete non sequitur. Inherited wealth is an example of how money, time, and effort are absolutely uncorrelated.

Following up on that non sequitur, though, there must be limitations to inherited wealth such that society doesn't separate into a landed gentry. You are also ignoring the middle ground between being against a generational aristocracy and forbidding inherited wealth altogether, such as an estate tax. Even if somebody is morally against inherited wealth, it is not inconsistent to still give wealth to their children, such that they can use it to lobby against inherited wealth. It's the same reason why I donate money to groups pushing for economic and tax reform, rather than deliberately paying more than the current tax rate. I still spend what I consider to be my fair share supporting society that way, and it goes toward making sure that others do as well.


It's interesting that you always preface your arguments with a conclusion. I wonder if that's how your thought process works as well.

You get paid for already owning money... that you had to earn previously. There are many other examples of something similar. If you do a really good job on a particular month, you might still get the same wage at the end of the month. But you might get a bonus at the end of the year. Or you might be promoted next year when a position becomes available. However, you will not get a bonus and will not get promoted if you quit your job/get fired in the meanwhile. Do you also consider this unfair?

I never talked about the difficulty of doing a particular job, be it meat-packing or customer service; I meant the emotional difficulty of leaving a bad job and the mental difficulty of making the right choices and being excellent in what you do. Working not for others, but for yourself.

If there are indeed 'low-effort, high-income' jobs, why isn't everybody doing them? Why don't you personally those low-income workers that investing in the stock market (to give an example) is 'easy' and 'guaranteed' to yield high returns?

In fact, many manual jobs are already being replaced by robots/AI. Yet people are complaining about losing their jobs. If you took my high-effort, low-income job away, I'd be eternally grateful.

In the case of billionaires, they don't get to spend all their money, so the comparison between them and a minimum-wage earner is not apt. Jeff Bezos is surely holding lots of paper, but until he spends it, it has no value. Do you have proof his spending is out of line? Besides, when you're rich you overpay for everything, which means higher income (with arguably the same amount of effort) for those who provide goods and services to you.

And I've never heard of children using their inherited wealth to... lobby against inherited wealth. If anything, they'd be more in favor of it. But I see the point you're trying to make. You're not part of the 'aristocracy' (whatever you mean by that word), which you means you hold a grudge against them. Little do you know that people poorer than you hold a grudge against you too (you're considered relatively well off) and would use the first opportunity do redistribute your wealth amongst themselves.


Dude, you're the personification of the bad-faith meme: Mister Gotcha.

While I entertained the idea of arguing with you, there is simply no point and I've come to the conclusion there are better uses for my time.

I'll just burn some points to point out how disagreeable I find your position.


Thank you for posting this, both for the support against his disagreeable position and for the reminder that engaging with people isn't always the best option. Sometimes I start by wanting to make sure that an abhorrent viewpoint has at least a visible reply, so that any readers don't see the comment as evidence of a community consensus. But that leads to me getting emotionally invested in an argument, trying to address whatever tangential non-arguments get pulled back in.

Partly, the interface of Hacker News or any vote-based commenting system makes it hard to track comments overall. I can look up comment trees relative to my own posts, but that doesn't show me that the user "ilovepitchdecks" has been arguing along the same lines with multiple other people in sibling comments. Their viewpoint isn't in any way a community consensus, and is being soundly addressed by the community, but that wasn't readily visible just from one thread.

All in all, a bit of a ramble, but I wanted to say thank you for posting this and that sometimes I need to just downvote and move on.


Well, your motivation is my motivation too, we just happen to have a different idea of what is 'abhorrent'. I'm just tired of seeing these kinds of political comments go unchallenged. It was my interest in tech that made me come on HN (I don't know about you) and I didn't expect to see so much one-sided political rhetoric here.

Who exactly is part of this 'community' you speak of? This site is on the public internet and open for anyone to join. I don't remember being asked to accept some political ideology when registering.

And this is exactly the problem with consensus: There never is one. Just because nobody speaks up, doesn't mean everyone agrees with you. Nor should they. I have been to those kinds of meetings where the majority of people don't voice a dissenting opinion or, in fact, any opinion at all. To interpret silence as agreement is just bad faith.

In fact, your narrow definition of 'community' is elitist and closely mirrors its use in the mainstream press (such as in 'international community', which just means 'the West').


So, this is against my better judgment, but I'll try to give a bit more description. You sound earnest here, and heck, you remind me a bit of myself from 15 years ago. That said, I want to focus entirely on the meta argument. I don't think there's any use in going further on the argument itself. To caricature our positions, at the end of this conversation, you can still think of me as a liberal communist who wants to tax away all of John Galt's hard-earned money, and I can still think of you as an idealist libertarian who thinks their lottery ticket into capitalism will pay off. But hopefully we'll be able to have better conversations in the future.

Many of your arguments are insufficiently defined. You make a statement, and then force others to assume what you meant from it in order to have any further conversation. When people do, you instead say that there was a different intended interpretation. For example, in the thread between you and me, the ambiguity of what you meant by time and effort earning money. Or, in your thread with "teddyh", your ambiguity about what you would like done to government.

In other cases, you ask questions that have obvious follow-ups or obvious follow-ups. They don't function as rhetorical questions, because the obvious follow-up works against the point you are making. Instead, they come across with the impression that you are deliberately wasting somebody's time by requiring somebody else to give the bare background information on a topic. For example, when you ask "If there are indeed 'low-effort, high-income' jobs, why isn't everybody doing them?". To me, the obvious follow-up is that there are structural imbalances that allow access to those jobs only to subsets of the population. We can talk about what those structural imbalances are and how they manifest, but needing to first establish that different people have different opportunities available to them is one step removed. That is what makes people feel that you are arguing in bad faith, because it makes the argument be on something that had been taken as given when entering the conversation.

Another part is that it is just so damn hard to tell the difference between earnest people and trolls. I know people personally who have your views. Heck, I had pretty close to your views for a while after reading Terry Goodkind's "Faith of the Fallen". But this is also the internet, where I don't know people other than by the few words in an individual comment, or a single comment thread. And depending on how far off somebody's views are from the Overton window of any particular forum, they can easily be the troll positions taken in order to rile up a crowd for their own amusement. Some people become desensitized to these attempts, and then assume that anybody with those views is automatically a troll. (See also, Brandolini's Law.)

I do honestly hope that you are sincere, and that this helps you to better express and examine your views in the future. It's hard to have conversation in a text-only medium, both because it is asynchronous communication, and because it doesn't have the side channel information of tone or facial expressions. Hopefully in the future, we can have more productive conversations and both come away the better for them.


You're welcome. I chose to earmark my dissent precisely for the same reason you ch engaged. I'm pretty done with the "silent majority" argument, but otoh I cannot drown myself in every quicksand :)

have a good one...


I didn't know that meme; it's actually funny. What's wrong with asking people to put their money where their mouth is? I thought engineers are not like these managers/salesmen/'talkers' that say one thing on the TED stage, then go do something completely different IRL and find that A-OK.

Don't argue with me then - but you should at least explain how anything I've said was in bad faith if you accuse me of that.


Nobody in this discussion has said they're against inherited wealth. Just that its existence is one reason to favour "one person, one vote" over "one dollar, one vote"


Wow.. so how many hours Jeff Bezos’s day contains? I’m fairly sure a low level worker at amazon spends much more time on work than any of the billionaires.


A low-level worker made that career choice themselves. They were well aware they wouldn't become rich by working in a warehouse, no matter how many hours they worked. They still have their life in their own hands: They can look for another job.

Jeff Bezos sure worked like crazy to get Amazon to where it is now, so he has every right to take it easy now that he's 'made it'.


Thank you, I prefer not being brainwashed into actually believing that billionaires’ success has anything to do with hard work over plain old dumb luck and not being absolutely trash at what they do (and a “small” few million dollar from daddy here and there).


There's an unstated premise here that the market doesn't force some people's choices on other people. I doubt that that's true - especially when competition is limited. There are limited alternatives currently, and this discussion contains plausible scenarios by which huge companies could use their power to limit even further those alternatives, and the choice available to us.


Can you name a few consumer-level boycotts in, say, the last 50 years, which actually accomplished their goals?


They didn't suggest a boycott. Each individual consumer decision makes a difference in aggregate. Every failed business in history is a result of consumer decisions away from what they have to offer, so I don't particularly understand that rationale.


People are “easy” to manipulate, especially when your control reaches basically every aspect of their life. Hiding/downplaying few articles here, shoving another into my face there with an opaque algorithm will achieve basically anything over a long time.

Also, you underestimate the effect of laziness. A company really has to do some atrocious thing to result in people leaving its services. Like, what would make the average person change from Gmail? He/she may not even know that 1) it is part of google which should be avoided now 2) what are alternative email providers 3) the whole change requires quite the technical know how.

It is simply naive to expect that “the market will solve it” to work in the general case. Competition only works when there are strict rules. Otherwise, the strongest/least fair player wins, and that’s why monopolies have to be broken up.


I'm going to rephrase my original comment, which got flagged: There's inherent hypocrisy in having the biggest monopoly of them all regulate smaller monopolies. Because they're 'monopolies'. Right.


As if “hypocricy” was the worst possible offense. If you remove government, who will then stop other monopolies from forming in their place? Government is what all governed people, in aggregate, decide should be common principles. If they are not to your liking, then you can either leave or advocate for (often slow and gradual) change. It is often said that people get the governent they deserve; i.e. the problem (if there is one) is with people, not government. I would argue that you can’t really abolish government, any more that you can have a structureless organization:

https://www.jofreeman.com/joreen/tyranny.htm


Yes, but I wasn't advocating for the abolishment of anything; I was merely pointing out that there's a double standard. To rephrase your words, don't the people get the 'monopolies they deserve'? After all, neither the CEOs nor the employees of these entities are aliens from space.

You can't just leave a government the same way you can leave a job (and become unemployed) or a product (become a non-customer); you can only switch to another one. Why don't you try parking a vessel in the international waters and see how long it takes before it's sunk.


> Yes, but I wasn't advocating for the abolishment of anything;

You advocated for the government to be broken up like a monopolist would be. I can’t really interpret that any differently.

> I was merely pointing out that there's a double standard.

Yes, it’s a double standard. Now, why do you imply that this is bad? Don’t you have to have special rules for the top level? Like, the root directory is its own parent directory, but nobody complains about “inconsistency” in file systems.


I was merely following kaba0's reasoning. If you're going to advocate for the breaking up of monopolies, why pick only the low-hanging fruit?

Your comparison is not apt. The root directory is merely a container for its subdirectories. In that way it much more resembles geography (a country being subdivided into regions, for example) than a government.

It's bad, because it's a blind spot. Governments, despite being at the top-level, have consistently grown since their inception. I'd expect the top level to be the leanest, not the fattest.

Decentralization and secessionism are highly unpopular ideas that don't look like they'll ever get mainstream acceptance. If anything, it looks like exactly the opposite trend is taking place (take the EU, for example).

Every day you read about new legislation being proposed and introduced. How often do you read about outdated legislation being abolished? Never. It's like writing an app and constantly adding new features but keeping all the existing ones. We all know how well that works out.

Even though HN shouldn't be about politics, when political rhetoric does get posted here (and it's far more common than one would expect), it's extremely one-sided.


It sounds like you would like to advocate for revolution; I can understand that point of view. The problems of government are certainly great, and I would be the first one to agree with you about its many problems, excessive size and growth. But when you seem to advocate for its removal in entirety, that’s when I stop being able to happily cheer you on.


I’m fairly sure I have no say in google’s politics, but I do have a (limited) say in my country’s. Also, the two don’t even play in the same field. The government is more like the referee in a sport.


Oh, but you do have a say: You can work for Google! It's the same as moving to a different country and becoming a citizen to be eligible to vote.

Referees, in comparison to governments, can be fired for doing a poor job.


> You can work for Google

Yeah and I will simultaneously work for google to not fk up the open web, for facebook to not disrupt democracy, and nestle to not goddamn force breastfeeding mothers on their shitty product.

How do you imagine a world without governments? The first thing they will do is put cocaine in their special food so you get addicted, add cheaper and more unhealthy components, even toxic ones, etc. Companies after a quite small size becomes the stereotypical paper clip AI, but instead of paperclips, it optimizes profit over everything else. A well functioning government with separation of power and without much corruption is good - it protects us from the cancerous outgrowth of companies.


Unfortunately we live in a world were society does need to legislate morality. Slavery or child labour weren't ended by consumers voting with their wallet.


>Stop forcing your choices on people

This will never stop, and essentially defines the realm of "politics". Either you and people like-minded that share your views collectivize to protect your preferences from others forcing theirs upon you, or you lose.

This includes monopoly corporations that acquire power to restrict your ability to choose. And just wishing it weren't so, or asking people to stop achieves nothing. People won't, so your only choice is to protect your own turf however you can. "Libertarian" style abstaining from this fight ensures you lose, so is an impotent strategy.


If a browser bans ad-blockers and people start to fiddle with DNS, wouldn't it be easy for a browser to use it's own DNS system? If a browser turns hostile there is nothing you can do.


Yes. Golang actually encourages developers to use their own resolver in applications instead of the system one. Google itself uses its "Public DNS" cache addreses in software and hardware it distributes. Neither decision may have been made with the intent of thwarting DNS-based evasion of ad/tracking, however, the resulting consequences may well be the same.

"... there is nothing you can do."

I am typing this comment through a text-only browser. HTTP requests, with a bare minimum of HTTP headers, are being sent from a proxy I control, not the browser. Yet the comment looks no different than any other comment. It works. I have freedom to choose whatever software I want to make HTTP requests.

I try to avoid any software (not just browsers) that access the internet and bypasses the system DNS settings. The word "hostile" is a good choice of words I think to describe such programs.


>Yet the comment looks no different than any other comment. It works. I have freedom to choose whatever software I want to make HTTP requests. //

I mean, sure there is, some form of DRM is possible. It might be circumventable, but it would be a PITA.


