Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
Advertising Chromium Google Open Source The Internet

Google To Restrict Modern Ad Blocking Chrome Extensions To Enterprise Users (9to5google.com) 312

Earlier this year, Google proposed changes to the open-source Chromium browser that would break content-blocking extensions, including various ad blockers. Despite the overwhelming negative feedback to the move, Google appears to be standing firm on the changes, sharing that current ad blocking capabilities will be restricted to enterprise users. 9to5Google reports: Manifest V3 comprises a major change to Chrome's extensions system, including a revamp to the permissions system and a fundamental change to the way ad blockers operate. In particular, modern ad blockers, like uBlock Origin and Ghostery, use Chrome's webRequest API to block ads before they're even downloaded. With the Manifest V3 proposal, Google deprecates the webRequest API's ability to block a particular request before it's loaded. As you would expect, power users and extension developers alike criticized Google's proposal for limiting the user's ability to browse the web as they see fit.

Now, months later, Google has responded to some of the various issues raised by the community, sharing more details on the changes to permissions and more. The most notable aspect of their response, however, is a single sentence buried in the text, clarifying their changes to ad blocking and privacy blocking extensions: "Chrome is deprecating the blocking capabilities of the webRequest API in Manifest V3, not the entire webRequest API (though blocking will still be available to enterprise deployments)." Google is essentially saying that Chrome will still have the capability to block unwanted content, but this will be restricted to only paid, enterprise users of Chrome. This is likely to allow enterprise customers to develop in-house Chrome extensions, not for ad blocking usage.

This discussion has been archived. No new comments can be posted.

Google To Restrict Modern Ad Blocking Chrome Extensions To Enterprise Users

Comments Filter:
  • Translation (Score:5, Insightful)

    by fustakrakich ( 1673220 ) on Wednesday May 29, 2019 @07:47PM (#58675960) Journal

    Fork you!

    • Re:Translation (Score:5, Insightful)

      by Anonymous Coward on Wednesday May 29, 2019 @07:50PM (#58675978)

      All the idiots who dumped their browser and rushed off to Chrome are now getting the ass-raping they deserve. I love the smell of schadenfreude in the morning.

      • Re: (Score:3, Interesting)

        by Anonymous Coward

        I just hope this isn't a change that propagates out to Vivaldi.

      • All the idiots who dumped their browser and rushed off to Chrome are now getting the ass-raping they deserve. I love the smell of schadenfreude in the morning.

        Amen brother, you beat me to the punch!

        • by mwvdlee ( 775178 )

          If only there were some way to go back to another browser. Ah well, nothing to do about it now I guess.

      • Re:Translation (Score:4, Insightful)

        by kurkosdr ( 2378710 ) on Thursday May 30, 2019 @01:17AM (#58677276)
        Unfortunately for Google, lock-in to browsers is rather low. Switched back to Firefox a while ago when Chrome blocked Video DownloadHelper for Chrome from YouTube. And Firefox Quantum is rather good.
      • Re:Translation (Score:5, Informative)

        by AmiMoJo ( 196126 ) on Thursday May 30, 2019 @04:09AM (#58677792) Homepage Journal

        Firefox was awful for a long time. Slow, memory problems, broken UI that kept changing.

        It's finally got good again, just in time by the sounds of it.

      • Re:Translation (Score:5, Insightful)

        by Gavagai80 ( 1275204 ) on Thursday May 30, 2019 @06:10AM (#58678096) Homepage

        Sorry to disappoint you, but as a Chrome user this is a 5 second inconvenience to me. The day ad blocking stops working in Chrome I'll open Firefox instead and carry on as usual without blinking. It's not as though Firefox and Chrome work differently so that one has to go through some sort of learning curve. Firefox's recent strategy of making Firefox look and work like Chrome will pay off big time for them.

