I’m disappointed by the tech community’s acceptance of privacy invasions, and it’s denial of the long-term corrosive societal effects of the surveillance economy. I’m not surprised however. Quoting Upton Sinclair, “It is difficult to get a man to understand something, when his salary depends on his not understanding it.”
I'm disappointed (though not surprised) by people condemning things without trying them. You can turn this feature on, wait a week, and see what Ad Topics it finds. I've done that and in my case it's entirely harmless:
* Arts & entertainment
* Computers & electronics
* Internet & telecom
* News
* Online communities
It seems better than whatever nonsense third-party cookies are doing? Maybe it's different for someone else, but I'll get concerned when someone actually reports a problem.
Who wants to be manipulated into buying things they don't need? Why would I trust an advertisement to show me what is the best product vs doing my own research?
How do we curtail global warming and consumption while still allowing advertising to steal our attention?
> Why would I trust an advertisement to show me what is the best product vs doing my own research?
There’s 2 forms of information reception: fulfillment and discovery.
Fulfillment is when you know what you want and just need to find the best version of it for you. So you search for “buy ping ping table” and look for one of the right quality and price.
Discovery is when you didn’t even know something was an option for you, but it’s extremely valuable. How can you do your own research when you don’t even know something is a problem? For example, in 90s there were tons of commercials on TV that said “Mesothelioma is a cancer that affects you based on exposure to asbestos, and if you got it, then you can sue and win a lot of money”.
Without that Ad, probably a lot of people didn’t know about their illness and that someone has wronged them and owes them recompense.
There’s a great deal of ads (I argue most) that just try to get stuff in front of people who didn’t know about a thing.
> in 90s there were tons of commercials on TV that said Mesothelioma is a cancer
These were not targeted.
The reality of the modern economy is that if your ad profile says "suggest <major disease> ads", you can be sure data brokers will share that with lots of organizations with various agendas.
I haven't had a chance to review Google's categories, but Meta has fairly narrow categories which could be easily exploited, for instance[1] -- although of course Meta have tried to walk some of that back[2].
And of course even if Google starts out with very innocuous categories, these can always become more fine-grained later. And there are ways to enrich even very innocuous categories using signals from other sources.
I understand my buying habits and it's not a problem. Getting a slightly different variety of ads isn't going to trick me into buying something I didn't choose to buy.
(Ads may be a problem for the easily manipulated, but I think TV and direct mail are a lot worse for the elderly.)
An advertiser who leaves the consumer feeling as though they are ceding their autonomy is unlikely to be successful. If I were you, I would be very concerned by suggesting that this is only a problem for the easily manipulated.
This is a false binary. Advertising doesn't have to be "manipulative" to be successful. For example, reminding people of something they wanted to do anyway, but forgot, isn't particularly manipulative.
I'm suggesting that advertising that feels manipulative will be unsuccessful.
I will agree that advertising does not have to be manipulative to be successful, though I would choose a very different example. In my books, being reminded of something that you wanted, but forgot, is still modifying my behavior. It may not have been the intent of the advertiser, but it raised the priority of something that was (presumably) low priority. That is in sharp contrast to advertising as information. If I am looking for a product for a particular task, then advertising is fine to learn about a product's existence. There are certainly flaws to using advertising to learn about products (conflict of interest as an information source, those with a bigger advertising budget can dominate in both impressions and impression), but many companies simply don't have as much access to customers so they have to pay their own way to get information out.
I guess what I'm saying is that I would rather seek out advertising than have it pushed my way.
a) coarse grained tracking is still tracking, and you're revealing more bits than you might think, here's a good example with current tracking:
https://coveryourtracks.eff.org/
b) this is just the tip of the camel's nose. Expect the tent to be crowded soon if the topics api gets pushed through
c) third party cookies are dying on their own, thankfully. It's not a binary choice, we can reject both the old bad technology and the new bad technology
> b) this is just the tip of the camel's nose. Expect the tent to be crowded soon if the topics api gets pushed through
This. Obviously Google know it’s controversial and rolls it out in the most innocent way possible. This is always the playbook for unpopular changes. The short term goal is clearly to get the infrastructure to be accepted. That’s how I’d do it, after thinking about for 10 seconds.
