Chrome will prevent any ad blockers that aren't AdBlock Plus

Which, coincidentally, allows advertisers to buy immunity from your desire to block them:

A new version of Chrome that will be released later this year will break a number of ad blockers according to a new bug report submitted Tuesday by Raymond Hill, the maintainer of the popular ad blocking service uBlock Origin. [...]

Instead, ad blockers will have to rely on an API called "declarativeNetRequest" which requires them to specify which types of network requests from ads they should block in advance, rather than allowing the dynamic blocking capabilities found in uBlock. The difference is like if you were charged with protecting a house, but could only pick a few of doors to protect in advance and hope your adversary chose those doors, rather than being able to move through the house and choose which doors to protect based on the ones an adversary was actually attacking.

This API was styled on the way that AdBlocker Plus blocks ads, which is far less robust than uBlock Origin. (Not to mention that AdBlock Plus also allows companies to pay to have their ads whitelisted, regardless of user preferences).

Sure, run a web browser developed by the world's largest advertising company.

What could go wrong.


Tags: , , , ,

41 Responses:

  1. Another reason to use Brave.

    • Aidan Gauland says:

      Still far, far more reasons to stay the hell away from that one.

      • Xane says:

        What "reasons" are you referring to? Spell it out for us laymen, thanks.

        • MattyJ says:

          Just one. Brave is another advertising platform disguised as a browser, and not the most functional browser out there, either.

          If you wanna support a snake oil salesman that's anti-gay, then go right ahead, I guess.

        • Aidan Gauland says:

          * Still driven by an ad-based business-model
          * Uses cryptocurrency
          * Worse yet, a misleading revenue model. (See this article
          * Brendan Eich's ego

          • Xane says:

            The advertising model and cryptocurrency aren't essential parts of the browser, however. While I agree there are problems with the BAT token, e.g. due the crowdsale mechanics the distribution is skewed to favor a minority of wealthy investors/early adopters, that shouldn't suggest a a better designed crypto token couldn't be used in the future. I'm not a support of advertising myself but I have no objection to making this functionality available to users who desire it. Good trade offs, IMHO.

            • Brendan Eich says:

              All the anonymous microdonation and ad stuff is optional and off by default. See which shows the BAT User Growth Pool, Binance, and Bittrex as three largest accounts -- after that ownership is dispersed well (beware Gini coefficient measures that do not exclude the UGP and two big exchange liquidity pools).

              Counting advertising out and expecting most publishers to keep lights on is daring but looks foolish, with ad spend (much wasted on fraud and garbage) > $100B in the US alone last year. Brave ads are anonymously matched on device, no tracking scripts or cookies, and anonymously confirmed using Chaum blind signatures. Microdonations use ANONIZE ( We're building a global and private system here, not trying to cash in on the unreal claims of "programmatic advertising" where only Google, FB, Criteo, and a few others win and everyone else loses.

    • Please don't use Brave, they are scamming small creators:

      (And it's just a fork of Chromium, anyway.)

      • Nick Lamb says:

        Please reify Twitter threads rather than linking Twitter, I know the link seems to work fine for Twitter users, but not so for everybody else. If a random non-Twitter user follows this link Twitter will do their upmost to make them join and install the Twitter app so they can be tracked properly, if they don't seem to be getting any traction they'll randomly "have problems" and be unable to serve your content so the user can't read it as a final swipe. At least Reddit links do eventually go to the thing you linked after you dismiss enough "But please, please, please install our app. Please do. Please" dialogs.

        It's a walled garden, that's how they want it, and that is apparently how their millions of users, from the President of the United States down to each individual nazi screaming obscenities, like it. Don't feed it.

        • hellpé says:

          I guess by "reify" you mean "link to a page that includes the whole thread in an easier-to-read layout, rather than to Twitter directly"? If so, which "reification" website whould you recommend to do this?

      • Brendan Eich says:

        Here is Tom Scott giving his approval to the changes we made based on his feedback:

        "A final update on the thread about Brave: they're now opt-in for creators! While it's still possible to tip folks who haven't opted in, the data is stored in-browser and the UI has been clarified. These are good changes, and they fix the complaints I had!"

        • Matt Lee says:

          Did everyone who donated get their money back and an apology?

          • Brendan Eich says:

            Opt-in users who donated did so with terms and anonymity barrier in plain sight. Latter means no refunds, because the zero knowledge proof protocol we use means no linkability to any user id and no linkability among tips/donations. We hold funds for unverified creators indefinitely. In latest update, we hold nothing: instead, each user holds tips and automatic contributions for unverified creators browser-side.

            There is nothing to apologize for. I don’t do fake apologies.

  2. Aidan Gauland says:

    The drama will play out here:!topic/chromium-extensions/veJy9uAwS00

    Devlin Cronin's defence in bullet points (from the thread linked above):

    - The webRequest API is not going to go away in its entirety. It will be affected, but the exact changes are still in discussion.
    - This design is still in a draft state, and will likely change.
    - Our goal is not to break extensions. We are working with extension developers to strive to keep this breakage to a minimum, while still advancing the platform to enhance security, privacy, and performance for all users.

    Not terribly reassuring. Watch this space.

    • Nick Lamb says:

      Feedback checkbox.

      "Did you ask for feedback before making this change? If you did not the change will be be permitted [ ]"

      I've been here before with Chrome, and with plenty of other projects

      You can't enforce a rule about this sort of thing, the checkbox doesn't actually achieve what it sets out to, because you cannot, in fact, make your teams react to feedback you can only force them to mime the "ask for feedback" action. Actually taking feedback in your organisation has to be a social change all the way up, it means a world where the people at the very top take feedback, do you feel like that's our world? No right, so the feedback checkbox remains a pitiful acknowledgement of failure.

      "In case of any doubt wake the master" is another rule like this. A vessel's master is only human and must sleep. When they're asleep there are standing instructions for the deck officers, and almost invariably one of them is either literally or equivalent to "in case of any doubt wake the master". After all boats are slow, most mistakes will take longer to become irrevocable than it takes to rouse a man from sleep.

      But on both military and civilian ships you will see a reluctance to actually obey this order. Officers on watch would rather insist they have no doubt that going at full speed into that fog bank was a good idea than admit they aren't sure what's happening and disturb a man (almost all of them are men) whose influence over their future career is so huge. To be sure sometimes the idiot who crashed the boat into a rock is the vessel's master, but very often the master would have known better but alas he was sound asleep throughout.

  3. Brendan Eich says:

    Apple did something similar with iOS9 and WKWebView: to restrict arbitrary code running in what would become a network process or thread, they limited blocking to what can be expressed using a set of 50,000 DFA (note: not Perl or JS-like NFA) rules. My Safari/WebKit pals were tired of bad apps perpetrating arbitrary "network stack takeover" hacks. But Apple has the high end brand halo, and anyway gets away with this in large part because it isn't the world's biggest digital ad business.

    Google has similar motivations on notionally-sound engineering grounds: keep webRequest from being abused by bad extensions. But it has a huge conflict of interest because it is the largest digital ad system and one of the largest publishers, all in one. What's more, in the case of uBlock Origin and uMatrix, it has two exemplary blocking extensions that it should not break just because of some bad extension or other which it ought to have blocked from the Chrome Web Store already. So something is rotten in the state of Denmark -- news at 11.

    Brave is immune to these shenanigans because we consciously eschewed building on Chrome extension sand. We can do whatever we need to in C++ and pay a progressively higher fork tax if it comes to that. We already do pay some fork-tax, e.g., disabling all of the Chrome spyware signaling tied to Google accounts (see Yes, if you logged into Chrome since 2016, your browsing was surveilled for ad targeting; since Sept. 2018, if you logged into gmail in a tab but not into Chrome, Chrome logged you into the browser in order to surveil you.

    This conflict of interest outcome is predictable and boring by now. Use uBO on Chrome and (now that we support almost all Chrome extensions) use Brave.

    • M. N. says:

      As far as I can find, Brendan Eich has not shown any remorse or contrition for his negative attitudes towards equal rights for his fellow citizens, so I am unwilling consider his advice or suggestions, and I hope other people are equally unwilling.

      Brendan may believe that everyone should set our political beliefs aside to discuss an unrelated technical issue. However, as he pointed out, this not just a technical issue. There are moral and social angles, and he has demonstrated moral and social untrustworthiness. (Also: I admire repeating the phrase "conflict of interest" in the process of flogging his own off-brand-bitcoin browser gewgaw.)

      This is not an attempt to cast Brendan out of polite society for minor dissent or for his apparent Christianity. Characterizing my stance that way just minimizes the extent of his moral failing. He took material action to marginalize a group seeking equal rights. I hope, in turn, that he finds himself marginalized.

      I am not as angry at him anymore for what he did, as I am angry that after all this time he has neither recognized his failing, nor apologized, nor made amends.

      We need all the help we can get against privacy-invading companies and the threats they present to privacy. And we're all guilty of something, and we all have competing interests, and we can't all garrote each other over minor differences and slights. But: we also need to live up to standards, and Brendan Eich hasn't done anything to correct the impression that he still falls short.

      (I am sorry if this message exceeds the sincerity or boring-moralizing quota for the day.)

      • NT says:

        You don't live up to my standards either.

      • EMS says:

        As far as I can find, Brendan Eich has not shown any remorse or contrition for his negative attitudes towards equal rights for his fellow citizens, so I am unwilling consider his advice or suggestions, and I hope other people are equally unwilling.

        This. And I believe he already cast himself out of polite society; he should be marginalized.

    • Aidan Gauland says:

      Your argument that Brave is immune to a similar conflict of interest is a non-sequitur.

      Brave is immune to these shenanigans because we consciously eschewed building on Chrome extension sand.

      Brave's business model is still driven by ad revenue.

      • tfb says:

        Which browsers don't have business models based on ad revenue? Safari, whatever MS's browser is now I guess, and isn't there a latter-day thing by the Opera people which might be clean? I don't know the details of how Firefox gets funded, but if much of it is 'by Google' then, well, not them.

        (I'm not suggesting this makes Brave OK: I have the same issues others do with it.)

        • Brendan Eich says:

          I know all the major browser makers, management and engineers. Many fine people working for multiple good purposes, but that Upton Sinclair line about paycheck still applies. Everyone is beholden to the current search and programmatic (automated exchange) ad economics. Ad-tech parasites control publisher hosts. Publishers pressure browser makers where they are not one and the same (Google, Microsoft). Apple is least beholden so it actually has done more "on by default" for privacy than Mozilla has.

          Anyway, what we aim for with Brave is something different: a user data platform where all discrete personal data stays on your devices where it originates and lives in browser stores and caches already. With enough users who stay "off the grid" but otherwise do search and buy online, this system should be able to pay users and (lower revenue share) Brave so we can grow and have increasing clout to shape web standards away from being agnostic if not fully active support for ad-tech surveillance.

          • tfb says:

            While I think that's a clever idea, at least in theory, that wasn't actually the problem I have with Brave.

        • Glaurung says:

          "Which browsers don't have business models based on ad revenue?"

          There's a world of difference between a browser that's designed to track your every move and monetize it (chrome when you are signed in), and a browser that makes money by selling what search engine it makes its default.

          Firefox and Safari make money by charging Google for being set as the default search engine, but they don't do anything else to bake ads or ad tracking into the browser. If you are a radical who thinks that all ad companies should go bankrupt and the web should be ad-free, all you have to do is install the ad blocker of your choosing, change your default search engine, and you're free of ads and ad-based snooping.

          Chrome tracks your every move if you ever sign into any Google service; Brave has ads and ad revenue baked into the browser. Therefore I will never use either, because I wish to be in control of what ads I allow, if any, and whether or not I am tracked and by whom.

          • tfb says:

            Yes, there is. But if most of a browser's funding comes from (an organisation that sells) ads then it is vulnerable to pressure of various kinds: 'if you implement APIs that make ad-blockers work better then we will stop funding you', say. Of course I'm sure Google and Facebook are ethically impeccable and would not ever consider doing anything like that.

            In fact I think it's unlikely they will even though they have the ethics of a sewer rat: Firefox is now a minority browser and it's bound to be useful to Google from the monopoly perspective to be able to point at a viable competitor to Chrome. I'm less sure that the Mozilla people might not just fuck ad-blockers on their own accord, sadly.

          • Anonymous says:

            Firefox and Safari make money by charging Google for being set as the default search engine, but they don't do anything else to bake ads or ad tracking into the browser.

            Oh boy, it's clear you have been keeping up with what's happening on the blue sphere underneath the fox.

      • Brendan Eich says:

        My argument was that Brave can't be prevented from blocking a la uBlock Origin by the proposed changes to the webRequest API, because we are not an extension, we're a browser with native code for blocking, not extension JS hosted in a restricted environment.

        See above on optionality and anonymity of our ad model. If people don't like it, we will fail. If they do, we will get <= same revenue share they make (users get 70% in the main direct-to-user anonymous ad model; 15% same as us in the publisher-hosted also-anonymous model where the publisher gets 70%). We're building something new, not the usual insecure remote-script-based ad junk.

    • Aidan Gauland says:

      Oh good, comments are still open, so I can post this: Facebook, Twitter Trackers Whitelisted by Brave Browser

      • Brendan Eich says:

        Those are not trackers -- to track you need high entropy identifier or fingerprint stored in browser somehow, and we block 3rd party storage and fingerprinting. Those are "SDK" scripts and since that story was written, we've ring-fenced them even more strictly to sites that break if they are outright blocked. Plan is to stub them from local proxies that load the SDK only if the user clicks on the FB, Twitter, etc. widget.

  4. nwildner says:

    That's why i still use Firefox on Desktop and Mobile(Android): uBlock Origin.

    Some sites are impossible to browse without some ad blocking measures.

    • tfb says:

      What worries me, as a Firefox user, is that they just eviscerated the thing with one of the arguments for it being that extensions woukd be more compatible with Chrome. So now we have to hope that their market share is big enough that things like uBlock Origin continue to exist now that they won't work on Chrome.

      Also I have no real faith that Mozilla understand that just copying what Google do with Chrome is not what they should do as well.

      • srt19170 says:

        Firefox has already happily copied every Chrome effort to limit extensions over the objections of their own users and extension writers. There's no reason to think they'll part ways with Chrome over this change.

      • Nick Lamb says:

        Mozilla's main argument for abolishing the previous "Everything just runs in process and does whatever it likes" model is that this causes the Amiga effect where you can do absolutely anything, and then people do absolutely everything and then counter-intuitively now you can't do anything whatsoever, because everything is now part of the exterior interface and changing it has unpredictable side effects. "You made the burger menu button 4 pixels wider and now my dog won't stop barking". No thanks, I was with Mozilla on this before it touched anything I cared about, and I still am.

        I am a contributor to PassFF (a Firefox add-on), and yes it would be convenient for me if I could just reach out of PassFF into Mozilla's copy of the Public Suffix List rather than needing them to provide an API for that (which so far they haven't) or do work arounds in PassFF itself. But I've been here before - this is why Unix won, because sometimes "Yeah, no, that's impossible for your own good" really is a better answer than "Go ahead, do whatever you want, I'm sure you're responsible and will remember to clean up afterwards".

        The test will come over the next few years, as Mozilla does or does not add more APIs and keep them stable. So far so good.

        • tfb says:

          I am completely fine with providing APIs rather than allowing uncontrolled access to internals. If Unix didn't expose its guts all the time then I would spend less of my life cleaning up thousands of systems where some braindead script has mangled the password file.

          But they need to provide the APIs. I use a thing (TiddlyWiki) which needs to be able to save itself to a file. There used to be an API for that, now there isn't so I now have a bunch of fragile makefilery and a daemon which spends its life watching files to copy things back to where they should be, and it all breaks every week or so because there are races.

          Don't explain to me why it's not safe having browsers write to the filesystem in an uncontrolled way: I know that, and I don't want that. But it kind of has to be possible to write some kind of API which with suitable explicit user control lets specific things write to specific named files.

          But there is no such API, and Mozilla's approach seemed to be pretty much 'although we don't understand what you need to be able to do we know best and fuck you'. So, this does not fill me with hope.

  5. PJ says:

    Move your blocking up a layer of abstraction: Set up to do DNS-blocking of known adware/malware sites on your network.

    Now I'm going to have to look and see if there's something similar for Android.

    • Brendan Eich says:

      The adversary (Google in particular) is moving tracking and ad scripts into 1st party domains, so DNS-level blocking while necessary and fruitful is no longer sufficient. Still helps, good idea -- but endpoint defense at browser i/o and JS layers needed.

    • GK says:

      In Android, I use blokada app which runs as local vpn and uses hosts file to filter bad hosts system-wide, similar to PiHole on LAN. It's also libre licensed. and can be installed from store.

      Also in Android, firefox allows addons, so I use decentraleyes and UblockOrigin... and I really hope Firefox won't follow chrome in removing the webrequest blocking API.

  6. tobias says:

    yeah and: http/3

    session cookie now at the protocol security layer, and stuffed into the new TLS 1.3.

    cloudflare: "Last but not least, we always need to consider the security aspects of Internet protocols. gQUIC opted not to use TLS to provide security. Instead Google developed a different approach called QUIC Crypto. One of the interesting aspects of this was a new method for speeding up security handshakes. A client that had previously established a secure session with a server could reuse information to do a "zero round-trip time", or 0-RTT, handshake. 0-RTT was later incorporated into TLS 1.3."

    The translation from nerd gobbledegook to english is left to the reader. Implications are then left to the imagination.

  • Previously