Is any browser written in Golang?


Go's UI tooling is... not great. It's more aimed at server side and CLI usage. In those niches it is awesome though


> Go's UI tooling is... not great.

Hopefully https://gioui.org/ quickly fixes that.


IIUC that's what DNS-over-HTTPS is trying to do, methinks.


Exactly. Same for the nextdns.io service which I'm happily subscribing to.


> Funny, I see the possible future differently. I am inclined to predict that the option to use ad blockers may come to an end because browsers and other software financed with online ad-derived revenue have full control over what extensions users are allowed to run. They have full control over that system for extending the functionality of their software.

They are starting to do that. Therefore, better web browser must be written, with the user having full control, and not having things that the user cannot override (assume the user knows what they are doing; you must have enough ropes to hang yourself, and also a few more just in case).


It's ironic that the browser that presents the biggest red flag for removing user control of DNS is Firefox, with their push for DNS over HTTPS. It's true that you can turn it off (for now), but until Firefox baked DoH in, DNS was a sacrosanct user control switch mostly unimpeachable by corporate meddling.


So long as DoH servers are configurable, why is it a problem?


I use /etc/hosts daily to access computers with only an IP address and no DNS entry, or to override them for testing.

I don't want to have to self host a DoH server when it's so easy to edit a test file.

Furthermore, until every ISP has its own DoH server we are centralizing control of the basic internet infrastructure even more than now.



I don't know the internals of Firefox, but keeping DNS support alive seems like a fairly small patchset. I'd think that someone would provide a fork if Mozilla decided to drop support.


Firefox cannot remove that option to use system-provided DNS API instead of own implementation of HTTPS DNS. Doing that will prevent using it with intranets.


System DNS should always be used (unless the user configures it otherwise, e.g. by using a proxy for all connections). If you want DNS over HTTPS, this should be implemented as part of the system DNS, so that it can be used with any program that accesses the internet, rather than only the web browser.


DNS also leaks your domain lookups to anyone and everyone. If you make it opt in, then opting in becomes incriminating in some contexts. IDK, this sounds very much like a problem specific to people who don’t need to worry about the state controlling their internet access.


Dns blocking is limited, very annoying advertising such as in video ones needs scripting to get around


As long as there remain viable open-source browsers there will be forks allowing ad-blocking.

The only danger is Google switching Chrome to closed source and adding lots of complex extensions that get widely adopted faster than they can be reverse engineered, but this seems an unlikely scenario.

The other danger would be general purpose computers or smartphones no longer available, but that also seems unlikely.

The final and most plausible danger is different and it is advertisers switching to ads that cannot be reliably distinguished from the rest of the page (currently it seems they don't do it because that removes any direct access to analytics by the advertiser and thus requires them to trust websites and they don't trust them).


I guess the issue with proxying is that the ad provider has less control/data and can't be sure whether views are genuine.


Unless the ad provider proxy the site instead of the ads. That way they get more control/data.


It's only a matter of time before someone develops a wasm browser engine that renders to canvas and provides "trusted" delivery of ad assets over a websocket.


How could that be any more “trusted” than doing it without wasm and websocket?


As long as the user still has control over their machine (i.e. the browser) this approach doesn't work very well. You can't really run trusted code on an untrusted machine.


No, it does work well. When they deliver the website as obfuscated binary code, it's much harder for user to change its behavior. Notice parent quoted the word "trusted" so you disagree with something other than they meant.


That would be nice since you could just block canvas by default and only allow it for a few site that have legitimate use for it.


like AMP


That’s great if you’re right, because it means it is a fundamental limitation that can’t easily be worked around.


They will work around it by being your DNS provider and proxy for your site.


I think the future is machine learning based blocking.

Ads are obvious, they have to be for users to see them. You could probably use text classification and object recognition to filter ads effectively. And you could do it from the view layer where nothing on the page can tell they've been blocked.

This is also my tinfoily theory for why Chrome restricts the API's used by ad blockers. It's to prevent more effective blockers from being developed.


I don't think so. Machine learning is generally poorly suited to dealing with an intelligent adaptive adversary capable of an unpredictable universe of inputs.


Text classification might be very good at identifying ad text. There's a popular fake news dataset where models hit 85% accuracy https://link.springer.com/chapter/10.1007/978-3-030-68787-8_...

Ads are highly tuned for click through rates. Even if the model isn't 100% accurate, it would force advertisers to use less effective ad text to avoid filters.


> it would force advertisers to use less effective ad text to avoid filters.

That seems counterproductive to me. I mean, ads would still be annoying. And that’s why we block them.


I decline to accept ads because I don't want professional manipulators tricking me into acting against my best interests. I consider myself fairly good at resisting manipulation, but these are highly skilled experts backed by the full power of modern neuroscience, and they aim to catch me off guard. Adverts are hazardous to view, and you should not do so without utmost mental focus and discipline, which is impractical during general browsing.

The avoidance of annoyance is a just bonus.


"Tricked by professional manipulators". I like that phrasing over what I've tried to use: "mind control". Makes me sound like a conspiracy wacko.


> Ads are obvious, they have to be for users to see them.

I'm not so sure about that: https://static.seattletimes.com/wp-content/uploads/2020/10/g...

(See also: "native ads".)


>This is also my tinfoily theory for why Chrome restricts the API's used by ad blockers. It's to prevent more effective blockers from being developed.

In general, we've been engineering around bad user software install decisions for decades. Windows spyware, toolbars, spammy mobile apps, for example. The apis needed by an ad blocker are exactly the kinds of APIs that would be coveted by and used by nefarious ad products. In fact, the Firefox ecosystem took a big hit when Mozilla shut down a bunch of APIs that allowed for some pretty amazing ad blocking a few years ago. So why did they have to take those APIs out of the product?

Nefarious products that used those APIs. For example, on of the first things that happened with the original AdBlock was it was cloned and used to deliver and rewrite ads by a scumware company. All the warnings and pop-up scary messages in the world don't stop users from making bad decisions, and that at Google scale, may actually be a bigger problem. Ad Blockers may simply be collateral damage as the cost of dealing with app-drive ad fraud is petty staggering compared to the small number of ad blocker users.

That said, I'm on the side of giving users the power, even if they occasionally shoot themselves in the foot.


Theres another option. Better vetting for apps and extensions that use dangerous API's.

It's disingenuous to say "these API's are too dangerous to use" when the browser itself does all the things the API could. Why should people trust Chrome or Firefox more than their extensions?

Google/Apple got themselves in this situation by having their official stores. People assume it's on the store, it's safe. Now they take away API's because they don't actually police their stores, they just made them to have a captive market. Now they blame extension developers and take away API's because they don't want to admit they don't police their own stores enough.

Before the days of official stores most people were careful what they downloaded. And they would be again if it wasn't in these companies perverse interests to convince users that store apps are safer than non store apps. Because people would stop using the stores and take away the money train.

The right way to fix this would never happen. Decentralize the stores and let users make their own decisions. And take away all the api restrictions because once people realize the risk they'll be more careful. PC's are and have been an open market for decades, yet getting viruses is rare. I have no reason to believe it would be different for phones and extensions


Not everything has to be done with machine learning you know.


You should checkout NextDNS


Such a shame uMatrix was discontinued.

uBlock Origin comes close, and surpasses in some ways (I used both for that reason) but lacks separate control of cookies, images, scripts, etc. So you can't accept a particular third party's images without also accepting its scripts, cookies, etc.

I mention it mainly in the hope that we can popularise its maintained fork 'nuTensor'.

After trying uBlock (as in attempting to also cover what I used to use uMatrix for) for a few weeks I think it's insufficient and nuTensor is the better option for me, but it quickly won't be if ~nobody uses it and it falls by the wayside.

Alternatively uBO could support the few details it lacks from uM? It seems like the problem basically was difficulty/time constraints in supporting both.. but I don't know why they were ever separate? There's plenty of overlap. If uBO had uM's granularity in 'advanced mode', that'd be perfect.


I'm in the same boat. My main objection to uBO is the cryptic UI. I have no idea what the two columns to the right of a domain are as there's no column headings, or the two nested buttons in each column, one of which is grey (where I'd assume there'd be green to counter the red?), or the "+"/"++" that sometimes appear over said buttons... Or the green bars that creep in from the far left over the domain names, at staggering lengths.

The uMatrix UI on the other hand was incredibly intuitive, and more granular. Then again, maybe that comes down to me not understanding what the hell is going on with uBO's UI.


All your questions can be answered by reading over the documentation in the uBo github wiki.


With the uMatrix UI, the answers were immediately obvious without reading a wiki.


Well-designed software shouldn't require the average user to read documentation to understand basic features


Doesn't that UI only present itself if you declare yourself an advanced user?


Yes exactly. If you don't understand the controls, reading the linked FAQ is really worth it and doesn't take that long.


Having the exact same issues. If someone could clarify that would be awesome.


That panel is described in some detail here [1], though even after reading it the click behaviour is very unintuitive. It's explicitly an advanced-user thing, though, and only shown if you click "More" on the basic popup.

[1] https://github.com/gorhill/uBlock/wiki/Quick-guide:-popup-us...


That link doesn't seem to actually describe the advanced mode panel in any detail at all. The link that does is https://github.com/gorhill/uBlock/wiki/Dynamic-filtering:-qu...


> So you can't accept a particular third party's images without also accepting its scripts, cookies, etc.

It's a clunky interface with poor discoverability, but with the uBO logger open in a browser tab you can click on any request right beside the timestamp and define a new rule with the desired granularity. In the URL Rule tab, the unmarked left column sets the allow/noop/block behavior.

Edit: Found the wiki page: https://github.com/gorhill/uBlock/wiki/The-logger#creating-f...


But this is something I do on a good chunk of websites the first time I visit them. (Not all, because my base - allow first-party, allow all css, allow all images, block all cookies - is also often enough.)

It's just too painful to open a logger, find a request, craft something manually, etc. uMatrix is point and click and it's right there in the toolbar.


> but I don't know why they were ever separate?

I also wonder about this. I still run both side by side. (I haven't noticed any problems with uMatrix so far ...) All I really use uMatrix for is quick coarse grained 2D filtering of various content types. I don't understand why that couldn't be implemented as an optional "first pass" filtering layer in uBlock.

I realize uBlock can mostly already do what uMatrix does, honestly I just find the 2D UI to be incredibly convenient and intuitive.


I find ublock much more granular than umatrix. It can block all js and allow a particular one, block just a segment of inline scripts.

It can block separately a single script, image or any other request. I find it much better than umatrix which can't do many things that ublock does. If someone wantd to they can just install it and forget it also. Much more versatile.


I agree it's a shame, and I hope there is a legit replacement. However, it continues to work for me, so far, without issues.


I too use umatrix, but someone said ubo had an advanced setting that was like umatrix, so I was thinking about switching.

Is this true or not?

wait, here it is: https://news.ycombinator.com/edit?id=25920135


That comment:

> umatrix is built into ublock origin now, just enable advanced mode in ublock.

I have advanced mode enabled and don't see anything remotely resembling the uMatrix source vs type grid. There's a couple overly cryptic { allow block other } columns with rows corresponding to the source and that's it as far as I can tell. No { css image frame etc } columns in my UI.


On the uBO popup, if you click "More" on the bottom left a few times, you eventually get a uMatrix-ish grid on the left side of the popup. (Not 100% sure if that's what you're looking for.) I agree with other commenters though that I don't really understand the uBO grid and found the uMatrix grid much more immediately accessible.


Yeah that's the grid I was referring to. It isn't the same as the detailed 2D breakdown that uMatrix gives you. Instead it simply has a blanket { green grey red } for each source.

(Also I can never seem to remember precisely what each unlabeled colored box does. I never have that problem with uMatrix.)


The uMatrix 2d grid is a vastly superior UI than anything uBO offers for the same functionality. I keep using both because of that. uBO for blocking ads and hiding elements, especially on my phone, and uMatrix to selectively block JS and everything else.


Yes, that's what I tried switching to using (from uMatrix + 'simple mode' uBO for cosmetic stuff only before).

It's just not as granular - you lose the 'type of thing to allow/block' dimension from the uMatrix matrix.



> except you have to write them by hand

Well yeah, no, I don't want to do that. That's why I always ran both, (uBO in 'simple mode' cosmetic blocking only) and now nuTensor seems like a better option than diving into uBO alone. I gave it a go.


nuTensor would be a lot more accessible if it were a signed extension. Having to sideload it is a non-starter for most people.


>At browser launch, Firefox will wait for uBO to be up and ready before network requests are fired from already opened tab(s).

>This is not the case with Chromium-based browsers, i.e. tracker/advertisement payloads may find their way into already opened tabs before uBO is up and ready in Chromium-based browsers, while these are properly filtered in Firefox.

>Reliably blocking at browser launch is especially important for whoever uses default-deny mode for 3rd-party resources and/or JavaScript.

Oof. TIL. That makes blockers kinda crippled in chromes, if you expect them to actually block things.


Google has an obvious incentive to make life hard for ad blocking extension developers. Chrome and chromium exist because their business model is showing ads in it. That's the only reason it exists. Everything else it does is there only to convince users to use it and thus get exposed to ads and tracking. That includes performance work, UX work, etc. that Google puts a lot of time and money in. It makes Chrome really nice to use.

Mozilla and Firefox exists because it's developers wanted to create the best browser possible. That's why it had extensions before Chrome was even a thing and that's why ad blocking extensions exist almost as long as extensions have been a thing. Adblock emerged somewhere around 2002 which was very soon after the first OSS releases by Mozilla reached the 1.0 stage. Also Phoenix, Firefox' ancestor became a thing around that time. Tabs and extensions were some of the early things that made that popular. Ad blocking always was the #1 use case for extensions.

