this post was submitted on 05 Aug 2024
2082 points (98.0% liked)

Technology

60044 readers
2658 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 2 years ago
MODERATORS
 

~~https://www.neowin.net/news/ublock-origin-developer-recommends-switching-to-ublock-lite-as-chrome-flags-the-extension/~~

EDIT: Apologies. Updated with a link to what gorhill REALLY said:

Manifest v2 uBO will not be automatically replaced by Manifest v3 uBOL[ight]. uBOL is too different from uBO for it to silently replace uBO -- you will have to explicitly make a choice as to which extension should replace uBO according to your own prerogatives.

Ultimately whether uBOL is an acceptable alternative to uBO is up to you, it's not a choice that will be made for you.

Will development of uBO continue? Yes, there are other browsers which are not deprecating Manifest v2, e.g. Firefox.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 47 points 4 months ago* (last edited 4 months ago) (2 children)

The tricky part is that Google isn’t wrong about Manifest v3 increasing security for some people. Just allowing any extension to access the full URLs from a webpage is honestly pretty sketchy for most things that aren’t adblockers. Think about Beth in accounting who has 27 bloatware toolbar extensions installed on her home PC, which are happily collecting her full browser history and sending it off to gods know where. Manifest v3 is targeted at increasing security for those users, by making it more difficult for extensions to track you.

The issue is that it also makes ad blocking virtually impossible, because the blocker is forced to just trust that the browser is being truthful about what is and isn’t on the page. And when the browser (developed by one of the largest advertisers in the world) has a vested financial interest in displaying ads, there’s very little trust that the browser will actually be honest.

The issue is that there’s not some sort of “yes, I really want this extension to have full access” legacy workaround built in. Yes, it would inevitably be abused by those scummy extensions, which would just nag idiot users to allow them full access. And the idiot users, being idiots, would just do it without understanding the risks. Even if Chrome threw up all kinds of big red “hey make sure this extension actually needs full access and isn’t just tracking your shit” warning flags, there are still plenty of users who would happily give bloatware full access without reading any of the warnings. But it would also allow ad blockers to continue to function.

[–] [email protected] 17 points 4 months ago (1 children)

The single biggest security improvement you could make for Beth in accounting would be to install UBO. Where do you think she gets all those shitty toolbar extensions? That's right, from ads.

This is targeted at destroying adblockers because Google is, first and foremost, an ad serving company. That's their business model. It incidentally improves security for certain users in certain edge cases, because they need some kind of figleaf of legitimacy.

[–] [email protected] 2 points 4 months ago

Ads and crappy installers, all though that seems less common than it used to be. I can't say if that's a general trend or tunnel vision due to me not installing crapware.

[–] [email protected] 5 points 4 months ago (1 children)

If it was about security then they should simply block Manifest v2 extensions from their store or at least start doing some actual verification of the extensions they host. Taking away freedom claiming it to be for security is almost always a lie.

[–] [email protected] 2 points 4 months ago* (last edited 4 months ago)

Verify! But what will all the "Cändy Crunch 7 Browser Edition with 12 Free Play Levels" players do?