  • Good thing (Score:5, Insightful)

    by phantomfive ( 622387 ) on Wednesday May 29, 2019 @07:49PM (#58675972) Journal
    Good thing an ad company owns the browser market.
    • by fustakrakich ( 1673220 ) on Wednesday May 29, 2019 @08:02PM (#58676068) Journal

      NETSCAPE [seamonkey-project.org]: I'm not dead!

      USER: Here -- he says he's not dead!

      GOOGLE: Yes, he is.

      NETSCAPE: I'm not!

      USER: He isn't.

      GOOGLE: Well, he will be soon, he's very ill.

      NETSCAPE: I'm getting better!

      GOOGLE: No, you're not -- you'll be stone dead in a moment.

    • Re:Good thing (Score:5, Insightful)

      by Zmobie ( 2478450 ) on Thursday May 30, 2019 @01:07AM (#58677242)

      Yea... this is precisely why I switched off of chrome. I was an early adopter of it back when I thought Google wasn't the evil monstrosity they are now, but I have been waiting for these events to come around for some time now. They WILL kill their browser if they follow through with this terrible idea. At this point all Firefox has to do is sit tight and watch them burn their own empire. If MS, Opera, and the like don't instantly fork Chromium on the changelist before this mess gets implemented they will burn right with them.

      I get that allowing tons of ads to get blocked when their main income source IS ads seems counter-intuitive, but since it has turned into a virtual arms race with the marketing departments of all these companies it is now an essential need. Hell, this may even be the beginning of the end for the entire company. The main reason they got to where they are now is all the techies they won over telling all their non-techy friends how great Google was as a company. The band-wagon effect took over, and now even though a lot of us tech types are switching off, market inertia keeps others on the sauce. This however, will be a clear signal to the general market that Google has no interest in what is good for their user base and may finally spur the break.

      I, for one, welcome the destruction of our colorful search/ad company overlord.

      • The main reason they got to where they are now is all the techies they won over telling all their non-techy friends how great Google was as a company.

        It was great. Remember when they gave engineers 20% time to work on projects?

      • Re:Good thing (Score:5, Insightful)

        by NewtonsLaw ( 409638 ) on Thursday May 30, 2019 @01:34AM (#58677314)

        If you monitor the YouTube subreddit you'll notice that Google has been making changes to that platform which adversely affects Firefox users. Users of Firefox have been directed to a page that suggests they "upgrade" to Chrome.

        You can see where this is going...

        Imagine if Google "fixes" its sites (GMail, Google search, Google News, YouTube.. etc) so that they work "better" with Chrome. I seem to recall reading an article just recently which suggested that due to the dominance of Chrome, Google is now poised to effectively take control of web standards.

        This may not end well (for the consumer).

        • Right now, I'm using Chrome. The moment that they will prevent ad-blockers, I will switch to another browser. If that means no more access to Google sites, then I will no longer visit those Google sites. Being forced to see ads is a show stopper for me.

          • Re:Good thing (Score:5, Insightful)

            by gbjbaanb ( 229885 ) on Thursday May 30, 2019 @02:31AM (#58677542)

            What will really happen is that Chrome will still allow ad blockers, but the ads will be downloaded and not displayed. All that bandwidth, all that supposed speed advantage, and of course, all that money Google will make from ads that the user never sees.

            "do no evil" has really changed its meaning. You should switch away from Chrome sooner than later.

        • by N1AK ( 864906 )
          I think it's useful to be clear here about whether you mean Google are intentionally making changes intended to adversely affect Firefox or not? Website developers shouldn't be obliged to, and realistically can't without stifling innovation, design sites that work in all potential browsers. I use Firefox and hope that we will see more diversity in the browser/rendering engine space as that's the best way to ensure that developers don't become too blinkered on a single one, but that doesn't mean that every c
        • Re:Good thing (Score:5, Informative)

          by Cederic ( 9623 ) on Thursday May 30, 2019 @06:59AM (#58678254) Journal

          This is why I have a raspberry pi arriving this afternoon, onto which I shall be installing pi-hole.

