Slashdot Mirror

← Back to Stories (view on slashdot.org)

Google Proposes Changes To Chromium Browser That Will Break Content-Blocking Extensions, Including Various Ad Blockers

Posted by BeauHD on from the cease-and-desist dept.

"Google engineers have proposed changes to the open-source Chromium browser that will break content-blocking extensions, including various ad blockers," reports The Register. "The drafted changes will also limit the capabilities available to extension developers, ostensibly for the sake of speed and safety. Chromium forms the central core of Google Chrome, and, soon, Microsoft Edge." From the report: In a note posted Tuesday to the Chromium bug tracker, Raymond Hill, the developer behind uBlock Origin and uMatrix, said the changes contemplated by the Manifest v3 proposal will ruin his ad and content blocking extensions, and take control of content away from users. Manifest v3 refers to the specification for browser extension manifest files, which enumerate the resources and capabilities available to browser extensions. Google's stated rationale for making the proposed changes is to improve security, privacy and performance, and supposedly to enhance user control.

But one way Google would like to achieve these goals involves replacing the webRequest API with a new one, declarativeNetRequest. The webRequest API allows extensions to intercept network requests, so they can be blocked, modified, or redirected. This can cause delays in web page loading because Chrome has to wait for the extension. In the future, webRequest will only be able to read network requests, not modify them. The declarativeNetRequest allows Chrome (rather than the extension itself) to decide how to handle network requests, thereby removing a possible source of bottlenecks and a potentially useful mechanism for changing browser behavior. The report notes that Adblock Plus "should still be available" since "Google and other internet advertising networks apparently pay Adblock Plus to whitelist their online adverts."

44 of 334 comments (clear)

  1. Calling the DOJ... by Etcetera · · Score: 4, Insightful

    If the DOJ (no particular friend of Big Tech in this Administration) wanted an excuse to probe Google with the FTC for some anti-trust discovery, this would be a quick ticket.

    The world's dominant browser requiring that the world's dominant ad network always be displayed would be a wonderful reason to force a divestiture of one or the other (or, preferably, split everything up into components).

    --
    Hire a Linux system administrator, systems engineer,
    1. Re:Calling the DOJ... by AmiMoJo · · Score: 2

      Problem is that Apple already did it a while back, so they would have to include Safari in their complaint and Google would just say they are adopting a proven, popular standard.

      In fact Google appears to be trying to bring ad-blocking to Android. They are implementing a new API that allows for AdBlock style filtering but done by the browser itself, which means it would work on Android where Chrome doesn't support extensions.

      The problem is that the new API is similar to the Apple one, which is quite limited. A 30,000 filter limit, not even enough for the popular EasyList filter, and it forces you to use the rule matching system that the browser implements rather than the more advanced one that extensions like uBlock Origin feature.

      The other issue is that WebRequest (the current API) has become a kind of cross-browser standard with Firefox, and extension developers like not having to write different code for Chrome/Opera/Edge/etc and Firefox.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
  2. It's almost like... a monopoly? by locater16 · · Score: 4, Insightful

    Wow, the company that makes 90% of the its profits from advertising is trying to use the open source projects it near controls, that has a near monopoly on web browsers now... to stop adblockers from existing...

    It's a coincidence surely. *Hugs Firefox*

    1. Re:It's almost like... a monopoly? by Desler · · Score: 5, Interesting

      Yeah, and plenty of people pointed that out years ago but mosr Slashdorks wouldn't listen because Google open sourced some token projects that were never money makers and they used Linux.

    2. Re:It's almost like... a monopoly? by RonVNX · · Score: 2

      Them: "BUT FREE STUFF!"
      Me: It's not really free.
      Them: "FREE. STUFF."

    3. Re:It's almost like... a monopoly? by phantomfive · · Score: 5, Insightful

      It is a moral imperative to use ad blocking. Ads incentivize the wrong kinds of content to be created: things like click-bait and fake news.

      Even if you don't think ads are immoral, you should still use ad block as a practical matter: malware can be served to you from all the major ad networks, so if you don't want to be hacked, use ad-block.