Ironically, that's why Chrome has extensions. The only reason it supports extensions is that not having that would have made it impossible to grab market share from Firefox (and Internet Explorer). Having support for both extensions and ad blocking were a hard requirement for Google despite its business model. But now that it is the dominant browser, that feature is no longer as important as it once was. So, Google has been slowly making it harder for extensions to interfere with their ads and tracking. They can't make it too hard or their market share will evaporate. But they don't have to be particularly good at it. And now that they have Android, they don't have to worry as much about losing market share. Android exists for the exact same reason. Chrome is losing relevance as a revenue stream as users consume more content on Android via "native" apps running in a virtual machine compiled against mandatory proprietary ad & tracking technology.


Reminds me of cable television: the TV shows exist to keep people watching the ads.


Either I'm understanding it wrong or you're way overestimating this issue. Unless you close and open your browser between every single website you visit, this impact is probably negligible. Most people don't even close their browser windows ever between computer restarts.


And when you do restart, every single open tab will/might be able to load everything, unblocked and unfiltered, in the period between Chrome starting, and starting the extension.


Absolutely correct but I guess many innocent souls here will still think of it as a minor inconvenience, so let me explain:

For some people it is not just about annoying ads; for those people paid or unpaid work (or something else, I'm not here to judge) takes them to sites where you'd rather not be surfing with js enabled.

Remember: Client-side JS is a way for whoever controls the server side to execute code on your machine. Disabling JS instantly removes whole classes of nasty exploits.


I have used Chrome for years with uBlock and I have not once since a single ad go through during launch. So realistically this "window" is most likely negligible, which make sense given how efficient and fast uBlock is. Maybe if you're running on a potato.

On the other hand, I don't want random extensions, which could be misbehaving or poorly coded, to be able to indefinitely delay the browser's launch, even if it comes at the cost of one ad making it through. Imagine having dozens of extensions and trying to figure out which one is slowing down your launch because there's a bug.


Try on youtube, it loads ads on chrome startup that ublock usually blocks.


I love Firefox and I use it on principle. I don’t think I have a worse web experience, although that wouldn’t stop me.

What does break websites is turning on anti-tracking measures. The number of times a site won’t work till I enable third party cookies shows the sad state of the web. Developers, do you only test in Chrome on Windows with default settings or something?


"Whatever gets my jira from the left side of the board to the right side of the board."


I've hated my experience with resistFingerprinting enabled. I can't get dark themes, my clock and times are always wrong, you're locked to en-US, no WebGL, etc.; basically any feature that could make the web nicer and have content tailored for be is now weaponized for fingerprinting. I've recently switched off fingerprint resistance and moved to a script blocker as the sites I do trust do offer a nicer experience I've been missing out on.


> I can't get dark themes

I really hate that firefox sets prefers-color-scheme: light with resistFingerprinting [0] even if the site is implemented in such a way that the color scheme selection provides no information to the server (no JS, no external resources loaded dependent on the color scheme). Even using no-preference would have been better - then the site could at least choose to make a dark theme the default.

> you're locked to en-US

Ugh, this will only lead to even more websites ignoring the Accept-Language header and just guessing based on location derived from the IP address.

[0] https://bugzilla.mozilla.org/show_bug.cgi?id=1540726


100% I hate getting targeted based on my IP -- especially using a VPN. I happen to speak and prefer "en-US", but I don't think it's good for the internet in general.


> The number of times a site won’t work till I enable third party cookies shows the sad state of the web. Developers, do you only test in Chrome on Windows with default settings or something?

Well, Chrome is removing 3rd-party cookies by next year, and they are disabled by default in Safari already (well, sort of, ITP is weird). So many problems which used to happen to very few users are now being quickly prioritized. There are lots of use cases for third party cookies (example: you have a centralized management platform for lots of websites which have unique mapped domains, and you want to be authenticated against all of them at once), so it’s not surprising that critical features can be broken. It’s very much backwards incompatible.

But I agree, overall removing 3rd party cookies is great. Though, it’s important that whatever advertisers think of next isn’t just as bad.


the tab containers are amazing


I would use Firefox + uBlock Origin over other browsers even if it was half as fast.


You'd loose all that performance gain to ads anyway. I'm truly shocked how horrible the experience is whenever I see someone browsing the web without it.


It's absolutely wild, I have Chrome Canary installed w/o any addons because of some bleeding edge WebBluetooth stuff I'm working on and occasionally I'll forget which browser I'm using and visit a site with it. The web without adblock is basically unusable, it's legitimately completely insane that people will put up with it.


I've said it before, but the entire ad business is a cancer. Every minute of the modern human experience is exploited for maximizing profits. I've read an interview recently with an journalist / documentary film maker (forgot his name) where he was talking about "bullshit jobs" and for most people, their actual function is to consume. That's why ads are penetrating every last part of our private lives, greatly accelerated by modern consumer electronics. Want me to disable adblock to look at your side? Fuck you, I'll never visit again. Youtube video with forced ads at the beginning? Instantly closing it, never to visit again. All my devices have some kind of adblock mechanism, my "smartphone" is rooted, my "smart TV" will never have any internet connection, my browser will always be the one working best with adblock technologies.

Sorry for the rant.


Don't be sorry friend. You are correct and I hear your frustration, and while we're at it most SaaS is just as vile as advertising. I fear that this is the inevitable conclusion of unfettered capitalism and perhaps individual refusal to participate is one of the few ways we can begin to turn the helm on a world that worships unfettered greed.


I think that was Jaron Lanier in The Social Dilemma.


People don't put up with ads. They are forced upon them. Many of them with no knowledge of how to block them.

To them, ads are part and parcel of "using the internet". Some of them hate ads. But not for technical reasons though.

Outside of complaining why they hate that annoying ad from company X, most people probably won't be motivated enough to actually do anything about it. For some, this is just how they expect the "internet" to work. An ad-free one would feel broken to them.

Ads are not a bother for most casual people.


They garbage it up more under the pretenses that too many people are blocking, denying them ad revenue. If they made it less obnoxious then less people would feel the need to block ads. The worst ones for me are the fake virus ads that basically hijack my browser. If you can't keep those out of your ad ecosystem then I'm forced to block it all.


I remember going to my parents before I set them up with ublock, I thought they had some kind of malware before I realized "Oh this is just what the internet looks like, now"


In what way is Firefox not fast? I typically run it right alongside Chrome (Firefox for personal stuff, Chrome for work) and don't notice much of a difference switching between them. If anything, Firefox is faster.


In benchmarks Chrome is usually slightly faster on average than Firefox. Really not something you would notice with normal use.


I see quite a big difference for sites that rely heavily on JS, especially on MacOS.


On Android as well. Quite useful!


I can say, that is not true for me :-/

Since a few weeks I use two 4k displays with my work laptop running Windows 10 and I with 4k it seems that Chrome is quite a bit faster than Firefox on Windows. With the FullHD resolution I used before I never noticed a huge performance difference. I don't know what causes it and on my private PC (different hardware) running Linux I never experienced performance differences of that dimension, but currently I have fallen back to using Chrome on the work laptop :-(


Preach.


> The Firefox version of uBO makes use of WebAssembly code for core filtering code paths. This is not the case with Chromium-based browsers because this would require an extra permission in the extension manifest which could cause friction when publishing the extension in the Chrome Web Store.

Anyone know what this extra permission is and why requesting this extra permission would cause friction?


UBlock already had a new version rejected a while ago. Big HN thread at the time.

Presumably they are just really careful to avoid giving Google any excuses.


My guess is that it’s much harder to review WASM bytecode to make sure it doesn’t do anything sketchy.


The approval process differs for extensions published to the Firefox and Chrome stores.

When submitting to the Firefox store you need to send them your un-minified, un-obfuscated source, along with step by step instructions on how to build. If you get big enough they do review the code in surprising depth. The hash of the compressed file pushed for release, also needs to match that of the compressed file the reviewer can build.

When submitting to the Chrome store this is not the case. You can push up minified, obfuscated code and that's what the reviewers have to work with.

I'm not familiar with why WASM needs extra permissions for Chrome extensions. It might be that the increased complexity of reviewing bytecode does indeed introduce more risk for the user. The permission request might just be the Chrome store pushing acceptance of that risk to the user?


> You can push up minified, obfuscated code and that's what the reviewers have to work with.

Minified maybe, but obfuscated is against the rules, for over 2 years now: https://www.zdnet.com/article/google-to-no-longer-allow-chro...

Chrome also does check the code manually, not sure if it's on the same level as Firefox though.


yup, you're absolutely right [1]

  Code Readability Requirements:

  Developers must not obfuscate code or conceal functionality of their extension. This also applies to any external code or resource fetched by the extension package. Minification is allowed, including the following forms:

  - Removal of whitespace, newlines, code comments, and block delimiters
  - Shortening of variable and function names
  - Collapsing files together
[1]:https://developer.chrome.com/docs/webstore/program_policies/


The whole point of WASM bytecode is that it doesn't need to be reviewed. The worse it can do is "stealing" your CPU time, but WASM was specifically designed to safely run third-party programs in the browser


Surely the ublock devs are not writing WASM directly? It would be possible to have the source code available for audit with some way of proving it generates the assembly that is being shipped.


Sorry anything is possible, but your comment is a bit hand wavy.

Reproducible builds are non trivial.

And then what - the reviewer is now supposed to build your software and verify some Hash?

Or were you thinking something else?


> Reproducible builds are non trivial.

That's true, but they aren't rocket science either. It's perfectly reasonable to require them for browser extensions.


>And then what - the reviewer is now supposed to build your software

I believe that is standard operating procedure for the chrome store.


Yeah that one sounds like a negative being described as a positive.


I wouldn't say that. Using WASM is legitimate and will certainly give a performance boost at the very least. I'm just curious about the nuances of having it included in Chrome.


Presumably one that allows the extension to run Wasm code


If extension requires new permission it wouldn't automatically update anymore until you allow it. It's enough friction for such an extension I guess, personally installed it for countless of people and most of them would just ignore updating it.


I can't live without uBlock Origin and uMatrix, and was sad to see uMatrix archived [0]. Still works great, but I'm wondering what will happen long term. Anyone also use both and since drop uMatrix for something else, or just uBlock? How is it?

[0] https://news.ycombinator.com/item?id=24532973


It's been really interesting to watch recent gorhill tweets where he describes some laboured efforts to type in rules to block content in ublock that you can do in umatrix with the click of a button.

I don't understand it, but I agree that unlock+umatrix on desktop and mobile has been the best thing about browsing for years.

I think maybe he wants to consolidate Dev effort and I completely understand. He's probably the only person I'm patriotic about right now.


uMatrix is so fundamental to my web experience, I dread the day it stops working.


As I remember it, you really shouldn't be using both at the same time. Don't remember why, only that it's a bad idea. And you can set up uBlock to do most of what uMatrix does anyway.


It's because there was some overlap in their functionality.

What I did was disable the overlapping functionality in uBlock Origin, and let uMatrix handle the rest.


FWIW, I use uBO together with NoScript, on both desktop and on mobile (Android). I've never used uMatrix, and I've been told by others that it was a superior experience, but if you want a combination that is still being supported, I can recommend this combo.


I really, really wish Apple would update Safari for uBlock Origin. I’m about to publish a Safari extension (a NoScript equivalent) and the content blocking APIs are so limited. iOS is even worse than the Mac, too. On iOS AFAIK you can’t even reload the page for the user.


That will never happen. Apple moved several years ago to the “content blocking rules” mode on iOS, where all that any blocker can provide is a set of rules to match URLs with (to put it in simpler terms). Safari would lookup every request against the rules and block requests without the extension getting any information about which URLs were visited, which rules matched, and which ones were blocked. More recently, it moved to the same model in desktop Safari too (there’s a detailed post on the uBlock Origin issues/forum about why there will never be a uBlock Origin for Safari even though the browser has started supporting WebExtensions).

The way uBlock Origin and similar extensions on desktop browsers like Firefox work is by intercepting all requests, which means it can exfiltrate your browsing behavior and/or sell that. I’m confident that uBlock Origin doesn’t exfiltrate data, but the same cannot be said of other extensions in this space.

Apple, with its already restrictive content blocking model, will not allow a way for extensions to look at requests or manipulate requests. Chrome’s Manifest V3, whenever it’s adopted on the release version of Google Chrome, will also kill uBlock Origin (it allows requests to be seen, but not intercepted/modified).


Keep in mind that on iOS you have no browser options AT ALL. You get Safari or skinned Safari.

Per the Apple app store rules, no one may publish a browser or javascript engine and any app that browses the web MUST use safari's webkit.

This is by design so that web feels very bad on iOS compared to native apps, so you'll keep using native apps and Apple will get their 30% of whatever you buy in app.


> This is by design so that web feels very bad on iOS

The reason is because the WebKit engine on iOS is heavily optimized for battery life and can make use of private APIs that further that goal.

Safari and Chrome are essentially the same engine under the hood, the web wouldn't "feel" better if you had one over the other.


> The reason is because the WebKit engine on iOS is heavily optimized for battery life

I'd add security too here. Also, if they allow native Chrome on iOS, Google domination in web standards would be complete and irreversible.


Why are these APIs private, then?


Webkit and blink have diverged significantly


I agree.

Recently Safari on iOS has changed how the back button works so pressing back now takes me to the top of the previous page rather than the location I was at before I linked away.

More recently Firefox on iOS also behaves this way.


The irony is that this is the model the new Chrome API was going towards, and Apple has been using it forever, but when Google goes to do it, everyone has tinfoil theories about how Google is specifically doing it to kill ad-block extensions, but when Apple does it, very few people complained.

Realistically, it's probably more security and battery efficient. I doubt they'll undo it.


To be fair the ad-blockers available for Safari are severely limited compared to what can be done in Chrome. Things like YouTube ads for example aren't blocked reliably in Safari in my experience.


That was my point exactly, and no one ever claims Safari's model is done for bad reasons, but if Google were to do something similar to Safari, they would get a ton of hate.


The other side of the coin of content filtering is the possibility of snooping and data exfiltration.


> The other side of the coin of content filtering is the possibility of snooping and data exfiltration.