        • They've already done this; for a long time in Google Docs/Sheets copy-paste via keyboard didn't work in Firefox because Google blocked it (with a nice message to download Chrome). They changed that behavior, but the right-click menu still depends on a browser hijack (that I have disabled to stop OTHER sites from blocking right-click actions). Makes it a bit hard to use but not unusable.

          Docs/Sheets however are already entirely unusable on iOS, because Safari even on an iPad is forced to an arbitrarily restri

    • Re:Good thing (Score:5, Insightful)

      by Calydor ( 739835 ) on Thursday May 30, 2019 @02:23AM (#58677510)

      I sure hope Google is going to take responsibility for the malicious ads that install viruses, spyware, keyloggers etc.

      If they are going to deny me the means of defending myself online, they can damned well pay the bill when my computer needs to be nuked and paved.

      In before people say to stay away from Those Sites: Remember the compromised ad banner that stayed up for a full weekend on the NY Times' website?

    • Re:Good thing (Score:5, Insightful)

      by AmiMoJo ( 196126 ) on Thursday May 30, 2019 @03:05AM (#58677654) Homepage Journal

      It's a bit more subtle than that.

      They are replacing the old API that allowed for unlimited blocking rules with a new one that has a limit of 30k for static rules and 5k for dynamic rules. The rationale is to prevent performance issues with massive block lists, but that seems bogus considering that uBlock with hundreds of thousands of rules massively speeds up the web.

      The current proposal is to raise the limits on the new API and to add some instrumentation so that add-on developers can get stats on rule matches. That seems inadequate.

      The idea of making static rule matches native to Chrome is a good one, it will be faster than doing matches in Javascript. But the option to use JS for dynamic rules and having no limit on the number of rules is essential.

      If they do this I'll move to Firefox.

  • Fuck that. (Score:5, Insightful)

    by YukariHirai ( 2674609 ) on Wednesday May 29, 2019 @07:54PM (#58676014)
    If the browser prevents me from blocking ads, I will not use the browser. This is the most fundamental possible deal breaker for me.
    • I'm with you 100%, but I hope you are willing to put up with sub-par performance from Google products. I don't trust an advertising company to provide my email, communications, and office productivity services and only use Search (occasionally) and Youtube. Putting up with wonky behavior on non-critical tasks is no big deal.
  • Why has no one forked this thing away from Google yet? They have been making unpopular changes left and right recently and yet the world still feels compelled to let that corporate team make decisions for us all?

    • Re:Why not fork? (Score:5, Informative)

      by tannhaus ( 152710 ) on Wednesday May 29, 2019 @08:00PM (#58676054) Homepage Journal

      Someone has forked it away from google. Google "brave chrome" and you'll find the Brave browser...which is a fork of Chrome with more privacy and ad blocking ability

      • Re:Why not fork? (Score:4, Interesting)

        by Actually, I do RTFA ( 1058596 ) on Wednesday May 29, 2019 @08:29PM (#58676190)

        Different ads and different privacy invasions. They have preloaded ads (although that feature may be yet to go live) and report every website you visit back to their mother ship, ostensibly to divvy up the income from you watching ads.

        • "Different" is an understatement for "far worse".

        • When they announced their browser, they said their model was to remove other peoples' ads and replace them with their own.

          Sounds legit and totally trustworthy.

      • Someone has forked it away from google. Google "brave chrome" and you'll find the Brave browser...which is a fork of Chrome with more privacy and ad blocking ability

        Apparently you have not actually used Brave.

        It may be a fork of Chromium but they have somehow massively screwed it up and made it unusable.

      • by vux984 ( 928602 )

        It's owned by another ad company; looking to monetize by having you look at ads through their ad network/platform instead of someone elses.

        And this is in their irrelevant insignificanct stage where they are trying to attract users. If they get any momentum they'll go full evil.

