There is a lot of confusion around this issue. Some people are taking this to mean that Safari has completely banned ad blockers, which isn't the case. Instead they've switched to a model that matches what they've been doing on iOS which is content blocking[1]. Content blockers give Safari a list of triggers and actions to take when something matches a trigger.
For example; you can have a trigger which contains a regex that matches all images and stylesheets for a given domain. The action can be one of several options, one of which is to block that item.
One advantage this technique provides over ad blocking is that there's no data to be phoned back home. It is, in essence, a mask that is applied to a web page before rendering. Also, it's very lightweight. It's literally just a JSON document which means Safari can perform better.
Now, I'll admit it's not foolproof. Apple and the content blockers have some work to do on it. I'm noticing some issues with it myself after having upgraded to Safari 13. But from a privacy perspective, I personally much prefer this technique.
> One advantage this technique provides over ad blocking is that there's no data to be phoned back home. […] But from a privacy perspective, I personally much prefer this technique.
Are you suggesting uBO is sending data “back home”? It doesn't, and this comment is borderline FUD.
If only everyone used uBlock instead of the countless other scammy adblockers with millions of active users, which do not take privacy nearly as seriously. OP also never mentioned uBlock specifically, so I wouldn't be so quick to call it FUD.
Whether or not this is a sufficient solution is one thing, but there are some legitimate problems with the current state of adblocking. Being able to provide a similar solution in a far more limited fashion would be a good thing for users.
Nah, uBO is fantastic. The problem is nearly all other purported adblockers. Some of them are ok/mediocre; most (like most browser extensions) are just outright crap or malware.
The moral dilemma here seems to be that Google is unwilling to privilege a good-citizen adblocker like uBO over other extensions; they're an ad company and any explicit step towards promoting an adblocker probably is hard to explain at shareholder meetings, even if the engineers want to.
They never suggested anything of the sort. That being said, for every uBO that doesn't send that data back home, there are 1000s of "ad-blockers" that do exactly that.
Browser extensions are executable JS. That is a huge vector for security and privacy issues (you should be extremely selective about which browser extensions you install). This new method is basically a list of regexs that Safari itself runs against the contents of the page. No 3rd party code is executed, so it's not possible for an extension to, for instance, report back on your browsing habits or steal your login credentials.
What "other extension API" is Apple still allowing, making this a poor justification? You might be thinking of Google, which is allowing other gigantic gaping hole APIs while nerfing their content blocking, but Apple is being pretty consistent and doesn't also derive most of their income from advertising.
You are correct, however until Apple relaxes the rule that “[a]pps that browse the web must use the iOS WebKit framework and WebKit Javascript”, they should be held to a higher standard.
Hang on a second, since when are we this paranoid about installing software? I'm capable of deciding whether I trust a browser extension with the privileges I'm giving it, just the same as I'm capable of trusting any of the daemons running as root which could just as easily steal my personal data.
Sure, if all else were equal I guess I would trust Apple slightly more than an open-source extension developer, but all else is not equal - Apple is taking away the flexibility of arbitrary code and dictating that if you want to block ads in the browser then you have to use their regex-based declarative adblock API. I'm surprised to see such a warm reception on HN to a classic Apple "we're taking this away for your own good" kind of move that has historically not been very popular with enthusiasts.
This is a really long-standing battle between user accessibility and user freedom. Any time a software system or platform or OS allows for people to do whatever they want without restriction, you end up with thousands of compromised systems out there. The alternative, in the past, has been to lock everything down unless users go into some kind of "Advanced" mode or "Developer" mode but then users just get tricked into turning that mode on anyways or more advanced users hand wave those restrictions away for less savvy users without explaining any of the implications.
This is the same pattern that happened with IE where users would install all kinds of toolbars accidentally and then get tons of data stolen or when the first iPhone was jailbroken and everyone wanted all the cool jailbreak features. People would jailbreak the phones of their parents, siblings, relatives, friends, etc. without really every explaining what was happening and what the potential pitfalls of that are.
Now, unfortunately, we're at the same impasse with browser extensions. They're super convenient for most people and are widely used but there's another vector of attack for people that aren't as savvy and don't understand the consequences. Especially when it comes to browsing history, payment data, and passwords, it's so easy to compromise a system now when you can hide it in something like a browser extensions.
The real answer is to do a better job educating people about what everything is but no one wants to do that. More skilled users just want to bitch about what gets taken away from them personally without acknowledging the giant elephant that is ignorance. There is so much advanced technology out there now that people don't even understand the consequences of the most mundane actions.
In my opinion, Apple's trying to do something about that even if it comes at the expense of a few power users losing some conveniences. If their past history is any indicator, they will bring back or improve up on this functionality so that power users get it back somehow but, in the meantime, the bigger and more pressing issue is what takes precedence.
There might be technical reasons why browser extensions are particularly problematic and it might make sense to phase them out in their current form, so, to be clear, that's not what I'm getting hung up on. But there seems to be a broader acceptance of Apple's vision for a nice walled garden where users are safe from everything, especially themselves, and criticisms of this are just "bitching" from people who need to see the bigger picture. I'm sorry but I don't accept that.
Mobile is the primary user environment for a whole generation of kids and millions of people coming online in developing countries around the world. What we're bequeathing them is worse than anything in early-2000s Slashdot's worst paranoid nightmares. Billions of iPhones only load OS images signed by Apple and jailbreaks are aggressively patched as urgent security issues, guaranteeing vendor lock-in. Third-party code is too dangerous so users have to get it from a vendor-controlled app store and sideloading is forbidden for security reasons. You can't have browser extensions because they can see too much, so now you have to hope that Apple implements an API for whatever you were trying to do. There's a weird double standard where the tech literati are fine with things on mobile that they would never accept on their desktop. I guess it's because we have the luxury of putting our phones away and retreating to our "real computers" to scratch our tinkering itch. Not everyone has that privilege, or inclination. If the freedom to tinker means anything to you then mobile shouldn't be an exception.
I don't think the walled garden is even necessarily good for the ill-informed or careless users we're trying to protect. Checking out the "Advanced" mode is how users learn. While it may be dangerous for a casual user to be able to run a command or make a tweak they found recommended on some website, it also can be incredibly helpful - software doesn't always work correctly or the way that you want it to, and there's not always a nice button that does exactly what you need. And there's a real danger of the browser and the other public API surfaces calcifying to only permit what Apple thinks about ahead of time, smothering innovation that could have genuinely benefited users. Imagine if computers followed this philosophy from the beginning. I doubt users would enjoy an app store where user input (text only, of course) is sent securely into the app's stdin and output is text fed securely from the app's stdout to the screen, with no interference permitted by potentially insecure code attempting to provide things like scrollback because it could see all of the user's activity.
So yes, protecting users from the worst malware can be a thing but it's not as obvious as you make it sound that this should necessarily entail removing agency from the user. By aiming for the lowest common denominator user, Apple is depriving everyone else of real advantages. And, I would argue, producing a sterile and stilted experience that's best for no-one.
Indeed, only Safari will have the right to report back on your browsing habits under the name of telemetry or steal login credentials or whatever fear you can imagine.
I don't really care, I don't use Apple products and I still have Firefox, which will happily let me shoot myself in the foot on this (for now). You know what else is a "huge vector for security and privacy issues"? Every program I install through my package manager, or other source. The solution isn't to cripple the OS so that only my distribution vendor can run certain kinds of software and no one else.
Browser extensions are becoming a notable security vulnerability, with many high profile extensions falling into the hands of (or being sold to!) bad actors. The arbitrary code execution method of ad blocking (e.g. uBlock) is very flexible but it means that without ongoing comprehensive code review using one puts you at risk if the extension ever changes hands or has a backdoor added.
Apple's method avoids this issue by never letting the extension see the page contents, it only provides match lists of what to block that the browser then enforces. Even if the extension became malicious it has no access to private data on the webpages it is ad blocking on.
What I think they're saying is that with Adblockers, they can phone home which ads they block, URLs they see, etc.
Content blockers impose rules at the outset and the rule generator won't see what the URLs/content actually is.
The way I would think of it would be like "let me see what you're seeing and I'll let you know what to let through" vs "here are a list of things you shouldn't let through but I don't need to know about what the hit rate actually is".
Although I could be misunderstanding the implementation.
While true with some, I believe uBO is a list implemented client-side, right? Other ad-blockers can and do phone home and let through ads that have paid, but uBO just has the EasyList filter installed locally and blocks those URLs. That was my impression at least, I never personally went through the source code.
I trust uBO and roughly zero others. In fact, uBO has to remind people at every opportunity to avoid certain others. It is all the others, now and in the future, that are prompting Apple to do this, and the one well-behaved extension is unfortunately suffering as a result.
I mourn the loss of uBO, but I'll take that tradeoff knowing that I can relax knowing that my family and friends aren't going to end up using some intrusive nightmare of an "ad-blocker" with Safari.
This is exactly it. Even if a malicious extension gets through, they have access to nothing on the user side. It's not a fair trade off but, in my opinion, it is a worthwhile one.
> That was my impression at least, I never personally went through the source code.
That's the rub though. There's nothing but trust preventing them from including some spyware in the next automatic update. Actually not even trust, whoever has account access to publish for uBlock could have their account hacked and someone malicious could inject spyware into a version of the extension.
Trust is everywhere in computer security. You trust Google to not deliver a backdoored version of Chrome to your machine when you download a binary instead of building from source. You trust them to not break the law and leak your personal data to third parties or discriminate against you based on the content of your emails.
This isn't as much about what existing extensions do today but all about what potential extension could be doing tomorrow.
If an extension doesn't get full access to all the pages you are reading, it can't do bad things with that access when the extension's owner inevitably changes (see the fight between uBlock and uBlock Origin for example) and spyware features are added.
Even if it is, it doesn’t matter. The problem Apple faces is how to prevent the other bad actors from abusing their API. The answer they’ve settled on is remove those capabilities from the API. Another answer would be to leave the capabilities but somehow only grant access to them to “trusted” parties.
I’m sure that would have gone over really well, too. /s
In the later scenarios, what assurance does the Ablocker have that their requests are respected? I could easily see a scenario where an Adblocker says "Hey Chrome block all requests to ads.google.com" and Chrome saying "Sure thing buddy" then completely ignoring that request.
There's really nothing at all preventing Chrome from doing that today if they wished... they can manipulate the page before and after the Adblocker sees it.
And then what? Google will say that it's protecting critical functions from breaking and to piss off. Suddenly Google is a monopoly in the ad space because they have the predominant browser and let through only their ads.
they arguably are effectively a monopoly now. Them doing things like this isn't remotely new. They just got caught tracking everyone's smart TV usage. Nothing will happen to them until:
1) the Government decides to intervene.
2) Users give up and start using different services.