I am relatively naive in this realm, but this is why I chose Firefox Focus as my iOS Safari context blocker.

Firefox Focus also seems like a great browser to have set as the default in apps like Apollo.


On iOS, the content blocking model has never exposed one’s browsing history to the blocking extensions. Whether it’s Firefox Focus or some other content blocker enabled in Safari settings (you can enable more than one), the extensions can only provide a set of URL patterns that the underlying Safari browser engine (used by Firefox Focus and every other browser on iOS) will match with requests and block. No information —about which URLs were visited or matched with the blocking rules or which ones were blocked — is ever known to the content blocker app/extension.


You should give Insight Browser on iOS a chance. It’s literally safari + ad-block and some other goodies bundled up under a nice to use interface.


Literally all browsers in iOS are safari + some other goodies. But thanks for the suggestion, it seems to have some useful extensions!


> you can’t even reload the page for the user

Can you explain why you'd want to do this? At first blush it seems like a terrible idea to allow extensions to reload pages.


On the ublock origin UI you can click a little icon in the toolbar pull up the settings for that page. There is a little icon you that shows you whether it is enabled or disabled both in the toolbar and in this settings page. Clicking it in the settings page toggles the state for that page which is retained next time you visit.

When you change the state a little refresh icon appears right behind the status icon indicating that the state of the page as shown doesn't match your setting. Clicking it reloads the page.

You could reload it automatically at state change but this might break whatever the user is in the middle of doing.

You don't have to have this feature but it is handy that the reminder that the page is out of sync is a button to fix this and that it is half an inch from your current mouse position.


I created an extension that flushes all cookies and local storage for the current domain; it then reloads the page so you appear to be a fresh new visitor.


Name?


It's called "Howdy Stranger", it's listed in both Firefox and Chrome official add-on stores.


You just got yourself an install. The VMware partner portal is so buggy i need to do temporary containers all the time, but this is nice. Thanks mate!


I've been a daily user and advocate of Firefox since Opera changed to using Chromium. But recently I've grown tired of their privacy hypocrisy and company decisions that I've uninstalled it and started to try out Edge/Brave/Vivaldi as my daily. It has pained me to do this as FF was my last safe haven away from Chromium.

If you dig into some settings and follow tech news, I have begun to question some of Mozilla's controversial settings, deals with 3rd parties and their political blog posts. I also have a problem with the CEO making $3m per year yet a continued market share decline since she came on.

Just a few of the things off the top of my head that I feel betray my trust of Firefox (all of these pertain to default Windows install):

1) Enabled by default all of your website DNS requests going to Cloudflare with a "promise" this information is not being used or sold. We all know how solid this promise has been for other large tech companies. All under the promotion that DoH protects you from your own ISP.

2) Upon install, FF installs a scheduled service that runs daily. From what I've found out, that service is sending back to Mozilla what your default browser is on YOUR PC (why is that their business). This scheduled service remains on your PC even after uninstalling Firefox and continues to run daily.

3) Enabled by default are Browser Studies and testing a clean install one is already installed and active called "F100 Snippets". Studies allow the Firefox team to install stuff right to your browser whenever they want, to gather telemetry .

4) "Recommended extensions" enabled by default. Got a nag for a recommended extension after few days of browsing. So FF must be scanning your browsing history in order for this to work?

5) this result: https://brave.com/brave-tops-browser-first-run-network-traff... . While it was from 2019 so needs to be updated, but upon first-run I was shocked at the results for FF here.

6) Firefox on Android has a known tracker embedded and enabled by default called Leanplum. From Mozilla's own website they state "Leanplum is a mobile marketing vendor"

I'd love to support and use FF solely again, but I think they need some serious shaking up, starting with a new CEO (who allows this stuff).


I don't have the background behind all of those and I'm sure not everything is rainbows and butterflies (especially Firefox for Android has some iffy stuff, I think), but for a couple of your points...

> 1) Enabled by default all of your website DNS requests going to Cloudflare with a "promise" this information is not being used or sold. We all know how solid this promise has been for other large tech companies. All under the promotion that DoH protects you from your own ISP.

AIUI, this is only in the US, where for practically everybody the alternative is indeed that they're going through your ISP, with a promise that the information is being used and sold. Kind of a rock and a hard place situation.

> 4) "Recommended extensions" enabled by default. Got a nag for a recommended extension after few days of browsing. So FF must be scanning your browsing history in order for this to work?

To clarify, it's not the extensions themselves that are enabled, but the recommendations, right? If so, yes, Firefox is analysing your usage, but that is your local Firefox install, i.e. the thing that already has and uses your full browser history. AFAIK the rules for when to recommend what are the same for everyone and run just on your computer.


> 5) this result: https://brave.com/brave-tops-browser-first-run-network-traff... . While it was from 2019 so needs to be updated, but upon first-run I was shocked at the results for FF here.

The article states: "Firefox remains one of the chattiest browsers during a first run. At 117 requests, it lead the pack with individual requests. It should be noted, however, that this isn’t the browser itself making all of these calls, but another page that is present during startup."

So it seems that the initial page is the thing making most of the network calls, and not the browser itself. Wouldn't this mean that we can simply disable the wi-fi/internet temporarily to load the browser initially, closing unnecessary tabs, and customizing it as we needed?

In general, this seems like a good practice for opening up apps in general, even though it's a minor inconvenience and we theoretically shouldn't have to do this. Anyway, I don't mind the telemetry if it will help and not be used against us.


Yeah that's all true maybe but the other vendors are far worse AFAIK.


> Upon install, FF installs a scheduled service that runs daily. From what I've found out, that service is sending back to Mozilla what your default browser is on YOUR PC (why is that their business). This scheduled service remains on your PC even after uninstalling Firefox and continues to run daily.

This is shocking to me. More information, if anyone is not aware yet: https://firefox-source-docs.mozilla.org/toolkit/mozapps/defa....

> The Default Browser Agent is a Windows-only scheduled task which runs in the background to collect and submit data about the browser that the user has set as their OS default (that is, the browser that will be invoked by the operating system to open web links that the user clicks on in other programs).


Isn't default browser usage potentially useful statistical information? What's the worst that will likely happen if people have that data?


It being useful does not mean that Mozilla has any right to collect that information without informed consent. Leaving behind a telemetry service when uninstalling the software it came with is certainly scummy.


I have no issues with Brave after disabling all of their crypto stuff and widgets. It's safer, smoother, and much better at ad-blocking than bare Firefox. I don't care about CNAME-uncloaking by uBlock Origin, because that's already being taken care of by NextDNS at OS level.


I started using Brave in addition to Firefox recently and I was curious if it supports this. Seems like it does (https://brave.com/privacy-updates-6/) and uBlock origin was the inspiration for that feature.

I never used uBlock, but I did use uMatrix (discontinued, but still working) which allows you very fine grained control over scripts and other resources based on the domain. Unfortunately it was a pain to get some things to work with that, especially online payments which use many subdomains and redirects. Paying for anything online was a game of enabling 10 domains on average, reloading the website, re-inputting payment info, etc. Some websites (like twitter) simply didn't work even if one enabled all the domains which appeared in the matrix.

Brave is pretty decent at blocking JS. Not as fine grained as uMatrix, and it apparently doesn't remember that you enabled things (at least in private browsing). I think it doesn't perform what uBlock calls HTML filtering, because it still makes requests to websites which were completely neutered by uMatrix. All in all it's more pleasant to surf using Brave than Firefox, because fewer websites are broken by the blocking.

I wasn't pleased with Safari's native tracking protection + a simple Safari blocking extension which only looks at URLs. Websites work the best, but it's making requests to many unwanted domains still. Maybe it's blocking cookies and scripts, no idea, but I'm not happy even with the simple requests for resources going through.


Brave is Chromium-based and suffers from all of the limitations stated in the parent article.

(Except for CNAME cloaking. However, their CNAME uncloaking only applies to their built-in tracking protection. AFAIK, if you use uBo on Brave it will be still unable to uncloak CNAMES.)


> Brave is Chromium-based and suffers from all of the limitations stated in the parent article.

Only for extensions. Brave Shields is implemented in natively compiled Rust and C++ (which is even more efficient than WebAssembly), is able to load rules before making any network requests, uses a compressed filter list data representation, and prefetching is disabled entirely in Brave. The only thing currently missing from that list is HTML filtering, which is fairly rare in practice and generally has fallback rules in popular lists anyways.


And it's still only half as effective as uBO on Firefox. The amount of pop-ups that manage to get through is absurd and it's one of the main reasons why Firefox remains my daily driver.


While uBlock inside Brave suffers from the same limitations as uBlock within Chrome, the more interesting question is if Brave's native blocking makes that irrelevant or not.

Brave does have a few intriguing privacy features, like plugging WebRTC IP leaks while still allowing use of WebRTC (Firefox is off or on while Safari's always on AFAIK), so that's not excluded.

The main problem with Brave is that they're building on a browser which is designed to leak privacy like a sieve. It seems that they're being careful and monitoring all the anti-features Google's adding, but who knows.


It doesn't make it irrelevant. For example, sponsored Tweets on the Twitter web app aren't blocked in Brave (at least the last time I checked).


Brave even openly admits this in that blog post announcing their support for native CNAME uncloaking-

> In version 1.25.0, uBlock Origin gained the ability to detect and block CNAME-cloaked requests using Mozilla’s terrific browser.dns API. However, this solution only works in Firefox, as Chromium does not provide the browser.dns API. To some extent, these requests can be blocked using custom DNS servers. However, no browsers have shipped with CNAME-based adblocking protection capabilities available and on by default.


Slightly off-topic, but it was Firefox's Total Cookie Protection recently that finally got to me to switch from Chrome as my daily driver.

Don't get me wrong, I miss Chrome as it just felt like a_smoother_ user experience, and I fear for Firefox replaying Opera's history given that the rest of the industry has standardized on Chromium... but I love how pro-privacy Firefox is.


I always have the opposite idea, Chrome is a total mess for me when it comes to UX. Probably just what you are used to first.


I disagree. I’ve been using Firefox as my primary browser for at least 3 years now and still, whenever I have to fire up Chrome for some reason, my first impression is “ahh, this is sadly still so much smoother.”


i disagree. imo peak browser-ux was around 2005 with the original opera. pre-quantum firefox was ok-ish but already part of the decline.


I made this prediction a little over a year ago: https://news.ycombinator.com/item?id=21506330

> after one year of Manifest V3 actually shipping to users in mainline Chrome:

> - Assuming that Manifest V3's declarative API is not significantly changed from its current implementation.

> - If you visit each of the top 10 publishers in the US (including open publishing platforms like Twitter/Facebook/Youtube) [...]

> - Firefox will block more web trackers (65% likelyhood).

> - Firefox will block more visible ads and popups (55% likelyhood).

It's debatable whether or not the December rollout of Manifest V3 "counts" because Manifest V2 is still going to be available for about a year, but it's also increasingly looking like it won't matter -- the prediction might end up being proven right regardless of whether or not Manifest V2 is removed.

I would probably raise these likelihoods if I were to revisit the prediction today. I think it's reasonably unlikely that CNAME masking is going to go down in popularity, and I think it's reasonably unlikely that Chrome is going to put in the effort to catch back up. The one thing that gives me pause is that the original prediction specified looking at the top 10 publishers, and I'm not sure if any of them are using CNAME masking yet.


I truly hope gorhill is able to continue offering his services to the wider Internet community for a long time still to come.

Our children have grown up on a, largely, ad-free Internet; and it's all thanks to people like him.


Honestly, I can't really browse on my phone anymore. I'm... spoiled by FF + uBlock and I can't tolerate all the distractions.

Will we ever get enough traction on either blocking mechanisms or stop shoving ads everywhere? Will the general public experience the pleasures of an ad-less internet?

P.S. I'm on an iPhone, blockers failed me so far. Thanks for the suggestions fellas.


I can’t look up a recipe for boiled eggs without coming upon a 15 paragraph essay with ads in between each paragraph. It’s so obnoxious now. I don’t mind that people want to monetize, but it’s getting off putting when it is so obnoxious.


On recipe blogs, you are probably not looking at the actual author monetizing. Rather, someone decided to create a copycat website, hire a minimum-wage content writer off a freelancing platform to rewrite the original text so that no copyright violation is apparent, and then they put the copycat website up with a boatload of advertising and SEO. The 15 paragraphs are an SEO trick, as Google gives higher weight to longform text.

This ecosystem is now so advanced that new copycat recipe sites are based on existing copycat sites. You can easily tell if a recipe website is a copycat by comparing the supposed author bio to the quality of the English. If the author bio claims these are recipes by a born and bred Louisiana native who wants to share Southern cooking with the world, but the actual text is full of grammatical mistakes typical of Eastern Europeans or South/Southeast Asians, it is clearly a rewritten copycat site.


Yeah, exactly. Although in addition to the text acting as SEO, the initial reasoning behind all the "recipes-as-blogs" approaches is that recipes are not in general copyrightable, as they aren't generally considered creative works. (Whether the food itself is a creative work is not the question, it's whether the text qualifies as such.) So cookbook/recipe blog writers add enough text to the recipe to make the content subject to copyright protections.

Then, as you note, when people do inevitably copy the recipe, they churn out new replacement text.

You'll notice, for instance, that a recipe 'database' site like allrecipes doesn't have these massive text blocks associated with user-posted recipes, because there's no need or desire to have those be copyrighted.


Great point.

There are fundamentally 2 types of content, although the line is getting blurred : The hobbyist blog, and the publishers magazine.

The first exists for joy, the second only exists to deliver adverts.

THe blurring occurs because some of the blogs became such hot property the founders sold up.


FF with uBlock is available on android.

Alternatively check out "Paprika" which bills itself as a recipe manager but actually will scrape webpages and extract out recipes for you.


And darkreader addon. Addons for firefox mobile is very handy.


I, too, am tired of reading fanfic murder mysteries to get basic recipe information.


