Chrome API Update Will Kill a Bunch of Other Extensions, Not Just Ad Blockers

An anonymous reader writes: A planned update to one of the Google Chrome extensions APIs would kill much more than a few ad blockers, ZDNet has learned, including browser extensions for antivirus products, parental control enforcement, phishing detection, and various privacy-enhancing services. Developers for extensions published by F-Secure, NoScript, Amnesty International, and Ermes Cyber Security, among others, made their concerns public today after news broke this week that Google was considering the API change. Furthermore, efforts to port NoScript from Firefox to Chrome are also impacted, according to the plugin's author, who says the new API update all but cripples the NoScript for Chrome port.

I bet

It has an update that says you did not need to see this page. Try our home page instead whenever you get a page not found error.

Makes it simple

If they do this then goodbye all Chromium based browsers that implement this and hello Firefox - and any browsers that fork from that...

Sorry (not sorry) but my ability to block evil crud that pollutes my browsing and can potentially infect my devices is more important to me.

Re:Makes it simple

[AmiMoJo]

Before jumping ship, it's worth reading the actual thread discussing this change: https://groups.google.com/a/ch...

Google staff are participating. They are talking about the need to keep the old API around indefinitely, perhaps with some limitations on functionality. The purpose of the proposal is to gather feedback from add-on developers about what functionality the new API doesn't offer and needs to be kept in the old API.

In particular, they recognize that for privacy reasons it's important for users to have a 100% guarantee that certain things are blocked and not merely hidden, which is the main performance issue at the moment.

Also, the developer of AdBlock Plus chimed in to dispel the myth that it's got something to do with them. They point out that AdBlock is affected by the change as well.

Re:Makes it simple

There was only one, aggressive response from a Google person while you make it sound there is a healthy discussion going on there.

Re:Makes it simple

[Oswald+McWeany]

Interesting that they waited to kill off their only serious competition, IE/Edge before pulling this stunt.

Re: Makes it simple

[houghi]

Remember when google listened to the concerns when they raped Dejanews? Or any other time?

Neither does anybody else, because they do not care. They have never cared. The moments they are on your side is just lucky, not intentional.

Remember when Microsoft was the worst? They have not changed, others have just become even worster.

Re:Makes it simple

[phantomfive]

Before jumping ship,

Nah, just jump to Firefox.Firefox is a fine browser, and it's better to not have a browser monoculture.

Re: Makes it simple

[OneHundredAndTen]

They have not changed, others have just become even worster.

I have to confess that I like that neologism a lot.

Re:Makes it simple

[renegade600]

If they do this then goodbye all Chromium based browsers that implement this and hello Firefox - and any browsers that fork from that...

Sorry (not sorry) but my ability to block evil crud that pollutes my browsing and can potentially infect my devices is more important to me.

tend to agree. I consider blocking ads the same as removing sales inserts from newspapers before reading. we should not be forced to read or look at them.

Re: Makes it simple

[Actually,+I+do+RTFA]

Remember when Microsoft was the worst? They have not changed,

Yes, they have. Microsoft used to just want cash. Now, they want to spy on customers and serve ads.

I mean, MS was just a powerhungry corp before that, but they just wanted direct cash. Google was always more evil (keep in mind the same nice things people said about Google in 2005 were said about MS in 1992). But Microsoft, like Amazon, seem to have taken a turn. Seems like it's currently just Apple that wants to shut up and take my money.

Re:Makes it simple

[lgw]

I'm sure an advertising company will move heaven and earth to insure ad blockrrs keep working. Sure they will. You can totally believe Google employees when they claim that Google won't kill add blockers.

Re:Makes it simple

[GuB-42]

If they do this then goodbye all Chromium based browsers that implement this and hello Firefox - and any browsers that fork from that...

Unfortunately, Firefox copies everything Chrome does nowadays. They already killed XUL extensions to use the same framework as Chrome, which is less powerful. They also removed ability to install unsigned extensions, like Chrome.
There are good reasons to do that, like multi-threading and security. But there are good reasons for what Google is doing right now, so I wouldn't be surprised if Firefox followed suit.