I'm pushing for #2, but then I switched off like a decade ago, when I saw the writing on the wall.
Adblocker apps/extensions don't require that assurance. The user requires this assurance, and if the browser ignores the user's wishes, the browser is the application that should be held accountable by users.
How is the user to know if it's the AdBlocker or the Browser though? It's a he-said-she-said kind of situation with the AdBlocker and the Browser potentially pointing the finger at each other.
This setup gives the Browser/Maker plausible deniability when they act badly.
This model is also a big performance win. The content blocker rules are compiled to an [efficient byte code format](https://webkit.org/blog/3476/content-blockers-first-look/) which can be evaluated insanely fast (microseconds not milliseconds), compared to doing IPC and running JavaScript for each resource in a page.
Which is same as banning ad blockers. With the declarative API you can't know what domains this website connects to and you can't prevent it from connecting to bad domains. Moreover, trackers and ads can choose a random domain to completely avoid any blacklists.
The content block lists will get updated frequently just like the ad block lists. And, sure, it’s a cat and mouse game just like it is with the add blockers. But at least this way is more performant and secure.
In the end, as has been said by others, if you don’t like it then use Firefox. That’s what’s great about the browser ecosystem we have right now. There are some really great options in browsers.
It's one cat and millions of mice that multiply rapidly. Ads networks that use random unpredictable domains are intractable by the static blacklist approach. Not only that: ads networks can watch the public blacklist and adjust their domains accordingly. If declarative API was about security, Apple would rather block network access for adblockers.
Agreed about Firefox. My goal here is to call out the hypocrisy of the declarative API. So I want to repeat myself that the declarative API is about giving ads networks an easy way to not get blocked, while using performance and security as false arguments that impress only those who know nothing about performance and security.
You know; I just realized I should clarify some confusion I myself may have introduced here. My original comment suggests the trigger is always matching a domain regex but domain isn't the only trigger. Content blocker authors can make use of one or more of seven different triggers. For example:
`load-type`: An array of strings that can include one of two mutually exclusive values. If not specified, the rule matches all load types. `first-party` is triggered only if the resource has the same scheme, domain, and port as the main page resource. `third-party` is triggered if the resource is not from the same domain as the main page resource.
So our concerns about the cat and mouse game is true, but only for domain triggers.
Actually, I've been using content blockers on iOS and I haven't noticed any ads coming through. That's not to say they won't/don't ever but my browsing experience is noticeably smooth on that platform.
As a happy Firefox and uBlock Origin user I wonder what is so fundamentally different about uBlock Origin that its filter list can't be converted/translated to the JSON format Safari's content blocking API expects.
OK any argument in favor of this technique shatters in front of the fact that in practice, Ad blocking on iOS is useless, and requires more resources, since some older devices still cant use it.
Apple themselves recommended Ghostery Lite. I feel like that one had some trouble in the past but I can't recall why. Regardless, I installed it and Magic Lasso to see how they do. I used to use Wipr with some success but it appears to be no longer free. Still, if Ghostery Lite and Magic Lasso don't work out, I'll pony up for Wipr.
When Apple says "We're designing this API in a way that allows you to block ads without having full visibility to monitor everything that any user does every web page they visit" it's totally believable because it's in line with the last 10+ years of their product direction.
Yeah, it makes ad blockers less powerful. It also makes them less of an enormous security risk in that all of your web traffic is redirected through them, and a compromised extension could do whatever it wanted with that.
People are more skeptical of Google's motives because nearly all of their money comes from selling ads and for all we know they're more concerned about their very very very large piles of cash than they are about browser extension security. That's not a motivation that Apple would have for their Content Blocker limitations.
Adblockers don't redirect all traffic though them. If you think about it for a moment you will see how absurd that idea is. This would incur one of the most massive bandwidth bills on the internet for negligible financial gain.
Current ublock origin.
Your adblocker frequently updates lists of patterns to block via any of many user configurable lists.
When you load a site ON YOUR COMPUTER it consults all those lists including custom ones you create yourself for annoying elements on particular sites before loading content. It NEVER sends said content to the adblocker or leaks your information.
Ublock origin provides both the adblocking engine and the lists and can innovate on the former and iterate on the latter as fast as you please.
New chrome restrictions.
Google provides an adblocking engine substantially inferior to ublock. Extensions are able to provide only a list much smaller than current lists and can only update that list when the extension itself is updated. They cannot innovate on the adblocking engine as they are stuck with the crummy one an ad company provides. This basically ensures that ad providers win the arms race with adblockers.
Safari
Shares the same inherent flaw with chrome that Apple will be providing the adblocking engine with the possible benefit that apple isn't directly making money off ads and has less incentive to directly break adblocking.
I don't mean that it sends the actual web traffic through some uBlock server, I mean that the uBlock browser extension sees all of the requests to load a webpage and decides what to do. It can decide to block them or not. It could also decide to scoop up all of your personal information and do bad things with it.
If someone were able to compromise the developer account and get a malicious version distributed through the Chrome browser gallery, that would be a huge problem. The kind of thing that has been making headlines with compromised npm modules recently.
Google has reviews in place to prevent malicious extensions from being distributed, but they can't be perfect. We've seen that repeatedly with both Chrome extensions and Android apps.
Every extension with permissions set for "This can read and change site data on all sites" has a huge target on it, and the fewer things using that level of access the better. Ad blocking extensions are an obvious place to look for improvement because they're so popular.
I hope that Google can put a blocking system together that will be able to perform as well as existing solutions without adding any huge security risks, but I also agree that it's problematic that their incentives are to do the exact opposite.
The latest version of Chrome allows for "read on a write site data" on a per-site basis. Not so useful for ad-blocking extensions, but a boon to any extensions I don't really want to give full access to.
Nah. If they feel inclined to do something more powerful than the Content Blocker API then they should build the ad blocker themselves into Safari. It can be off by default and configurable by users.
It'd make the Content Blocker API kind of pointless but that'd be safer than letting third parties in.
Thank you for clearly elucidating the difference between what we had and what we're going to have moving forward.
I'm so tired of this trend where folk keep pitching significant reductions of technical capability as some kind of "win" for the consumers and developers of a platform.
This is about exploiting platform owner privilege, no more and no less.
As you say it makes ad blockers less powerful. Ad companies are scummy, and will most definitely exploit this, making it either painful or impossible to block their ads using the API. And then the API will be playing catch-up forever.
And trusting a company based almost exclusively on ad revenue to build an ad blocking API is just bonkers. No, the only way to effectively block ads for the foreseeable future is to give ad blockers all the information. Unfortunately.
> Yeah, it makes ad blockers less powerful. It also makes them less of an enormous security risk in that all of your web traffic is redirected through them, and a compromised extension could do whatever it wanted with that.
This presumes I trust Apple significantly more than authors of any conceivable blocking plugin — by large enough margin that it would be worthwhile to lose functionality over it. That isn't really the case — I only trust Apple marginally more and, if anything, making such decisions on my behalf erodes that trust.
"Trust" isn't something binary. I trust them to do something and not something else; they may just be the ones I distrust the least as well. And assuming I _distrust_ someone just because I trusted someone is obnoxious.
No, it's not. Chrome says its for privacy but still allows plugins to snoop on all network traffic (just not midy the requests). So it doesn't improve privacy.
That's why everybody is hating on google - it's a reduction in functionality without an increase of privacy even though that's "why" they did it.
My understanding is that Manifest v3 pushes ad blockers from chrome.webRequest to chrome.declarativeNetRequest, and they do not have the ability to see what requests are made with declarativeNetRequest. They can define rules to block or modify requests, and the browser executes them without letting the extension see any specific requests. Is that not correct?
The complaints from blocker developers have been that Google isn't allowing enough rules (Google has agreed to increase that), and that their existing blocking lists are defined in a way that needs more logic than declarativeNetRequest's matching system.
The point I was making is that chrome.webRequest is still around (as I understand it - if I'm wrong, please correct, because that's my whole point!), it's just for observation only now. Plugins can still request that permission... which means plugins can capture just as much data as before this change.
That doesn't seem like a good trade off, given the two complaints you listed.
Yes, but those plugins will now require more expansive permissions requests when enabling them, correct? It used to be that when you installed an ad blocker, you'd have to agree to allow the plugin to "view and modify all content from all pages" (can't remember the exact wording), now, you don't.
> Yes, but those plugins will now require more expansive permissions requests when enabling them, correct?
If history has taught us anything it's that forcing users to agree to allow access in order to get what they want doesn't stop them from doing it. Especially when programs apps and extensions are required to ask for broad access to accomplish even the smallest tasks that the warnings become meaningless noise. If I want ads blocked and I trust a company enough to install their blocker I'm not going to uninstall it just because it needs access to the content I want it to check over for the presence of ads. No matter how many warnings I get or how scary they sound I still want ads blocked.
webRequest is still around for now, but Manifest v2 as a whole will be deprecated sooner or later and I think webRequest goes away with it. I don't know if Google has specified dates for this, but for historical context here's the timeline from Manifest v1:
Deprecated in March 2012, stopped accepting updates to Manifest v1 extensions in March 2013, and existing extensions stopped working in January 2014.
EDIT: Google's blog post talks a lot about removing the "blocking version of webRequest", so perhaps the monitoring one still exists? But their goal would be to make these into separate permissions - the very popular blocking extensions can work blindly, while monitoring extensions can still function? It's not very explicit about it, but that's how I'm reading it https://blog.chromium.org/2018/10/trustworthy-chrome-extensi...
Not "everybody" hates Google for it. People who don't understand the security implications inherent in allowing browser extensions that have nearly-unrestricted access to the user's behavior -- even if well-intended -- may hate the Chrome team for it.
But there are those of us who understand why the Chrome team made the decision it did, and are sympathetic. And we're happy that the Chrome team and Apple are of the same mind about this.
> People who don't understand the security implications inherent in allowing browser extensions that have nearly-unrestricted access to the user's behavior -- even if well-intended -- may hate the Chrome team for it.
> But there are those of us who understand why the Chrome team made the decision it did, and are sympathetic. And we're happy that the Chrome team and Apple are of the same mind about this.
Hey, you probably didn't mean it this way, but your comment kinda sounds like you're saying everyone who opposes Google's decision is a simpleton who doesn't understand the security implications of browser extensions. That's not true, and more importantly, not especially charitable.
> People who don't understand the security implications inherent in allowing browser extensions that have nearly-unrestricted access to the user's behavior
You can say the exact same thing about any code we run on our devices. We accept that risk or we wouldn't run any software at all. Google isn't worried about our privacy. They take our privacy. They are worried about their profits because that's all any corporation cares about.
We definitely do not represent the vast majority of users.
Many have no idea these risks even exist, or mostly wrong notions about them.
Pretty sure my parents and grand parents don't even want to know their (probably randomly picked) ad blocker could pick up their credit card number every time they type it in their browser.
