back to article After outrage over Chrome ad-block block plan, Google backs away from crippling web advert, content filters

Google has proposed changes to its Chrome Extension renovation plan that answer some but not all of the concerns its Manifest v3 technical specification. The initial changes, announced in October last year, set off alarm bells last month when a critical mass of Chrome plugin developers finally realized what Google intended. …

  1. Just A Quick Comment

    So, basically, no change there

    So Google on Android will still allow all the annoying adverts we know and hate, just because advertisers are more important then web page viewers. Follow the money trail...

    1. adnim Silver badge

      Re: So, basically, no change there

      Not if ya root it. I never seen an ad on my phone, more than once.

      1. Graham Dawson

        Re: So, basically, no change there

        No root for my phone just yet (at least last time I checked), but I only use a couple of paid apps and Firefox, so I never sent ads either.

        Next phone will have to be one I can root and strip out the Google crap entirely. Maybe lineage has a rom for this one now...

        1. quxinot

          Re: So, basically, no change there

          You can also use a pihole for DNS if you have access to network settings on your phone. Another option is to use a VPN and have adblock set up through that.

          Kinda sad that the best part of most browsers is the plugins/extensions, when you think about it.

        2. JohnFen Silver badge

          Re: So, basically, no change there

          If I can't root it, I won't buy it. I even returned a phone because I couldn't root it (and told them why I was returning it).

      2. Sgt_Oddball Silver badge

        Re: So, basically, no change there

        Or just run Firefox with an ad blocker extension. No rooting required..

      3. Piro

        Re: So, basically, no change there

        Rooted android + adaway + firefox with ublock origin = no ads anywhere in apps or the browser

      4. K Silver badge

        Re: So, basically, no change there

        No root needed - download and install Blokada, its free and open source.

        Blokada creates a local VPN profile, that all traffic gets pushed through, this allows it to filter ad requests etc. Its got extensive support for 3rd party blacklists (include AdAways own list).

        1. Sil

          Re: So, basically, no change there

          Thanks for this!

          Just switching from Windows Mobile, I have tons to learn about Android, and I am appalled I can't do simple things such as choosing a color for BG or text color without resorting to tricks (black jpg) or downloading apps.

          Any recommendation on which dns server I should choose with blockada? DNS AdGuard?

          Do you know if the S8 is rootable & would it affect development of apps for the Google store?

        2. JohnFen Silver badge

          Re: So, basically, no change there

          The problem with VPN-based filtering is that you can't use those apps and a VPN at the same time. If you don't use a VPN normally, then this doesn't matter.

    2. Boohoo4u

      Re: So, basically, no change there

      Partially, but it sounds like Google proposal would have broken a lot of plugins/functions beyond the intended ones.

      It’s a work in progress.

    3. big col

      Re: So, basically, no change there

      No need to root. Just use BlokAda on Android. Works wonders I have never seen an advert on my phone.

      Pages load faster, and a huge monthly data saving

      And of course Pi-hole for my home network.

      1. Anonymous Coward
        Anonymous Coward

        Re: So, basically, no change there

        Set up pi-hole

    4. bombastic bob Silver badge
      Devil

      Re: So, basically, no change there

      well, if "strip cookies" is possible, why not "strip script" ? And, if the script is "any 3rd party javascript" or "any URL matching a pattern" (such as 'analytics'), it would greatly simplify the ad blocking, wouldn't it?

      Do most everyone else pretty much agree that the SINGLE! BIGGEST! PROBLEM! is the 3rd party javascript being used by ads and "tracker bugs" ? And that if we SIMPLIFY getting rid of those things by stripping them out of the content, EVERYONE would be better off???

      1. Weiss_von_Nichts

        Re: So, basically, no change there

        I have been using NoScript for so long that I really was wondering who in the world would still allow tracking scripts to run in their browser before I recalled that the most users might indeed block ads but not unwanted scripts. For whatever reason.

        1. JohnFen Silver badge

          Re: So, basically, no change there

          Indeed. Personally, blocking scripts is much more important. I don't block ads specifically, but I absolutely block scripts.

      2. M.V. Lipvig

        Re: So, basically, no change there

        Everyone except Google, the provider of Chrome, that is. And there's the real problem, allowing data mining companies like Google to provide browsers and block competitors. I still can't get Firefox on my Droid phone, for example.

        1. stiine Bronze badge
          Unhappy

          Re: So, basically, no change there

          They not only author a web browser, but they've convinced Opera, Microsoft and some of the bastards at Mozilla that the Chrome rendering engine is a masterpiece.