I made https://thisfoodblogdoesnotexist.com as satire. It uses GPT2 to generate blog content like those 15 paragraph essays.


Needs more paragraphs. None of them talk about how their kids are doing in school.


2 years from now someone else's AI is generating content based on your content, a year later someone is ripping them off, a year later another script is filtering out the most useful stuff from the second guys stuff and its actually good content.


Some of the recipes seem actually plausible, e.g. https://thisfoodblogdoesnotexist.com/30-Minute-Rice-Pudding-...


The recipes are real and not generated. Feel free to make it!


five cups milk would make rice soup.


You should add your site to the list: https://news.ycombinator.com/item?id=25176101.


The same, I find news articles particularly bad examples. I get advertisments, but news articles with excessive clickbaiity adds (adds not internal links to other articles) really do just make me close the tab down.

If there was some better mobile integration of the extensions or built into the browser itself to be perhaps less intrusive adds allowed it would be appreciated.

From that, are browsers legally allowed to implement an adblock/ublock directly into their browser ? Seems like something that would be considered against fair use or something along those lines.


>The same, I find news articles particularly bad examples. I get advertisments, but news articles with excessive clickbaiity adds (adds not internal links to other articles) really do just make me close the tab down.

Yeah, they follow every dark pattern in the book, especially on mobile. 90% of the time, I'll see a video at the top that autoplays, and then if I scroll down, it will make the video hover over the 75% of the article I'm trying to read. Who is this supposed to benefit?


Comcast and other ISPs who have crazy small data-caps and then bill the consumer 5 times over for used bandwidth and "overages" that might have MAYBE made sense 20 years ago.


that's not to mention the first page of results from your query will be from amzon, ebay, & eggsdirect.com trying to sell you the eggs in the first place.


The. Worst.

I don’t care at all about any of this. Give me the time they boil for ffs.

I don’t know if it’s sites paying by the word, or SEO, or some “value added” psychological trick. It is getting worse.


I bet they've noticed 'more time spent on the page' since they added interesting stories to those recipes! "When I was little, Grandma did this and that and blah blah blah".

Of course, the time spent is cursing, and skimming and hunting to find useful info. No one is finding the story interesting, but it looks good on metrics?

I wonder if the above is accurate or not.


I think the idea is that Google allegedly prioritizes pages by user dwell time, the idea being that if someone spends 10 minutes on your page, it's more relevant than another page where the user only spends 5 seconds before closing the tab.

So forcing you to scroll through an essay on the complete history of nutmeg before you can see any of the ingredients in a chocolate chip cookie recipe may improve SEO


but every recipe site I've recently encountered, had a "jump to recipe" link right at the top


I use https://recipe-search.typesense.org/ for finding recipes, it has scraped over 2M of them. No distractions.


I have resorted to buying books after being burnt by just bad receips floating around on the Internet.


Wow, it's exactly the opposite for me - bought a few cookbooks at ~19-20 years old and used them for a few years. Now it's been a decade since I last touched any of my cookbooks because the recipes are really limited and just not that great compared to what you find on the internet.

I guess I avoid the junk because I have good instinct, I can usually tell if something is going to be bad based on the ingredients. Also if I'm looking to make something "basic" I'll specifically look for Alton Brown's recipe for it or sometimes Chef John's recipe. I also sometimes just use recipes for "inspiration" too - just to get a basic idea of what the ingredients are.


Well, I use FF+uBlock on my phone :) It works super well.


They said they're on iOS, where you can only use WebKit, and therefore extensions like uBO are not possible.


Ah, that was edited in after I wrote my comment, sadly.


I host my own VPN on a raspberry pi at home so I can use my pi.hole even when I'm off my home wifi network. Unfortunately that seems to be the most comprehensive solution I can find for iOS, and sadly Android phones are pretty much all too large for me.


Firefox Mobile + uBlock works great for me.


It works pretty well but Edge/Chrome feel better than FF on mobile. Scrolling performance is probably the biggest difference. I've had issues with using FF as the default webview too.


From my perspective, scrolling performance is a minor annoyance, whereas the inability to block ads is basically a complete showstopper.


Fells better even with all the ads and other annoyances uBO blocks? I've never noticed a scrolling performance issue myself, let alone one worth tolerating that stuff over.


You can always use Brave. Not quite as good as uBO, but it still blocks most ads while being Chromium-based.


Anymore? I don't think browsing on a phone was ever viable. The problems changed over time, but I never found myself using the browser for anything other than absolute necessity. It's sad really.

Back in the day Opera with Turbo (or whatever it was called) was the peak of mobile browser usability for me.


Firefox does support no script on mobile! It's great


FF+uBO works great on Android.


On iOS, Safari with a couple content blockers (like Purify and/or 1Blocker) do a pretty decent job. Once in a blue moon something will get through, but the goal of dramatically improving load times and decrudding pages is accomplished well enough for me.

On Android, Firefox supports a subset of extensions that includes uBlock Origin. Chrome seems to be the dominant browser on Android but regardless of how good it is, I can't imagine not using Firefox there.


Firefox is my default browser on Android, and I use Chrome when I need to. It works fine.

I personally tend to use Chrome for "logged-in" internet use, and Firefox for "logged-out" use like browsing, news, etc. True on both desktop and mobile. Partly this is because Google's password vault has great UX across Chrome and Android apps.


You can push to force Apple to allow other browser engines. Firefox on Android supports extensions including uBlock Origin. Firefox on iOS is only allowed to be skinned Safari

https://support.mozilla.org/en-US/kb/add-ons-firefox-ios


>spoiled by FF+uBlock and I can't tolerate all the distractions.

I run FF+uBlock on my S21 Ultra. Works just like the desktop.


Not possible with an iPhone, I presume.


FF Mobile has uBlock


Firefox on iOS does not support extensions, fwiw


As I understand it, it's Apples fault for requiring all browsers delivered by it's App Store to be basically wrappers around Safari.


How has Apple not been strung up on antitrust grounds over this?


Because IOS is a small fraction of the smartphone and PC market.


It doesn’t preclude antitrust investigations.


I don't think it is in violation of existing law but I'm totally for addition protections like the ability of users to install software of their choosing on their own hardware including additional app stores.


That's because it's not real firefox. Apple doesn't allow real firefox / chrome / etc and all apps that browse web must use safari's webkit.

Keep that in mind next time you go to buy a phone!


You can use Firefox Focus as the ad blocker for Safari on iOS


> Will the general public experience the pleasures of an ad-less internet?

Remember how cable was supposed to replace ads on over the air tv? It was about minutes before it was all ads too. Streaming services are starting to get there but then the shows themselves are ads. And you have a scenario where Netflix and YouTube couldn’t exist in scenarios that didn’t rely on our bandwidth models and massive anti-competitive models.

... so IDKMAN... I don’t know how we get to an internet where people making things aren’t expecting to get paid for their submissions, especially now that we’ve jumped in there with both feet.

I personally would pay for a no-bullshit internet, but it’s just cable tv’s promise all over again isn’t it? As great as something would start out, soon would come the influencers and the narrative pushers and the censorship and the “forum sliding” and the downvotes / echochambers / bubbles / power tripping moderation...

I’m wondering if the solution isn’t just to give it all up and use the tools only when you need them. A cabin in the woods, but a spotty dialup connection for when you need to find something.


> would pay for a no-bullshit internet

The money is in selling you ads, on a revolving basis. Not in you ponying up a subscription fee to not see those ads.

If it's not the ads, it's the usual FBI or whatever government surveillance program tracking you.

You are right on the solution however. Some ads and tracking are so pervasive (e.g smart TVs) that the only truly effective way to mitigate against them is to cut down on or eliminate your exposure to these devices.


I use AdGuard pro on an iPhone and generally don’t see any ads at all in Safari. I believe this app will block ads in any iOS browser.


I'd like to switch to iPhone, but the lack of real Firefox + uBO is what keeps me from doing it. It's good to know there are some options there, thanks for the pointer.


If ad blocking is all you’re looking for, I can’t remember the last time I saw an ad in Safari iOS with Firefox focus content blocker, or Wipr content blocker.

I don’t notice any difference between Firefox or Chrome + ublock origin and Safari + Wipr/Firefox Focus.


I was much like you but I can say that AdGuard for Safari on iOS is pretty decent. Sure it isn't as flexible as Firefox+uBO on Android but it does a fine job at blocking ads and doesn't require any tweaking.

The biggest benefit is that as every web view on iOS is Safari it means you get content blocking in all apps that use a web view (providing they don't disable it which I'm sure some do but I don't know of any that actually do it). E.g. in the third-party reddit app Apollo any website you load within the app also has all ads blocked.


+1

I paid for full version of AdGuard Pro late last year after my 6 month Android/Oneplus phase ended and I went back to iOS. It has worked REAL well and allows me to just use native Safari. I'm happy with this setup. I used to use free Firefox Focus as the content blocker before, but it would go long time between updates.

The only annoyance with Adguard Pro on iOS (and probably the same for all app based content blockers on iOS) is it is clunky to whitelist a site as they aren't integrated with the browser. You have to open the app itself, dig into the whitelist area and then manually type in/paste the domain name to add it. Brave and FF Focus you can do it right from within the browser, same as it was with FF/ubo on Android.

Also, AdGuard on iOS doesn't acknowledge specific pages only within a domain. For example; mlb.com is loaded with ads, their highlight videos show a 15 sec ad for literally every highlight. I have AdGuard enabled and the experience is so much better. BUT the "Standings" page doesn't load with AdGuard enabled and I can't just disable it only for that page.

Regardless, the small price to pay for AdGuard on iOS is well worth it.


AFAIK, ads can only be blocked in Safari on iOS. I have Adguard on my iPhone, but it only works in Safari – not Firefox, which is the browser I use. So that's very annoying.


Firefox has an additional app called Firefox Focus which installs a content blocker for both Safari and Firefox.

Also for Safari, Magic Lasso AdBlocker does a very good job.


Edge browser on iOS has an option to make use of content blockers in the same way that Safari does. Last I checked Chrome doesn’t.

I’m surprised to hear that Firefox doesn’t have the option to do so.

I don’t know if it’s just muscle memory, but Safari on iOS is still my browser of choice due to the way you open and close tabs in it.


There are DNS blockers for iOS, which block most ads, including in-app ads. Just need to find the right list.


If Mozilla can continue honing their mobile browsing team and keep alive a mobile web browser with pre-Manifest v3 WebExtension support, then maybe the status quo doesn't have to change. Advertisers can push whatever they want and the 0.1% of users that want to use uBlock can happily block them all. As far as the current landscape of adblocking goes, I have no real complaints.

If people try to encourage too much radical change with how ads are distributed, I fear that the advertising agencies will panic and all start to do what YouTube does, which is to serve the ads from the same domain as the content, rendering all domain-based adblocking useless. At that point, the only thing between the general Internet and ads will be uBlock, and if Google obtains complete control of the WebExtension standards, I'm not sure there would be anything else we could do.


On iPhone you have Safari content blockers. Better Blocker and Firefox Focus are two popular ones.

There's also a Lockdown, an open source firewall implemented using iOS VPN capabilities (though it doesn't send your requests through an external server). Lockdown is able to block trackers in any app, not just Safari.


My iPad Air 1 is aging, slow, and I loved it but I simply won't replace a machine where a publicly-funded news/docs store app in particular gets laden with unskippable ads.

Half a thousand bucks for this frustration, no thanks! No amount of content/entertainment is worth this.


I have good results with AdGuard on iPhone (functions as content blocker in Safari).

It's not perfect and difficult to customize but works well for the most part. It even gets rid of YT video ads (mostly anyway)

I also combine it with NextDNS


Posting this from my oneplus running firefox and ublock origin. Firefox has been my daily driver on mobile for a few years now (since before Quantum) and it's been reliably great.


I run NextDNS on my phone. It isn't perfect particularly because it is an all or nothing type thing which gets frustrating with URL redirects. But it is far better than not.


Firefox with uBlock works fine on my Pinephone ;)


Run pihole or a similar dns solution at the network level, and you can block domains without installing anything on your devices.


Host based blocking is certainly better than nothing, but uBlock offers much more comprehensive and expansive blocking, not to mention cosmetic filtering and other features that you can't achieve with PiHole/NextDNS/AdguardDNS/Blokada etc..


For sure, it's not as powerful as something that can modify the DOM, etc. But, you can also run both, if you still prefer uBlock on your PC.


Yup, I agree. Running both right now, the additional benefit of moving DNS queries away from my ISP (I pay for NextDNS) is certainly a good one too


I use both - uBO at the browser level and a PiHole for DNS. It's "defense in depth" - there's more than one layer of defense for something nefarious to get through.


Give Brave a try on iOS. Besides offering ad blocking, it can block all JS (unfortunately just an on/off toggle, no subdomain specific settings) and this takes care of most annoyances like cookie pop-ups, article count limiters, ads, etc. On the other hand, mobile websites tend to break more often without JS compared to desktop websites.


On an iPhone?

I was a noscript user from 10+ years ago (I guess?) and I’ve been using uBo for as long as I can remember but isn’t Firefox on iPhone just a wrapper? Is it battery efficient?

As a workaround I use a Pi-Hole (except, not on a pi).


It is just a webkit wrapper. At least the last time I looked into it. UBlock Origin isn't possible. You can get some Apple sanctioned Ad-Blockers, but I think most (or all?) of them use a invisible VPN with DNS based ad blocking.

Mozilla has Firefox Focus for iOS, it does Ad Blocking but it's main selling point is No Tracking, No history and No synced bookmarks either


Install Firefox focus, go to Safari settings, add Firefox focus as Content Blocker and Firefox ( Not Focus, the real one) will show no ads anymore. Works, because Firefox on iOS is mandated to use the Safari engine


Nice, never thought to try that. Makes sense though. Thanks!


You are welcome!


This is one of the top reasons I can't buy an iPhone.


I’m using this on iOS https://better.fyi/ I don’t remember last time I saw ads.