I guess but it's entirely client side, if it ever becomes too much or you just don't want it to start with you just seed it with static topics and call it a day. It's so so so much better than FLoC.
Is this a supported feature by Google, or does it require client modifications/forks? If the latter, with Web Environment Integrity it's conceivable that this may not be possible with many sites in the future.
Most of the time I don't mind revealing a few bits. I'm logging in to many sites anyway (including Hacker News), and revealing a lot more bits in things like my profile and all the comments I posted here over the years.
Opsec isn't an issue because I'm not on some sort of mission. When I want to browse privately I'll do it a different way.
We don't know what the future will bring, but if it starts to look iffy, I can turn it off or switch to a different browser later.
> When I want to browse privately I'll do it a different way.
And that's great for you. But a reasonable society at least attempts to look out for the slowest of us. Sometimes that means social assistance, here it means defaulting to protecting people like journalists, those with unpopular (but legal) opinions, people supporting or seeking an abortion, and others looking to not be stalked, either by corporations or former associates.
Your ability to protect yourself doesn't make a difference if everyone else is tracked and monitored - either because you are suddenly the only user that needs to be unmasked, or because predicting what people will do, buy, look at, and click on relies on getting most everyone - and not having your exact data isn't going to throw the model off that much.
> We don't know what the future will bring, but if it starts to look iffy, I can turn it off or switch to a different browser later.
Until Google forces through WEI and then you're hosed because you were too busy saying "well actually the camel isn't taking up too much room in the tent"
That's a prediction and we don't know the future. One possible scenario is that people install obscure projects by unknown maintainers to "protect their privacy" and get owned. A lot of security products are snake oil.
Let me put it differently. Rejecting obviously malicious technology like the topics api because the privacy crowd is as well is a good idea, even if you're "following blindly". Taking your advice is a bad idea, period.
“Obviously malicious” is assuming the conclusion here. This might seem “obvious” because a lot of other people say so. It’s social proof. But looking at it myself, it’s not at all obvious to me.
> It seems better than whatever nonsense third-party cookies are doing?
Better than? As in replacing? I honestly highly doubt that will ever happen, this is just additional. Advertisement & tracking have become the single most dangerous device to target specific users with malware, and this just adds more layers of assurance that you’ve found your target.
"Google is still aiming to ... turn off third-party cookies for 1 percent of Chrome users sometime in Q1 2024. The company has set a goal to completely turn off third-party cookies by Q3 2024."
It is better than third party cookies but other browsers are simply removing third party cookies. This approach is clearly less preferable for anyone that cares about privacy.
3rd party tracking cookies are highly limited in the access they have. And they can easily be blocked using readily available 3rd party extensions or by clearing your browser of cookies.
This is tracking that’s baked right into the browser. There is very little limit to what data it can use to generate whatever information it does, and it follows you across the internet for perpetuity. It’s also a first party implementation so you’re completely beholden to Google’s decision to do what they want with it, and considering the IE like chokehold Chromium has on internet browsing, most people will be subject to whatever Google decides to do.
Finally, your steps only tell me what Google is telling others. It tells me nothing about what data the browser itself might be collecting and passing onto Google.
There is a substantial qualitative difference between a 3rd party tool that can easily be blocked by the first party vendor (the browser) and or modifications to it using extensions, and a first party tool doing the tracking itself.
Topics is going to be far easier to block with an extension, or to have an extension provide fake data for, than 3rd party cookies ever were.
Blocking 3rd party cookies always had a big risk of breaking stuff, since they could be used for legitimate purposes too, not just ad tracking and have built up a couple of decades worth of those legacy use cases. Topics is a tightly constrained single-purpose feature. Nothing will break when it's turned off or blocked.