        Right now, firefox is where is where its at. (Or its derivatives.)

      • There is a cleansed Chrome, called Iridium [iridiumbrowser.de]. I'm not sure how much they have improved, and if blocking extensions will have full capability after upstream changes.

        This is not the first privacy-focused fork. There is also the Iron [srware.net] browser. There was general market hesitance [howtogeek.com] expressed towards these forks, and specific criticism of Iron [th3core.com].

        I do wonder how this will impact Chromium packages for OpenBSD and Linux.

    • Chrome is built on Chromium which is open source. No need to fork it.
    • Re:Why not fork? (Score:5, Interesting)

      by WaffleMonster ( 969671 ) on Wednesday May 29, 2019 @09:04PM (#58676322)

      Why has no one forked this thing away from Google yet?

      There are numerous forks. The problem is they have more people actually doing the work.

      They have been making unpopular changes left and right recently and yet the world still feels compelled to let that corporate team make decisions for us all?

      Better to spend your energy contributing to Firefox and leave Chrome to rot. Google is beyond salvation.

    • Why has no one forked this thing away from Google yet?

      Probably because there was no really good reason to do so...but I guess that is about to change.

  • Comment removed (Score:3, Informative)

    by account_deleted ( 4530225 ) on Wednesday May 29, 2019 @08:00PM (#58676052)
    Comment removed based on user account deletion
  • by tannhaus ( 152710 ) on Wednesday May 29, 2019 @08:02PM (#58676074) Homepage Journal

    I can now call it foresight! Firefox and I are still going strong!

    I may download Brave and give it a whirl....supposed to be chrome without the wonky....but honestly, I probably won't. Firefox still works.

    • by Dutch Gun ( 899105 ) on Wednesday May 29, 2019 @08:37PM (#58676234)

      Don't worry. Given how slavishly Mozilla copies all things Chrome, you can expect Firefox ad-blocker add-ons to be disabled in a version or two as well.

      • Get Waterfox (Score:3, Insightful)

        Which is why you should get Waterfox [waterfoxproject.org] instead. The legacy extension support alone is a godsend, and this extension [github.com] lets you effortlessly install all of the extensions that Mozilla unceremoniously deleted from their website after they decreed that the future of browsing was going to be Chrome-copying (with not a single cent of their hundreds of millions of dollars in yearly revenue devoted to porting popular extensions to webextensions.)

        People need to stop recommending Firefox until Mozilla pulls their he
        • Re:Get Waterfox (Score:5, Insightful)

          by jimbo ( 1370 ) on Thursday May 30, 2019 @12:31AM (#58677150)

          Mozilla never decreed that the future of browsing was going to be Chrome-copying.

          The old extensions were unsafe and had full access to pretty much anything, meaning almost any change to the browser risked breaking extensions and a malicious extension could do anything. WebExtensions is a safer and better API, no need to reinvent the wheel then,- and Mozilla have since added to it so it's more capable than the version in Chrome, for things like better content blocking.

          I'm happy recommending Firefox to people who wants safe and secure browser that promotes a free web.

          • Re:Get Waterfox (Score:5, Interesting)

            by Shane_Optima ( 4414539 ) on Thursday May 30, 2019 @01:44AM (#58677340) Journal

            WebExtensions is a safer and better API,

            You misspelled "strictly weaker, less capable". 10 years ago I could use a space-saving theme on my old netbook; it was great for squeezing the most out of every square inch of screen real estate. (Without using some crappy mobile version of the browser.) This is apparently no longer possible, because "safety" and enforced similarity to Chrome trumps all other concerns.

            Mozilla never decreed that the future of browsing was going to be Chrome-copying.