        2. DragoCubed

          Re: So, basically, no change there

          Droid as in Motorola Droid? Or droid and is Android?

          Either way, you should be able to install it. Is it a problem with the Play Store? Try APKmirror if you haven't.

    5. DragoCubed

      Re: So, basically, no change there

      Firefox, Blokada, Bromite, Samsung Internet, the list goes on.

    6. Gordan

      Re: So, basically, no change there

      Use FF instead of Chrome, it really is that simple.

      All of my critical FF plugins work on Android the same as they work on desktop operating systems:

      - Ghostery

      - Ad Nauseam

      - NoScript

      - HTTPS Everywhere

  2. Updraft102 Silver badge

    Users need to have greater control over the data their extensions can access...

    Are you sure you meant 'users' and not 'Google'?

    They're going to limit the ability of the addon APIs to do what the users want the addon to do, and that's the same as the user having greater control, apparently.

    Why stop there? Why not give the user total control over the data their extensions can access, and just get rid of extensions completely? Since the user having control means limiting the kinds of addons the user can choose, of course.

    1. notamole

      They don't even offer the most basic level of control, which would be deciding which permissions to grant an extension, Firefox is the same. You either accept every permission or GTFO. Obviously most of them will be necessary for the addon to function, but some are clearly just for slurping.

      1. DragoCubed

        WebExtensions

        Reminds me of how Firefox crippled their extensions and started from scratch with WebExtensions for something more Chrome like.

        That being said, it does let them update Firefox without breaking Add-ons.

        1. JohnFen Silver badge

          Re: WebExtensions

          "it does let them update Firefox without breaking Add-ons."

          It does. But that benefit wasn't worth the loss of functionality.

          1. DragoCubed

            Re: WebExtensions

            A little off topic and very late but I just realise I accidentally posted my reply 3 times. How on earth did that happen?

      2. This post has been deleted by its author

      3. This post has been deleted by its author

  3. ThatOne Silver badge
    Black Helicopters

    Who are we kidded by?

    As Google said, "there's too much abuse to maintain the status quo". Translation: "Too many people are using the existing extensions system to filter out our livelihood - this had to stop now".

    This problem can only be fixed by a new, toothless extension system which does allow harmless fluff, but can't possibly be used to damage Google's bottom line. Why are people so surprised about the whole thing?

    The only real question is, will Google put enough pressure to Firefox so it neuters itself too? Because if it doesn't, a Chrome "Now guaranteed with more ads!™" might have a hard time keeping its #1 position.

    1. Doctor Syntax Silver badge

      Re: Who are we kidded by?

      Because if it doesn't, a Chrome "Now guaranteed with more ads!™" might have a hard time keeping its #1 position.

      Especially against a forked Chromium without ads rival. In fact, if you were going to the trouble of forking Chromium why not build the ad-blocker in as part of the browser?

    2. Bruce Ordway

      Re: Who are we kidded by?

      >>>Chrome... limit... API...replace with a neutered version(s).

      >>>will Google put enough pressure to Firefox so it neuters itself too

      Which is why I'm already running FireFox ESR (for now)

      I've already decided that I'm losing too much functionality with Quantum (at least NoScript has managed to mostly survive).

      I've hoping some clear alternatives to Chrome/Quantum will emerge in the near future.

      To date I haven't heard of any browsers that are compelling.

      1. JohnFen Silver badge

        Re: Who are we kidded by?

        "I've already decided that I'm losing too much functionality with Quantum"

        Yes, me too, and it doesn't look like the missing functionality will ever be replaced. That's why I've switched to Waterfox.

    3. bombastic bob Silver badge
      Devil

      Re: Who are we kidded by?

      Modifying the browser extension APIs in an underhanded way that seeks to underhandedly remove choice and freedom from the customer base will ONLY create a vacuum, into which a competing product can jump.

      The bar is higher now, because of all of the "scripty" crap, and it's not just HTML any more, it's HTML5 and backward compatibility and DOM and plugins and who can imagine what else...

      But I've been *VERY* irritated by the directions that browsers are heading into. I think that a 'webkit' kind of approach is the correct one, in which the front end (like Midori as one example) uses a standard engine (like webkit, for example) which is adapted for your GUI toolkit (like gtk or Qt, for example), to run on "your platform".

