1942
submitted 1 year ago by Spudwart@lemmy.world to c/memes@lemmy.ml
you are viewing a single comment's thread
view the rest of the comments
[-] HonoraryMancunian@lemmy.world 11 points 1 year ago

most people don't even know this drama exists.

Guilty, I'm ootl. Can someone explain why my Everything feed is all about browsers?!

[-] AbidingOhmsLaw@lemmy.ml 23 points 1 year ago* (last edited 1 year ago)

Here’s the TLDR version:

  • Most users (at least in my observation, in the instances and communities i’m on) on Lemmy are privacy minded, open source fans, linux enthusiasts , etc.

  • Google is evil and will suck up any data they can find on you and sell it to anyone that will give them a buck. Lemmy users don’t like that. (me either)

  • Google also makes a lot of money selling ads that are crafted for your likes based on the data they steal from you. Lemmy users also don’t like that (me either).

  • Ad blockers will hamper some (not much) of google’s ad revenue so they don’t like them. many users use Ad Blockers ( I use an ad blocking DNS server)

  • Recently Google announced that their Chrome browser would not allow ad-blockers because it’s changing the functionality that ad-blockers use (Google sucks, don’t use Google stuff)

So that is why it’s showing up an Lemmy a lot right now.

[-] limerod@reddthat.com 2 points 1 year ago

I searched but could not find any announcement. Can you link where they say they won't allow adblock?

[-] Da_Boom@iusearchlinux.fyi 12 points 1 year ago* (last edited 1 year ago)

It's not like they actually announced it. They wouldn't do something so suicidal. However, they have changed the code API that add-ons like adblockers use under the guise of "keeping people secure"

These changes have essentially neutered adblockers so they're only 10-20% as effective as they once were.

Firefox has gone out of their way to speak out against this, that it doesn't help privacy or security quite as much as they say and ensures their browser still includes the code required to make add-ons like adblockers work properly.

Firefox isn't the only option, but most other browsers are based on chrome. Meaning they don't have a lot of options. Some have opted to build their own adblockers directly into the browsers, howeever those adblockers aren't as good options as having an unaffiliated add-on that we can swap out if it gets dirty, and starts taking money from advertisers to deliberately stop blocking specific ads from them.

brave is a particularly bad offender. It specifically actually only blocks ads that don't come from its own ad service - using adblockers as a means to stop other ad services from competing with it.

[-] limerod@reddthat.com 4 points 1 year ago

You guys are talking about the removal of manifest v2. According to a reddit post in ublockorigin. The lite version will be very limited compared to the regular version. Fortunately, Firefox still works, and it won't be an issue for a while(on mobile and desktop)

[-] AbidingOhmsLaw@lemmy.ml 10 points 1 year ago
[-] drekly@lemmy.world 1 points 1 year ago

It, and Google's own blog, says June.

We're way past June and adblockers still work?

[-] AbidingOhmsLaw@lemmy.ml 2 points 1 year ago

“ In June 2023, the Chrome Web Store will no longer allow Manifest V2 items to be published with visibility set to Public. All existing Manifest V2 items with visibility set to Public at that time will have their visibility changed to Unlisted. In January 2024, following the expiration of the Manifest V2 enterprise policy, the Chrome Web Store will remove all remaining Manifest V2 items from the store. “

Looks like existing ones might still work until January?

[-] Sonotsugipaa@lemmy.dbzer0.com 17 points 1 year ago

You've already got some answers, but the recent drama is specifically about a Chromium-centered API, called Web Environment Integrity.

It has been found on a Google engineer's Github account, and iirc it's being tested on Chrome.

It's basically web DRM.

The idea is that the API allows websites to require browsers to guarantee they are unmodified through a "third-party" attester, like Google SafetyNet (or whatever the fuck it got rebranded as) does.

Imagine if you were trying to access a mobile-only website on your PC, by changing your HTTP user agent string;
the website would refuse to serve you the page, and tell you "I don't trust you, are you really a Google Pixel?".
A real Pixel's browser would ask Google Play to vouch for it, and the website would trust Google Play (due to cryptographic shenanigans and whatnot); your browser, however, would not have an attester that:

  • is (claiming to be) universally accepted as trustworthy;
  • answers "yes, I'm a Google Pixel" on a PC;
  • has the necessary cryptographic secrets to work.

That doesn't sound too bad.
But, what if the attester can check your browser's extensions, and tell the website that you're running an adblocker (which is WEI's explicit goal)?
What if it also checks your system's running processes or applications?
What if you ran a debloater script for Windows, and the attester decided that a lack of ads in the start menu was sus?

What if it detected VPN usage? I know some governments that wouldn't like that, I bet they would like it if VPN users would be denied access to half the web...

[-] Blerenes@lemm.ee 3 points 1 year ago

If the comment about VPNs is true, I will lose touch of half of my friends and families that live in Iran. This is truly evil..

[-] Sonotsugipaa@lemmy.dbzer0.com 2 points 1 year ago* (last edited 1 year ago)

It's "true" in the sense that it could happen in theory, Google is (allegedly?) planning to use WEI for forcing people to see ads rather than China-firewalling the web; also, WEI was still under development last time I checked.

Whether the attesters that end up being universally trusted will poke around to check for VPNs is up for speculation, for now.

Even then, this is just an API for websites. If you use other means of communication, you'll be fine.

this post was submitted on 13 Aug 2023
1942 points (97.8% liked)

Memes

45573 readers
1915 users here now

Rules:

  1. Be civil and nice.
  2. Try not to excessively repost, as a rule of thumb, wait at least 2 months to do it if you have to.

founded 5 years ago
MODERATORS