Re:Makes it simple

[AHuxley]

Ensuring the approved crypto protects the bands ads from all ad blockers is not "feedback".
The expected "functionality " is to stop ads from been blocked by users.
An ad company wants to ensure its ads are seen and will be protected from any user installed blockers.
Find a real browser and OS that can let the user install the software they want.

Embrace. Extend. Extinguish.

Why do people think one corporate monopoly is going to be different from the last corporate monopoly?

The internet will be Cable TV 2.0 in less than ten years.

Ok google i get it

if its so important to you that i go back to firefox i'll do it already... jeez

--you couldve just asked.

Not surprised.

[dicobalt]

Google promised they would add APIs for NoScript, they never did. Google wants to take control of third party browsers and direct more hits at their advertising and spyware systems.

Re:Not surprised.

[AHuxley]

The approved crypto will allow approved ads to pass most easy attempts to filter ads out.
Now any attempt in the browser to remove approved ads gets more difficult and is blocked.
An ad company wants their "free" ad ready browser to show all the ads they approved.
The user has no say in the software thats on their own computer.
Find a better browser from a company that's not an ad company.

Time to go back to Firefox.

[AJWM]

Although, on my home machines I never left. Firefox isn't perfect, but at least it lets me run NoScript.

Just as well. A browser monoculture, whether the old IE or the new Chrome, is and was never a good thing, however much web developers might think so.

Re:Time to go back to Firefox.

and when these restrictions in APIs controlling interaction between webextensions (which firefox also relies upon for addons) and the browser trickle down.. then what?

the user is fucked because google has decided to essentially deprecate addons.. which will be the next step.

google wants control over the browser, addons won't be allowed any more, unless they are blessed by google or developed and published by them (if even then).

conning firefox into adopting their addon model was just part of their master plan. opera, vivaldi and others are in the same boat.

firefox needs to bring back and update their old api. that's all we can hope for at this point.

Re:Time to go back to Firefox.

Umm No. Looks like Firefox is on board with the Manifest v3
https://blog.mozilla.org/addons/2018/10/26/firefox-chrome-and-the-future-of-trustworthy-extensions/

Re:Time to go back to Firefox.

Although, on my home machines I never left. Firefox isn't perfect, but at least it lets me run NoScript.

Well, I have ScriptSafe in my Chrome installs .. similar to NoScript in FireFox.

For me, without NoScript/uMatrix in Firefox or ScriptSafe/HTTP Switchboard in Chrome, the internet would be largely unusable.

Those both let me block the third parties and other shit on pages, and control who can run scripts, set cookies, or even get blocked entirely (like Facebook which all of my browsers actively block). You can't trust the internet these days, let alone with scripts and other third party shit which should never happen in the first place.

I run all of Chrome, Firefox, and Opera at home ... all variously locked down as much as I can, and all used for non-overlapping applications to keep one set of things fully separate from another.

I sincerely hope Google aren't going to render Chrome unusable by breaking the extensions I rely on to block the assholes of the internet. The last thing I want is an ad company deciding to break the parts of my browser which let me block ad companies.

At that point, Chrome becomes like IE .. the browser of last resort when you need to blindly trust a site but otherwise lock down and don't use.

Re:Time to go back to Firefox.

[AHuxley]

Time to get Brave AC.

Fork Chromium

[Anubis+IV]

Take what's good and keep going without Google. I wanted to get away from Chrome awhile back, so I spent a few weeks with each of the major browsers before eventually settling on Opera, in large part because I found the extensions for Safari, Firefox, and others to be lacking in comparison (Opera can natively run nearly all Chrome extensions). If Google is breaking what sets Chromium apart, it sounds like it's time to take Chromium out of their hands.

Re: Fork Chromium

[Killall+-9+Bash]

Like every other browser, Opera has been infected by airborne chromium-AIDS.

Re:Fork Chromium

[AHuxley]

People are smart and can update their browsers to enjoy video clips.
Should one browser be able to play content, so can another browser.