      So I should be able to use "my front end" which is 3D skeuomorphic and has built-in 'NoScript' and URL black-listing capabilities, for example, as a WRAPPER around "the rest of those things", to provide a competing browser that has some straightforward ad-blocking capability. And the vast majority of the security-related problems would be in code I don't have to maintain.

      yeah, just need $$$ so I can devote time to it...

    4. mesophyl

      Re: Who are we kidded by?

      just use the Brave browser. It has build in Tor, Torrent and all adblocking and scriptblocking you need.

      Chromium based but all Google shit taken out. And all google extensions still work if you need them.

    5. hellwig Silver badge

      Re: Who are we kidded by?

      Exactly, what constitutes abuse in this space?

      Google provides API

      Someone creates plugin

      User must install plugin

      User users plugin to customize browser....

      Where is the abuse?

      This isn't something unscrupulous third-party actors can push out (this isn't a vulnerability with websites). Sure, you need to trust the plugin creator, but Google assumes some of that responsibility by being the only host for "trusted plugins" (thanks Google!, keep uninstalling my work's remoting plugin EVERY DAMN TIME I relaunch you).

      The abuse referred to is, as mentioned, the abuse against Google by users.

  4. A.P. Veening

    Pi-Hole

    As already mentioned by others before, just use a Pi-Hole. Unfortunately I can't yet get the Pi-Hole app to run on my Android but it runs nicely on the Raspberry Pi.

  5. overunder

    "Do no Evil" or "Do no progression"?

    Google === Trap. Look around, their web browser just runs faster, it never innovates. How long did it take for them to spend a dime on developing tab functionality? Chrome is fast, but it's fast trash. Without Android, it would of failed in 5 years.

    "...like the difficulty of using ServiceWorkers as a replacement for persistent background pages to handle resource-intensive background processes like decryption and DOM parsing"

    What difficulty? Workers have a very simple API, why does the current generation of web developers think this shit is rocket science, are they that stupid? Also, while it would be nice to allow workers to manipulate the DOM directly, it would also be nice not to be marooned into 1 language... Javascript. Google has approached a replacement once that I know of (the C-subset of which I can't remember the name), but Mozilla seems to tirelessly find new ways around using Javascript. Maybe just let Mozilla present a new standard (outside of Wasm) and go from there?

    Google's approach of "let's compile everything to machine language" has proven it works great, but that isn't a new approach, just a old method applied to a new platform. But Google really isn't trying anything new unless it is to increase Ad space mechanics of which have nothing to do with functionality for the developer. Again, all they do is apply historic methods to the current web platform, which is the GUI browser engine. People laud them for things that are essentially ported to and for the browser, but have always existed prior to Google's development.

    I like Javascript, I think it's find as it is, type-less and all, but to have only 1 working language that wasn't designed for speed is a bit hard to grasp in 2019. Mozilla really has been trying to find alternatives, but they go largely shadowed by Google's massive half-truth campaign that is essentially "For advertising, with a side of development". Google ultimately is approaching a stalemate that they do not want to solve... functionality or profit.

    1. bombastic bob Silver badge
      Mushroom

      Re: "Do no Evil" or "Do no progression"?

      usually, I prefer something that lacks "feature creep", i.e. the developers focus on PERFORMANCE instead of "new, new, shiny" and PISSING! ME! OFF! with features like Australis 2D FLATTY McFLATFACE everywhere...

      "let's compile everything to machine language", if it provides PERFORMANCE, sounds good to me.

      What I don't want: another thing WORSE than the BRIGHT BLUE ON BLINDINGLY BRIGHT WHITE 2D FLATTY McFLATFACE look that has been CRAMMED UP OUR ASSES for the last several years...

      /me still uses an ESR version of firefox that pre-dates 57 with the "classic Firefox" plugins, on Linux and FreeBSD. And I don't surf the web from windows. So there ya go. no need for 'feature creep'.

  6. bpfh Bronze badge

    Back to Firefox...

    After being an IE fanboy for years due to Firefox becoming a memory hogging monster , Chrome was a big surprise and I jumped on it in a big way, but the increasing data slurp, memory issues, lack of flexibility in declaring internal sites as trusted and save, I ended up a couple of months ago trying out Firefox again, and was pleasantly surprised. I did have a moment of doubt when I got a notification that firebug was going to have issues but the built in tools were good. I am now only using FF and happy with it.

  7. Steve Knox

    So why change the API?

    "Users need to have greater control over the data their extensions can access,"

    It's SUPER-simple to give users full control over the data their extensions can access without changing your API.