      --
      "First they came for the slanderers and i said nothing."
    4. Re:It's almost like... a monopoly? by DeVilla · · Score: 2, Interesting

      Firefox had a more function API for extensions to do content blocking. They dumped it so they could use the same crippled extension API as Chrome. I can't imagine Mozilla won't follow suit again. They are used to crippling Firefox to be like Chrome.

    5. Re:It's almost like... a monopoly? by rtb61 · · Score: 2

      More accurately and fairly, you as the end user should be able to choose who can serve you ads and who can not, this based around ads served and the manner in which they are served.

      Google is not a search engine, it is an advertising and manipulation engine. The right move now, block gmail addresses, use gmail and you mail bounces, let them try to fucking block that the raging pack of ass hats.

      Personally I think Google played the corrupt had too early, first in corrupting democracy, then in corporate based censorship of humanity and now forcing screaming ads on anyone attempting to use the internet, basically poison the internet, this will cost them as it should. Why the fuck would anyone trust an advertising and manipulation engine, a real scummy company and the people that work there, well in light of this, you have to question their morality.

      --
      Chaos - everything, everywhere, everywhen
    6. Re:It's almost like... a monopoly? by mentil · · Score: 2

      Chromium is itself open-source, and some forks will likely retain the webRequest API.

      --
      Corruption is convincing someone that the selfless ideal is the same as their selfish ideal.
    7. Re:It's almost like... a monopoly? by Solandri · · Score: 4, Interesting

      It's open source. If enough people don't like it, they'll just fork Chromium and create a new ad-block-friendly browser without this "feature.".

      Need I point out that Firefox is based on a version of Netscape that was made open source?

    8. Re: It's almost like... a monopoly? by Ormy · · Score: 4, Informative

      There are many other software choices that are actually usable. For windows I use Hostsman (does deduplication in seconds for millions of lines, not hours or days like apk's stuff). For non-rooted android I use PersonalDNSfilter which is available on f-droid (again, processes files with many millions of entries in seconds). There are many other alternatives

  3. Things that make you go.. hmmm. by Fly+Swatter · · Score: 2, Interesting

    The report notes that Adblock Plus "should still be available" since "Google and other internet advertising networks apparently pay Adblock Plus to whitelist their online adverts."

    So there will still be an API that works, if you play their game..

    1. Re:Things that make you go.. hmmm. by circamoore · · Score: 2

      TFA actually suggests Adblock Plus would still work because it uses more primitive blocking that would still be possible under the new API, not because of some secret API.

  4. Re:In the future ... by Anonymous Coward · · Score: 5, Insightful

    Increasing browser speed by forcing you to download slow loading video ads

  5. Host files? by 110010001000 · · Score: 2, Funny

    I wonder if there is a way to still block ads based on somehow modifying your host files? Does anyone make software like that, that will let us manage our host files?

  6. Shocking by Actually,+I+do+RTFA · · Score: 3, Interesting

    Google introduces a quasi-ad-blocker. . Shocking that they want all other ad blockers to die by breaking compatibility. Then, figure that 90% of users never seek out another blocker, and Google's ads get back through.

    --
    Your ad here. Ask me how!
  7. So it's back to using Proxomitron and Privoxy, eh? by macraig · · Score: 2

    What goes around, comes around? Why does this not surprise me? Perhaps it's because the W3C has had fingers in corporate pockets and pants legs for as long as it's existed, and serves the corporate presences on the Web and not the "useless eaters" who consume it? The HTML spec has long been saddled with additions that benefit that corporate control of the Web. Why should it surprise anyone that one of the biggest corporate presences wants to take further control through use of its own browser?

    So the Resistance is now back to using HTTP filtering proxies like the dead Proxomitron and Privoxy to try to take back the Web from corporate control. Good luck with that. Nobody really gives a shit any more. Instead of more such independent proxies and more refinements to them to make them truly user-friendly, we got the horrifically bad idea of BROWSER EXTENSIONS... and those extension developers got pwned even by Mozilla after the trap was sprung.

  8. Excellent by GameboyRMH · · Score: 2

    This should help get Firefox user numbers back up.