            Yes they did, just not in so many words. They want people to believe they are the anti-Google, pro-privacy/pro-OSS option but in terms of UX (not talking about Rust or other behind the scenes stuff) they don't actually bring much of anything to the table any more. I mean yes, they've managed to become less of a unstable resource hog and good for them, but that's not a win over Chrome; that's just parity. With Google's budget they are never, ever going to be significantly faster than Chrome and Chromium derivatives. Never. They need to realize that customization and catering to power users was always a massive part of Firefox's popularity. We're the mavens here, and that was what got us installing Firefox on friends' and family and coworkers' computers for years and years.

            I don't say that they MUST bring back XUL... I'd be willing to accept some loss of functionality in the name of security. But they dropped every single unique part of Firefox's UI (other than that non-OSS "pocket" thing) and then they started treating the extension ecosystem with utter contempt.

            Mozilla pulls in NINE FIGURES in revenue yearly; they apparently chose to not spend a single cent of it on porting their most popular extensions whose authors didn't feel like porting it. Why can't they devote just 1% of that revenue to extension ecosystem maintenance? There are probably a dozen legacy extensions that I personally never found a decent replacement for. Every few months I'd go browsing new Firefox extensions and come back disappointed. The quality and power of extensions has dropped off significantly over the past few years. I'll concede that in the majority of cases that's *probably* not the API's fault, but it IS Mozilla's fault for being so god damned cynical and uncaring about it. There's obvious room for improvement or project merging with many existing extensions, but it's just not happening. Extension developers feel used, feel taken for granted. And rightly so.

      • So long as Firefox remains free software [gnu.org] that won't matter; software freedom can be the means by which those willing and able can liberate a lot of users from Mozilla's bad choices (no matter how one defines "bad"). The same applies to all free software. As I've said many times before (1 [slashdot.org], 2 [slashdot.org], 3 [slashdot.org]), Firefox being free software is its most valuable feature. This is why other important browsers like TorBrowser can and do base their work on Firefox. When Mozilla makes Firefox do something silly or dangerous we can

    • Switched back to Firefox when they introduced Quantum. haven't looked back.

      I just wish that Mozilla would get their act together with Firefox for Android. I use it since you can install extensions on it (and block ads) but it's a battery hog and Ublock origin has a tendency to screw up on it. (particularly with Slashdot. it just doesn't resolve the site and just sits there for no reason)

    • Don't bother with Brave. They block out the ads so that they can put in their own and invade your privacy to tailor their ads. Just as bad as Google.

    • We still don't have a single computer with Windows 10 in our estate.

  • use waterfox!!!

    • Re:use waterfox!!! (Score:5, Informative)

      by ArhcAngel ( 247594 ) on Wednesday May 29, 2019 @08:46PM (#58676256)
      If you are going to advocate the best browser out there you should also provide a way for the fine patrons of /. to go get it. [waterfox.net] I started using it in 2011 shortly after Alex released it. At the time it was because Firefox couldn't be bothered to provide a 64 bit version of their browser in 2011 but now I use it because it let's me keep using all of the "old" add-ons [waterfox.net] I know and love that FF has abandoned as well as FF WebExtension add-ons. I now use it on my Windows, Linux, and Android devices. And the add-ons work on Android! It's incredible that this project is mainly supported by one person.
  • by Anonymous Coward

    "Privacy shouldn't be a luxury good for the wealthy".

  • Time for Pi-Hole (Score:5, Informative)

    by PeeAitchPee ( 712652 ) on Wednesday May 29, 2019 @08:11PM (#58676122)
    Plug a Pi-Hole [pi-hole.net] into your network and configure your router to use it as a DNS server. It works as a DNS sinkhole for your entire network, effectively blocking ads before they are downloaded to the requesting clients. Web pages load faster too because they're not serving up all the crap!
    • by PeeAitchPee ( 712652 ) on Wednesday May 29, 2019 @08:16PM (#58676138)
      Almost forgot that out of the box it blocks all of Microsoft's telemetry shit as a bonus while leaving Windows Update untouched.
    • Re:Time for Pi-Hole (Score:4, Informative)

      by Shikaku ( 1129753 ) on Wednesday May 29, 2019 @08:55PM (#58676286)

      A hosts blocking mechanism isn't going to work when the website and ads use the same origin i.e hosting and domain; this is why an ad blocker has to be run in the browser, so it can remove ads by domain as well as HTML elements, classes and ids (if you don't believe me, the official Youtube app on Android is already immune to this, go ahead and check for yourself). Ad servers can and will eventually do this if it's done in the wild enough.