    Just add a new page to settings with a dropdown of extensions and a list of every class of data, with checkboxes. Have the API fail gracefully for any unchecked combination of extension/data. Problem solved.

    Or do you really mean "Chrome needs to be able to restrict the data extensions can access 'on behalf of' users, making their decisions for them in a way which is, of course completely impartial and has no ulterior motive whatsoever."

  8. Utrecht

    pi-hole

    I have just two words for you: "pi-hole"

    1. Anonymous Coward
      Anonymous Coward

      Re: pi-hole

      For those who live only within they access point range...

      And no, for most people setting up a VPN to navigate through a network where a pihole is installed is beyond their capabilities.

      1. slimshady76
        Black Helicopters

        Re: pi-hole

        That's why apps such as DNS66 (available on F-droid) are a good solution, without resorting to root or something more convoluted.

  9. Mattknz1

    Firewalled into Oblivion.

    Blocked advertising categories along with Google DNS at work and at home. Haven't seen an ad in 5+ years.

    Would be hard to go back to a domestic router again.

  10. 89724102172714182892114I7551670349743096734346773478647892349863592355648544996312855148587659264921

    Entities often present themselves as contrary to their true nature: "Don't be Evil", means the exact opposite

  11. Anonymous Coward
    Anonymous Coward

    Don't like rooting :(

    Why should you have to root a device to run what you like ?

    Also it can end up in a war of escalation if you are using BYOD software that refuses to run on a rooted device. My last place had a policy that6 you had to sign that *if* you were using a BYOD it must not be modified to bypass the function of the enterprise software (Which was Good in this case). By default Good throws a wobbly if you are rooted, so installing something to fake a non-rooted device would have been a disciplinary.

    1. JohnFen Silver badge

      Re: Don't like rooting :(

      "it can end up in a war of escalation if you are using BYOD software that refuses to run on a rooted device."

      I strongly recommend against running such software on your own devices (they tend to be frighteningly intrusive). It's much more secure to simply not allow your personal devices to connect to your employer's systems at all. That's better for your both you and your employer. If a device is required at work, your employer should provide it.

    2. Gene Cash Silver badge

      Re: Don't like rooting :(

      If you use Magisk Manager, it bypasses the checks, so Google Pay, my banking app and that pokeymans crap runs.

      I think of rooting a device as a test to see if you're technically competent enough to use the abilities that root gives you. It's a hurdle that keeps the average joe from ballsing up his phone at every opportunity.

  12. CloudWrangler

    What part of "my cold dead fingers" did you not understand?

    Well, looks like its time to look for a new browser, since Google has totally lost the plot. So long as ad networks allow ANY kind of active content, I will block any and all ads in self defence. It's the only sure way to avoid virus and adware infections via the known vector of ads.

    1. Anonymous Coward
      Anonymous Coward

      Re: What part of "my cold dead fingers" did you not understand?

      Screw the virii, it's just the mass of ad scripting that gets dumped into my browser from so many sites.

      What I don't understand is how the general public does not rebel against it. Are they so very conditioned to accept ads galore, janky scrolling for the first ten minutes while scripts are parsed, and anal exams every time they surf a new site? Is THIS our Brave New World?

  13. Dwarf Silver badge

    Anyone want to place a bet ?

    How long before they march forward and do it anyhow ?

  14. Anonymous Coward
    Anonymous Coward

    Just moved back to firefox and was pleasantly surprised at how much its improved. Can even play 60fps youtube vids without dropping frames unlike chrome....

  15. sabroni Silver badge

    embrace, extend....

    What's next?

  16. DragoCubed

    Control

    Google: "Users need to have greater control over the data their extensions can access,"

    Also Google: "Let's remove user options and control for "security"! Pfffftt. Who needs a permission system? Removing options is working so well on Android. Users don't know anything and options confuse them because opt-in and opt-out defaults don't exist!"

  17. SVV Silver badge

    Outrage!

    I downoaded a browser given away "free" by the world's biggest web advertising company and I'm appalled that it's making me see web advertising!

    Gee, maybe you could try one of the alternatives that does let you customise it, and stop being too over impressd by the "Chrome has the fastest bstest rendering engine" stuff that Gogglle have promoted so successfully.

  18. JohnFen Silver badge

    You can't have both

    Do you want a system that is powerful and allows remarkable capabilities and experiences (many of which haven't been invented yet), or do you want a system where you don't have to remain constantly vigilant and constantly maintain good security practices?

    Because you can't have both at the same time.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019