    --
    "When information is power, privacy is freedom" - Jah-Wren Ryel
  9. The best time to get Firefox was 2006 by koavf · · Score: 2

    And the second best time is today.

  10. Use the source, Luke... by Anonymous Coward · · Score: 2, Insightful

    Cry me a river... We don't need the DOJ doing jackshit as long as Google is still providing the full source code to Chromium. Just make a few tweaks to the source code and boom, ad blocking is back in business. Sure, the change sucks for extensions like uBlock Origin, who will likely lose users as people find new ways of ad blocking, but it's not like the bad old days of closed source Internet Explorer.

    Brave Browser is based on Chromium's rendering engine and provides ad blocking built-in, no extensions necessary. It's already here and works pretty darn good.

    1. Re: Use the source, Luke... by Anonymous Coward · · Score: 5, Informative

      Or you could use Firefox. Its web extensions already have more features than chrome, added for the express purpose of facilitating addons that increase privacy. Extensions like Cookie Autodelete and noscript are totally gimped in chrome by comparison.

    2. Re:Use the source, Luke... by r1348 · · Score: 4, Insightful

      Or, you know, just use Firefox.

    3. Re: Use the source, Luke... by Opportunist · · Score: 2

      So?

      I'm asking in all seriousness: SO?

      Current PCs come with more ram and processing power than you need, unless you're running server daemons (in which case I question the use of a browser at the same time) or games (in which case I don't only question your use of a browser at the same time but you probably already handed your privacy to Origin or Steam anyway).

      --
      We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
    4. Re: Use the source, Luke... by Billly+Gates · · Score: 2

      Firefox has joined Netscape and IE as far as I am concerned. No one cares or writes standards to W3C anymore. Only Chrome matters and being Chromium compliant is what is important in 2019. Even MS is going to use Chromium so why bother learning anything else or standards?

      Worse, kids today have no memory of IE 6. The hipster millenials do not remember a different computing world with MS as the king setting standards and do not understand how much of a pain getting off IE 6 and VS 6.0 and Win98/XP was with win32 only software before Internet and mobile apps. So they are only caring what Google does and telling customers to download Chrome as they don't even know what W3C is or care.

      --
      http://saveie6.com/
  11. Re:Why does an adblocker need to be an extension o by Shikaku · · Score: 2

    The browser has to do it because you can direct it using an extension to block html classes, ids, maybe even tags and domains. Blocking just domains (aka hosts blocking) doesn't work in the long run if the site is coded well enough that it uses the same origin for ads and regular files, so the extra power is partially up to the browser to handle everything else.

  12. yeah, that's why I don't use Chrome by spywhere · · Score: 2

    I use Firefox with uBlock Origin, and I also use the MVPS Hosts file... both on my home and work computers.
    I stopped trusting Google when they were bundling Google Desktop with new computers.

  13. Re:So it's back to using Proxomitron and Privoxy, by Actually,+I+do+RTFA · · Score: 3, Insightful

    Back to Privoxy/Promoiyton? Why do you think Google spent 5 years convincing everyone HTTPS was necessary, even for static, low-risk pages?

    --
    Your ad here. Ask me how!
  14. Re:So it's back to using Proxomitron and Privoxy, by mattb47 · · Score: 4, Informative

    Run Pi-Hole instead and point your DNS to your Pi-Hole system?

    https://pi-hole.net/

    Pi-Hole doesn't have to run on a Raspberry Pi. Run a small VM, another Linux box, etc.

    I have a home server running a Ubuntu VM alongside a bunch of Windows systems, so Pi-Hole would work for me.

    Still, way more overhead and complexity than uBlock Origin.

  15. Looks like I will be switching to Firefox then. by NerdENerd · · Score: 3, Insightful

    Firefox time.

  16. Filtering proxy? by AJWM · · Score: 2

    While not perfect, it seems to me that a filtering proxy would take care of a lot of ads, at least those from 3rd party ad-servers.

