Ublock isn't the same as uBlock Origin. I've Googled this and some of the results made me question if it's safe to use. An ad blocker has access to everything you do in the browser so if you can't trust it than there's a problem. UBlock Origin is open source so while I don't know what to look for there are those that do and would find anything shady. UBlock Origin is 100% free and open-source software, meaning any developer can do what they like with the code without paying a fee. Interestingly, the project actively refuses donations. UBlock Origin is a browser add-on for Firefox, Chrome (including Chromium and Opera), and Edge.
![]()
There is a lot of confusion around this issue. Some people are taking this to mean that Safari has completely banned ad blockers, which isn't the case. Instead they've switched to a model that matches what they've been doing on iOS which is content blocking1. Content blockers give Safari a list of triggers and actions to take when something matches a trigger.For example; you can have a trigger which contains a regex that matches all images and stylesheets for a given domain. The action can be one of several options, one of which is to block that item.One advantage this technique provides over ad blocking is that there's no data to be phoned back home. It is, in essence, a mask that is applied to a web page before rendering. Also, it's very lightweight.
It's literally just a JSON document which means Safari can perform better.Now, I'll admit it's not foolproof. Apple and the content blockers have some work to do on it. I'm noticing some issues with it myself after having upgraded to Safari 13.
But from a privacy perspective, I personally much prefer this technique.1. Hang on a second, since when are we this paranoid about installing software? I'm capable of deciding whether I trust a browser extension with the privileges I'm giving it, just the same as I'm capable of trusting any of the daemons running as root which could just as easily steal my personal data.Sure, if all else were equal I guess I would trust Apple slightly more than an open-source extension developer, but all else is not equal - Apple is taking away the flexibility of arbitrary code and dictating that if you want to block ads in the browser then you have to use their regex-based declarative adblock API. I'm surprised to see such a warm reception on HN to a classic Apple 'we're taking this away for your own good' kind of move that has historically not been very popular with enthusiasts.
This is a really long-standing battle between user accessibility and user freedom. Any time a software system or platform or OS allows for people to do whatever they want without restriction, you end up with thousands of compromised systems out there. The alternative, in the past, has been to lock everything down unless users go into some kind of 'Advanced' mode or 'Developer' mode but then users just get tricked into turning that mode on anyways or more advanced users hand wave those restrictions away for less savvy users without explaining any of the implications.This is the same pattern that happened with IE where users would install all kinds of toolbars accidentally and then get tons of data stolen or when the first iPhone was jailbroken and everyone wanted all the cool jailbreak features. People would jailbreak the phones of their parents, siblings, relatives, friends, etc.
Without really every explaining what was happening and what the potential pitfalls of that are.Now, unfortunately, we're at the same impasse with browser extensions. They're super convenient for most people and are widely used but there's another vector of attack for people that aren't as savvy and don't understand the consequences. Especially when it comes to browsing history, payment data, and passwords, it's so easy to compromise a system now when you can hide it in something like a browser extensions.The real answer is to do a better job educating people about what everything is but no one wants to do that. More skilled users just want to bitch about what gets taken away from them personally without acknowledging the giant elephant that is ignorance. There is so much advanced technology out there now that people don't even understand the consequences of the most mundane actions.In my opinion, Apple's trying to do something about that even if it comes at the expense of a few power users losing some conveniences. If their past history is any indicator, they will bring back or improve up on this functionality so that power users get it back somehow but, in the meantime, the bigger and more pressing issue is what takes precedence. There might be technical reasons why browser extensions are particularly problematic and it might make sense to phase them out in their current form, so, to be clear, that's not what I'm getting hung up on.
But there seems to be a broader acceptance of Apple's vision for a nice walled garden where users are safe from everything, especially themselves, and criticisms of this are just 'bitching' from people who need to see the bigger picture. I'm sorry but I don't accept that.Mobile is the primary user environment for a whole generation of kids and millions of people coming online in developing countries around the world. What we're bequeathing them is worse than anything in early-2000s Slashdot's worst paranoid nightmares. Billions of iPhones only load OS images signed by Apple and jailbreaks are aggressively patched as urgent security issues, guaranteeing vendor lock-in.