But also, it's not like there's much reason to use an extension to block Topics, given it's an opt-in feature (unlike 3p cookies which were opt-out) and can be turned off at any time from the settings faster than installing an extension would be.
> Finally, your steps only tell me what Google is telling others. It tells me nothing about what data the browser itself might be collecting and passing onto Google.
Even disregarding everything else that's wrong about this... it's a completely false dichotomy. We can ban third-party cookies without allowing a replacement.
It isn't tracking. It's just the browser telling the server what advert types to show. The topics that it sends are calculated client side, and are randomised per site in a way that tries to avoid fingerprinting.
Google could have avoided most of this silly backlash by adding an option to set your topics manually.
Nothing ad companies like GOOG do is for your benefit or harmless. Everything they do it to increase or maintain their ad revenue. That's why ad companies make web browsers.
I think the fact that they're being developed at all speaks volumes about FLOCS developer's lack of scruples provided FAANGs continue to shovel fistfuls of cash in their pockets.
I will say that money can buy morals. I hate what Amazon stands for but worked for them until recently. They pay well enough that I have been able to live the life I want in the city I like without worry. Did I contribute to a company I'm morally opposed to? Sure, but the impact on my day to day life made was bigger than the day to day moral issues.
When working at these places, it's never one big thing. Each project that erodes something is a fun problem to solve and you never see the total impact. Your part is so small it's not doing any harm! And then put those all together and you've got the things this post talks about.
Well the truth is there are top engineers implementing this stuff. They could probably just walk off and get any job after working for Google but here we are.
I feel like the greater tragedy is the folks who do understand the thing, but they’re just turning a blind-eye towards it because the alternative is to see their own options and jobs disappear. In the face of piles of money, it’s disappointing. But I understand the person who worries about their security.
And there is always someone willing to fill your spot.
>I’m disappointed by the tech community’s acceptance of privacy invasions
The whole point of privacy sandbox is to reduce privacy invasions.
There exists a problem on the web where anonymous visitors are being served unrelevant ads. That provides a bad experience to visitors and reduces the amount of money websites can make.
There should be an API that makes a compromise between privacy and utility so that users can get a better experience anonymously visitable websites.
The absense of such an API for this will strengthen walled gardens and disincentivize users from visiting them and site operators from making them.
> That provides a bad experience to visitors and reduces the amount of money websites can make.
That’s a nice fantasy, but the number of ad-blocking users and ratio of advertising revenue on mobile (where adblocking is harder) vs PC suggests to me that the content of ads doesn’t affect user experience nearly as much as the quantity and intrusiveness of ads. I think the second part of your sentence is the real problem being addressed, nothing about advertising is actually designed to directly benefit consumers. I think you would be hard-pressed to find people who actually factor ad relevance into their enjoyment of an ad-supported product.
It’s a benefit in the same sense that someone walking up to me on the street and trying to sell me on something is benefiting me. I’m walking down the street to get to point B (or browsing a site to read an article), not be hawked goods unsolicited. Relevance of the good to my interests is at best irrelevant.
If you were hawked goods unsolicited it would be a waste of your time if you were not interested in your goods. If you were interested in those goods you would find value in this interaction.
This seems like a non problem. If people are reading a tech website then they probably have some tech related interests. If they're reading an article about bicycles then...
People don't like seeing their "interests" follow them around into unrelated content. That's my anecdotal observation anyway.
This disadvantges sites which are not about a topic with a good CPM even more than they already are. People also don't spend 100% of their time on websites who topic is what they are interested in.
Well, maybe they simply shouldn't advertise bikes if they are not related to bikes? It would heavily de incentivise pages with trash content that exists only to expose you to ads. That would be really good for internet.