How could we hold it against them? Computers to them merely are (sometimes cumbersome and annoying) tools.
If your parents are consistently using ad-blockers they're doing better than most of my family. My mother wouldn't know what a browser extension was let alone how to begin installing one. The totally computer illiterate are at least protected in that sense.
The question is, whom do you trust, and who bears the greatest consequence of failure? I'll bet my money on Apple over some third-party extension vendor to protect my privacy.
Besides, in the end, it's all about minimization of threats. The existence of one threat is better than the existence of two. Don't let perfection be the enemy of the "good enough."
> The question is, whom do you trust, and who bears the greatest consequence of failure?
I'm going to trust uBlock Origin because it is free open source software and I can see everything they are doing with my data. Apple on the other hand forbids reverse engineering safari (trying to understand what it does and how it works).
Once you're a part of the apple eco-system apple could theoretically (and to be clear we're talking about purely theoretical privacy risks in all cases) access your browsing history and also tie that directly to your name, address, credit card/bank account, GPS coordinates, etc.
Putting your privacy in the hands of a company that has so much of your data already is naturally more risky than compartmentalizing. If hackers somehow compromise my browser extension they get access to my browsing history on one device until I notice and correct the problem. If a hacker somehow compromises Apple they could get access to much much more. For all their care and resources Apple is not immune from attacks either. Safari has had a ton of vulnerabilities exposed just this year so far.
It's not uBlock Origin they're concerned about, though - it's all the other random extensions out there that could use the same capabilities for evil instead of good.
Ultimately the freedom to decide what code a person runs on their own hardware has to be left up to the user. The users who install every random extension they see are the same ones who download every app and click on every link in the spam they get. You can't protect users from themselves, but you can empower them to better protect themselves.
Downloading a sketchy browser extension takes deliberate action on the part of the user. Just loading CNN.com can (and has) caused computers to become infected automatically because of ads. Limiting the ability to block ads is not protecting anyone.
> Not "everybody" hates Google for it. People who don't understand the security implications inherent in allowing browser extensions that have nearly-unrestricted access to the user's behavior -- even if well-intended -- may hate the Chrome team for it.
...this is a fantastic argument for disallowing installation of custom browsers. I do hope y'all like IE and/or Safari.
Sounds like Google hasn't communicated these technical changes nor their intentions very clearly at all. Just judging how there's multiple people saying different things in this thread for both.
It's clickbait fodder. Construing the manifest privacy changes as Google is blocking ad blockers is better clickbait than saying Apple safari is doing the same thing.
It's similar to when the internet blew up about Google's project dragonfly, which was cancelled, while Apple quietly did the same thing by sharing iCloud user data with the Chinese government.
Apple blocks not only the content, but the ability to even monitor as well. So there is a little extra with the Apple way.
You'd hope google would follow suit, but given their business model it's understandable if they don't. (Not that I'm a supporter of Google's business model, just that I understand why the ability to monitor is still there.)
Chrome has not proposed any change that would prevent extensions from monitoring all traffic. You are ascribing a good motivation to Google, but Google’s actions are inconsistent with your hypothetical motivation.
Specifically, Google proposes to continue allowing extensions to observe all requests, but extensions can’t block requests based on these observations.
* Rules that prevent a request from getting blocked by negating any matching blocked rules.
* Rules that redirect a network request.
* Rules that remove headers from a network request."
> Google proposes to continue allowing extensions to observe all requests
Their expressed intention is to disallow such behavior in the future:
"The declarativeNetRequest API is an alternative to the webRequest API. At its core, this API allows extensions to tell Chrome what to do with a given request, rather than have Chrome forward the request to the extension. Thus, instead of the above flow where Chrome receives the request, asks the extension, and then eventually gets the result, the flow is that the extension tells Chrome how to handle a request and Chrome can handle it synchronously. This allows us to ensure efficiency since a) we have control over the algorithm determining the result and b) we can prevent or disable inefficient rules. This is also better for user privacy, as the details of the network request are never exposed to the extension."
Quoting from the same page, one paragraph up from your big quote:
> In Manifest V3, this API will be discouraged (and likely limited) in its blocking form. The non-blocking implementation of the webRequest API, which allows extensions to observe network requests, but not modify, redirect, or block them (and thus doesn't prevent Chrome from continuing to process the request) will not be discouraged.
Well, yes. There’s a transition in progress. I would expect the older API to be deprecated or removed in a future version, probably within a couple of years.
AFAIK, Safari supports longer lists than Chrome to the point that you can produce an usable ad-blocker for Safari but not for Chrome because you will hit the limit too quickly.
Safari allows 50k per list, Chrome is planning to move from 30k per extension (!= list) to 150k global max per your links. That's quite a difference. On iOS, some blocks use multiple lists -- AdGuard has six and 1Blocker X has seven, for example.
An ad blocker that would be limited to 30k rules, as originally suggested by the Chromium folks, would be severely neutered. And even with the 150k max, I currently have ~240k rules in uBlock Origin. That's way above Chrome's planned max. But easy enough to implement with Safari's model, even if it requires using at least five lists.
Why are you happy for having to pay for an inferior product? If you believe 1Blocker is superior or extensions shouldn't use the now disallowed API, why didn't you use it before? Or if you don't care about this at all, why are you even commenting about this thing which people express their feelings about? Your apathy doesn't make their arguments invalid.
And you've illustrated another problem with online discussions, particularly since the ubiquity of social media. You assumed that my call to moderation in this debate is because of apathy, and presumed to read my mind. I'm hardly apathetic, or happy about it. 1Blocker doesn't work at all on Youtube, so I'm using Firefox for that now, where I can still use uBlock Origin. I'm disappointed, to be sure, but no amount of whinging, no matter how vociferous, is going to change this, so I'm pragmatic about it.
> You assumed that my call to moderation in this debate is because of
Did you read the same comment I did? They're baffled and they asked you about several different possibilities to figure you out. That's the opposite of assuming. "Your apathy" was conditional, based on the previous question.
> I'm disappointed, to be sure, but no amount of whinging, no matter how vociferous, is going to change this, so I'm pragmatic about it.
Losing money and being disappointed doesn't sound 'great' to me!
It's also good for performance. The blocking can happen immediately in the browser/network process, instead of waiting for the extension code to run in its own process and tell the network service what to do.
In principle yes. But in practice, we are talking about nanoseconds; and I would very much like to see benchmarks/measurements showing anything that can be perceived by users. Also, this blocking cost is still orders of magnitude lower than network latency and blocking requests (even with a slow adblocker) will result in a noticeable performance boost while browsing the web.
This comparison is only apples to apples if exact same content can be filtered. If you lose some filtering due to the added restrictions on blockers, the page may load more resources (in particular, javascript), easily negating any CPU performance benefit.
The situation with Chrome is actually even more misconstrued than that, since ad-blocking performance isn't the only, or even the most important, issue Chromium is dealing with in Manifest v3. Chrome extension security has become one of the biggest time sucks in corpsec/IT security, and that team had been planning for years to address it. But people have a rooting interest in uBO, so none of that gets out.
Google are between a rock and hard place, for sure!
As someone who isn't a corpsec/IT practitioner, though, breaking uBO is literally the most important impact of Chrome's Manifest v3 for me.
I wouldn't mind if Google incorporated uBO as a first-party component in Chromium while applying the restricted policy to all other extensions! Most purported adblockers are crap, if not malware. Pick the best one and restrict the rest.
Unfortunately, I doubt an advertising company is going to incorporate uBO in the browser they provide for free.
I totally buy that breaking uBO isn't Google's goal for Manifest v3! It just happens as a beneficial side effect.
The actual right fix here is for Google to give a blanket exemption to uBO and to nothing else. That's what security people want them to do. Because the underappreciated problem here is that while uBO is fine, ad blockers in general are security tire fires.
Totally agree that's the right engineering fix! I just don't see it happening for dollar and cent reasons:
> The moral dilemma here seems to be that Google is unwilling to privilege a good-citizen adblocker like uBO over other extensions; they're an ad company and any explicit step towards promoting an adblocker probably is hard to explain at shareholder meetings
It might not be the most important issue in the whole Manifest v3, but it's the only issue mentioned for deprecating the particular API that uBO uses to block requests.
Like many things in technology, there are few write ups explaining this, including the pros and cons, in simple terms that most people can understand. So, people are not well informed.
When they are not well informed they will tend to make decisions based on other things, like their business model. We know that Google makes money displaying ads and has generally soaked up information on people to use for their benefit. Apple has been advocating privacy and makes money selling hardware and services.
If there was an "explain it to me like I'm 5" write up on how the changes to Safari and proposed changes to Chrome would work I could imagine it would help people see something other than the business model.
This isn't a double standard. It's people making judgements on something other than the technology.
Chrome was going to allow only a very small list - that's what people were complaining about. The idea of having a built-in way to specify blocks is fine, it's more efficient anyway.
Safari is by far the best browser on Mac IMO, I’m glad Edge is coming but it has its work cut out to beat Safari on performance, energy efficiency and integration.
Exactly. The whole point of this HN post is that people are annoyed and upset about Safari doing this. Ultimately this and Chrome's potential upcoming changes have driven me back to using Firefox almost exclusively.
Mozilla's statement regarding Manifest V3 hints that Mozilla is likely to follow the same path at a later date. They face the same security and privacy issues surrounding plugins that have driven Apple and Google to make the changes they have.
> We have no immediate plans to remove blocking webRequest and are working with add-on developers to gain a better understanding of how they use the APIs in question to help determine how to best support them.
I don't take from that they will apply it in the future, just they don't want to rule anything out.
Well i have no complains about Safari but their Extension system is really costing them users. At this point I uBlock Origin is by far the most reliable AdBlocker you can find and my having the developers explaining that in the future maybe only Firefox will support it it's kinda of sad.
Of course we know that Google has to make money from Ads so its understandable but what about Apple ? They are putting heavy focus in privacy, would it be good if they open their browser to make sure their users will not move to Chrome/Firefox or other browser ?
The day ublock origin doesn't work on chrome is the day users will flock to firefox. We have seen time and time again that users aren't afraid of switching browsers. This is because since their core functionality is so similar, small advantages will tip the scales.
But how many are actually using uBlock Origin? Nearly every person I come across is using AdBlock, AdBlock Plus, or some other adblocker, no matter how many times I recommend they switch to uBlock Origin. Most people are not aware of what Chrome’s changes mean (or of the changes at all) and for those that do use uBlock Origin, my guess is most people will simply switch to a different adblocker rather than switch to a different browser.
I doubt uBlock Origin being removed from Chrome will change the status quo. Maybe in a few years when enough powerusers convince enough casual users. If you just look at software out in the world, it's clear that powerusers have next to zero influence. It's why desktop Linux use, for example, is still just a blip after all of these years.