Using Adguard on Android for some years. It works really good with Chrome and all other apps. Mobile browsing without any adblocker is a very bad experience.


Blokada for Android is a pretty good DNS-based ad blocker.


Came here to say this same thing about NextDNS. Plus they'll block ads in apps, which uBlock Origin is not going to help you with. It seems like DNS ad blocking is a pretty good solution on mobile, with different pros and cons.

I do also use uBlock Origin on Firefox Mobile though.


You can definitely do better than use Blokada: https://gitlab.com/fdroid/fdroiddata/-/merge_requests/8536


Or, you can just set a DoT server that blocks ads by default.


or if you have root, AdAway can patch your hosts file.


Brave on iOS is great. So is the DDG browser.


I hear you. One of the greatest reasons I miss Firefox on android was because it allowed ublock.


If you have android you can FF + Ublock on android.

Sadly ios devices don't seem to have that option.


Insight Browser. No affiliation, just a very very happy user.


Firefox focus includes a decent safari content blocker


This is technical and interesting, but can anyone tell the difference between web browsing with FF/uBo and Chrome/uBo? I personally cannot, other than that the fonts render a bit differently. Webpages load fast and no ads get through in both cases.


The first chart in the article explains the difference. It's not so much about being able to tell the difference, but how much it is protecting you in the background.


To be fair the only difference there seems to be from a future RC release of uBO that isn't even out yet, and also that has to do more with third-party tracking cookies more so than ad-blocking, so most users probably wouldn't notice it. It's not about speed, it's about the probability of detecting these CNAME cloaked tracking.


Google searches on Chromium load the page, then insert three or four ad links before the first result about a second later. Ridiculously annoying, as I'm used to clicking quickly on the desired result.


I should note that, on iOS, it seems that Safari with a content blocker outperforms the brave skin by a little, which outperforms the Firefox skin by a lot, which outperforms the chrome skin by a lot.


What a brilliant and unexpected turnout.


Just reinstalled Firefox due to this info


Yea not sure if anyone on the Firefox team is reading but I have not had any reason to consider Firefox until reading this thread.

If Firefox made their browser the best at ad-blocking instead of performance (which also might go hand in hand) I would consider using it again.


I’m fairly sure they have made their browser the best at ad-blocking already. But due to human nature, negatives like daring to remove some feature with minuscule usage gets heavily upvoted.


Is Firefox worse than Chrome in anyway? Performance seems on par and it has a truly transformative app that iirc is unavailable in chrome: treetabs.


>Is Firefox worse than Chrome in anyway?

IME Firefox is much more of a battery hog on MacOS, Chrome's history page is much better, and some sites (Glassdoor and Google Meet come to mind) don't work properly in Firefox. And I don't really use the developer tools in either but I've generally heard that Chrome's are better. I still use Firefox as my daily driver but it's not flawless.


I don't use Glassdoor, but Google Meet works fine in Firefox, at least as far as I can tell. What issues are you experiencing?

The dev tools in Firefox are better for working with CSS [1], about as good for everything else. I only resort to Chromium when working with PWAs.

[1]: https://youtu.be/a-V8GFtwjos


I just tried FF again today for the first time in months and updated to the latest Mac version and...I found the Quit feature didn't work. Neither Command-Q nor Quit option from the menu...And it's something like this every time I try it -- there another wtf moment with the first 5 minutes.


What you describe has always worked just fine on my Firefox/Mac installations.


A quick google reveals a large number of people facing the same issue every year, going back to at least 2014.


I keep chrome installed as a backup because some sites are just plain broken. But 99.9% of my browsing works fine, and so I've made FF my default browser on both personal and work machines, and have not looked back.

Chrome is just too hostile to its users. Between incognito mode tracking users around the web, this extension/API hoo-hah, among other things, I'm just not excited about it as a browser anymore.

You did a lot for us, Chrome, but it's time to loosen your grip on the browser market.


Long-time monthly donor to Firefox here, and have been a Mozilla / Phoenix / Firebird / Firefox user for a couple of decades now. I still think their principles are worth supporting but I'm starting to question their choice of priorities.

IMHO they seem to be losing focus on their technical strengths - making a browser their audience wants to use. Over the past year I'm seeing a lot more problems with addons, specially on Linux. Several popular addons like umatrix and ublock origin make the UX sluggish, interacting with the addons UX are hit and miss, and such operations are often unresponsive for me. I'm seeing this on Ubuntu, PopOS and Mint.

Mac and windows variants work reasonably well for me, but it's come to a point where I've reluctantly switched to Vivaldi for day to day personal use.

My thanks and appreciation for Raymond Hill's excellent work. Though the technical aspects favor Firefox in theory, the extension / addon works far better with Chromium based browsers in practice for me.


This is honestly one of the first time I'm convinced in a technical sense to consider Firefox over Chrome. uBlock Origin feels as core to me to web browsing as Saved Passwords and Incognito Mode. That uBlock Origin can work better is like the browser itself being better.


Yeah, I want to point out that uBlock Origin is fully functional on mobile firefox which makes it by far the best browser on Android. Plus with firefox you can do fun things like disable the Wake Lock API on youtube so that you can listen to audiobooks or music with the screen off and ad-free.


My only complaint on mobile is that the UI for customizing settings is annoying, eg for allowing JavaScript.

But that's the fault of Firefox.

I'm always astonished how bad/slow the mobile web experience is without Ublock with JS blocked by default.


The desktop experience of clicking the drop down is not fantastic: no tooltips and no real explanation of what clicking the empty boxes does.


yeah, it's the primary reason I still use the (undeveloped) uMatrix. ublock supposedly can do the same things, but umatrix has an amazing interface that's clear and straightforward while ublock is like one of those mobile first (but also only) websites


And you have to actually click submenus to expand them, you don't just hover. And of course other menus like bookmarks open submenus when you hover, so it's a gamble every time.


I agree, ublock origin was my single most important reason to finally switch from chrome mobile to firefox mobile.

There are some quirks though, minor annoyances that every so often get introduced in updates. For example, when closing the last private browsing tab it doesn't automatically show the regular tabs any more, but instead requires three more taps. But I'm happy to ignore those for the sole reason of having fully functional ad-blocking.


Same experience here! The only problem I have is that the Android search bar seems to ignore the default Browser setting, but avoiding it (opening FF rather than using the search bar widget) is a small price to pay for avoiding ads so effectively.


You can use the launcher too. If you set the launcher to open a new tab, it'll bring the keyboard up too. This means you're one tap from searching your query in the browser.

If you have a good keyboard, you can even use DDG !bang syntax. I find this very helpful for finding what I want fast.


Another option you have is to put the firefox search widget above you google search widget in your home screen. It's a bit ridiculous that the Google search bar can't be removed, but this is second best.


I did remove the Google search bar from all my phones. An old and defunct Samsung Galaxy S2, a Sony Xperia X Compact (Android 8) and a Samsung A40 (Android 11).

Which phone / OS do you use?

Btw, to search for something I open Firefox and type in the URL bar.


That's strange I don't have any Google widgets on my home screen. Perhaps it's the Xiaomi variant of the Android UI that allows this?


I like to use newpipe app on Android for YouTube.


> you can do fun things like disable the Wake Lock API

How? Is there a hidden about:config?


I second this, if anyone knows how to configure this or has a guide it would be much appreciated!


Install the "Video Background Play Fix" add-on.


I gave it a shot on Android, but the fact that it doesn't support userscripts (Greasemonkey), it makes old.reddit.com unreadable. For some reason Chrome increases the font size for that site, whereas on Firefox I have very tiny text and constantly have to zoom in. As I mostly read reddit/hacker news on my phone I had to drop Firefox on Android :(


For reddit specifically there is more than one free-as-in-freedom app available. I use Slide, and am happy with it, but these days Infinity seems to be recommended more (never tried it myself). Both are GPL or AGPL and available from the main F-Droid repository.


Depends. If you've also blocked ads with pi-hole or the Android hosts file Firefox and Chrome get closer. Ublock on Firefox is absolutely indespensible for sites that may be actively hostile like piracy or porn, but for casual browsing the UI of Chrome is a lot better.

For example, I prefer the address bar at the top. Firefox doesn't like that, so the new tab button stays on the bottom, meaning I have a six inch stretch between where my finger was to hit the tab manager and where it has to go to open a new tab. It's full of little things like that where the only explanation that comes to mind is that Mozilla decided they couldn't do it the best way because Chrome was already doing it that way.


Fennec Fox (Firefox for Android) can be configured with controls (navbar, menus) at the top. Bottom is merely the default.


Yes that's the way I have it. Because I have it at the top there's a massive stretch between the tab manager button and the new tab button that makes me have to shift my grip on the phone.


Is it? Last time I tried, here where a bunch of sites that just didn't work.


I haven't encountered any issues since I switched almost two years ago.


Google intentionally crippling their own free, market-dominant browser in a way that just-so-happens to make ad-blocking difficult honestly reminds me of the Microsoft anti-trust case back in the late 90s. Google is an ad company doing embrace-extend-extinguish on other markets just to optimize selling your eyes/attention to advertisers.


Google's changes actually make a lot of sense. 99% of extensions out there should not be able to touch user data at all due to the simple fact they'd abuse this privilege.

uBlock Origin just happens to be so incredibly important and trusted that an exception should be made for it.


Yet on Google's other large ecosystem (Android), they will happily let apps collect way more private data than this with zero limits in the name of user freedom. In both cases, they made the decision that best serves the company bottom line, nothing more.


I just recently (few months ago) switched over to FF from Chrom(e|ium). What pushed me was Google, on short notice, revoking all Sync API keys from all Linux distros, and I'll be damned if I'm going to use software that's as important as my browser from a source like the AUR. The AUR is great mind you, and for a small number of things I accept the risks and burdens that come with using it (auditing the PKGBUILDs on updates etc), but for browser software I just won't on principle. I want that from my distro's packagers.

It's been fine so far. The biggest annoyance is that Firefox on iOS struggles a lot with form autofilling, and I don't think credit card autofill is allowed at all. You'd think this would be a minor annoyance (don't most sites save your payments methods?) but it's honestly been a big issue. So many sites are so broken on mobile that I actually can't create an account from mobile, and barely function well enough to get through the guest checkout flow.

Examples: Jersey Mike's (sub sandwich shop), and another local deli place that's too local for me to name without letting everyone know I live in a cornfield.


Firefox on iOS isn't really Firefox, it's Webkit with a Firefox skin (because Apple won't allow any other web engines on iOS).


From whar I have experienced Chrome and Chromium act differently FYI. I would discourage lumping them as one in the same.


> I don't think credit card autofill is allowed at all

I would consider this a feature, not a bug.


It amazes me that a consensus seems to have formed around this conclusion that Firefox is technically inferior. I have always been using it and it has always been a fantastic browser relatively free of Google's icy tendrils. The technical issues that people bring up about it are usually nonexistent for me, and while I am troubled at its direction it remains an unusually solid and reliable workhorse given the stakes involved and the size of its userbase


Well, in js performance it is unfortunately behind in some benchmarks as far as I know. And some major non-standard website refuses to run under firefox, like teams unfortunately (definitely the fault of Microsoft)

So I am an FF user by ideology, but sometimes do use Chromium (basically only to not have to run electron).


Being "behind in some benchmarks" is not an argument at all. You're implying that

1. Those test convey any useful information leading to

2. The average user is able to notice the difference in the real world

I think that things that are not js execution time for actual site functionality are much worse for the overall web experience, namely js execution time for ads/trackers and overall latency caused by bad connection quality or bandwidth. The overall experience on firefox with ublock is en par with chrome with ublock for your average mom.


You don’t have to convince me of Firefox being all around better, but I think it is important to note the areas where it could improve.


I am certain that I've used Teams in Firefox? I regularly use other 365 webapps as well with no problems (apart from troubles that are also present in every other browsers).


I think joining a meeting itself is what doesn’t work (for me at least) under linux. I can log in and use other features.


Ah I see. My employer uses teams quite heavily for its other features but we use Zoom for meetings.


On a PC I don't have any issues with firefox. On mobile I do. I also am still pissed that they killed almost all the extensions for firefox on mobile.


I have been using Firefox as my daily driver for 3+ years now. Haven't encountered a single case of sites working any worse than on Chrome.

I also recently started using Firefox full-time on my work machine despite IT strongly mandating that all our tools only work on Chrome and everyone should use that. Have had zero problems (and we use every Google service under the sun).


> I have been using Firefox as my daily driver for 3+ years now. Haven't encountered a single case of sites working any worse than on Chrome.

Really? It happens to me all the time. I can't log into my U.S. Bank account in Firefox, I can't submit a delivery order on Doordash in Firefox, and (just this morning) I couldn't validate a credit reporting form in Firefox.

Now, despite those and many other examples, I continue to use Firefox as my primary browser, because Chrome has bigger issues in my opinion. I don't blame FF for this, I blame the websites. I just think it sucks that places do not test in or support Firefox better.


Is it possible you have an extension blocking scripts or redirects? I'm able to use Doordash just fine on Firefox.


At the risk of this being a tech support comment, I have definitely tried disabling all my extensions, but no luck. It might be some setting I have flipped on in Firefox, but in general I am about as paranoid about my privacy/security settings in both browsers.


The only two places I use Chrome are Netflix and Costco. Costco's behavior is just plain weird:

"Access Denied You don't have permission to access "http://www.costco.com/" on this server."

Is this from running NoScript? Or does it affect all Firefox users? (Also the URL is https://, not http://, so the error message doesn't match the URL).


I've used Costco's site plenty of times on Firefox. I just double-checked Windows right now, and I'm pretty sure I've used it on OSX/Firefox in the past.


I cleared my cookies in Firefox for everything Costco related, and it works now. Thanks for pointing out that it works. No clue how it got in that state.


Does Netflix not work in Firefox for you? Mozilla and Netflix have worked together a lot to make sure it does work.


Nope, I get Error Code F7701-1003. I have Wildvine enabled, and I tried completely disabling NoScript. It's easier to just use Chrome for that one thing than have to troubleshoot the problem.