If browsers had a "provide us some preferences to customize advertising" flow in their onboarding, users would feel in control, and the data might be of high quality. Ideally, you'd have some compartmentalization options (don't show community X my interest in product Y). That's completely infeasible now: there's such a hostility and adversarial relationship with customers, that any data provided through a voluntary, opt-in process would be seen as suspect from day 1. Not without reason-- users would be prone to select garbage in the attempt to reduce ad load or cause undue cost to advertisers. Even if the users played along, would also likely be hijacked by self-serving technology players-- would there be an interoperable way to probe customer preferences, or would they be aggregated by, and only available on, specific platforms?
Since the industry has already destroyed any trust and quality relationship between users and advertisers, AdTech has to resort to continuing to poison the ecosystem through constant surveilance to retrieve "more reliable" data than asking customers what ads they might care about.
There's a potential to claim some subtext in user activity that would reveal preferences the customers won't manually disclose, but that's also the exact that the surveilance practices cross from useful to creepy.
Where's the "No Ads" checkbox? Ad companies would never honor a "No Ads" checkbox just as they didn't honor the no tracking checkbox. Ad companies like GOOG publish sanitized propaganda to peddle their latest attempt to coerce and entice users in a new direction. The death of GOOG can't come soon enough. They are cancer to the internet.
I can understand why there wouldn't be a "no ads" box from a business standpoint. Ad-supported sites could say "we currently have no better business model than advertising, but we could make the ads less terrible if you help".
Nobody does this because the trust is completely gone. If you claim "we can offer you crappy ads or better ads", nobody really believes you'll do that, and there are some very dubious definitions of "better ads". So people demand the financially impossible, "no ads".
There's also a lot more hostility towards internet ads than other media, in part because trust was broken very early on. Bad internet ads are a lot worse than bad traditional-media ads. Other media had effective limits on how obnoxious an ad could be: if you accidentally lingered your eye over the Kroger ad in the newspaper, it didn't expand and crowd out the latest Covid statistics. The injury-lawyer ad on TV couldn't provide a vector for a zero-day that permanently dialed your set to Telemundo. I also suspect there was a lot more "ad curation" in legacy media-- the ad choice still reflected on the publisher, and the cost of entry was high enough to filter out some of the most scammy ads. (Could you pull off the "Punch the monkey and win a PS3" scam if you had to pay for high-quality print ads?) The result: people who never hit the "30 second skip" button on their VCR remote are intimately familiar with uBlock Origin.
Ads keep things on the internet free to use and access. It also allows many sites to be viable to run in the first place. Removing ads from the web would destroy a large chunk of value and disincentivize the use of the web and push these sites to just build on top of a social media app which is able to be get ad funding via native apps instead of a website. This results in more centralization.
Chrome is the new Internet Explorer, hell even Microsoft threw in behind it, they like spyware-ish telemetry, so why not. What is sad is more and more common websites simply don't work in Firefox anymore (chase.com), so it's literally back to the days of running in IE6 or nothing, but Chrome is now that pestilence.
I recently was asked to evaluate a 3rd party package for possible use. With Firefox my default browser (I don't even have Chrome installed), I tried running their demo of the software but immediately received an alert like notification that it will not work at all with Firefox. And that's the end of evaluating that package. Next?
Spoke directly to the devs, and they are aware of the one specific method which nullifies Firefox's use. They are working to eliminate the use of that one method, so at least they are not complacent with just accepting Chrome or bust.
How much you wanna bet "that one specific method" winds up being one of Chromes adware tools.
Unless this is a very low level package, I find it hard to believe it just doesn't work with Firefox in 2023, at least if we are referring to the basic browser APIs for rendering, interpreting, sandboxing, etc.
In other words, if they aren't doing something systems level that exposes significant differences in the underlying browser APIs, then what's the cause of the issue?