> my guess is most people will simply switch to a different adblocker rather than switch to a different browser.
the moment they can't find ad blocker that actually works they will stop switching ad blockers and switch browsers.
What's holding back linux isn't the lack of influence power users have, it's that it's still lacking in gaming, hardware compatibility, and ease of use (although those are improving all the time)
This is correct. I remember showing friends Chrome after hearing their complaints about how slow IE was. Some had to get over the hurdle of downloading and installing chrome (whereas IE just came with the laptop) but once they used it they never looked back.
That's just wrong. It's impossible for uBlock Origin to turn itself into a content blocker while retaining its current functionality.
Content blockers in Safari are limited to 50k filters. uBlock Origin's default filters have more than that. Therefore, the choice is between a new, but much less useful extension, or no extension at all. uBlock Origin decided on the latter.
People always downplay the power that technical users have on regular people.
Who do you think the moms and friends all listen to? Their technical friends. This of course won't hit 90% of users but it's enough to have a large influence well beyond just power users.
Few companies survive pissing off the nerds when there is legitimate competition available in consumer products.
B2B enterprise sales is a totally different beast than free consumer software. That type of boardroom decision making is inherently disconnected from the technical capabilities and even integration success rates.
I think if it was that small, Google wouldn’t take an aggressive stance against ad blocking. They would likely retain more users overall by appealing to that small power user minority that converts others.
This was true during an intermediate period where all browsers were more-or-less equivalent. It wasn't true before then, when many sites were designed with Internet Explorer in mind, and tended to work less well on other browsers. I don't think it will be true now, either, now that most sites are designed with Chrome in mind, and tend to work less well on other browsers.
The big difference is that the functionality problems 20 years ago were easier to explain, and therefore easier to get people upset about. It's a lot easier to weave a compelling political story about straight-up incompatibility than it is to weave one about degraded performance due to differing just-in-time compiler optimization behavior.
Also, we seem to be stuck in a situation where people are still so fixated on a monarch that hasn't been in power for over a decade that they maybe haven't been so concerned that the old monarch's overthrower has consolidated power to become a new monarch.
There seems to be this idea that some sites work worse with FF but in all the time Chrome has existed, I've never found any sites that didn't work with FF.
I've never found any that don't work, but Firefox supports fewer "standards", so you can end up with a somewhat degraded experience on some sites. My own company's product, for example, has some janky bits on browsers other than Chrome. The performance is only a little bit behind on most benchmarks, but isn't anywhere near as fast for certain kinds of animation. It can be noticeable on sites that run a lot of animation. Like, say, sites with ads. Possibly only if you're using an older or less powerful computer. Which isn't how we of the orange header bar like to roll, but also isn't a terribly uncommon thing to do out there in the wider world.
(Scare quotes around "standards" because calling Chrome-only things standard nowadays seems a bit like calling AcitveX a standard 20 years ago.)
I use Chrome almost exclusively at work, Firefox on my gaming computer, and Safari on my personal MacBook. Other than extensions on Safari and minor differences in keyboard shortcuts, I don't really notice the differences.
Maybe it's ublock, but I've had plenty of sites that just don't work on firefox. barclaycard, blackboard, and the schools web print system (dts) are my recent examples.
As a chrome-user: this. Firefox lost me years ago due to performance differences, and since chrome works fine for me, there was no ux-related reason to switch back. The day I'll see ads everywhere will be the day I'm back to firefox, and without second thoughts at that. If I really like your service, I'll happily pay for it. I hate ads, the psychological strats behind them are completely unacceptable. I'd happily pay google a subscription-rate, if that's what it takes tbh. Take my money, not my attention.
I think Firefox is faster than Chrome these days. Unfortunately I prefer the web developer tools in Chrome, so I use Chromium as I wasn't a fan of every URL I type going to Google.
Likewise. Unfortunately, some services such as YouTube TV don't work on chromium. Also if you're not on linux, updating is a pain (you must do it manually iirc)
Edge is macOS/Windows only but VSCode is available over there. Worth keeping an eye out because I wouldn't be surprised if Edge lands on desktop Linux[0] someday. I'm not a web developer and a Firefox diehard for almost 20 years now, but the Edge beta has become my fulltime Chrome alternative when I feel I need to try something on a Chromium-based browser.
Is unlimited system resource usage ok for you? If not, you should really re-evaluate your premise of performance differences. Fire up sys mon, activity mon, top, or what have you, open both browsers. Firefox wins on every metric by substantial amounts (memory for example wins by an order of magnitude).
Since I never max out my resources (mbp 2016, 16 gigs, entire workload happens on servers and not on my local machine) that doesn't really affect me - and with 50+ tabs open frequently, just go ahead and take my ram to keep them available, sure. Unused resources are wasted resources - and again, I'm never above 10gigs, maybe 12-13 if I have a local vm running.
Like I said: ux-wise, I'm not impacted negatively by using chrome, at all. If my laptops resources were more limited or my local workload was bigger, I'd probably check out Firefox, but since I'm not bottlenecked, why bother?
That logic works if you're not bounded on RAM, but it's not an inexhaustible resource; personally I'd rather keep it free for VMs or other high cost operations.
>The day ublock origin doesn't work on chrome is the day users will flock to firefox.
>This is because since their core functionality is so similar, small advantages will tip the scales.
It is a a bold assertion, which is not backed up by the data. Despite Mozilla repositioning Firefox recently and reclaiming some lost ground, it is to a larger extent, still only maintaining a steady set of core users. To make an assumption that small advantages will tip the scales in favour of FF is wishful thinking, as demonstrated by some of the conversations. Furthermore, it is inherently not in the best interests of Google to actively promote ad-blocking policy unless it serves it's own purpose, coupled with the acute awareness of why power users and developers pick Chrome ─ they are well positioned to throttle any competition.
I have started moving my friends and family from Chrome to FF. Biggest piece is the privacy angle, but the multi-site containers is also pretty important. It's nice to be able to block facebook API calls from other sites, etc. etc.
You say that (and I agree - I use Firefox everywhere because there's no Chrome plugin support on Android) but I'm genuinely curious to see what happens if/when Chrome stops supporting ublock origin. I suspect - sadly - that there won't be the "flocking to firefox" we might be hoping for. Just enough ads will get blocked with a new, gimped ublock origin, or built-in ad blocking of some flavour, to prevent any meaningful exodus.
Firefox on Android is a usability shitshow compared to Chrome on Android. And I say that as someone who doesn't like Google products.
I think most people who wanted adblocking on Android switched to Brave instead, which is essentially a Chrome fork without the Google stuff and with better tracking protection.
FFAndroid (Fennec?) does strange things. A few examples:
1. You are on this web page in Fennec[1], and you want to do a web search. Click the address bar, type in your query, hit go. Sometimes, Fennec will start the progress bar and act like it is searching, but will draw another tab in the main viewport before resetting the progress bar and changing the url to the SERP you want. If you don't know its going to do that, it looks like Fennec completely ignored your search and loaded another tab.
2. Fennec will sometimes lose its cool and stop rendering pages. The UI layers will respond, you can open hamburger menus, tab listings and thumbnails, but no matter what tab you select, it no longer renders anything but a blank canvas in the viewport. You have to force close Fennec to restore normal behaviors.
3. Fennec will after a long time of being active lose its extensions like noscript et al, you have to force close and re-open to get them to show up in the hamburger menu again.
A good list, but it won't matter for much longer. Fennec is dying, Firefox Preview is coming.
As in, the core browser is available and seems to work fine, but for many people there's not much point in switching until it supports extensions. It won't replace Fennec until it does.
I personally never liked the nav bar and everything at the top. It loads sites much better than Brave and feels more precise for things like dismissing cookie/signup notifications, but navigating the interface always felt tedious. If they just had options for interface layout or nav bar contents it would be great.
I only use Firefox on desktop, but I stopped using it on Android because for a period of time it needed something like one minute to show a web page. Since I don't mobile browse much I just uninstalled it and use Chrome. Privacy is a lost cause on Android anyway. Maybe one day I'll be able to afford an iPhone + the Mac needed to make apps for it.
Exactly, especially for people who don't do web development the difference is hardly there. Actually I recently started to prefer Safari, despite its less smoother Tab UX but this was enough reason to make me switch to Firefox (Nightly). I'm also surprised that it seems to start faster than Safari.
What do you doubt about their claim? Adblockers are an significant privacy vulnerability in the traditional model. Apple has no vested interest in ads. It seems entirely consistent with their privacy focus why they'd do this.
The problem is that websites are also currently a significant privacy vulnerability.
I'd love an adblock system that allowed me to block trackers with a purely declarative API. I do not trust Apple (or Google) when they say that their API will be as effective as current extensions.
Ublock Origin and UMatrix are hands-down the gold standard for blocking right now. I'm very, very cautious about ignoring the advice of the person who made them, and that person is saying that declarative APIs don't offer enough flexibility for the blocking they want to do.
Of course extensions are a privacy risk. But I only need to vet two extensions, and without them I need to vet hundreds of websites. If the current extensions do a better job without a declarative API, then I'd rather risk installing them. You have to look at the risk of extensions in the context of the risks of the broader ad ecosystem on the web.
The same way you vet desktop apps. Install as few of them as possible, because the sandboxing is currently quite bad. Do research on the people who are developing them. Read the source code.
If you're worried about malicious transfers of power, turn off auto-updating in Firefox. If you're worried about being able to audit the actual installed code, use Firefox Developer Edition and audit and compile your own version to run.
In practice, I trust UMatrix and Ublock Origin because I'm familiar with Gorhil's work and comment history around Github and HN. I also extend a similar amount of trust to Decentraleyes for similar reasons. Those are the only big 3 you need to get the biggest impact on your privacy. Arguably, you don't even need Decentraleyes if you only want to trust one person.
Why not just run all desktop apps in sandboxed virtual machines then?
There's a tradeoff between default privacy settings and user simplicity. As a power user you're still free to run whatever complicated scheme/browser you want to.
> Why not just run all desktop apps in sandboxed virtual machines then?
Ideally, we would like sandboxing on the desktop to be at least as good as sandboxing on the web (preferably better). People don't run sandboxed desktop apps right now because the ecosystem currently makes it inconvenient. Wayland and Flatpack are both good steps in the right direction. Apple's making some progress as well there, but it's all pretty early-stage stuff.
Until the sandboxing gets better, you should be cautious about installing unvetted desktop and phone apps. You should also be cautious about installing unvetted browser extensions. But browser extensions are complicated because while keeping a minimal system isn't that hard, you're probably not going to stop visiting unvetted websites, even if you know it's dangerous. It's a much higher priority for experienced users to make the browser sandbox good than it is to make the extension sandbox good.