      • You might be able to do it in a http proxy server too.

      • Yeah. I use my adblocker probably 10% of the time to block the fucking atrocious page-interrupting shit that sites somehow think I want to see. Subscribe screens are the #1 turd, obscuring the screen with a popover trying to get my email address. But I also block cookie notification banners and "OMG you have an adblocker" popovers.

        Look, I came to your site to view the content. If you're preventing me from doing that, fuck you. Just don't host it in the first place.

    • by AmiMoJo ( 196126 )

      PiHole has some serious limitations unfortunately. For example, it can't block YouTube ads. Given the nature of some of them, I very much want them blocked.

  • Goodbye Chrome! (Score:5, Insightful)

    by cruff ( 171569 ) on Wednesday May 29, 2019 @08:27PM (#58676186)
    Don't let the door hit you in the ass on the way out.
  • by atrex ( 4811433 ) on Wednesday May 29, 2019 @08:54PM (#58676282)
    Worst case scenario, ad blocking just becomes a Proxy service or software VPN (like it is on mobile) and all browser requests get routed through it. It cannot be stopped, frankly it's stupid to even try.
    • by letsief ( 1053922 ) on Wednesday May 29, 2019 @09:09PM (#58676342)

      It's not that easy. HTTPS/TLS mean you can't simply modify requests/responses on-the-fly; at least, not without running a man-in-the-middle attack against yourself. We could argue about how bad that really is, since you can try to convince yourself that you trust your MitM software, but I wouldn't trust it to stay current.

      To get around this problem, I think most Android ad blockers basically just do DNS-based blocking. That's fine, although DNS-based blocking is more error-prone. More significantly, though, it relies on DNS being an insecure protocol. If browsers start using their own DNS over HTTPS resolvers, you won't be able to do this sort of thing since (like the MitM proxy case described above), it's largely indistinguishable from an attack from the browser's perspective.

  • Hosts (Score:5, Informative)

    by VeryFluffyBunny ( 5037285 ) on Wednesday May 29, 2019 @08:57PM (#58676300)

    Hosts files still work pretty well: http://winhelp2002.mvps.org/ho... [mvps.org]

    Works in your operating system level so it blocks browsers from ever sending any requests or data to blacklisted URLs & IP addresses. Doesn't matter which browser you use, ads are blocked. Last time I checked, the blacklist was over 15,000 URLs: http://winhelp2002.mvps.org/ho... [mvps.org]

    Still, Google's absolutely reprehensible decision is a good reason to dump Chrome and use Firefox instead. Are Google trying to be like Microsoft from the 1990s-2000s?

  • by letsief ( 1053922 ) on Wednesday May 29, 2019 @09:01PM (#58676310)

    I'm not saying there isn't cause for concern, but the summary is misleading. Google isn't proposing a change that would kill ad blockers. They're removing the API used by current ad blockers, and replacing it with a different API that is less powerful. While that might sound troubling, you have to understand that the current webRequest API is incredibly powerful. While that's great for the "good guys" that want to do cool, useful stuff with it, it's also incredibly powerful for the "bad guys" creating malicious/spyware extensions.

    The changes they described to the declarativeNetRequest API would support ad blockers, particularly as they reduce some limitations they've placed on them- which they're claiming they're going to do once they do some more research on what the right limits they should be.