Most application level differences (with the exception of the adware) are very very minor. That didn't used to be the case, but it certainly is today. I.e. you would have to put some effort in/intentionality is usually required to break something in Chrome but not Firefox and vice versa as a standard user program. Its not recommended, but I rarely see front end folks doing the same kind of browser tests that used to be industry standard these days, because it simply isn't an issue and if it is, it's because you are knowingly using a non-standard feature (which is usually adware related). The fact that they figured out the cause so quickly implies it's something like that. Systems level issues would require significant time to investigate and probably the involvement of experts in modern browser implementations.
> What is sad is more and more common websites simply don't work in Firefox anymore (chase.com), so it's literally back to the days of running in IE6 or nothing, but Chrome is now that pestilence.
I am used to accessing my Chase bank account through Firefox. I just checked, and I am still able to log in fine, including with a variety of privacy-enhancing extensions that break many other sites. What problems do you encounter?
I've never had any issues with Chase and Firefox combo. Not the Chase is anything more than the garbage heap of banking so maybe it rejecting FF would be a blessing.
So you'd let the perfect be the enemy of the good and go all-in on Chrome? The way I see it, whatever its imperfections, it's the source of the only non-Safari, non-Chromium browser with basically any market share, and has its derivatives you can choose from. I've seen LibreWolf mentioned several times. And frankly, Mozilla's narrower market scope, to say nothing of their market share, when compared with the behemoth that is Alphabet, make all this immaterial. I can turn all those settings off quite easily. My irritation stems from the unique download identifiers and the occasions when they also make stupid alterations, like that Firefox View thing (which got disabled, of course).
As much as I hate monopolies, I also hate having to write an application 5 times because Apple, Mozilla, or some ReactJS based browser like Vivaldi can’t be asked to implement a spec… or insist on creating their own names and prefixes for methods or properties identical to the ones in the spec. If browsers would just be standard compliant instead of inventing their own DSL and pretending like I both have time to learn 10 of them, and don’t mind littering my code with branches to check what planet I’m on every time I need to do something more advanced than the intro-to-html page on W3 Schools, you’d likely be able to log into your bank.
I worked at Opera for a long time before it went Chinese, most of the time with Jon as CEO.
Best as I can tell: Jon von Tetzchner always had one primary goal - to become an industry titan, primarily like Bill Gates.
He founded Vivaldi after he was was thrown out by Opera's board in 2010.
I don't have any insight into why that happened, but I do know that at that time he was a terrible leader who simply wasn't able to prioritize and scope at all. Exactly anything that was "good" had the highest priority.
For the sake of his employees at Vivaldi, I really do hope that he has gone through some personal developments since then.
He did have a bunch of positive traits too! Can't tell in detail without exposing myself though.
Compared to Lars, Jon was hands on, and connected with the staff and products. I think I can count on one hand the times I saw Lars eating in the canteen. The company changed a lot after that, and not necessarily for the better.
What made Opera great was the people working there. The amount of knowledge and raw talent that lived in the tight hallways of Waldemar Thranes gate 98 was impressive. Looking at Vivaldi's "Our Team" page, it looks they have almost recreated the same team from back when I joined. I miss that period!
You can't answer that yourself? He obviously puts the product above his need for greatness, so the product will suffer and most probably bad decisions affecting users will be made.
How convenient. Vivaldi relies on Google building Chrome using some of the money they make thanks to their dark patterns. They can just take Chrome when it's built and disable the dark patterns.
But by further spreading Blink, they are part of the issue.
Disabling Topics is nice for their users. In the short term at least. And they should, of course. They have nothing to gain from leaving this misfeature enabled.
But Vivaldi: we don't need you to help Google in their browser dominance. This browser dominance is exactly why Google can pull such a feature out from their ass in the first place.
Firefox at least does not participate in Chrome's dominance.
I consider Firefox the better option for no.
But indeed, the funding from Google is a big issue for me. I hope they eventually manage to get rid of it. It's not sustainable, and also one can't be 100% free to say fuck the Google's business model while relying on Firefox. I also suspect this funding may be preventing Firefox from being as good as possible with respect to privacy, to avoid upsetting Google. I would not be surprised there is something related in the contract between Google and Mozilla.