Re: Fork Chromium

[Anubis+IV]

I would imagine it's just as good as Chrome, given that they're both built on Chromium. The only reference I could find to it having issues was a Stack Overflow thread from 2009, which was back when they were still using their own rendering engine.

Rotate The Shield Frequency!

[Zorro]

Once again Google attepts to make resistance futile.

Re:Rotate The Shield Frequency!

[cas2000]

As someone who has been using squid to block ads and other annoyances since at least 1996 or 1997 (i.e. since animated gif ads became commonplace) I have to say that squid is no longer of much (if any) use in blocking ads.

That capability was a casualty of https everywhere - generally a good thing but with some unfortunate collateral damage.

With https, squid only sees a single CONNECT, it doesn't see individual URLs or requests, so is unable to filter any of them.

I rely mostly on uMatrix and uBlock these days....and spend far too much time fucking around with Stylus (which is useful not only for making sites readable by undoing cretinous web-designer abominations but also to, e.g., force "display: none !important;" on all sports and celebrity crap on newspaper web sites) and Tampermonkey

Ahha ahah ha ha ha!

[TigerPlish]

All the hand-wringing about Firefox having an extension apocalypse seems a bit hypocritical now, don't it.. whatever. It brings me amusement.

And FWIW, there is a network layer ad blocker out there already.. AdGuard. Yes it's payware. And it works great. It doesn't care about what browser you use.

Re:Ahha ahah ha ha ha!

[drinkypoo]

All the hand-wringing about Firefox having an extension apocalypse seems a bit hypocritical now, don't it.. whatever. It brings me amusement.

How? It sucked when Firefox did it, and it sucks now that Chrome is doing it. In fact, Chrome sucked in the past, before you could implement a good ad blocker on it, which was arguably by design. But Google made it possible to have a pretty good one, and now perhaps they aim to make it impossible again. Make Chrome Suck Again!

The two big questions to my mind now are which browser does it make the most sense to fork, and who should be in charge of it? I am using Pale Moon right now because it supports features I am using in extensions, but it is becoming increasingly outdated and I am concerned for its future.

Re:Ahha ahah ha ha ha!

[fustakrakich]

which browser does it make the most sense to fork...?

Netscape, it doesn't need to be forked. It just needs more extensions to avoid bloat in the core.

Guess its time to look into a pi hole

Got a friend who runs this, it blocks ads on all his devices, even mobile apps and "smart" TV when he is on his home network.

Re:Guess its time to look into a pi hole

[AHuxley]

The ads will be fully encrypted ad from the same server as the content. Stop the ads, stop the content.
That is why in browser filtering was so powerful.
The free powerful encryption was removed in the browser and the ads could be detected and blocked.
The new encryption protects the ads all the way into the users computer network and onto the browser.

Welcome to the return of Internet Explorer 2003

[xack]

Anyone who used the internet around 2003 knew it was almost all IE at 95%. We are getting close to that again with Chrome and chrome derivatives. Once we cross the threshold again developers wll stop supporting Firefox based browsers and HTML will be CML (chrome mark up language. We can stop Chrome but only if we act now.

Re:Welcome to the return of Internet Explorer 2003

[ewibble]

no, but we could bots to pretend to be firefox and visit the sites that record stats for browser usage, The main problem with using firefox is some sites clearly don't test for it anymore so don't work. The experience will improve it people believe it is used.

Re:Monopoly is never a good thing

You should read what Firefox thinks of Manifest v3
https://blog.mozilla.org/addons/2018/10/26/firefox-chrome-and-the-future-of-trustworthy-extensions/

pi hole is a flaming wreck

pi hole blocks access to loading some content, particularly CDN based ones that phone/tablet apps use. It lasted three days before I said fuck it and got rid of it.

Re:F__k Chrome

Firefox likes Manifest v3.
https://blog.mozilla.org/addons/2018/10/26/firefox-chrome-and-the-future-of-trustworthy-extensions/

inner milk of magnesium

[epine]

Before jumping ship, it's worth reading the actual thread discussing this change: https://groups.google.com/a/ch...