    What's the difference between the webRequest API and declarativeNetRequest API? Basically, webRequest API sends the URLs you're accessing to an extension to let javascript run whatever rules it wants to on it to decide what it will or won't block. So again, that's quite powerful. The declarativeNetRequest API would basically make the extension provide a formatted list of URLs to block/modify to the browser. In this case, the browser itself is processing the rules handed to it, rather than letting javascript in the extension handle that.

    • by ChoGGi ( 522069 )

      Basically, webRequest API sends the URLs you're accessing to an extension to let javascript run whatever rules it wants to on it to decide what it will or won't block. So again, that's quite powerful.

      So Google is saying they have more trust for some javascript from some random domain than a user installed extension? Unless I'm missing something?

      • No. Sorry, I must have explained that poorly. The ad blocking logic in extensions is implemented in javascript. That gives extension developers incredible control over what rules they create; they're limited by only whatever they can practically do within javascript.

        The new declarativeNetRequest API moves the ad blocking logic into the browser engine itself. Extensions feed it glorified lists of things to block.

        • by Dog-Cow ( 21281 )

          What is the security problem with the current approach? The browser defaults to loading the URL, so the worst the JS can do is ask the browser not to load it. Since when has that been a security risk, rather than a benefit?

        • by wings ( 27310 )

          The new declarativeNetRequest API moves the ad blocking logic into the browser engine itself. Extensions feed it glorified lists of things to block.

          If the ad blocking logic is in the browser what's to prevent the browser from ignoring certain entries in the list supplied by an extension and allowing those ads or scripts run anyway? It seems like this provides an awfully tempting point of control that could be used to ensure suitably sponsored ads and scripts could not be blocked.

          • by AmiMoJo ( 196126 )

            They could do that already with the current API. Just don't pass URLs matching their whitelist to the extension.

        • And an incredible potential for strange bugs with javascript.

    • So it sounds like it's a lot easier for them to make the change to only run ad blockers in Chrome with this new setup. With the old method they would have been dependant on the ad blockers to implement the change but they couldn't stop the call because other plug-ins might be needed (depends on how they implement the call). But with the new method they can get all of the rules from the plug-ins and just not implement the ones from the ad blockers unless it's running in an enterprise setting. No co-operation

      • So it sounds like it's a lot easier for them to make the change to only run ad blockers in Chrome with this new setup. With the old method they would have been dependant on the ad blockers to implement the change but they couldn't stop the call because other plug-ins might be needed (depends on how they implement the call). But with the new method they can get all of the rules from the plug-ins and just not implement the ones from the ad blockers unless it's running in an enterprise setting. No co-operation from the ad blocker makers is required.

        I don't understand your statement here. I think you're assuming the declarativeNetRequest API would only be used by adblockers, so Google could more easily make changes (e.g., greater restrictions) down the line without fear of breaking other extensions. That's simply not true. The declarativeNetRequest API would completely replace the webRequest API as the method to block or modify requested URLs by all extensions that need that functionality.

      • So it sounds like it's a lot easier for them to make the change to only run ad blockers in Chrome with this new setup. With the old method they would have been dependant on the ad blockers to implement the change but they couldn't stop the call because other plug-ins might be needed (depends on how they implement the call). But with the new method they can get all of the rules from the plug-ins and just not implement the ones from the ad blockers unless it's running in an enterprise setting. No co-operation from the ad blocker makers is required.

        Alternatively, it also sounds like you're interpreting the OP as claiming that the new declarativeNetRequest API would only be available to enterprise users. That's not the case. Blocking with the old webRequest API would only be available to enterprise users, but the new declarativeNetRequest API would be available to all.

        • by tepples ( 727027 )

          I've read that declarativeNetRequest can do what ABP does but is not flexible enough to do what UBO does.

      • by AmiMoJo ( 196126 )

        The reason for it is performance. Calling Javascript for every URL loaded does have a performance penalty. Even if it ends up being faster overall due to speed, it still uses energy (i.e. battery life).