People take a long-term view on this, and while I agree with them in theory, I don't think it's always particularly helpful to think about what technology will look like. With browsers, it's not a question of whether or not theoretically it would be good in the future to make extensions entirely declarative. Of course it would be good. It's a question of, 'is it possible to do that right now?' At the moment, Safari's declarative API is significantly less powerful than the blocking API that Firefox has. In the future, that could definitely change, but people have to use computers today.
So for the moment, the browser advice I give to non-power users is to install UBlock Origin and Decentraleyes on Firefox and nothing else. I think that's a safer, more private environment than anything they'll be able to set up on Safari. I advise power users to add uMatrix to that list, and for people who are really paranoid, I advise them to run Firefox Developer edition, which will let them compile extensions from source.
If you're just handing someone a computer and you don't trust them not to go off and install random extensions, then sure, give them Safari. In that context, it's not confusing why Apple would do this -- they're optimizing for the largest number of users; people they can't trust not to install random extensions. It just means that more experienced/responsible users will be safer using Firefox.
Of course Apple has an interest in ads given their competition with Google, which is an ad company. Harder to make money off of ads is bad for their competitors and in a zero sum view of the world good for Apple.
Because ads and trackers are as great a threat to privacy. All ads are malicious, while only some extensions that misuse powerful extensions are. I'm aware ads are not Apple's business model, yet I'm incredibly skeptical whenever an API that is open and powerful gets shrunk down to 'protect' users.
Apple has gone to great extents to enable ad and tracker blocking, making it a first-class feature in iOS, and pushing the envelope on the blocking of tracking cookies and other technologies. I use AdGuard on my iPhone and it might be the most effective browsing experience I enjoy.
For that matter, on macOS I don't have anything in Safari, and regularly go between Safari, Chrome and Firefox (the latter two with uBlock Origin). Somehow just the native anti-aggravation technology in Safari is more than sufficient to give me a great experience. If it has a list solution like the iOS Safari, then I'll partake of that.
Apple should enable classic-style blocking as an admin override kind of thing, but remarkably their list-based regex approach has been remarkable effective.
Local code execution is also a significant privacy vulnerability. Should Apple take away the ability of their users to install non-app-store programs?
Some security vulnerabilities are acceptable in some situations in exchange for user freedom and/or other benefits, such as blocking ads, which are essentially malware for your brain.
>I must admit the the terminology isn't very clear. A Safari "content-blocker" app sends a list to Safari, and Safari blocks it. A regular blocker (like uBO) blocks content itself. Safari content blockers aren't all bad, they are more secure in that they can't possibly collect your browsing history (not that uBO does), but lack the level of customisation and power that a regular blocker like uBO can provide.
It's nice that random extensions can't peek at your browsing history, but on the other hand, you have to trust that Apple won't decide to ignore any block rules. What if one day they make a deal with Disney and now all Disney ads are on the permanent do-not-block list?
" they are more secure in that they can't possibly collect your browsing history (not that uBO does), but lack the level of customisation and power that a regular blocker like uBO can provide."
There is no spin. Apple is pretty open about restricting freedom to increase security.
Many people don’t have time or inclination to check which extension is doing what. Proof is the fact that ublock and adblock are bad, but ublock origin is good.
Whose non-techy friends and family are going to spend time to figure that one out? In that case, the macOS and iOS content blocking system is better for those users.
> If the extension can't inspect the traffic it can't meaningfully filter content.
I’m sorry, but does uBlock Origin detects & filter ads based on contents?
I thought they maintained a database of URLs that serve ads & page elements... and Safari content blockers also have the same capability to block content based on URLs (hence can block YouTube ads).
BTW, PiHole blocks ads based on hostname... and is more incapable than Safari content blockers.
uBlock Origin can be configured to do much more than a simple list based filter (like EasyList, etc). [1] It's not quite the same as detecting, but it's incredibly configurable, and that functionality can't be used when list based filtering is all that's allowed.
And I'm aware PiHole is just DNS filtering, but an extra layer of blocking is useful.
Why would Apple care if Mac users used a none Safari browser? Apple doesn’t lose a penny from users switching browsers. As far as iOS, no matter which “browser” you use, you’re still using WebKit.
>Why would Apple care if Mac users used a [non-]Safari browser?
Apple doesn't care individually what users use. However, Apple (and everyone else for that matter) does have reason to be concerned about Google's Chrome completely dominating the web in the way IE once did. iOS is certainly their biggest bulwark, but that doesn't mean they'd be delighted if Mac users felt required to use Chrome. Further, they also have made being able to avoid the anti-privacy ad-driven ecosystem to some extent an important differentiating factor. Even with Firefox existing, having a purely Mac focused and maximally optimized browser (FF is only barely catching up this/next version on basic power efficiency for example) that has strong privacy protections with no conflicts of interest is a sales point.
That doesn't mean it's a total core focus of course, but neither is there no pressure at all.
If every single Mac user used Chrome, it wouldn’t matter. The market cares about Safari compatibility because of iOS.
Just like most printer manufacturers don’t focus on AirPrint compatibility because of the Mac. That’s just a byproduct of iOS compatibility - which they do care about.
It's quite important that developers actually test their desktop layout and functionality (hover states, etc which don't work on a touch screen) with Safari's engine.
We don't want websites to be written for compatibility with a single browser engine. That means developers are writing to Chrome's quirks, not to actual web standards. Over the long term, that gives Google complete control over how the web is run.
There are currently between 3 and 2.5 browser engines that matter, depending on how you count webkit vs blink. I'd really rather that not fall down to only 2 on desktop.
I’m not saying what we want I’m saying that whether we want it or not, it doesn’t matter whether Safari’s desktop market share drops from the current 3.6% (https://netmarketshare.com/browser-market-share.aspx?options...) to 1.8%, it won’t change the calculus on whether web designers care about desktop safari when they can just tell people who are complaining - use Chrome.
It makes a big difference for me, at my job. 3.6% is enough users that I can justify spending (some) time to test and fix bugs. As that number approaches 1%, however, it gets much harder.
and the total usage of safari across all device types allows for a certain percentage of users in the wild which acts as the size of the lever apple wields for changes they want (or don't) in the specs.
Last time they posted numbers, they were selling around 200 million iPhones a year, 45 million iPads and maybe 20 million Macs. The Mac market share is insignificant even to Apple in the grand scheme of things.
Any web standard is useless without Apple being on board. Developers either won’t implement it or create an app for iOS to use a feature they need.
Even with your numbers, 1/10th the sales for a more expensive product isn't insignificant. It's especially important for their brand value as a tech company.
I thought Apple were way out in front when it came to tracking and whatnot...
My wife uses a MAC at home and was complaining about how slow our internet was (70Mb down... not slow) a while back.
She mainly looks at news sites and when I saw what she was looking at I knew the problem wasn't the internet connection.
The entire page, apart from a tiny bit in the middle, was cluttered with moving shit!
I installed uBlock Origin and... the result was fantastic: pages loaded in a fraction of the time.
When she realised that the articles were a tiny proportion of the downloaded crap she realised she'd been missing out for so long.
Once, when the MAC went back for repair, it was replaced with a new one and OMG the horror when she fired up Safari and it had no blocker... UBlock Origin to the rescue.
I agree with one of the other comments on here: The web is utterly unusable without it.
Apple is trying to thread the needle. They want to allow content blocking, but they do not want to allow content blocking plugins to see and potentially report on what sites you visit.
Personally, I’m totally cool with the trade-off of having less capable ad blocking functionality, if I can be sure my web plugins aren’t a security or privacy risk.
It's a very popular project on GitHub with many developers scrutinizing any changes to the codebase. Fears of uBlock Origin being a "security or privacy risk" based on code in the extension are unfounded.
It's not whether uBlock Origin is a security risk, it's whether the APIs it's using are a security risk, lest they fall into the hands of a less benign actor.
(I also wish they'd kept the APIs open, just stating the other case.)
>Why does everyone else know better than the user what the user should be doing?
See windows and the malware infested ecosystem. People obviously don’t know what they’re doing, and/or don’t have the time vet every little action they do on their computer.
I'm sympathetic to concerns about people who don't know what they're doing, but if I'm a Safari user, I have to value keeping myself safe first. This change makes ordinary users safer, but makes power users less safe.
I understand why Apple is doing it. But I'm still going to advise responsible owners to ditch Safari and pick a browser that will do a better job of blocking trackers.
The problem is that all of the spyware says exactly the same thing. If the API exists, ordinary users are going to be asked to make huge security decisions with no effective way to tell whether the vendor (or the new owner who just bought it) is being honest.
> I'm sympathetic to concerns about people who don't know what they're doing, but if I'm a Safari user, I have to value keeping myself safe first.
This change still means that Firefox will have better adblocking and privacy tools than Safari. It's a tradeoff -- and if I'm a user that's already conservative about granting extensions permissions, I don't see how I get any benefits from this. I only get the downsides in the form of less effective blockers.
Ka-Block actually advertises itself as being less effective than uBO. It's selling point is that it's a simpler extension that blocks fewer ads and trackers, under the assumption that this is good enough and on it'll on average be faster because of the reduced overhead.
> Some ads will get through this filter, and that's ok. We already have extensions that block every ad that's ever appeared on the web with a completionist zeal that must be admired.[0]
If you're blocking ads just to make pages load faster, Ka-Block is probably fine. If your primary goal is to protect your privacy, you shouldn't be using Ka-Block.
For privacy concerns, I would imagine that preventing the methods of tracking is much safer and more effective in the long-run than blocking the trackers themselves. Apple seems to be pushing pretty heavily on that front.
Definitely agreed. But nobody (including Apple) is going to pull that off for a pretty long while.
In the meantime, it's useful to be able to do things like block all third-party AJAX requests and whitelist them on the fly on a per-site basis, or intercept CDN requests for common libraries and redirect them to locally hosted versions.
Extensions like UBlock Origin may be a band-aide, but sometimes band-aides are useful if you're waiting for an open wound to heal. In the same way, when I give people privacy advice, I'm optimizing for things they can do right now.
To be clear, I agree, I just didn't think GP was fairly stating the alternate case.
As an aside, no one is stopping you from binary patching Safari on macOS, provided you don't mind turning off SIP. The nice API just isn't there anymore.
I suspect that from Apple's (and Google's, and to some extent Mozilla's) point of view this is all about the computer doing what its user tells it to do — 'its user,' unfortunately, being Apple, Google or Mozilla. We the people using the computers aren't adults capable of making our own decisions and being responsible for the consequences, but rather livestock farmed either directly (Apple) or indirectly (Google & Mozilla( for money.
Your computer is a desk weight without the (or an) OS and software that runs on it. Each os/or software package down to libraries make trade offs that restrict their usage from general purpose to a specific set of functionality. It is impossible to write a line of functioning code without constraining the concept of "general purposes" as you have implied above -- each line of code does "something" not "Everything" by its very nature.