Third-party code is too dangerous so users have to get it from a vendor-controlled app store and sideloading is forbidden for security reasons. You can't have browser extensions because they can see too much, so now you have to hope that Apple implements an API for whatever you were trying to do. There's a weird double standard where the tech literati are fine with things on mobile that they would never accept on their desktop. I guess it's because we have the luxury of putting our phones away and retreating to our 'real computers' to scratch our tinkering itch.
Not everyone has that privilege, or inclination. If the freedom to tinker means anything to you then mobile shouldn't be an exception.I don't think the walled garden is even necessarily good for the ill-informed or careless users we're trying to protect. Checking out the 'Advanced' mode is how users learn.
While it may be dangerous for a casual user to be able to run a command or make a tweak they found recommended on some website, it also can be incredibly helpful - software doesn't always work correctly or the way that you want it to, and there's not always a nice button that does exactly what you need. And there's a real danger of the browser and the other public API surfaces calcifying to only permit what Apple thinks about ahead of time, smothering innovation that could have genuinely benefited users. Imagine if computers followed this philosophy from the beginning.
I doubt users would enjoy an app store where user input (text only, of course) is sent securely into the app's stdin and output is text fed securely from the app's stdout to the screen, with no interference permitted by potentially insecure code attempting to provide things like scrollback because it could see all of the user's activity.So yes, protecting users from the worst malware can be a thing but it's not as obvious as you make it sound that this should necessarily entail removing agency from the user. By aiming for the lowest common denominator user, Apple is depriving everyone else of real advantages. And, I would argue, producing a sterile and stilted experience that's best for no-one. Indeed, only Safari will have the right to report back on your browsing habits under the name of telemetry or steal login credentials or whatever fear you can imagine.I don't really care, I don't use Apple products and I still have Firefox, which will happily let me shoot myself in the foot on this (for now). You know what else is a 'huge vector for security and privacy issues'? Every program I install through my package manager, or other source.
The solution isn't to cripple the OS so that only my distribution vendor can run certain kinds of software and no one else. Browser extensions are becoming a notable security vulnerability, with many high profile extensions falling into the hands of (or being sold to!) bad actors. The arbitrary code execution method of ad blocking (e.g. UBlock) is very flexible but it means that without ongoing comprehensive code review using one puts you at risk if the extension ever changes hands or has a backdoor added.Apple's method avoids this issue by never letting the extension see the page contents, it only provides match lists of what to block that the browser then enforces. Even if the extension became malicious it has no access to private data on the webpages it is ad blocking on.
What I think they're saying is that with Adblockers, they can phone home which ads they block, URLs they see, etc.Content blockers impose rules at the outset and the rule generator won't see what the URLs/content actually is.The way I would think of it would be like 'let me see what you're seeing and I'll let you know what to let through' vs 'here are a list of things you shouldn't let through but I don't need to know about what the hit rate actually is'.Although I could be misunderstanding the implementation. It's one cat and millions of mice that multiply rapidly. Ads networks that use random unpredictable domains are intractable by the static blacklist approach. Not only that: ads networks can watch the public blacklist and adjust their domains accordingly.
If declarative API was about security, Apple would rather block network access for adblockers.Agreed about Firefox. My goal here is to call out the hypocrisy of the declarative API. So I want to repeat myself that the declarative API is about giving ads networks an easy way to not get blocked, while using performance and security as false arguments that impress only those who know nothing about performance and security. You know; I just realized I should clarify some confusion I myself may have introduced here. My original comment suggests the trigger is always matching a domain regex but domain isn't the only trigger. Content blocker authors can make use of one or more of seven different triggers.
For example:`load-type`: An array of strings that can include one of two mutually exclusive values. If not specified, the rule matches all load types.
`first-party` is triggered only if the resource has the same scheme, domain, and port as the main page resource. `third-party` is triggered if the resource is not from the same domain as the main page resource.So our concerns about the cat and mouse game is true, but only for domain triggers. When Apple says 'We're designing this API in a way that allows you to block ads without having full visibility to monitor everything that any user does every web page they visit' it's totally believable because it's in line with the last 10+ years of their product direction.Yeah, it makes ad blockers less powerful. It also makes them less of an enormous security risk in that all of your web traffic is redirected through them, and a compromised extension could do whatever it wanted with that.People are more skeptical of Google's motives because nearly all of their money comes from selling ads and for all we know they're more concerned about their very very very large piles of cash than they are about browser extension security. That's not a motivation that Apple would have for their Content Blocker limitations. Adblockers don't redirect all traffic though them. If you think about it for a moment you will see how absurd that idea is.
This would incur one of the most massive bandwidth bills on the internet for negligible financial gain.Current ublock origin.Your adblocker frequently updates lists of patterns to block via any of many user configurable lists.When you load a site ON YOUR COMPUTER it consults all those lists including custom ones you create yourself for annoying elements on particular sites before loading content. It NEVER sends said content to the adblocker or leaks your information.Ublock origin provides both the adblocking engine and the lists and can innovate on the former and iterate on the latter as fast as you please.New chrome restrictions.Google provides an adblocking engine substantially inferior to ublock. Extensions are able to provide only a list much smaller than current lists and can only update that list when the extension itself is updated.
They cannot innovate on the adblocking engine as they are stuck with the crummy one an ad company provides. This basically ensures that ad providers win the arms race with adblockers.SafariShares the same inherent flaw with chrome that Apple will be providing the adblocking engine with the possible benefit that apple isn't directly making money off ads and has less incentive to directly break adblocking. I don't mean that it sends the actual web traffic through some uBlock server, I mean that the uBlock browser extension sees all of the requests to load a webpage and decides what to do. It can decide to block them or not. It could also decide to scoop up all of your personal information and do bad things with it.If someone were able to compromise the developer account and get a malicious version distributed through the Chrome browser gallery, that would be a huge problem. The kind of thing that has been making headlines with compromised npm modules recently.Google has reviews in place to prevent malicious extensions from being distributed, but they can't be perfect. We've seen that repeatedly with both Chrome extensions and Android apps.Every extension with permissions set for 'This can read and change site data on all sites' has a huge target on it, and the fewer things using that level of access the better.
Ad blocking extensions are an obvious place to look for improvement because they're so popular.I hope that Google can put a blocking system together that will be able to perform as well as existing solutions without adding any huge security risks, but I also agree that it's problematic that their incentives are to do the exact opposite. Yeah, it makes ad blockers less powerful.
It also makes them less of an enormous security risk in that all of your web traffic is redirected through them, and a compromised extension could do whatever it wanted with that.This presumes I trust Apple significantly more than authors of any conceivable blocking plugin — by large enough margin that it would be worthwhile to lose functionality over it. That isn't really the case — I only trust Apple marginally more and, if anything, making such decisions on my behalf erodes that trust. My understanding is that Manifest v3 pushes ad blockers from chrome.webRequest to chrome.declarativeNetRequest, and they do not have the ability to see what requests are made with declarativeNetRequest. They can define rules to block or modify requests, and the browser executes them without letting the extension see any specific requests.
Is that not correct?The complaints from blocker developers have been that Google isn't allowing enough rules (Google has agreed to increase that), and that their existing blocking lists are defined in a way that needs more logic than declarativeNetRequest's matching system. Yes, but those plugins will now require more expansive permissions requests when enabling them, correct?If history has taught us anything it's that forcing users to agree to allow access in order to get what they want doesn't stop them from doing it. Especially when programs apps and extensions are required to ask for broad access to accomplish even the smallest tasks that the warnings become meaningless noise.
If I want ads blocked and I trust a company enough to install their blocker I'm not going to uninstall it just because it needs access to the content I want it to check over for the presence of ads. No matter how many warnings I get or how scary they sound I still want ads blocked. WebRequest is still around for now, but Manifest v2 as a whole will be deprecated sooner or later and I think webRequest goes away with it. I don't know if Google has specified dates for this, but for historical context here's the timeline from Manifest v1:Deprecated in March 2012, stopped accepting updates to Manifest v1 extensions in March 2013, and existing extensions stopped working in January 2014.EDIT: Google's blog post talks a lot about removing the 'blocking version of webRequest', so perhaps the monitoring one still exists? But their goal would be to make these into separate permissions - the very popular blocking extensions can work blindly, while monitoring extensions can still function?
It's not very explicit about it, but that's how I'm reading it. People who don't understand the security implications inherent in allowing browser extensions that have nearly-unrestricted access to the user's behavior - even if well-intended - may hate the Chrome team for it. But there are those of us who understand why the Chrome team made the decision it did, and are sympathetic. And we're happy that the Chrome team and Apple are of the same mind about this.Hey, you probably didn't mean it this way, but your comment kinda sounds like you're saying everyone who opposes Google's decision is a simpleton who doesn't understand the security implications of browser extensions. That's not true, and more importantly, not especially charitable. The question is, whom do you trust, and who bears the greatest consequence of failure?I'm going to trust uBlock Origin because it is free open source software and I can see everything they are doing with my data.
Apple on the other hand forbids reverse engineering safari (trying to understand what it does and how it works).Once you're a part of the apple eco-system apple could theoretically (and to be clear we're talking about purely theoretical privacy risks in all cases) access your browsing history and also tie that directly to your name, address, credit card/bank account, GPS coordinates, etc.Putting your privacy in the hands of a company that has so much of your data already is naturally more risky than compartmentalizing. If hackers somehow compromise my browser extension they get access to my browsing history on one device until I notice and correct the problem. If a hacker somehow compromises Apple they could get access to much much more.
For all their care and resources Apple is not immune from attacks either. Safari has had a ton of vulnerabilities exposed just this year so far. Ultimately the freedom to decide what code a person runs on their own hardware has to be left up to the user. The users who install every random extension they see are the same ones who download every app and click on every link in the spam they get. You can't protect users from themselves, but you can empower them to better protect themselves.Downloading a sketchy browser extension takes deliberate action on the part of the user.
Just loading CNN.com can (and has) caused computers to become infected automatically because of ads. Limiting the ability to block ads is not protecting anyone. extensions can’t block requests based on these observationsThe new API is called 'declarativeNetRequest' and allows extensions to block requests:'There are the following kinds of rules:.
Rules that block a network request. Rules that prevent a request from getting blocked by negating any matching blocked rules. Rules that redirect a network request. Rules that remove headers from a network request.' Google proposes to continue allowing extensions to observe all requestsTheir expressed intention is to disallow such behavior in the future:'The declarativeNetRequest API is an alternative to the webRequest API.
At its core, this API allows extensions to tell Chrome what to do with a given request, rather than have Chrome forward the request to the extension. Thus, instead of the above flow where Chrome receives the request, asks the extension, and then eventually gets the result, the flow is that the extension tells Chrome how to handle a request and Chrome can handle it synchronously. This allows us to ensure efficiency since a) we have control over the algorithm determining the result and b) we can prevent or disable inefficient rules.
This is also better for user privacy, as the details of the network request are never exposed to the extension.' Safari allows 50k per list, Chrome is planning to move from 30k per extension (!= list) to 150k global max per your links. That's quite a difference. On iOS, some blocks use multiple lists - AdGuard has six and 1Blocker X has seven, for example.An ad blocker that would be limited to 30k rules, as originally suggested by the Chromium folks, would be severely neutered. And even with the 150k max, I currently have 240k rules in uBlock Origin. That's way above Chrome's planned max.
But easy enough to implement with Safari's model, even if it requires using at least five lists. And you've illustrated another problem with online discussions, particularly since the ubiquity of social media.
You assumed that my call to moderation in this debate is because of apathy, and presumed to read my mind. I'm hardly apathetic, or happy about it. 1Blocker doesn't work at all on Youtube, so I'm using Firefox for that now, where I can still use uBlock Origin. I'm disappointed, to be sure, but no amount of whinging, no matter how vociferous, is going to change this, so I'm pragmatic about it.
![]()
Google are between a rock and hard place, for sure!As someone who isn't a corpsec/IT practitioner, though, breaking uBO is literally the most important impact of Chrome's Manifest v3 for me.I wouldn't mind if Google incorporated uBO as a first-party component in Chromium while applying the restricted policy to all other extensions! Most purported adblockers are crap, if not malware. Pick the best one and restrict the rest.Unfortunately, I doubt an advertising company is going to incorporate uBO in the browser they provide for free.I totally buy that breaking uBO isn't Google's goal for Manifest v3! It just happens as a beneficial side effect. It's not exactly a double standard because.Like many things in technology, there are few write ups explaining this, including the pros and cons, in simple terms that most people can understand.
So, people are not well informed.When they are not well informed they will tend to make decisions based on other things, like their business model. We know that Google makes money displaying ads and has generally soaked up information on people to use for their benefit.
Apple has been advocating privacy and makes money selling hardware and services.If there was an 'explain it to me like I'm 5' write up on how the changes to Safari and proposed changes to Chrome would work I could imagine it would help people see something other than the business model.This isn't a double standard. It's people making judgements on something other than the technology. Well i have no complains about Safari but their Extension system is really costing them users. At this point I uBlock Origin is by far the most reliable AdBlocker you can find and my having the developers explaining that in the future maybe only Firefox will support it it's kinda of sad.Of course we know that Google has to make money from Ads so its understandable but what about Apple?
They are putting heavy focus in privacy, would it be good if they open their browser to make sure their users will not move to Chrome/Firefox or other browser? But how many are actually using uBlock Origin? Nearly every person I come across is using AdBlock, AdBlock Plus, or some other adblocker, no matter how many times I recommend they switch to uBlock Origin. Most people are not aware of what Chrome’s changes mean (or of the changes at all) and for those that do use uBlock Origin, my guess is most people will simply switch to a different adblocker rather than switch to a different browser.I doubt uBlock Origin being removed from Chrome will change the status quo.
Maybe in a few years when enough powerusers convince enough casual users. If you just look at software out in the world, it's clear that powerusers have next to zero influence. It's why desktop Linux use, for example, is still just a blip after all of these years. This was true during an intermediate period where all browsers were more-or-less equivalent. It wasn't true before then, when many sites were designed with Internet Explorer in mind, and tended to work less well on other browsers. I don't think it will be true now, either, now that most sites are designed with Chrome in mind, and tend to work less well on other browsers.The big difference is that the functionality problems 20 years ago were easier to explain, and therefore easier to get people upset about.
It's a lot easier to weave a compelling political story about straight-up incompatibility than it is to weave one about degraded performance due to differing just-in-time compiler optimization behavior.Also, we seem to be stuck in a situation where people are still so fixated on a monarch that hasn't been in power for over a decade that they maybe haven't been so concerned that the old monarch's overthrower has consolidated power to become a new monarch. I've never found any that don't work, but Firefox supports fewer 'standards', so you can end up with a somewhat degraded experience on some sites.
My own company's product, for example, has some janky bits on browsers other than Chrome. The performance is only a little bit behind on most benchmarks, but isn't anywhere near as fast for certain kinds of animation. It can be noticeable on sites that run a lot of animation.
Like, say, sites with ads. Possibly only if you're using an older or less powerful computer. Which isn't how we of the orange header bar like to roll, but also isn't a terribly uncommon thing to do out there in the wider world.(Scare quotes around 'standards' because calling Chrome-only things standard nowadays seems a bit like calling AcitveX a standard 20 years ago.). As a chrome-user: this. Firefox lost me years ago due to performance differences, and since chrome works fine for me, there was no ux-related reason to switch back. The day I'll see ads everywhere will be the day I'm back to firefox, and without second thoughts at that.
If I really like your service, I'll happily pay for it. I hate ads, the psychological strats behind them are completely unacceptable. I'd happily pay google a subscription-rate, if that's what it takes tbh. Take my money, not my attention. Since I never max out my resources (mbp 2016, 16 gigs, entire workload happens on servers and not on my local machine) that doesn't really affect me - and with 50+ tabs open frequently, just go ahead and take my ram to keep them available, sure. Unused resources are wasted resources - and again, I'm never above 10gigs, maybe 12-13 if I have a local vm running.Like I said: ux-wise, I'm not impacted negatively by using chrome, at all. If my laptops resources were more limited or my local workload was bigger, I'd probably check out Firefox, but since I'm not bottlenecked, why bother?
The day ublock origin doesn't work on chrome is the day users will flock to firefox.This is because since their core functionality is so similar, small advantages will tip the scales.It is a a bold assertion, which is not backed up by the data. Despite Mozilla repositioning Firefox recently and reclaiming some lost ground, it is to a larger extent, still only maintaining a steady set of core users. To make an assumption that small advantages will tip the scales in favour of FF is wishful thinking, as demonstrated by some of the conversations. Furthermore, it is inherently not in the best interests of Google to actively promote ad-blocking policy unless it serves it's own purpose, coupled with the acute awareness of why power users and developers pick Chrome ─ they are well positioned to throttle any competition. FFAndroid (Fennec?) does strange things. A few examples:1. You are on this web page in Fennec1, and you want to do a web search.
Click the address bar, type in your query, hit go. Sometimes, Fennec will start the progress bar and act like it is searching, but will draw another tab in the main viewport before resetting the progress bar and changing the url to the SERP you want.
If you don't know its going to do that, it looks like Fennec completely ignored your search and loaded another tab.2. Fennec will sometimes lose its cool and stop rendering pages. The UI layers will respond, you can open hamburger menus, tab listings and thumbnails, but no matter what tab you select, it no longer renders anything but a blank canvas in the viewport. You have to force close Fennec to restore normal behaviors.3. Fennec will after a long time of being active lose its extensions like noscript et al, you have to force close and re-open to get them to show up in the hamburger menu again.Stated as a die-hard Firefox for Android fan.1%s/Fennec/. The problem is that websites are also currently a significant privacy vulnerability.I'd love an adblock system that allowed me to block trackers with a purely declarative API. I do not trust Apple (or Google) when they say that their API will be as effective as current extensions.Ublock Origin and UMatrix are hands-down the gold standard for blocking right now.
I'm very, very cautious about ignoring the advice of the person who made them, and that person is saying that declarative APIs don't offer enough flexibility for the blocking they want to do.Of course extensions are a privacy risk. But I only need to vet two extensions, and without them I need to vet hundreds of websites. If the current extensions do a better job without a declarative API, then I'd rather risk installing them. You have to look at the risk of extensions in the context of the risks of the broader ad ecosystem on the web. The same way you vet desktop apps. Install as few of them as possible, because the sandboxing is currently quite bad.
Do research on the people who are developing them. Read the source code.If you're worried about malicious transfers of power, turn off auto-updating in Firefox. If you're worried about being able to audit the actual installed code, use Firefox Developer Edition and audit and compile your own version to run.In practice, I trust UMatrix and Ublock Origin because I'm familiar with Gorhil's work and comment history around Github and HN. I also extend a similar amount of trust to Decentraleyes for similar reasons. Those are the only big 3 you need to get the biggest impact on your privacy.
Arguably, you don't even need Decentraleyes if you only want to trust one person. Why not just run all desktop apps in sandboxed virtual machines then?Ideally, we would like sandboxing on the desktop to be at least as good as sandboxing on the web (preferably better). People don't run sandboxed desktop apps right now because the ecosystem currently makes it inconvenient. Wayland and Flatpack are both good steps in the right direction. Apple's making some progress as well there, but it's all pretty early-stage stuff.Until the sandboxing gets better, you should be cautious about installing unvetted desktop and phone apps.
You should also be cautious about installing unvetted browser extensions. But browser extensions are complicated because while keeping a minimal system isn't that hard, you're probably not going to stop visiting unvetted websites, even if you know it's dangerous. It's a much higher priority for experienced users to make the browser sandbox good than it is to make the extension sandbox good.People take a long-term view on this, and while I agree with them in theory, I don't think it's always particularly helpful to think about what technology will look like. With browsers, it's not a question of whether or not theoretically it would be good in the future to make extensions entirely declarative. Of course it would be good. It's a question of, 'is it possible to do that right now?' At the moment, Safari's declarative API is significantly less powerful than the blocking API that Firefox has.