More generally, all the 3 current mainstream browser engines depend on GAFAM funding and I don't like it.
I'm looking at emerging alternatives with great interest. I see new developments on Servo and Ladybird with a good eye.
Have been using Vivaldi for a couple years now, and am mostly happy with it. It performs well with many tabs open, and is insanely configurable. It feels a little bit like the old Mozilla browser before Firefox, cuz it's got the kitchen sink, but the configurability allows you to pare it down. Great to see they take privacy seriously also.
Returning no topics is expected from legitimate users. If you aren't an ad network the API will regularly be empty since you will only get topics based off your own site's topic.
Luckily many websites won’t need to, since I’m sure Cloudflare will offer disabling Google topics as a sign you’re a bot. (I say this after getting stuck on a Cloudflare “are you a bot?” loop that I couldn’t get out of and that prevented me from getting to my site.)
Of course, the actual bots will just enable topics and fill it with random data, and only the privacy conscious will be negatively affected.
If only these web sites could get some kind guarantee from the user’s browser that the browser will show ads and the user’s eye balls will see them… some kind of “web integrity” if you will…
How many projects do browser detection and block everything that isn't Chrome? A tiny fraction of websites do that.
It's absolutely a concern, just as sites relying on WEI is a concern. But it seems unlikely that sites will intentionally choose to exclude a non-trivial portion of their visitors.
If you want to make it even less likely, though, this is a great time to switch to Firefox (for its independence, as a browser not based on the Chrome engine at all).
people who care about this kind of thing will simply cease to use those websites.
I have never clicked on facebook/instagram links because of their login walls, I have ceased to click on twitter links since they've implemented theirs, I will do the same even with youtube when it inevitably follows the same path.
ultimately, I understand why we don't matter to them, so I don't really mind.
Depends, but either the topics never changing, or them changing too randomly, could all be detected when combined with other tracking, and become part of your identity as such...
More and more sites are detecting and blocking adblockers.
I’ve encountered so many articles on my phone recently that are completely unreadable. I click a link from mastodon or reddit or wherever and all I get is a full page unskipable “disable your Adblock to continue” message. And then I click back, and scroll past. Never getting to read past the headline
I'm surprised how many sites now have "you seem to be using an ad blocker" popups. Many of them still let you see the content after clicking away a nag, but it's only a step away from fully disabling. (uBlock Origin does a good job hiding these so I mostly don't notice it; but with NextDNS as an ad blocker it's a big problem.)
Also another reason to run a network wide ad blocker like AdGuard or pihole. Even if this tracking works it’s way through the ads will be useless if they don’t make it inside your network.
I like Vivaldi because they play a lot with their own unique creative ideas and they are not affraid to do it.
while other big companies becomes very conservative about the way they change
> There's a simple option to disable this in Chrome:
> chrome://settings/adPrivacy/interests
And eventually there'll be another setting in another location, and then it'll start accidentally forgetting your settings between versions, and then it'll start prompting you on start-up to make sure you really want a degraded browsing experience …. We know where this leads.
I feel like the main issue is the lack of diversity in browsers more than Chrome pushing forward the interests of its parent company. If we had more than a few browsers, the situation would be less precarious. I would go even further and say that the situation would be better if any developer could just build his own browser in a few weekends. Perhaps internet’s resilience and privacy resides in so many browsers that you cannot possibly control them all. If so, the main issue to solve would not be Chrome but the complexity and herculean task of writing software capable of running the complete web specification.
Time for another round of 'I told you so' for expecting any different from a browser made by a company that runs on selling user data to advertisers for fun and profit. I've shunned Chrome and its various Blink based bastard spawn (including Firefox for the last 12 years, they may as well have dumped Gecko for Blink at this point) like the plague right from 2008 for precisely this reason.