I suppose that's true but it would be helpful for Mozilla if you filed a bug about it.


I think I figured out what it is. I turned off web assembly in Firefox to reduce my attack surface for general web browsing (I wish I could turn off Javascript completely, but that doesn't really work these days, so NoScript is as close as I can come). I think Netflix must be the only site I actually care about that won't work without WASM, so I'm fine relegating it to a separate browser with a higher exposed surface that I never use for untrusted sites.


OK, good to know.


Netflix has worked fine on Firefox on Mac, Windows and Linux for as long as I can remember.


Don't know if this is your issue, but it could be Enhanced Tracking Protection -- I have it turned up pretty high in Firefox and find that a lot of sites won't work until I turn it off. One example seems to be sites that use "Google Tag Manager."


Interesting, I blacklist googletagmanager.com in NoScript and have never had that break a single site.


Can't say about your bank, but I have used Doordash on Firefox regularly and never had any issues.


Not sure about U.S. Bank, but my brokerage, bank, and Doordash work great on FF. I'd try starting the browser in "safe mode"[0] to see if you have a setting or extension causing issues.

[0]: https://support.mozilla.org/en-US/kb/troubleshoot-firefox-is...


I use DoorDash with no issues on Firefox, with both uBlock Origin and NoScript running, some but not all stuff whitelisted in the latter.

I also have some "unusual" settings in about:config that I mostly don't even remember, for instance disabling service workers outright.


Why disable service workers?


They sound scary, I found the explanation as to what they actually are on Mozilla's site to be rather lacking, and I don't see any need to have them -- I've had them disabled for at least a year, and everything works fine.

The question becomes, why not disable them?


Service workers are used to cache a web app locally in order to make it load faster, and (if appropriate for the app) even run entirely offline. They also enable push notifications, though only after you explicitly allow them. You can read more about this under the umbrella term 'Progressive Web App' (PWA).

I am not aware of any attack vectors specifically related to service workers -- it's just normal JavaScript, but with more restrictions.


The impression I got was that it's JavaScript that can run even after I close the page, which sounds undesirable to me. I could be wrong about that, but like I said, I spent 5 or 10 minutes trying to understand Mozilla's page about it and ended up with more questions than answers.

Before I disabled them, I saw a ton of service workers registered from sites that I visited once and likely will never visit again, so even if there are no attack vectors, it seems like it's at the very least, "stuff that I don't need."

> cache a web app locally in order to make it load faster

Uh, isn't there already a browser cache for this?

> run entirely offline

No thanks.

> push notifications

No thanks. :)

Like I said I've had them disabled for a long time now and haven't had any issues, so at this point I'm not going to think about it again until and unless stuff I care about starts breaking.


I have to add my anecdata here as well. I’ve used firefox on *buntu for 8+ years as my primary browser, and have found I only need to open chrome ~1/mo for the rare case where I need chrome (and I suspect my issues may be more tied to linux than firefox specifically).


I keep chromium for Google meet exclusively. I got awful performance on Firefox... not that chrome is much better - but at least I can kill it after every meeting without losing other tabs.


Used Google Meet just yesterday, only a small meeting with five people, but all with webcams and of course audio. Flawless and smooth with Firefox 86 on Windows 10.

Clearly not a universal thing then I guess.


I have also noticed better performance on Firefox compared to Chrome. Quite surprising but worth a try. Meet only really works well for small meetings though. Any bigger and it slowly starts to fall apart.


These things change frequently. I'll give it another go.


On my own videogame Neptune's Pride, I have noticed that the performance of canvas rendering on Firefox noticeably worse on OSX and Plasma. I still use Firefox for everything though.


The only website I regularly use that doesn't work with Firefox is Google voice.


I use it in Firefox a lot, for several years now, with no problems. I'm using Fedora + KDE but I doubt that makes much difference.


It works for checking messages and sending them, but I've never been able to get audio to work for making or receiving phone calls. Then again, I even have similar issues with chrome, but it works most of the time.


I think Firefox's shortcomings are overstated. Often they're actually Mozilla's rather than Firefox's.

There are other things I consider superior about Firefox that Chrome has yet to implement:

  - Multi-account containers is a killer feature IMO.  I have different containers for banking, Facebook, a container for every email, a container for every Google/YouTube account, and so forth.

  - The option to enable canvas permission prompts and canvas obfuscation. (though there are some arguments that those make you *more* trackable)

  - Autoplay blocking and permission prompt

  - Pop-out videos (aka picture-in-picture) are awesome and make it easy to keep videos on screen while browsing other tabs and apps.

  - Built-in anti-fingerprinting

  - Blocks tracking cookies by default
I simply won't use a browser that doesn't have these things.


Privacy considerations aside, containers are great for using multiple AWS accounts simultaneously. Since we use an AWS account as a deployment container, it’s typical to have 10s of different accounts you have to jump between and it’s just not possible to effectively do ops with another browser.


Mutli-account containers is really a game-changing feature for me. I switched from Chrome back to Firefox about 3 years ago (even before containers were available) and at this point there's no going back. I keep chrome around for some sites that require it, but that's it.

Now how do I get Chrome to stop auto-installing itself in my login items on macOS everytime there's some kind of update.

Edit:

Also, if you're on Android, set Firefox Focus as your default browser! It's amazing to not have to think about the tracking consequences everytime you click a link somewhere on your phone. It's basically a new "container" for every link click. If you need the cookies, then there's a handy "Open With" menu to let you re-open the page with regular Firefox, or Chrome.

And uBO works on the regular Firefox Android browser.. Again, game-changer for me.


This is honestly a killer feature! I use Temporary Containers and load the AWS console in a fresh container automatically, making it very easy to switch between accounts and have multiple open at once. (Caveat emptor: be sure which account you're using at any given time!)


It really is. I think this is one of the features they (Mozilla) spend some more resources into. It's really unique and could drive non-tech savvy users to it.


I really wish AWS would figure out multiple accounts on one session.

Even with multiple containers, it still means logging into AWS SSO multiple times and selecting the right account.


By any chance you are using nightly. I am not able to login as IAM user in firefox nightly. For last couple of months always get 403 from AWS.


You can use the aws switch roles addon that lets you do that in one container.


Strong agree on multi account containers. Keep in mind though if you disable them they drop all settings, unlike every other add-on ... ever. Bug is three years old but maybe we can push it over the top: https://github.com/mozilla/multi-account-containers/issues/1...


There is also no way to rearrange your containers aside from deleting them and making new ones in the desired order. Since I am using this for o365 administration it is a little annoying that I can't keep them in alphabetical order to find them easily.


Are you on the latest version? I can rearrange them on mine. If click on "manage containers" there is a gray on gray bar on the right. If you hover it, your cursor should change to an arrow to rearrange them.


That allows for visual rearrangement of that particular menu, but as far as I can tell the new tab button's list does not change and the extension keyboard shortcuts are still limited to the first 10 containers, which are bound by their creation order.

A non-sanctioned way to mitigate this might be achieved by editing containers.json, but I'm wary of inviting sync shenanigans.


This is something that I don't like about firefox. They have a ton of cool stuff, but I feel that they are always lacking a few things.

What I always give as an example, is how to add custom searches (Amazon, Reddit, HN, etc), you save the query url and add a keyword. Works very well to type `rdt something` and have the results. But: there's no option in the menu to see all keywords/search engines you have registered.


My workaround for this is to title the bookmark, e.g. "kw:rdt Page Title".

Imperfect, but the convenience is worthwhile for the dozen-or-so keyword searches I use.


Yeah, but that's kinda the point: seems that there's always a need for a workaround. Also, I know I'm going to forgot to rename a bunch :/


Yes there is. Saved keywords are just (Parametersteuerung) bookmarks so open the bookmark manager and you will find them.


I know they are bookmarks. But the point is that there is no way in the bookmark manager to filter bookmarks that have keywords.


Let's not forget Tree Style Tabs, no other browser can do it. Great for the tab hoarders amongst us.


I don't often keep many tabs open, but still vastly prefer Tree Style Tabs. I primarily work on a widescreen monitor and would rather give up horizontal space rather than vertical.


Is there anyone on the planet who doesn't use a widescreen monitor these days?

Out of all my computers the only one I have is a Thinkpad T60, manufactured in 2006 if I'm not mistaken.


Simple Tab Groups awesome complement. In special with Firefox, not loading tabs that you not have opened. And if you combine with Total Suspender... Like having infinite tabs with paying any price.


I had some serious performance problems on my MBP last year, back when a lot of the major Rust changes came out (no idea if that's relevant). Was super laggy trying to play videos. Gave it another try a couple months ago and everything is fixed! Very happy user now, won't be going back to Chrome. The features you highlighted are some nice added bonuses on top of removing another layer of Google tracking.


> Pop-out videos (aka picture-in-picture) are awesome

Agreed on all points. It's funny, I've been using Firefox 20+ years and when I saw them recently boasting about PiP I thought "another useless feature".

Until I decided to try it out. Now I use it constantly.


I love FF. It's fantastic on macOS and the customization beats every single other browser out of the water. BUT, and I know this is controversial, and I know the foundation is not the same as those who manage the browser, after the events on the capitol they released and statements saying something like "deplatforming is not enough" and even though I asked several times, I could never get a confirmation from anyone within the Mozilla Foundation assuring me they would never use telemetry data to spy on "undesirables" or that they would never try to block content they deemed harmful.

I get the situation is different, but my parents escaped from two civil wars in Central America in the 70s and the stories they told me about political persecution were scary enough to make me distrust organizations that don't seem to understand nuance when it comes to politics.


I certainly can't offer any official word, but telemetry doesn't have enough data to spy on anyone, and the privacy policy spells this out pretty clearly. And if something snuck in, it's all open source and I imagine people would raise a big stink pretty quickly (whatever their political leanings were).

I remember that post, and I think you're mischaracterizing it. The point wasn't that "deplatforming is a good start, but we need to go even farther"; it was "deplatforming is not the right solution, we need something better".

As for trying to block harmful content -- Mozilla is already doing that, all the time, so you're certainly not going to get any promise there. Firefox blocks malware, sites with expired/mismatching certificates, things on the (un)safe browsing list, 3rd party cookies in some configurations, etc. Whether any of those constitute censorship is up for you to decide. Right now, it feels fine to me, but I agree that there's reason for concern. All the browsers have all the mechanisms necessary for censorship, and there's no way to crisply define "harmful".


I feel very much the same way. I don't particularly like the direction Mozilla has taken, both in terms of current day politics and the "resignation" Brendan Eich. Granted, it's part and parcel with today's mainstream, but that blog post they published last year was kind of chilling IMO. Their statement was totally out of the bounds of what Mozilla should be responsible for.

I still use Firefox not only because the browser is not necessarily the same as the foundation, but the alternatives are organizations with far, far worse track records. (putting aside the advantages I mentioned)


> Pop-out videos (aka picture-in-picture)

Chrome has this.


No it doesn't? I'm on Chrome right now and cannot pop out vimeo videos. Youtube appears to have a "pseudo" pop-out that I suspect is their own js-driven miniplayer thing. Just a fancy change to the DOM. You can't resize, drag the video around, or watch it from other tabs or with chrome unfocused/minimized.


> You can't resize, drag the video around, or watch from other tabs or with chrome unfocused/minimized

Umm...you can do all of those things. You might have to right click the video twice to get the picture-in-picture option (to get around the contextual menu of many video players including YouTube) or you can use the official extension that you click to popout whatever video is on the webpage.


Multiple pop-outs simultaneously?

I know it sounds silly but I've used it for SpaceX launches to keep an eye various official and unofficial streams.


Firefox puts the option right in front of me, and I regularly use it. But I have to hunt for it / even google it to find the option in Chrome.


Multi-account containers are a killer feature for sure. There is an ancient bug out there to provide "home page" for the container. That would truly make it a home run.


I had to remove multi-account containers due to issues with syncing, namely on a windows 8.1 install, and it causing a TON of browser bloat and CPU usage on MacOS and Linux and my windows 10 desktop in a fairly recent past.

It’s unfortunate. Plan to try it again but it was borderline burdensome that x containers or place settings wouldn’t sync or that the Mac mini or linux box would start sounding like a jet engine.


> box would start sounding like a jet engine.

Not sure about the container connection, but Firefox also now has 'about:performance' which is pretty much like 'top for browser tabs'. When things start getting bogged down I can now find the culprit and nuke it.

about:memory is also useful, it allows you to force garbage collection on the browser as a whole.


That’s super interesting.

Was not aware of those. My observations were mostly noted while trying to figure out why one specific browser wouldn’t simply not sync any custom containers. And then I noticed my fans spin up on my macmini. I only used system monitors at the time before just disabling the add-on.

I’ll definately look at those in the future. Didn’t even know they existed.


about:performance is a little limited, especially if you have a single window, because switching to it makes it the foreground tab and all the other tabs background tabs. Background tabs can be throttled, and generally behave very differently.

(There's an experimental sidebar extension that works better and gives a graphical history, but I'm pretty sure it's unfinished and unavailable for general use. Hopefully it'll come out sometime.)


Firefox does seem to have really improved over the last few iterations, performance also when large numbers of tabs open.

I cant find the link right now, but there was a nice timings done where Chrome was using less CPU at lower tab counts, but when it increased count, the CPU utilization was considerably higher than FF.

I'll be giving it a fair shake for a few months.


Yes, Firefox is pretty much unbeatable in performance per tab. I just installed the tab counter addon and it reports that I currently have >1500 tabs open in Firefox. I know from experience that if I run just a tenth of that in Chromium the whole system will basically lock up. And as pretty much every other more conventional browser is based on Chromium nowadays there's no alternative really unless I get a RAM upgrade.


You can see the tab count without an addon. It's not pretty, but you can do it.