So long as it’s not sold. It’s happened before - a popular ad blocker is bought up for millions of dollars by an ad agency, and turned into an already installed vehicle for new ads.
I see nothing about “free and open source” which prevents this.
One malicious push/release effectively enables every user on browsers that have not transitioned to the passive list/filter model of blocking to be completely owned.
It is not about intent, it is about the many many extensions out there that use this feature set for good intent, but inherently open the risk of a full on traffic funnel should they be exploited * the number of users for each of them.
I don’t see why Safari can’t block extensions from sending data to remote servers. Seems like a pretty basic thing, so we have more powerful tools and not the privacy risks
They can do that for apps because apps are compiled and submitted. The expressly do not allow for dynamic code execution within apps to keep functionality from changing after their review.
That cannot be "just replicate"d for javascript extensions.
> That cannot be "just replicate"d for javascript extensions.
This is false too. If extensions aren't allowed to communicate with the internet and can't auto-update themselves, then they also can't run arbitrary code without the user's consent.
Apple is doing reviews for extensions, and also tightening up the APIs at the same time. At least on the Mac you've got alternatives if you're willing to make a different trade off. iPhone users and ChromeOS users are stuck.
Count me as another one who really doesn't understand how others can stand the unfiltered "Modern Web", although I use a combination of JS whitelisting, HOSTS file, and a filtering proxy, so I might be on the extreme end.
I've had to help others, whose computers did not have such blocking software (and they might not want to), and had to physically put my hand over parts of pages "cluttered with moving shit" in order that it would not distract me and allow focusing on the content itself. These people are also the ones who tend to miss details in instructions and seem to blindly ignore things like (actually important) notifications and warning messages, which leads me to wonder if their natural state of mind while reading pages is so distracted that they have trouble focusing.
It’s not like Safari is blocking all ad blockers like Google Chrome did... its more of deprecating & removing APIs that can be abused to track users browsing history by disguising itself into a browser extension.
Safari provides an alternative API that allows content blocking, that IMHO is better considering that
* it doesn’t allow leaking browsing history
* it runs in native code (not js like alternative ad blockers) so much fast
In a way, Apple is doing this to protect user privacy.
Can you even begin to imagine how much of the Internet's total bandwidth is used on adware/shovelware/crapware? And crazier still, how much of the world finds most of the web completely unusable as a result?
Imagine trying to browse modern web pages on a dial-up speed connection. Many sites now completely refuse to load until you load their JS, which calls some external JS, which then renders the page. I run almost every web page without JS and Cloudflare is the number 1 reason for not being able to access a page.
I remember a while ago I had to use the internet on my girlfriend’s laptop. I have been using adblockers for a long time and I had no idea how bad the internet really is. All the ads and other stuff are unbearable to me.
Apple isn't ending ad blockers. They're ending the specific API that uBlock Origin uses. For instance, I use 1Blocker on Mac and iOS and it does a great job of blocking ads using the still-supported APIs.
It's interesting that Google and Apple seem to be converging on this issue (ad-blocking extensions) even though they're probably coming from two different directions.
Google probably wants to discourage ad-blocking because it's a threat to their business model. Apple just dislikes not having full control on what the users run (and sometimes for good reasons, they probably want to avoid malware extensions). Still, in the end they both end up with subpar ad blocking facilities as a result.
Firefox really needs to become a worthy competitor once again. And no I don't consider forks of Chromium to be reasonable alternatives in the long term, at least until those teams prove that they can maintain a deep fork of the browser on their own which will be necessary if they need to maintain functionality that Google removes from upstream.
> Firefox really needs to become a worthy competitor once again.
For me it's always been, I've used Firefox without pause since it was called Phoenix. I know there was a small exodus to Chrome when it had better parallelization, but as far as I know Firefox is leading on that front again.
So what do you mean by "worthy"? Higher market share or some missing features? I'm obviously biased as I never left for competition but I don't have any complaints, neither on desktop nor with the Android version.
Same here. Crazy to think that I've been using it for over 15 years and never had a reason to change. I've tried other browsers, but none of them gave me a compelling reason to continue with them.
I think the most probable reason for that has been the complete support for addons that no other browser ever did. For instance, why doesn't Chrome have support for vertical/tree-style tabs without using a separate window? That one feature alone keeps me on firefox. By removing the tab bar at the top of the screen, you regain a significant amount of vertical space on a laptop.
> That one feature alone keeps me on firefox. By removing the tab bar at the top of the screen, you regain a significant amount of vertical space on a laptop.
Last time I tried tree tab, it wasn't possible to remove the tab bar. Has this changed? And if so, would you mind sharing how to do it?
>
So what do you mean by "worthy"? Higher market share or some missing features? I'm obviously biased as I never left for competition but I don't have any complaints, neither on desktop nor with the Android version.
On Windows or Linux, IMO there is no competitive advantage on Chrome vs Firefox; However on macOS, Safari has a very big competitive advantage that Apple has done lots of integrations to macOS; it’s not just something like IE where Microsoft used private APIs to be the default browser; but that macOS users tends to have a big bias on native apps developed with the Cocoa API, with a native looking interface.
Both Chrome & Firefox is a cross platform browser that really doesn’t really care whether the macOS version is integrated well, hence having a very outstanding look compared to other apps.
Honestly, the thing that makes me go back to Safari every time is the interface. And this is coming from someone who used to speak about Firefox in open-source events like Latinoware.
While Safari feels like home, Firefox looks horrible — seriously, what is up with that border-top-color on each tab? And the black border around white icons on the light theme?
Yes, you can fix anything using userChrome.css — heck, you can make it look exactly like Safari —, but each update breaks some pieces of your CSS file, which after a while becomes quite annoying.
If it's on top, it's the currently active tab. I'm not sure on the black border around white icons, I don't use the light theme.
Tab groups are the colored borders, very handy if you use containers. That's one of the killer features to FF, if I'm in a Google, Facebook or Amazon domain I'm isolated. Then when I click an exit link or anything not categorized, I'm in the default container. It's stress-free browsing for me as I got tired of seeing online entities pick up things about my life that it shouldn't have had access to.
I also like Safari (and Edge). I've been using FF since it was in beta (Phoenix) and never left, FF is the only browser popular with the features I think balance out the energy efficiency improvements of native browsers.
>So what do you mean by "worthy"? Higher market share or some missing features?
The former, I also use Firefox as my main browser (and have been doing so for a long time). I worry that it may not survive in the long run if its market share remains so low.
That being said the latter might also be true for Mac users as apparently it suffers from performance issues (it's even mentioned in the Github issue linked). Fortunately it seems that it's going to be fixed in the not-so-far future.
I was one of those users that switched to Chrome for a while (5-6 years, probably). I've now switched back to Firefox. My only frustration is that some sites don't work as well (or, occasionally, at all) on Firefox as they do on Chrome. Not surprisingly, Google's own sites are often the worse culprits.
I've used alternative sites when necessary, though. Bing Maps is actually fairly decent.
While not as full featured and it still forces you to GMaps or Bing for directions, DDG uses Apple Maps. I like this for a quick lookup and then full on GMaps for directions if necessary.
I think Apple may still be acting with privacy in mind, as opposed to being controlling. Extensions do pose a risk to users when they become popular enough, and there have been examples in Chrome where an ad company buys an extension and embeds tracking into it, or otherwise encourages the author to embed ads.
It doesn't invalidate the other motivation for wanting extensions to be published in the app store, of course, but I think the privacy use-case is sound.
You don't think Firefox is a worthy competitor at the moment? I've used it quite happily in the last few years, but would be interested in what you think its shortcomings are. I know there is supposed to be a power drain issue, but I haven't noticed that personally. Apart from that, I'm not aware of any major issues.
There's an 8 year old issue in Bugzilla for this.[1] The Firefox team has finally put some resources into fixing it, but progress has been slow. I'm not holding out much hope -- Chrome has had this feature for a long time and it's never worked quite as well as Safari's.
A Firefox multi-touch zoom extension also exists[2], but it's not smooth enough to be useful to me (admittedly, this is on my old and slow 12" Macbook).
Firefox preexists Chrome by like, six years (2002, 2008).
Firefox stems from Mozilla (1998) stems from Netscape Navigator (1994, originally).
Chrome stems from Blink stems from Webkit (Apple's thing, 2001ish) stems from KHTML (KDE, 1998).
Amusingly, all the historical parts of the Chrome stack are basically still around. You can install recent versions of Safari and use Webkit, or install recent versions of Konqueror and browse the web with KHTML (although development has lagged since 2016).
I like using Safari and uBlock Origin. I notice that I am not a power user of browsers - give tabs, a forward and backward button and any adblocker and I used to be happy. This mean that I could easily use Safari and Firefox - I prefer not to use Chrome derivatives to do my part in preventing developers from forgetting about other browsers.
However, I have recently become a power user of uBlock Origin specifically to curtail the general attention hacking on the web. uBlock Origin is already a very great ad blocker in its default installation, but I've recently got into using its powerful cosmetic filters to block out "attention hacking features", such as (all of) YouTube's recommendations, comments on various sites, and stuff like the "Hot Network Questions" on StackOverflow. Things I've discovered that are too good at distracting my mind. With a few uBlock Origin cosmetic filter rules, those website elements remain hidden when I visit them.
I wonder if it's possible to continue using Safari with my own distraction filters. It's a shame if I have to stop using it.
I really like the idea of using uBlock Origin to block distractions. I've used it quite a bit to block minor annoying website features like sticky menus or marketing popups. I might start using it more extensively to block actual content.
Have you tried the content blockers? They work fine for me on Safari (kablock or wipr) and mobile Safari (adblock plus and kiyoshi, the latter against custom fonts) and I’m highly allergic to the usual adserver ads.
The balance for me is Privacy Badger. As well as first party ads, I whitelist DoubleClick and Facebook (but don't allow them to set tracking cookies). I don't mind ads and want a sustainable internet, but on my terms. Performance seems to be much better now.
I use 1Blocker, I don't see any ads, and I appreciate the improvement in battery life compared to Chrome. Maybe uBO is better by some metric, but for me 1Blocker is certainly good enough.
Sadly, despite the downvoting and "I am! And so is my wife!" replies, you're essentially statistically correct. The number of "firefox for android" users (and I'm one of them) is just a yawn and an ironic smile between Google execs in any "shall we allow plugins on Chrome for Android to compete with Firefox" discussion if indeed it ever even gets mentioned.
I use a blocker too, but the problem is if everyone starts blocking ads then the current free internet cannot be sustained as it is today. We'll have to move to a paid model, which won't be cheap if you choose to visit many sites, like today, and also the clearing entity will know about what sites you browse. It can't be anonymous, because in case of a dispute it has to be known who paid for what.
> but the problem is if everyone starts blocking ads then the current free internet cannot be sustained as it is today
No, it's a myth, the web doesn't work like that. There are many millions of websites, but only some thousands can actually make enough on ads to sustain themselves. And most of them can survive if everyone starts blocking ads. It's online advertising companies and adtech industry that are going to fold if everyone starts blocking ads, not anyone else.
I'm okay with ads in newspapers because they are static and I can gloss over them. Ads on websites on the other hand often make the site much much slower to load and are animated. Few months ago I browsed the web without an adblocker. I visited a website that had a large ad on the right side that switched between high-contrast colors at irregular intervals so that it annoyed me even at peripheral vision. The goal is probably to draw attention to the ad which in fact worked. But I couldn't focus on the text. This made me enable the ad blocker again. If ads are static webp images or non-animated svg and without third-party tracking, I have no problem. But for me as a visitor, the current state is horrible.
Some YouTube channels already embed advertising straight into their videos. That's nontracking, nonpersonalized content I can live with.
If I can't block normal YouTube ads, I mute the sound and avert my eyes for the duration of the advert. I don't do that for embedded static advertising.
They are absolutely using tracking - the unique views counter in the analytics dashboard shows as much.
Many of these sponsored ads ask for access to the YT analytics data for these channels, without which they wouldn't even consider a sponsorship. Add to the fact they all use a tracking link.. etc.. So yes, they're not personalised, but that doesn't mean you're not being tracked.
Good point, but that's still a far cry from a tracking ad I feel. It can't be personalized to me, and my data isn't auctioned at the point of display. It's after-the-fact analytics, which sounds a lot more benign.
After the fact analytics cannot function without fingerprinting or user/client identification of some method. YouTube Analytics does everything people complain Google Analytics does and more.
So you're only allowed to sell stuff nationwide if you're big enough? Oh wait, there's EBay... I am sure solutions for this will spring up if need be. There's money involved, after all.
Edit to add: These solutions will not be as convenient as the current state of affairs, I contest that.
Nobody needs to wait on the internet - you can just go right ahead and type!
"there's EBay..."
You're saying that for a business to be successful on the internet they need to get their money from buying and selling goods on eBay instead of running adverts? Or that they'll sell adverts on eBay? I'm puzzled.
No, I tried to give an analogous example. Selling goods <-> providing "free" content. I am old enough to remember a time without internet where any business had a really tough time to sell nationwide. Big players had a huge advantage. With Amazon Marketplace or EBay that's much easier now. therefore I am pretty sure when targeted advertizing gets more scrutiny that alternatives will pop up. Heck, even Google might then provide such a service if their current business model is at risk.
Sure. Why not. Small sites can find another business model if they fail at being able to make deals with advertisers.
If ads are the only way to "make money on the internet" then we've created a monster whose only sustenance is advertising and it is its time to lay down and rest eternally.
If that means a third of the internet no longer exists... even sites I have at one time enjoyed, then so be it.
> if everyone starts blocking ads then the current free internet cannot be sustained as it is today
True, but you could also say same about state of advertisement on TV. I think this problem is quite far away, as most people don't use them. Also major players are/will be actively throwing obstacles for average Joe to install ad blocker.
Also consider impact of platforms like patreon, et al. A lot of small time one-person content creators are being supported mainly by it. So there are quite few people who are willing to support quality stuff (disproving idea that people are trained to get everything on the internet for free and ads are only way to make living).
Using anonymity as an argument for the ad-based model is fairly ironic given that a vast majority of the tracking taking place today is specifically to spam with with "targeted" ads.
Beyond that I have no issue with websites having to move away from ads and towards a paid model instead. I actually welcome it. I want to be the client, not the product. I want more websites to offer me the possibility to pay for an ad-less experience.
I don't care. If the web becomes largely paywalled as a result I'll just stop visiting those sites and stick to the still free ones. Or there's other things to do with one's time, if you cast your mind back 10 or so years before everyone became glued to their phones.
A while ago I uninstalled uBO/PrivacyBadger and switched to using a combination of NextDNS [0] and Brave for daily driving (Firefox for work because FF containers) and the adblocking + browsing experience has been nothing short of stellar.
NextDNS takes the load off outside the network perimeter and concatenates all the many lists and trackers in one dashboard. I'm free to use other gentler add-ons in the browser if I so desire, rather than have the DOM split apart and my local machine do all the heavy lifting.
The best thing about using DNS-level blocking is that it's an elegant solution across all my devices, especially when paired with a VPN that enforces those resolvers.
Where that fails though is exceptions. Do you want to block ads, but follow that one link you're really interested in? Sorry, it redirects via a doubleclick site and you can't allow just that one entry. You also need to leave your browser environment to find and unblock it.
You can't, for example, block all Twitter/Youtube requests on third-party pages, but allow them on first-party pages. Firefox containers help a little bit with this, but only for cookies/session data -- not for blocking scripts outright.
That irritated me once or twice at first, after setting PiHole to implement DNS based ad blocking at the network level.
It hasn't bothered me long term though. If that happens and I care enough about what made me follow the link then a quick search has always brought up another route to that content or equivalent content.
Often I don't care even that much in which case I click the back button or close the tab and get on with something else. In fact this "problem" might be saving me wasted time that I can use/waste elsewhere. It might even be saving money by reducing impulse purchases, if the links are ones I've followed to see what the sales pitch is for a product/service that has been mentioned in an article!
For me it's the opposite. Not being able to bypass that doubleclick block would mean that I lose the deal I'm trying to get and would lose money on something I'm actually planning to pay for.
I've never come across a product or offer I really wanted, that I couldn't easily get to by other means. It is occasionally an extra couple of clicks or a little typing to search, but that is a small price to pay for all the junk (sometimes actively malicious junk, not just tracking stuff and irritations like auto-playing video) that PiHole blocks.
Heck, it has at least once saved me money, and not just because I gave up trying to get information on how to spend it: searching for the product when following the "direct" link didn't work found a better offer from another source (in that case if was an offer on the particular variety of running shoes that I currently prefer).
I actually come across that use case ever so often. My solution is to right-click the link in Brave and choose "Open link in private window with Tor" and it loads without any issue; since the exit node performs the DNS resolution.
The worst thing about DNS based filtering is that it can’t block same domain based ads. For example, YouTube servers ads on the same domain, which totally makes DNS based blocking useless. I moved on to Safari content blockers for this reason, from the hosts file based ad blocking.
However, if you're just trying to setup NextDNS you can signup for free on their website and within the account dashboard you'll find instructions for configuring your desktop and mobile OS, DoH in Firefox, router, etc. (screenshots of what this dashboard looks like are in the blog post if you're curious).
This isn’t just about applying some regexes, it’s about disabling utterly obnoxious “features” of web sites.
Until a content blocker can offer a right-click “block THIS element” feature, they won’t come close to the power of uBO. The UI alone for highlighting the exact offender in the document tree is brilliant. Every time a “newsletter” pops in my face, I can banish it forever. Every unnecessary floating space-stealing navigation bar, I can banish, returning the screen space that was stolen from me. Every scroll-with-the-article Facebook/Twitter gadget can be similarly removed.
For whatever reason, HN is completely uncritical of anything Apple does. It has gotten to the point that _/r/apple_ tends to have a richer debate about the companies actions. It's a side effect of the lack of subreddit equivalents IMO.
I’ve been using the MacOS Beta for a while and lack of uBlock Origin has made browsing terrible again. Ads everywhere now and I had forgotten how bad it was.
Firefox has gotten pretty good now, the only problem is no integration with Keychain which is a serious downside. On iOS I use Safari but with BlockBear and Firefox Focus as content blockers. So my experience there is pretty good. iCloud Keychain makes my password situation a lot better going between iOS and MacOS... I’m not sure I can achieve the same using Firefox right now.
That is true currently. Know that this problem will be strongly reduced in the next version of Firefox, to be released on October 22nd.
Firefox will use much less power then, on par with Chrome (haven't seen direct comparisons to Safari). Unfortunately by the time it's released Catalina will be out for a month already.
Switch to Android and get a rootable phone. I never see any ads. I can tether and hotspot without my carrier's permission. I can change DNS servers. I have a Linux shell in my hands.
Can you sync passwords between Firefox and Keychain? I’m essentially looking for that. I use iOS apps which leverage Keychain which can share passwords with both app and website. I’d ideally like to not have multiple password tools.
Apple's goal is not hackability, it's to provide a safe environment for users to generate revenue. It's Dave & Buster's. That was the idea for mobile from day one. They did a great job out of the gate and they're getting better at it every year. They've had to work backwards in desktop because people used to expect full-control of those machines, but they're slowly bringing users around.
If you want to practice self-defense and weaponry, don't do it at Dave & Buster's.
I went through the process of tearing away from Chrome. I only aspect that was holding me back was my stored passwords in Chrome and shared seamlessly with Android password manager.
Exported the passwords and imported it into Enpass. That was the first step in liberation.
I then decided to keep my personal and work related browsing separate especially since both require a google account (Gsuite at work). I wanted an ability to open the browser of my choice based on the URL I click and work anywhere on MacOS.
I implemented a simple URL handler that I register as default browser and that opens the clicked URL in appropriate browser:
Another vote for Firefox Containers here. I do use Safari for my personal stuff, but Firefox Containers is _extremely_ useful when you work with multiple clients and have to switch between contexts for the same site (in my case the Azure portal and various e-mail accounts).
One container per customer, and it's all neat and tidy.
One alternative I haven't seen mentioned is Glimmerblocker[1]. There may be good reason for this—it looks like the last commit was a few years ago—but I know it still works in High Sierra at least. However, it's been a long time since I used the program regularly.
Glimmerblocker is unique in that it doesn't use Safari APIs—it creates a proxy to filter traffic before it gets to the browser. Despite that, it's quite powerful; I remember using it to make an extensive Javascript patch for one site.
(I vaguely remember something about Glimmberblocker needing SIP to be disabled, but there's nothing about that on their website now, so I'm not sure. I keep SIP off anyway, so I wouldn't know.)
So, if I understand things correctly, the change is from “browser passes URL to blocker, blocker runs arbitrary code to decide whether to block it” to “blocker passes description of URLs to block to browser, browser runs code”?
In the (somewhat) analogous case of antivirus tools, that change is from using heuristics to detect viruses to using fingerprints. I’m not sure that makes much of a difference there (but possibly I’m wrong)
Also, the risk here is lower, so not taking the risk to run arbitrary code in exchange for somewhat better ad blocking may be the better choice.
So, what are real-life examples that the uBlock Origin currently blocks that new blockers won’t be able to block?
Safari now only allows up to 50k blocked elements. If there are more than 50k things you wish to block (my lists currently have >200k and uBlock Origin by default is over 100k), Safari won't let you.
I don't understand why this is a good thing. As a user, I can make my own choices on what type of as blocking technology I want to use.
I'm sure most people on HN would support legalization of marijuana even though it is arguable that smoking marijuana is bad for you. Same thing applies here, I should be able to choose what ad blocking technology I want to use.
> I can make my own choices on what type of as blocking technology I want to use
True, safari may not be for you then (it's not for me either). But for many people, especially those who don't understand how to get good privacy online, safari takes that guesswork out of the process. Apple applies similar logic to other security related choices they make for users too. It's not for everyone, but it is arguably good for many.
It was asked in the Github comments on this issue, but I want to clarify for myself: is the main difference between "content blockers" and "ad blocker" that works like uBlock Origin the way that they handle blocking content? What are the downsides to the content blocking plugin model?
In my limited understanding content blockers seem more sane as they doesn’t give the extension cart blanche to read your pages and write to the DOM. Instead it passes links to content the browser wants to load into the content blocker as a filter function.
The seems very sensible given extension owners could start injecting malicious content on the page. Nothing prevents them from selling out — it’s happened before.
I use uBlock origin and love it in Chrome but I can also see where Apple is coming from here. This will probably protect the greatest number of their users.
The way adblocks like UBo works isn't by injecting stuff in the DOM. Instead, they look at requests going out, and can ask the browser to "fail" it. It can do that based on custom logic - a piece of javascript code runs for every requests.
UBO also has the facility to delete/hide arbitrary nodes from the DOM in order to hide ads that might come bundled with the page.
None of those functionalities can really be used maliciously. At best you can break websites by denying them the ability to load stuff. The problem is that both functionality are bundled with other privacy-invading things (like injecting or reading). But that's of no fault of UBO, it's just the way Safari and Chrome decided to set the permission granularity.
You could have a secure, restrictive API without blocking the best features of UBO. Google chose not to because it's potentially damaging their business model, and Apple probably chose not to out of simplicity.
I think that this, i.e. with request and element filtering, is how it works the majority of the time. However, uBlock Origin can (and sometimes does) inject arbitrary scripts into the page. They can it "scriptlets", see this link: https://github.com/gorhill/uBlock/wiki/Static-filter-syntax#... . You can see some usages in the "uBlock Filters" filter list included with uBlock Origin. I think it's more the exception rather than the norm, but it's there.
My fear is that if extensions are crippled and mainstream ad-blocking standardizes on those kinds of restricted "content blockers", it's possible for ad companies to implement an effective technical bypass for them, since they can execute arbitrary scripts, but "content blockers" can't, unlike extensions. You would need Apple/Google/etc. to play the ad-blocking arms race, and they probably won't have incentives for it.
Heaven forbid users choose to trade performance for a more usable browsing experience. Ads/tracking vs blocking is a war, and preventing blockers from running arbitrary code will cripple blockers, allowing technology to be developed by hugely funded ad companies that effectively bypass blockers due to these limitations. Providing a blocklist is completely insufficient for totally blocking ads and tracking, as anyone that has used the content blockers on iOS has observed.
> Providing a blocklist is completely insufficient for totally blocking ads and tracking, as anyone that has used the content blockers on iOS has observed.
I have used a content blocker for more than four years and I would have to disagree.
The declarative API takes control away from the user. Currently you can block everything except the useful content. With the declarative API you can block only trackers A, B and C, but not C and D, because C and D weren't added to the global list of trackers. Moreover, you won't even know that C and D exist. With the declarative api, trackers get a trivial way to bypass adblocking: they can just change the domain name. This is the true goal of declarative API, not performance or security.
Why does the declarative API still allow to monitor your traffic? This sort of contradicts the security selling point, right? Because corporate users need to monitor activity of their employees: they install a corp extension that monitors traffic. They don't need to block anything, but they need the monitoring ability.
The argument that adblockers can route all your traffic thru their servers simply doesn't stand. If this was a concern, the browser could refine the permissions model: an extension can monitor and block any traffic, but it doesn't have access to the internet. Just like in Android you can uncheck the camera and mic permissions for any app. Problem solved.
I don't understand your point. It doesn't matter what the language is: JS, Lua, Python, C++ or even Rust. What matters is the API the extension has access to: tab URLs, web requests, storage, network, DOM read only or read write. Just like in mobile apps: it doesn't matter what language it's written in. It only matters what system apis it has access to.
I use AdGuard on iOS and you can use very similar block lists as uBlock Origin for macOS does. Besides ads, I block social media on third party sites. This kind of tracking is just outright evil.
I'll give it on macOS a try, because the other day, I noticed that uBlock Origin didn't detect one specific tracking URL, but Firefox did (and it clearly was in the network tab of the Safari developer tools). Now it's clear why: uBO is outdated for Safari.
Anyways, thanks for the port and maintenance all those years when I could use uBO!
There are plenty of good ad blocker alternatives available for Safari on macOS and iOS.
I’ve created one that is updated regularly, has a free option, respects your privacy and doesn’t take any $ from advertisers to let ads through the ad block rules [1].
Simply search on the App Store for a variety of alternatives.
uBlock Origin is good but it’s not the be all and end all of ad blocking especially on Apple platforms.
You've got pretty bad reviews, mostly because you seem to hide essential features behind a paywall. I can't tell which features those are because your site is not really transparent about that either, probably in a weird attempt to hook whoever is reading it on the bold "free" part of the page.
The website is pretty transparent about what is paid. The features page has some features listed as part of the "pro" subscription. It seems that the only paid additions are automated rule updates, a whitelist, and early access to new features.
This is a mind-boggling level of FUD. Content blockers have been noticeably superior on both macOS and iOS for years. They’re not “limited”, they’re rational. It’s abjectly absurd that traditional ad blockers can consume as much CPU as they do on every single page load. I hope everyone in this thread jumping ship to Firefox in a panic enjoys their shorter battery life.
Disagreed. Content blockers are "dumb" as they just provide a list of URLs/regexes to block, which doesn't always work and doesn't allow behaviour-based blocking like "dynamic filtering" that some Javascript-based adblockers have.
Sure, it's technically possible for a JS blocker to use more CPU, but 1) it's a trade-off the user should be allowed to make (I'm happy to sacrifice some CPU in exchange for better ad blocking and privacy) and 2) I never had a case where a JS-based blocker noticeably impacted performance.
Time to start avoiding any browser that limits the power of extensions.
Browsing the web today has become a dirty business, it's easy to be tracked, and users have the freaking right to defend their privacy when browsing, and to do it in whichever way they like.
I'm tired of these paternalistic and uningenuous claims from Google and Apple that sound like "but we do it for you, you know, adblockers really hurt the performance of your browser". Something hurts my browsing experience? Well, it should be my call whether the pros outsize the cons or not, it should my call whether to use it or not, not the browser's developer call. After all, the web browsing experience today is way more compromised because of the huge amount of third-party scripts that run on most of the pages, surely not by extensions, but browser producers don't seem to put the same emphasis on the need of reducing the use of third-party scripts and trackers.
To me decisions like blocking external web API calls in extensions just because "they may slow down your browser or put your security at risk" sound like if the Linux kernel suddenly decided to disable the support for network sockets because "you know, hackers might use them for backdoors, or you might end up connecting to an extremely slow server and hurt your experience": a complete nonsense bullshit.
Plus, browsers like Brave have recently proved, with its native content blocker developed in Rust, that it's still possible to use a traditional adblocker without compromising the browsing experience.
Time to uninstall Chrome. Time to uninstall Safari. Time to ditch away all the browsers that do their best to limit your freedom on how you surf the web. Extensions are among the foundations of a modern browser, and limiting their power to static lists of rules is an immoral decision that deserves a serious boycot act from users.
Let me get this straight, because Apple is worried I might leak private information to the Extension Developer, they came up with a new "content blocking" scheme that is not as capable so now my risk has increased for every website I visit? I think I would like to take my chances with the Extension Developer.
I didn't know this first but spent awhile after installed Safari 13 and noticed uBO wasn't there anymore and spent time searching for alternative options and valuating those mentioned in the post but decided I'll go with FF and only use Safari with some websites those I'm working with them.
I started downloading the update while read another thread. I immediately cut off the WiFi and stopped the download. I also downloaded Firefox to check it out and it seems pretty good.
FWIW, I've been on Catalina for a couple of months now, which means no uBlock, and the web has been pretty usable. Safari alone seems to be doing a pretty good job with isolating the worst ads.
That being said, this post reminded me to install a replacement, so I just installed Adguard. We'll see how it goes.
I installed Adguard myself after reading this post — it appears as though they've split the functionality into many extensions, and only a few require full-page access. I'm trying it without those "advanced" extensions enabled and it seems to be doing just fine.
No because Safari is my “web browser”. It’s the one I use for HN/Reddit etc. Anything I’d consider “private” like email or banking or even GitHub is done with FireFox or Chrome.
Also I didn’t see anything flagrantly bad at first glance.
Edit: Looking closer you may be referring to the old extension and not the new “content blocker” version, which is sandboxed by Safari and didn’t need to ask for any permissions.
For those looking for a related alternative/supplement.. consider a privacy DNS solution. I've really been liking NextDNS lately. Lets you customize a ton of stuff:
There are ways to make AdBlockers work with Safari 13. It is a question of someone taking the effort to adhere to the new design enforced by Apple for Safari extensions.
If Chrome/ium forks decide to maintain the needed APIs they will still support it. There's also Brave. In the meantime I'm with the new Edge (forked from Chromium) in hopes MS won't be stupid.
I use this with Peter Lowe’s blocklist [0]. I’d share the exact setup but I’m not near my Mac just now.
It’s great, but I also use 1Blocker — have since its release, also use it on iOS — and I think it does most of the work. I’ve only recently added the blocklist to Little Snitch and I don’t notice much difference.
Of course Little Snitch is blocking all network traffic, including Firefox. I use Firefox as my dev browser and don’t have any blocking extensions loaded.
It’s in the category of ‘why not’ for me, I already have Little Snitch so I may as well load in these rules.
I've found Ka-block! to work well enough that I'm happy waiting until a clear winner between 1Blocker and AdGuard emerges. OTOH, the bigger annoyance has been the fact that none of the vi key extensions for Safari seem to work anymore.
For example; you can have a trigger which contains a regex that matches all images and stylesheets for a given domain. The action can be one of several options, one of which is to block that item.
One advantage this technique provides over ad blocking is that there's no data to be phoned back home. It is, in essence, a mask that is applied to a web page before rendering. Also, it's very lightweight. It's literally just a JSON document which means Safari can perform better.
Now, I'll admit it's not foolproof. Apple and the content blockers have some work to do on it. I'm noticing some issues with it myself after having upgraded to Safari 13. But from a privacy perspective, I personally much prefer this technique.
1: https://developer.apple.com/documentation/safariservices/cre...