    --
    -- Alastair
  17. Re:So it's back to using Proxomitron and Privoxy, by bytestorm · · Score: 3, Informative

    Local proxies are still allowed. And likely always will be if they want the corporate market share (this is the reason tls 1.3 got blocked for a year). Add your proxy's CA to your trusted certs and it can mogrify all the pages you send its way, regardless of security or origin. Granted, you can no longer see the original certificate from the origin webserver, but block ads it will.

  18. Bullshit -- just follow the money by Anonymous Coward · · Score: 3, Insightful

    Google is making this change because filtering malicious javascript and advertizing from web pages by the "web client" (ie, the browser) is ruining their business model which is completely and entirely based on the "web client" executing malicious javascript and displaying advertizing contrary to the interest of the owner of the device on which that malicious javascript is running and on which the advertizing is being displayed, at the expense of that owner (who is paying to transport that unwanted malicious javascript and advertizing).

    Therefore, Google has two choices: Make is so that people using "Chrome" based crap cannot protect themselves from malicious javascript and advertizing (99% of which is promulgated by Google) or just close up shop and go out of business.

    Because they are a bunch of greedy fucks who do not actually have a product any non-sleezebag would want to actually spend money on (and therefore no actual business model other than being a shitbag), the have decided to pursue the former course rather than the latter.

    Of course, it also helps that 99.999999% of the people who use their products do not give a shit anyway and are too stupid to only use products which are not inherently malicious.

    In other words -- follow the money.

  19. Re:Boo hoo. They need to update their extension by bytestorm · · Score: 4, Informative
    developers.chrome.com declarativeNetRequest

    The declarativeNetRequest API only allows extensions to block or redirect requests. The webRequest api is more flexible as compared to the declarativeNetRequest API because it allows extensions to evaluate a request programmatically.

    Seems to say all that needs to be said.

  20. Re:It's Open Source... by jarle.aase · · Score: 2
    > ... someone is just going to fork it ...

    Forking Chrome?

    It's a huge project. That someone needs lots of devoted developers and resources.

  21. WebExtensions in Firefox by DrYak · · Score: 5, Interesting

    You might have missed the bits where Mozilla took time to collaborate with extension authors (such as NoScript) in order to add extra functionality, so that critical things which were possible in XUL extensions could be ported to FireFox' flavour of Web Extension.

    The only extensions that didn't make the jump were either abandoned, or those whose authors preferred to loudly complain and join sone "anti-WebExtensions resistance" instead of trying to work out a solution.

    --
    "Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
    1. Re:WebExtensions in Firefox by Artem+S.+Tashkinov · · Score: 4, Informative

      The only extensions that didn't make the jump were either abandoned, or those whose authors preferred to loudly complain and join sone "anti-WebExtensions resistance" instead of trying to work out a solution.

      ORLY?? Mozilla really "collaborated" (more like decided to make concessions) with only the most popular add-ons to save their face and they couldn't care less about less popular add-ons like DownThemAll, Hide Caption Titlebar Plus, Status-4-Evar, UnMHT, Tab Mix Plus and hundreds of others which integrate(d) deeply with the browser.

    2. Re:WebExtensions in Firefox by Luckyo · · Score: 4, Informative

      You might have missed the way that collaboration ended. Noscript on modern firefox is much closer to chromium version than original FF version, because capabilities needed by noscript of all were intentionally removed by FF team. Which was their part of the "collaboration" in question, to provide nice PR while destroying the add on in question, alongside many others that bothered them, such as classicthemerestorer.

      Because there is no "solution" to webextensions problem. They are intentionally crippled compared to XUL. That's the entire point of having them. And as noscript debacle proved, there is no "working out a solution", because the capability needed for functionality is simply not available in webextensions.

    3. Re:WebExtensions in Firefox by nmb3000 · · Score: 2

      The only extensions that didn't make the jump were either abandoned, or those whose authors preferred to loudly complain and join sone "anti-WebExtensions resistance" instead of trying to work out a solution.

      This is a blatant lie.

      There are plenty of extensions that are still waiting on updates to the WebExtensions framework so that they can be ported over. There are dozens or hundreds of bugs in bugzilla with requests for this. Just a couple that come to mind are around session management (there are no decent session managers for Nu-Firefox, and Michael Kraft's excellent Session Manager which was maintained and worked perfectly for years was left in the ditch) and tab management (Tab Mix Plus is only "dead" because Mozilla killed it).