Go to: about:telemetry#scalars-tab

Then look at: browser.engagement.max_concurrent_tab_count


Ah, but if you use https://addons.mozilla.org/en-US/firefox/addon/tab-stats/ then you can not only get the count, but also be able to mass-close large numbers of tabs (eg specific duplicate URLs, or everything for specific domains). A tab hoarder's best friend.

(Pretty clever to use telemetry for this, though.)


I use Firefox out of principle and because of Sidebery, but WOW, Chromium is faster by a lot from my experience. That is fresh Chromium vs. configured and used Firefox, though.


thanks for getting Sidebery on my radar! I tried treestyletabs and unfortunately it felt somewhat disappointing given how much people seem to like it.

At a first try Sidebery looks and feels more modern/slick! Might be what I was looking for!


Firefox recently rolled out an update that broke up the big GC passes into small GC passes. That contributed to a huge improvement in responsiveness.


That sounds great. But as someone who works on the Firefox GC team, I gotta say: what?

Or more specifically, I'm wondering what change you could be referring to. We've had incremental GC for many years now, which does exactly what you describe. It's true that we keep splitting up more of the uninterruptible pieces into smaller chunks, but I don't recall any major change there recently. (I'm not very good at marketing, am I?)

And according to telemetry, the incremental slices have been working quite well for most people, at least within the last dozen releases or so. We have a budget, and it's rare that we go over it. Not that I fully trust telemetry; if you have counterexamples please file a bug. (I'd love to have a nice set of scenarios that are problematic for the GC. Our telemetry errs strongly on the side of privacy, as it should, so I can't get URLs automatically.)


May I ask you about the “big picture” of how Firefox’s GC work? How does it compare to something like OpenJDK’s ZGC?


It might not have been that recent. Incremental GC was not new in the patch, what changed was the tuning. It happened some time in the last six months and was a huge improvement for the use case of realtime rendering. At the time I was comparing performance between release and nightly, and it was night and day.


That might have been related to what I was reading, it looked impressive anyway, I did mean to go check out FF then, I guess now is the time !


True but I've gone back to version 68 on Android. Latest versions don't work with s load of extensions I use. Old Reddit being one of them. And I don't care about cookies


Never really got the appeal of Chrome. Firefox worked very well for me for years.


Back when I first started using chrome it was the snappiest and had less memory usage than anything else on the block.

Then I started to think about what kind of tracking google was doing with it, so I tried out firefox... which was just as snappy and just as memory efficient.

Then I deleted chrome.


I guess that performance gap didn't bother me at that point to switch to less privacy respecting browser and Firefox caught up well, so I never saw it as a problem.


Yeah I never really got the appeal of Firefox. Chrome worked very well for me for years.


The appeal is not having Google tracking literally everything you do online.


Firefox is older than Chrome. Did you use IE before that or are you just that young?


So does the tracking ;)


Personally I enjoy being tracked, it's why I got the Covid vaccine


Years ago I switched at a time when Chrom[e|ium] had a better developer tools console than Firefox (although only slightly better than Firebug). But, nowadays the console is equal if not better in Firefox to Chrome.


I don't trust Mozilla to not break my workflow or remove features I use or ignore debilitating bugs for upwards of a decade in some ham-handed attempt to "keep me safe".

That sounds pithy, and it is, but Mozilla burned every ounce of goodwill they ever had with me over the last 5 years or so.


I never really understood this point of view. May I ask what browser do you use then?


So far, Brave hasn't done any of the things that caused me to abandon Mozilla. My browser is a tool, not a political statement. Mozilla has taken positive steps to make that tool less and less useful and waste more and more of my time.


ah yes, good will, the thing we all definitely have for Google


For me:

- command+d will save a bookmark to the last folder used

- command-y will open the history in a new, full tab

- bookmark manager also open full by default

- Recently closed shows windows and tabs together without separating them

- I can actually see and edit a list of all search engines I have registered that use the tab to autocomplete. Firefox's keywords don't


Firefox, gecko specifically, performed very bad on Mac OS X when chrome just came out.

That was also an era of websites crashing all the damn time - in firefox it was crashing the entire browser.

Chrome was a significantly better browser for a while. Now it's just "why switch?" to your average consumer.


I've been on Firefox since I switched away from Opera year and years ago and I don't know any technical reason I would use any other browser - not even mentioning the other spyware reasons.

What technically do you find missing in FF?


It may sound dumb, but the only reason I don’t use FF is because of its UI. Somehow I think Chrome (and Safari) “look better” and make browsing more enjoyable. And this comes from a “techie” that knows exactly why, objectively, FF is probably better than Chrome in terms of privacy.

Can’t Mozilla “just copy” the look and feel of Chrome or Safari while keeping FF’s internals untouched?


I have the opposite view: Google feels so obsessed with pushing Google branding on Chrome users that the UI seems to constantly be suffering because of it. Apart from a recent discussion to remove the densest UI view, Firefox has generally provided a better, more user-oriented UI than Google.


They have a 'proton' redesign landing soon-ish parts of which you can enable via about:config options on dev/nightly that cleans things up a bit.


You can customize the UI using CSS. Look up userChrome.css.


It's my regular browser for years. There's a lot of things it does well or differently. For example, one UI thing I appreciate about it is the ability to override a webpage's font type and size choice. Chromium browsers don't let you do that, you only get to pick if the website didn't pick for you.


I like Brave's adblocking better than uBlock Origin anyway.

Saying this as a former uBlock Origin fanatic.


If you do switch, check out the temporary containers addon. It makes use of the Firefox containers tech to provide the anti-tracking benefits of incognito but maintains history and isn't detected by websites as incognito mode.


Interesting, I haven't run into any issues using ff over chrome for the past several years. It's way more common for my partner who uses chrome to have an issue that they avoid by opening ff.


Sucks, but I'm pretty locked into Chrome. I use GSuite for management, ChromeOS, etc. Maybe it means that uBlock Origin can't protect me as well, but it's pretty hard for me to give up the benefits from all of those other things.

I don't see Firefox competing. Mozilla doesn't seem to believe that monetizing a browser is possible, whereas I pay thousands of dollars a year at my company because of Chrome's integrations with these other systems.

Until Firefox can compete like that, and maybe they just can't, I can't switch.


What situation (job or whatever) has led to such vendor lock-in? Maybe if you gave more details others could avoid your situation.


I think they mean they manage a Google Workplace (formerly G Suite) org themselves, given:

> I use GSuite for management

Using FF would break existing MDM/DLP policies that they themselves have set up.


Just to give clarification:

a) We're a small tech startup. We use Chromebooks exclusively because it makes corpops/corpsec and compliance trivial.

b) Why not Firefox? Maybe Firefox could work, but I'm not sure - with GSuite we can manage Chrome extensions via policy, we can manage Chrome versions, Context Aware Access, etc.


ChromeOS is one thing, but what in GSuite doesn't work on Firefox?


Not the parent commenter, but I'd assume it's mainly browser sync.

Being able to log into any Chromebook and immediately have all yours bookmarks/apps/tools/passwords/etc. that you use on your desktop and laptop is pretty useful.

As great as Firefox is, if you use Chromebooks then you're gonna use, well, Chrome.


Eh, I use Chromebooks occasionally. The trick is just to not lock things like bookmarks and passwords into you browser. 1password and pinboard both work great with Chrome.


Ah, that does make sense. It doesn't explain why GSuite is a factor, but I do get the browser sync.


why not use g suite on firefox? g suite works fine for me.


Yeah, I use G-Suite on FF (with UBO, of course) every single day for work and personal use and have never had a single issue.


Just fire up Chrome for Google stuff and picky sites and use FF for everything else.


I have difficulties understanding why everyone's using Chrome-based browsers, when it's obvious how bad they are for privacy.


Many people do not really care about privacy or are not convinced that Firefox is significantly better.


> Firefox is significantly better

Most people use browsers for facebook, gmail, youtube, and things like banking, taxes, etc. It's common that, when facing any issue when using Firefox - with banking and government sites, you are going to be told to try using chrome. So, for the end user, chrome is the better browser, as more sites work properly on it.


People keep saying that web sites don't work in Firefox, but it's never happened to me.

Why is that?


You likely look at different sites, like HN that is well designed rather that a decoration around ad delivery mechanism.


I think I've tried migrating away from Chrome like 5 or 6 times. Always come back because it usability (for me) is not there, and things require workarounds[0]. Last time I tried firefox I abandoned it again because of these reasons [1]. So, for me, using Chrome feels more natural, and Firefox feels like a chore and I'm constantly annoyed that things work differently than the way I'm used to. Considering most people - not talking about HN audience, but general population - absolutely hate any kind of change, it's easy to see how people would try firefox, and then abandon it because it works differently.

[0] https://news.ycombinator.com/item?id=26756575

[1] https://news.ycombinator.com/item?id=26756622


Chrome is a product of one of the biggest corporations in the world and marketed and distributed as such.

Firefox was big between 2004-2010 if I recall. Chrome came out in 2008, and needed a couple of a years to really dominate mindshare. The growth of Android helped as well.


Latest Firefox really does a good job supporting MULTIPLE video frames. - Something that I have yet to see on Chrome.


One of the reasons I still like Firefox for Android is uBlock Origin, as well as a few other extensions.


> Chromium-based browsers give precedence to websites over user settings when it comes to decide whether pre-fetching is disabled or not.

Classic google/chrome “Yeah I know you’ve got these setting, but I’m just going to ignore them because this website wants to do it”.


It even works well on firefox android which is arguably more important though I am not sure about that products future after the complete rewrite.


Tools like this are cutting off the branch they are sitting on. If you block all the ads on an ad-supported website, how will it survive?


The branch that uBlock sits on is not ad revenue. It's people's annoyance at constantly being subjected to intrusive user tracking, especially for sites that they have little choice to not use. Think social networks and banks. Sure you can refuse to use them entirely on principle, but it's not a practical approach if you want to actually have a life.

On top of that, much of the tracking that does go on is actually blatantly illegal in how it's done, at least in the EU. It's just too small-time to enforce at scale. Doesn't mean I have to take this as a given.


I agree that tracking and ads are different. But uBlock does include ad-blocking functionality. The discussion here suggests that most people use it for that.


> If you block all the ads on an ad-supported website, how will it survive?

If the only thing that website provides of value is a billboard, it doesn't deserve to.

I'm perfectly happy paying for high-quality ad-free services.


So why do you use any websites that have ads/tracking? Surely you could avoid them and stick to your high quality paid options?

It’s annoying how self-righteous HN is about Ads.


> So why do you use any websites that have ads/tracking?

Because it's extremely easy to disable the ads.

> Surely you could avoid them and stick to your high quality paid options?

I don't want to avoid the websites, I want to avoid the ads. If that at some point necessitates avoiding the website then sure, but fortunately it doesn't at the moment.


If uBlock makes itself redundant by killing all ad-supported websites for good, that sounds like a fantastic outcome. In this case, I will personally fund the creator's retirement.


Adapt? That's what most industries that face change do.

How did sites survive before the ad infestation business model?


Could you be more specific, and say what strategies an ad-supported site might use to provide the same content?


Great write up! I hope Brave can improve on this.


Brave is doing something similar: https://brave.com/privacy-updates-6/


I doubt Brave will do anything about it, because ad blocking in Brave is built-in and implemented without the extension APIs.

https://github.com/brave/adblock-rust


I had to resort to using Firefox with uBlock to watch YouTube. I can’t make it work on Safari with ad blockers, which is a shame.


I'd love to move to Firefox, but I havent committed to fully because the Profiles and the corresponding switching mechanism in Chrome is just too good.

I don't want to use containers to manage the different work/personal profiles I have and the lack of easy way to toggle between the two (a keyboard shortcut) has been a deal-breaker every time I tried to switch.

The profile manager in Firefox is long overdue a revamp.


Honest question, in what ways is switching entire profiles better than containers?


Would love to see benchmarks of Firefox vs Chrome, both with their respective versions of uBO.


> The Firefox version of uBO use LZ4 compression by default to store raw filter lists, compiled list data, and memory snapshots to disk storage.

This doesn't explain why the Chrome version doesn't use LZ4 or better by default. There are native JS implementations of LZ4 available as well that don't require WebAssembly.


Things I actually care about that does not work best on Firefox:

1. Scrolling. 2. Save to PDF.


uBlock Origin has been my favorite browser extension for years (it's in fact the only one I have installed). These days I only use it for YouTube however.

The best way to avoid ads is not to visit sites that have them.


> Pre-fetching, which is disabled by default in uBO, is reliably prevented in Firefox, while this is not the case in Chromium-based browsers.

I really wish ubo wouldn't disable pre fetching. It has nothing to do with blocking ads. It just slows down the browser.


Wait, you guys are using other browser than Firefox?


I see lots of comments here assuming absolutely everybody uses Chromium-based browsers. The Firefox "cult" (which I have been a part of since 1.5) is a bubble inside a bubble.


Really nice post!! I almost got confused with uBlox at the start.

https://www.u-blox.com/en


Can someone ELI5 the pros and cons of using uBlock Origin and/or uMatrix?

Should I be using one, either, both? Are they competitors or complementary? What does each do best?


uMatrix is unmaintained and most of its functionality is supposed to be available in uBlock Origin in advanced mode.


uMatrix provides fine grained control in a matrix by domain names (rows) vs various permissions to grant (columns).

Example: Allow domain foo.com to run scripts, but domain bar.com cannot run script, no cookies, but css and images are okay.


uBlock Origin helped me get a vaccine appointment despite the scheduling system's attempt to make it as hard as possible. Thanks!


this process, also called cname flattening, is available in many dns recursors.


I have v1.34.0 ... is that RC1?

But either way, I take this wonderful tool for granted since I have been using it forever (and its predecessors).


www works best with Chromium-based browsers


From the beginning Firefox's advantage was that it was a platform for extensions. Crowdsourcing features that later became standard, such as ad blocking and web debugging. It's mind-blowing to me that Mozilla has been on a quest to kill extensions and customization in the name of simplicity and supposed security. They will never be able to beat the wealthiest companies in human history that way.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: