Register a SA Forums Account here!
JOINING THE SA FORUMS WILL REMOVE THIS BIG AD, THE ANNOYING UNDERLINED ADS, AND STUPID INTERSTITIAL ADS!!!

You can: log in, read the tech support FAQ, or request your lost password. This dumb message (and those ads) will appear on every screen until you register! Get rid of this crap by registering your own SA Forums Account and joining roughly 150,000 Goons, for the one-time price of $9.95! We charge money because it costs us money per month for bills, and since we don't believe in showing ads to our users, we try to make the money back through forum registrations.
 
  • Post
  • Reply
FRINGE
May 23, 2003
title stolen for lf posting



And guess who will follow their masters?

https://blog.mozilla.org/addons/201...thy-extensions/

quote:

So I would like to publicly invite Google to collaborate with Mozilla and other browser vendors on manifest v3.

https://old.reddit.com/r/firefox/co...bo_and/eerce78/

quote:

We should stop being surprised. Mozilla has been following Chrome for years now. There's no reason to think that they'll do anything else.

...

Google's going to do what Google wants to do. Mozilla's going to do what Google wants to do. It's time for the rest of the Web to act like it's 2003 again and fork. Time for a new phoenix to rise. I hope that it can actually happen, because the Web is very different than it was then, and many more resources are required. But it is long past the point at which users and devs should prostrate themselves before Google and Mozilla. They do not serve us or our interests.

quote:

Mozilla already changed their whole addon API to be more compatible with Chrome. If Chrome now changes their extension API, Mozilla has to decide if they want to break this compatibility paid for by many man-hours, or follow Chrome and change the Firefox addon API in the same way. Mozilla has already showed that they wont hesitate to screw the addon developers if they are in the way of their goals.

There might be nothing on bugzilla yet, because Chrome hasn't implemented their changes yet so Mozilla has no point in starting to code changes which aint really fully known yet.

Adbot
ADBOT LOVES YOU

dont be mean to me
May 2, 2007

I'm interplanetary, bitch
Let's go to Mars





If they do, then the Web is dead.

Malloc Voidstar
May 7, 2007

Fuck the cowboys. Unf. Fuck em hard.

FRINGE posted:

And guess who will follow their masters?
Mozilla wanting Google to collaborate with them on the development of the web extension API makes total sense because they both use it and there's no standard. Saying "we want you to work on this with us instead of by yourself" is not Mozilla saying "we want to do literally everything you do".

The Mozilla guy saying it has privacy benefits is correct (due to how new adblockers would work) but he points out that the filter limit is too low and also he isn't on the team working on addons. It's just some random Mozilla guy. There is no reason to believe Mozilla is going to try and kill all good adblockers.

Nam Taf
Jun 25, 2005

I am Fat Man, hear me roar!



Storm One posted:

Have you enabled privacy.resistFingerprinting? If so it overrides a number of other settings, one of which is site specific zoom, despite what about :config may tell you.

(privacy.resistFingerprinting; true) + (browser.zoom.siteSpecific; true) = browser.zoom.siteSpecific; false

Thatd be it. Which is a surprise, because I have had it enabled for some time yet never noticed that site specific zoom was disabled. I am not sure whether maybe resistFingerprinting failed to override it as a bug until now, since I only came to notice it as soon as I upgraded.

It could certainly be coincidence, though.

As an aside, Id prefer if resistFingerprinting went through and changed all those other about :config flags. Firstly so I knew what was going on, and secondly so that I could choose to re-toggle on my own choice of balance between fingerprinting resistance and features.

Anyhow, thanks for solving that mystery for me!

Storm One
Jan 12, 2011




Floss Finder

You may still control site specific zoom with extensions and keep using resistFingerprinting's other features but that does undermine its purpose.

B-Nasty
May 25, 2005



Mozilla has to realize, with Firefox's puny market share, that the vast majority of users are somewhat-advanced, that is, the type of people that choose to use it over the simplicity of Chrome. Those advanced users are the exact type to hate crap like auto-suggested extensions. Features like that are unlikely to pull anyone towards FF, so why bother creating them?

orcane
Jun 13, 2012



Fun Shoe

Malloc Voidstar posted:

Mozilla wanting Google to collaborate with them on the development of the web extension API makes total sense because they both use it and there's no standard. Saying "we want you to work on this with us instead of by yourself" is not Mozilla saying "we want to do literally everything you do".

The Mozilla guy saying it has privacy benefits is correct (due to how new adblockers would work) but he points out that the filter limit is too low and also he isn't on the team working on addons. It's just some random Mozilla guy. There is no reason to believe Mozilla is going to try and kill all good adblockers.

Have you followed Mozilla/Firefox over the last, what, three+ years?

Powered Descent
Jul 13, 2008

We haven't had that spirit here since 1969.



Lightningproof posted:

Sorry for the basic question, but I can't seem to get an even vaguely-definitive answer anywhere else. If I use Chrome with uBlock Origin (with most filters turned on), uBlock Origin Extra, Decentraleyes, HTTPS Everywhere, and DNT on, is there really much of a privacy advantage from switching to Firefox? Depending on where I look, I either hear "Chrome just has worse default settings for user privacy but can be just as private as FF", or "Chrome contains in-built trackers you literally can't get rid of and the CIA laugh at your browsing history over lunch".

In Firefox you can turn on first-party isolation: each domain you visit gets its own sandbox of cookies. Facebook can still set a nasty-tracker.com cookie, but no sites other than Facebook can read it. They can set their own nasty-tracker.com cookie if they want, which again, no other site can read. If that breaks things you need (it can interfere with things like single-sign-on, for obvious reasons), then you can do the same thing yourself in a more targeted way with container tabs. I don't believe Chrome has anything that compares to either of those, short of running multiple browser instances with different profiles.

Firefox also has a setting to resist fingerprinting -- specifically, it always hands out the canvas fingerprint of Torbrowser, which is the most common fingerprint out there (since most others are unique). You can also turn off webRTC and webGL to prevent information leakage there, but that can probably be done on Chrome also.

Harik
Sep 9, 2001

From the hard streets of Moscow
First dog to touch the stars




Plaster Town Cop

orcane posted:

Have you followed Mozilla/Firefox over the last, what, three+ years?
I'm going to assume that Torbrowser will hard-fork at that point, because there's zero point in using a privacy-based browser if you can't block ads dumping unmasking malware on you constantly.

The guy on reddit is also a supreme idiot: Yes, let's block uBO from being able to do anything so that more credential-stealing javascript gets run on the main context. This is a good engineering tradeoff to make and also I appear to have eaten nothing but lead paint my entire life.


Also, let me tell you exactly how much fun that cookie-forgetting bug was when you deal with websites that require devices be confirmed by someone who isn't me just trying to login and get my work done.

jokes
Dec 20, 2012
jokes




If you, like me, are worried Firefox will go with Google and kill adblockers maybe consider getting adguard for your computer. It basically functions like a pihole, but only on your computer and not on your network; can even hide your IP kinda. I got rid of uBlock to see if adguard can handle ads without ublock and it works great!

xamphear
Apr 9, 2002

SILK FOR CALDÉ!

It's gonna rule when Chromium has 90% market share and strongarms HTML6 into including DRM. Pages coming as compiled and signed binaries, streamed from the server and there's nothing anyone can do to filter/block content.

Ola
Jul 19, 2004



xamphear posted:

It's gonna rule when Chromium has 90% market share and strongarms HTML6 into including DRM. Pages coming as compiled and signed binaries, streamed from the server and there's nothing anyone can do to filter/block content.

Just use IE/Edge then. They'll be slow to adapt and the implementation will be full of exploitable bugs.

Nalin
Sep 28, 2007



Hair Elf

Ola posted:

Just use IE/Edge then. They'll be slow to adapt and the implementation will be full of exploitable bugs.

Edge is switching to Chromium.

overmind2000
Nov 6, 2007

I'm an alien.



Seems like this is the perfect time to bring back KHTML

Ola
Jul 19, 2004



Nalin posted:

Edge is switching to Chromium.

Then the final hope is that HTML6 looks ugly and the Apple turtlenecks refuse to take part. If that too fails, summon the meteors.

xamphear
Apr 9, 2002

SILK FOR CALDÉ!

overmind2000 posted:

Seems like this is the perfect time to bring back KHTML
KHTML is what turned into WebKit...

Ola posted:

Then the final hope is that HTML6 looks ugly and the Apple turtlenecks refuse to take part. If that too fails, summon the meteors.
And WebKit is at the core of Chrome.... and Safari. There are differences, but they're more alike than not.

The situation is worse than you think. By this time next year, there's going to be WebKit (Chrome, Safari, Opera, Edge) with like 90% share and then Firefox hovering on the brink of irrelevance. Yay!

overmind2000
Nov 6, 2007

I'm an alien.



xamphear posted:

KHTML is what turned into WebKit...

I know, they should go back to square one and try again

xamphear
Apr 9, 2002

SILK FOR CALDÉ!

overmind2000 posted:

I know, they should go back to square one and try again
Can you imagine anyone looking at the current browser marketplace and thinking it was a good idea to introduce a new engine from scratch?

"Sure, it's an insane amount of work, and the big players throw up barriers left and right (iOS doesn't allow other browsers, Edge is preinstalled on Win10, Android and Chromebooks come with Chrome preinstalled, Google pushes Chrome hard at anyone who dares visit google.com or youtube in a different browser), but if we play our cards right, we might be able to make no money and have nothing to show for it!"

In theory, this is what Firefox and Mozilla are already positioned to do, but lol. Even with a browser ready to go, they're unable to maintain double digit market share.

Edit: Not that I blame Mozilla entirely for this. Google has spent a lot of money in the last decade creating the exact circumstances that we're seeing now. Their investment in Chrome will pay off nicely. That said, Firefox's performance going to utter poo poo right at the time Chrome was getting popular, and Mozilla kicking the can down the road for YEARS was really bad.

xamphear fucked around with this message at 18:11 on Feb 5, 2019

c0burn
Sep 2, 2003

The KKKing


All web browsers are, and have always been, absolutely terrible. It's pretty remarkable really.

Wheany
Mar 17, 2006

Spinyahahahahahahahahahahahaha!


Doctor Rope

xamphear posted:

It's gonna rule when Chromium has 90% market share and strongarms HTML6 into including DRM. Pages coming as compiled and signed binaries, streamed from the server and there's nothing anyone can do to filter/block content.

Good news, google's drm has been broken. And also the concept of drm is flawed.

The Merkinman
Apr 22, 2007

I sell only quality merkins. What is a merkin you ask? Why, it's a wig for your genitals!

Wheany posted:

Good news, google's drm has been broken. And also the concept of drm is flawed.
DRM? In my browser? It's more likely than you think.

Kerning Chameleon
Apr 8, 2015
Probation
Can't post for 4122 days!


The idea, I think is similar to how Twitch does its ads* and how Youtube keeps talking about doing: part of the content stream itself so they can't be blocked. You download and load everything, ads and trackers included, or you get nothing. That would defeat blockers, host files, piholes, etc. because it's all an irremovable part of the main content.

*Twitch's can be defeated with streamlink and the like, but the tradeoff is more of a feed delay.

Klyith
Aug 3, 2007

GBS Pledge Week


Kerning Chameleon posted:

The idea, I think is similar to how Twitch does its ads* and how Youtube keeps talking about doing: part of the content stream itself so they can't be blocked. You download and load everything, ads and trackers included, or you get nothing. That would defeat blockers, host files, piholes, etc. because it's all an irremovable part of the main content.

*Twitch's can be defeated with streamlink and the like, but the tradeoff is more of a feed delay.

I think that to serve complete webpages as an encrypted blob that only a DRM-compliant browser can unpack and view, you'd have to drop the CDN system that makes the web work these days. Or have an insane amount of processor power available, because the edge you're requesting a page from would need to look at it and fetch all the resources itself before packaging it up, on the fly.

Twitch livestream ads are unblockable because it's a live feed. Youtube trying to do the same thing is possible... But they'd have to do more than just stitch the ad into a video stream. They'd also need to refuse to serve the rest of the video for 30 seconds (time kept on youtube's servers, not the unreliable browser). That means they can't pre-load and the viewing experience gets much worse. And serving vids this way isn't free -- twitch has a much higher per-viewer load.


DRMing the web to own the adblockers is unrealistic. Converting all of youtube to a livestream format is realistic, but has enough downsides that google hasn't done it. Instead they're cutting back the power of extension-based ad blocking using the market dominance of chrome.

Ola
Jul 19, 2004



But would a DRM-based blob still fetch all the resources from the local browser? I.e. you can't modify the document but your computer still connects to content.com to get the content and shittyads.com for the ads. Because then it would become an OS-level cat and mouse game with blocking URLs/IPs.

But if the web server does all the fetching, then stitches it together in an immutable pdf-like document which you can either view or not, the cost of running web servers will sky rocket because they suddenly do all of your processing plus the external bandwidth in addition to serving it to you. An unintentional benefit will be that surfing will be very fast and mobile battery time will be great.

In the mean time I just hope someone can invent a good pay-per-view scheme that is cost effective, not based on Bitcoin and practical in use, so the whole ad based web can start going away.

Ola fucked around with this message at 10:32 on Feb 8, 2019

Geemer
Nov 4, 2010




Ola posted:

In the mean time I just hope someone can invent a good pay-per-view scheme that is cost effective, not based on Bitcoin and practical in use, so the whole ad based web can start going away.

Can't wait to (pay to) read the horror stories of people's internet bills being in the thousands because their kid kept opening that one video that had a huge price tag.

Lambert
Apr 14, 2018

by Fluffdaddy


Fallen Rib

It doesn't have to be perfect, even if it's running locally - making it much harder to adblock would reduce the percentage of users running blockers by a great amount. I don't think this is something we'll see in the near future, but it's certainly conceivable.

isndl
May 2, 2012
I WON A CONTEST IN TG AND ALL I GOT WAS THIS CUSTOM TITLE

Ola posted:

But if the web server does all the fetching, then stitches it together in an immutable pdf-like document which you can either view or not, the cost of running web servers will sky rocket because they suddenly do all of your processing plus the external bandwidth in addition to serving it to you. An unintentional benefit will be that surfing will be very fast and mobile battery time will be great.

The renderer still has to parse the blob so your processing requirements haven't changed, and your load times suffer because you have to download the full page blob before rendering instead of deferring some of it (e.g. some websites will wait on downloading images until you scroll closer to them on the page). Caching scripts and images is impossible so you waste more bandwidth navigating pages on a single website. You also run into load balancing issues because you cannot dynamically serve content from nearby CDNs if everything has to be secured into the binary blob. In short, there are no performance benefits from utilizing DRM blobs for web pages.

You could maybe make an argument for a secured blob for things that want to be insulated from potentially malicious browser add-ons, such as a banking site, but at that point you might as well just use a dedicated app instead of your browser.

Geemer
Nov 4, 2010




isndl posted:

The renderer still has to parse the blob so your processing requirements haven't changed, and your load times suffer because you have to download the full page blob before rendering instead of deferring some of it (e.g. some websites will wait on downloading images until you scroll closer to them on the page).

You've completely changed my mind. Please let this come to pass so infinite scroll websites will die in the fires of hell where they belong.

Ola
Jul 19, 2004



Geemer posted:

Can't wait to (pay to) read the horror stories of people's internet bills being in the thousands because their kid kept opening that one video that had a huge price tag.

If it's very badly made, that can happen. I rather make it good so it didn't.

isndl posted:

The renderer still has to parse the blob so your processing requirements haven't changed, and your load times suffer because you have to download the full page blob before rendering instead of deferring some of it (e.g. some websites will wait on downloading images until you scroll closer to them on the page). Caching scripts and images is impossible so you waste more bandwidth navigating pages on a single website. You also run into load balancing issues because you cannot dynamically serve content from nearby CDNs if everything has to be secured into the binary blob. In short, there are no performance benefits from utilizing DRM blobs for web pages.

You could maybe make an argument for a secured blob for things that want to be insulated from potentially malicious browser add-ons, such as a banking site, but at that point you might as well just use a dedicated app instead of your browser.

Yes, good points, but evaluating javascript and connecting to different servers, downloading ads etc, takes longer than simply "display this image data", if the ad has been selected server side. But it's much worse for the server and the total performance would probably go down for all parties yes. But if that's what Google wants to do, they could re-do web architecture as well, so they become the supreme unblockable ad supplier who can afford the performance hit and whose mobile devices mysteriously display their ads very fast but others' very slow.

Kheldarn
Feb 17, 2011




Geemer posted:

You've completely changed my mind. Please let this come to pass so infinite scroll websites will die in the fires of hell where they belong.

Hey! C'mon, now. Hell is too good for infinite scroll websites.

Avenging Dentist
Oct 1, 2005

oh my god is that a circular saw that does not go in my mouth aaaaagh

Lambert posted:

It doesn't have to be perfect, even if it's running locally - making it much harder to adblock would reduce the percentage of users running blockers by a great amount. I don't think this is something we'll see in the near future, but it's certainly conceivable.

As long as adblocking is possible, it'll be easy for users to do it since the hard work will be done by the people maintaining the adblocker and the filter lists. The only real ways to defeat adblockers are 1) come up with a perfect solution that permanently kills them, 2) win the arms race against adblockers with imperfect but constantly-changing anti-adblockers, or 3) make it harder to distribute adblockers (e.g. making them illegal, crippling the webextension hooks needed to make a functioning adblocker).

Volguus
Mar 3, 2009


Avenging Dentist posted:

As long as adblocking is possible, it'll be easy for users to do it since the hard work will be done by the people maintaining the adblocker and the filter lists. The only real ways to defeat adblockers are 1) come up with a perfect solution that permanently kills them, 2) win the arms race against adblockers with imperfect but constantly-changing anti-adblockers, or 3) make it harder to distribute adblockers (e.g. making them illegal, crippling the webextension hooks needed to make a functioning adblocker).

#1 is trivial: just serve the ads from your domain/site, without any distinguishing attributes. You can kill images from the site, but that would kill basically all images, all media. Of course, that kills the "bid for ads for this user" feature as well. Oh well.

Avenging Dentist
Oct 1, 2005

oh my god is that a circular saw that does not go in my mouth aaaaagh

Volguus posted:

#1 is trivial: just serve the ads from your domain/site, without any distinguishing attributes. You can kill images from the site, but that would kill basically all images, all media. Of course, that kills the "bid for ads for this user" feature as well. Oh well.

That's not really a solution. Not only do you have to ensure that the ads are served from the same domain (and path) as legitimate images, you also have to ensure that there's no way to distinguish them by their position on the page. If you do that though, chances are good you'll run afoul of the FTC.

Volguus
Mar 3, 2009


Avenging Dentist posted:

That's not really a solution. Not only do you have to ensure that the ads are served from the same domain (and path) as legitimate images, you also have to ensure that there's no way to distinguish them by their position on the page. If you do that though, chances are good you'll run afoul of the FTC.

? How come? What does the FTC have to do with this? Other than the fact that is entirely undesirable for a site to run its own advertising platform and nobody will ever do it, what other issues are with this approach?

Wheany
Mar 17, 2006

Spinyahahahahahahahahahahahaha!


Doctor Rope


Yes, and Google's DRM, Widevine, has been broken.

Ola
Jul 19, 2004



Volguus posted:

#1 is trivial: just serve the ads from your domain/site, without any distinguishing attributes. You can kill images from the site, but that would kill basically all images, all media. Of course, that kills the "bid for ads for this user" feature as well. Oh well.

The bidding can happen on or behind the server before it serves the page and you can have new ways of displaying ads, like every picture is an animation that's either a still editorial picture or an alternating editorial and ad. It surprises me how little effort they put in to spoof the blockers really. I think it could be a great cat and mouse game that lasts for years.

Klyith
Aug 3, 2007

GBS Pledge Week


Ola posted:

The bidding can happen on or behind the server before it serves the page and you can have new ways of displaying ads, like every picture is an animation that's either a still editorial picture or an alternating editorial and ad.

I remember sites that were kinda doing that with flash, though not the rotating editorial / ads thing. But like you needed flash to see page content and then the same flash applet was used to show ads.

Though this verges back on the FTC thing Avenging Dentist brought up: you have to clearly distinguish advertising. So if the ads are mixed in with real content at that level, you now have to review all the ads to make sure they're recognizably ads.

Ola posted:

It surprises me how little effort they put in to spoof the blockers really. I think it could be a great cat and mouse game that lasts for years.

The ads don't pay enough to be worth playing cat. The internet advertising model moved away from per-view and to per-click or even to action tracking where they pay based on ads that lead to sales, so bending over backwards trying to force views is kinda pointless. What are the chances an ad-blocking user is gonna engage with an ad which makes it through his filter? Pretty low.

This is why every site started doing video content, because video ads are (or were) back on the per-view payments.

Wheany
Mar 17, 2006

Spinyahahahahahahahahahahahaha!


Doctor Rope

Klyith posted:

This is why every site started doing video content, because video ads are (or were) back on the per-view payments.

Also because advertisers lied about the number of views videos get

Ola
Jul 19, 2004



Klyith posted:


The ads don't pay enough to be worth playing cat. The internet advertising model moved away from per-view and to per-click or even to action tracking where they pay based on ads that lead to sales, so bending over backwards trying to force views is kinda pointless. What are the chances an ad-blocking user is gonna engage with an ad which makes it through his filter? Pretty low.

This is why every site started doing video content, because video ads are (or were) back on the per-view payments.

Good points. In the case of fighting blockers, it might happen if passive users get blockers included in their phone, OS or browser, instead of frothing ad-haters like me who actively seek out blocking.

Video content was promised to be the saviour of journalism etc, but it turned out to be wrong and they are not making nearly the amount of money they thought they would, plus it costs a lot more to produce. Facebook gets part of the blame for doctoring view numbers, as Wheany says. Big parts of the ad industry is troubled with fraud, lots of views and clicks are just bots orchestrated by ad sellers. It sucks for everyone involved, that's why a great content payment model is so sorely needed.

It comes with its own set of complexities of course, one of many being that ads make for instance youtube videos "free" for everyone, including those in the third world who might otherwise struggle to take part in a paid model.

Adbot
ADBOT LOVES YOU

The Merkinman
Apr 22, 2007

I sell only quality merkins. What is a merkin you ask? Why, it's a wig for your genitals!

Every website should be ad-free and no paywall! I'm entitled to free content!!!1

  • 1
  • 2
  • 3
  • 4
  • 5
  • Post
  • Reply