      This is only two among many others. Instead of waiting a year or so for WebExtensions to catch up, Mozilla in their rush to make Firefox become Chrome as fast as possible, threw the baby out with the bathwater without regret. It's what happens when people who don't actually care about a project or users take control.

      Stop shilling for them.

      --
      "What do you despise? By this are you truly known." --Princess Irulan, Manual of Muad'Dib
      /)
  22. Re:New slogan needed by Desler · · Score: 2, Insightful

    Hey look, another naive Slashdork that still thinks that motto ever had any teeth to it.

  23. ANYONE READ THE SPECS? by nadass · · Score: 5, Interesting

    I fully respect the disdain for all things Alphabet Soup (formerly known as Google Inc) but the specs to chrome.declarativeNetRequest appear to suggest a different extension programming model to accomplish the same thing.

    Instead of loading a separate web document (as webRequest API does) the new API allows an extension to run through its rules at the onBeforeRequest stage -- in other words, instead of intercepting a separate network request mid-stream the API provides the means to evaluate the network request BEFORE going all the way through.

    Another way to look at it is like a (network routing) proxy service. The proxy runs through client-side rules first (whereby the rules.json may have "block" and "allow" and "redirect" action types) and reacts accordingly all BEFORE dropping mid-stream packets.

    As I ponder this a bit more, it seems that an ad-blocking extension that utilizes the new declarativeNetRequest API would actually DECREASE the amount of hits an ad-server would experience since the browser would never initiate a connection to the ad-server. To this end, the specs say that iframes and images blocked by the declarativeNetRequest API would collapse at the DOM (thus killing the html content within the iframe from ever being loaded).

    Question: Did I understand the SPECS correctly? (Yes, I am ignoring the brouhaha otherwise as well as the claim that [oh no] ad blockers have a new API at their disposal...)

    1. Re:ANYONE READ THE SPECS? by Ken_g6 · · Score: 3, Informative

      Never mind, I found it. It's not in API documentation, but in a Google docs proposal for Manifest V3:

      In Manifest V3, this API will be discouraged (and likely limited) in its blocking form. The non-blocking implementation of the webRequest API, which allows extensions to observe network requests, but not modify, redirect, or block them (and thus doesn't prevent Chrome from continuing to process the request) will not be discouraged. As an alternative, we plan to provide a declarativeNetRequest API (see below). The details of what limitations we may put in the webRequest API are to be determined.

      --
      (T>t && O(n)--) == sqrt(666)
  24. This will hurt Firefox by xack · · Score: 3, Interesting

    Since websites will assume if you are using firefox, you must be blocking ads. This will be a fom of drm and more websites will be going chrome only to ensure thir ads will be seen. Chrome has acheived the browser monopoly after we fought so hard to get rid of Internet Explorer.

  25. Re:So it's back to using Proxomitron and Privoxy, by macraig · · Score: 3, Interesting

    You don't seem to grasp how much flexible Proxomitron and Privoxy are than something as simplistic as Pi-Hole. They don't just block advertising: they can REWORK PAGES to display information in a fashion that is effective for you, and NOT display page elements that distract from your goal, regardless whether those elements are advertising, site self-promotion, sidebars you don't need, and far more.

    Don't you get sick of having a widescreen monitor yet so many Web pages are imprisoned by their designer in a narrow column that only benefits that designer's "vision"? Don't you ever find yourself wanting to overrule the stupid or selfish decisions that Web designers make? You could do that are more with Proxomitron, because it was designed specifically to be more generalized than just an ad-blocker. Before Proxomitron's sole author died and the software lapsed into obsolescence, I used it for all of the above, and my Web experience was dramatically improved, because it was MY OWN.

    Instead of promoting Pi-Hole, you should be promoting a revived open-source community edition of Proxomitron.

  26. Don't count on DNS blocking by c_g_hills · · Score: 2

    Browsers have started to implement DNS-over-HTTPS and it's only a matter of time before Google enforces it in the future.