That was super useful. Almost makes you think it could be placed in the story summary ... but, nah, that might lead to useful discussion.

Yes, Google is listening with one ear, but the overall tone (so far as I scanned) ran the gamut from hostile to cynical to mind boggled.

Interestingly, it remained civilized as these things go, and there were few posts in the hallowed mushroom-cloud apocalypse tradition of the fight/fulminate/flight triangle of charred human remains, whose mortal moral fuses went outright Code Magnesium. While it's orbiting around that general quadrant, it's not yet an ad-blocker black hole of no return.

Nice that Google still dips their big toe into evil before jumping straight in, nigh irrevocably.

And yet, somewhere deep down, you know they want to.

Re:inner milk of magnesium

[Rob+Y.]

Well, that link no longer works, so I guess they didn't want their discussions made public.

But folks, it may be time to move beyond ad blocking to an era of, yes, government regulation of anonymous data mining - both in terms of what can be mined, how long it can be retained, and what can be done with it. There has to be some kind of balance between ad-funded 'free' services and the complete forfeiture of your privacy - along with your right to not be victimized by fraudsters.

Ad blocking used to be about turning off annoying animations that ate up our bandwidth and drove us nuts in the process. We've all got enough bandwidth these days, and the most annoying distractions have been done away with. But targeted advertising, and the tracking to enable it has become much more sinister.

In any case, Ad-blockers and anti-tracking plug-ins are an imperfect solution, and potentially expose you to new and different trackers (since these add-ons need to track your activity in order to stop others from doing it, they're always going to be potential malware vectors themselves). Now, eliminating such workarounds before addressing the underlying problem is no solution at all. But that doesn't mean we shouldn't be discussing solutions. And we can't let some arbitrary (okay, not completely arbitrary, but still..) anti-government stance blind us from the fact that sometimes, laws and law enforcement are more efficient than Rube Goldberg systems of using 'good' technology as a defense against 'bad' technology.

Re:inner milk of magnesium

[Martin+Blank]

If you clicked on the link in the reply, it doesn't work (epine may have cut it off unintentionally), but the original link does.

https://groups.google.com/a/ch...

F. this noise. FORK CHROMIUM NOW

Does google not understand? Just like Netflix, IF YOU FORCE US TO WATCH ADS WE WILL LEAVE.

All the minority browser vendors who use chromium as their core need to just get together and hard-fork, permanently. F-em. With a big enough group they can keep whatever APIs they want and maintain a better version without Google throwing their weight around. Sheesh.

Re:F__k Chrome

[ewibble]

At the top of this page they say

Another of Mozilla’s core principles is that an individual’s security and privacy on the internet are fundamental and must not be treated as optional.

It does make sense that they provide a common API with google, it makes developers lives easier and means extensions that would not be developed for Firefox because it is now a small part of the browser market would be. However if that API makes developers life hard or violates the core principles then that adhering only to that api makes less sense and they may change.

benefits google

[renegade600]

since a lot of the ads blocked are doubleclick and other google owned marketing properties, then, imo, this is more about google's bottomline than about security.

Re:benefits google

[Impy+the+Impiuos+Imp]

Not only that but if they get too good at blocking other ads while leaving their own in-place (even consent-gated) I suspect they are at risk of some kind of anti-trust.

Kind of how Microsoft kept Apple's heartbeat going for a decade when they were seriously struggling and could have yanked Office.

Re:WTF Google?!

[Mister+Transistor]

I think someone's testing a Markov bot...

Probably the most intelligent thing said here all day!

Re:So Why Would I Use Chrome?

[AHuxley]

Approved ads are the same as the other ads.
Down the https past any attempts to block them.
Given a fully protected path deep into the users browser past any attempts to block them.
Ads are now fully encrypted content from the same "server" as the content.

Re:WTF Google?!

[ConceptJunkie]

Is the code you used to generate this open source? 'Cause I'd really like a copy.