        So it does make sense to bring the rule matching into the browser with native code that is going to be faster. The problem is that the in-browser matching isn't as powerful as arbitrary Javascript and they have placed a limit of 30k rules on it. They are now talking about upping the limit, but that still does

    • by Anonymous Coward on Wednesday May 29, 2019 @10:51PM (#58676754)

      it's also incredibly powerful for the "bad guys" creating malicious/spyware extensions.
      Guess what, web extensions are on the OTHER SIDE OF THE SECURITY BOUNDARY. I trust them as much as I trust my web browser.

      declarativeNetRequest API would basically make the extension provide a formatted list of URLs to block/modify to the browser
      Yeah, except that add blockers might need more complex processing - like regex matching. They're limited to match patterns [chrome.com].

      Also, here's another catch..

      "The number of dynamic rules that an an extension can add is bounded by the chrome.declarativeNetRequest.MAX_NUMBER_OF_DYNAMIC_RULES constant."

      And in current documentation [chrome.com] that is only 100. ONE HUNDRED.

      That's right, folks, add blockers are only allowed to load a maximum of one hundred patterns, and they don't even have the full power of regular expressions!

      Also, when google started talking about this, their excuse was "performance". Not security of extensions. (If security was the issue, then there could be a simple API where a callback is executed that can only return block or not. But, no, limited to a set number of patterns. ) (Of course, the performance figures talked about were in the order of milliseconds, Except I live in NZ, where it takes light 49 milliseconds to get to the USA, I really do not care about an extra millisecond ..)

      "The declarativeNetRequest API provides better privacy to users because extensions can't actually read the network requests made on the user's behalf."
      Oh crying out loud - the point is, I trust these extensions more than I trust the base Chrome engine.

      Sigh, are you a google shill?

      • Comment removed based on user account deletion
      • Re: (Score:2, Insightful)

        by Anonymous Coward

        Sigh, are you a google shill?

        Damn dude, chill.

        He wasn't justifying or even agreeing with the shit Google is pulling.
        He was just explaining the details of the shit Google is pulling.

        Your own post expanded that explanation with additional details of the shit Google is pulling.
        Do you now think you are a google shill yourself?

        Slashdot is supposed to be a technical site for nerds, not the fucking political echo chamber of vegetables it has become.
        Sharing technical details like this IS A GOOD THING. There is no reason to behave like knowing

      • And in current documentation [chrome.com] that is only 100. ONE HUNDRED.

        It's right now at 5,000 according to the link you gave. Also your other link is broken fwiw

    • At this point, how can anyone assume that Google is honest and has good intentions? The Google of "Don't Do Evil" is dead as a doornail. Their new motto is "": i.e. nothing. Nothing is what they believe in.

      Remember this is the company that is still helping the Chinese government censor the internet. There is no line they will not cross.

    • IIRC correctly the problem the extension makers had with this was there was a maximum limit of the number of urls you could ask Chrome to block via the new API. This effectively destroyed the extension's ability to block ads given their existing lists already blew way past this limit.

      Another minor thing but you're also handing control of the control format (wildcards etc) over to Chrome, so all blockers will be forced to use the Chrome format and could no longer extend it in any way for their users.
  • I must be too old school, I'm still using Privoxy.
  • Time to switch to another webkit browser that is cross platform and has modern adblocking. I never thought I would say this

  • It was interesting while it lasted.
  • Well, it's a fantastic move for all the other browsers that is...
  • by account_deleted ( 4530225 ) on Thursday May 30, 2019 @04:47AM (#58677904)
    Comment removed based on user account deletion
  • Never left Firefox on the desktop, and recently switched back on my phone and tablet.
  • We deploy the enterprise version at my company. I did not know there was a paid version. Not that we would pay for it. I'm thinking about pulling Chrome entirely and moving everyone to the chromium based Edge once it's out of testing.

"I got everybody to pay up front...then I blew up their planet." "Now why didn't I think of that?" -- Post Bros. Comics

Working...