In the future, that could definitely change, but people have to use computers today.So for the moment, the browser advice I give to non-power users is to install UBlock Origin and Decentraleyes on Firefox and nothing else. I think that's a safer, more private environment than anything they'll be able to set up on Safari. I advise power users to add uMatrix to that list, and for people who are really paranoid, I advise them to run Firefox Developer edition, which will let them compile extensions from source.If you're just handing someone a computer and you don't trust them not to go off and install random extensions, then sure, give them Safari. In that context, it's not confusing why Apple would do this - they're optimizing for the largest number of users; people they can't trust not to install random extensions. It just means that more experienced/responsible users will be safer using Firefox. Apple has gone to great extents to enable ad and tracker blocking, making it a first-class feature in iOS, and pushing the envelope on the blocking of tracking cookies and other technologies. I use AdGuard on my iPhone and it might be the most effective browsing experience I enjoy.For that matter, on macOS I don't have anything in Safari, and regularly go between Safari, Chrome and Firefox (the latter two with uBlock Origin).
Somehow just the native anti-aggravation technology in Safari is more than sufficient to give me a great experience. If it has a list solution like the iOS Safari, then I'll partake of that.Apple should enable classic-style blocking as an admin override kind of thing, but remarkably their list-based regex approach has been remarkable effective.
I must admit the the terminology isn't very clear. A Safari 'content-blocker' app sends a list to Safari, and Safari blocks it. A regular blocker (like uBO) blocks content itself. Safari content blockers aren't all bad, they are more secure in that they can't possibly collect your browsing history (not that uBO does), but lack the level of customisation and power that a regular blocker like uBO can provide.It's nice that random extensions can't peek at your browsing history, but on the other hand, you have to trust that Apple won't decide to ignore any block rules. What if one day they make a deal with Disney and now all Disney ads are on the permanent do-not-block list? Why would Apple care if Mac users used a non-Safari browser?Apple doesn't care individually what users use.
However, Apple (and everyone else for that matter) does have reason to be concerned about Google's Chrome completely dominating the web in the way IE once did. IOS is certainly their biggest bulwark, but that doesn't mean they'd be delighted if Mac users felt required to use Chrome. Further, they also have made being able to avoid the anti-privacy ad-driven ecosystem to some extent an important differentiating factor. Even with Firefox existing, having a purely Mac focused and maximally optimized browser (FF is only barely catching up this/next version on basic power efficiency for example) that has strong privacy protections with no conflicts of interest is a sales point.That doesn't mean it's a total core focus of course, but neither is there no pressure at all. This is not good!I thought Apple were way out in front when it came to tracking and whatnot.My wife uses a MAC at home and was complaining about how slow our internet was (70Mb down. Not slow) a while back.She mainly looks at news sites and when I saw what she was looking at I knew the problem wasn't the internet connection.The entire page, apart from a tiny bit in the middle, was cluttered with moving shit!I installed uBlock Origin.
The result was fantastic: pages loaded in a fraction of the time.When she realised that the articles were a tiny proportion of the downloaded crap she realised she'd been missing out for so long.Once, when the MAC went back for repair, it was replaced with a new one and OMG the horror when she fired up Safari and it had no blocker. UBlock Origin to the rescue.I agree with one of the other comments on here: The web is utterly unusable without it. They're not really comparable.Ka-Block actually advertises itself as being less effective than uBO. It's selling point is that it's a simpler extension that blocks fewer ads and trackers, under the assumption that this is good enough and on it'll on average be faster because of the reduced overhead. Some ads will get through this filter, and that's ok.
We already have extensions that block every ad that's ever appeared on the web with a completionist zeal that must be admired.0If you're blocking ads just to make pages load faster, Ka-Block is probably fine. If your primary goal is to protect your privacy, you shouldn't be using Ka-Block.0. Definitely agreed. But nobody (including Apple) is going to pull that off for a pretty long while.In the meantime, it's useful to be able to do things like block all third-party AJAX requests and whitelist them on the fly on a per-site basis, or intercept CDN requests for common libraries and redirect them to locally hosted versions.Extensions like UBlock Origin may be a band-aide, but sometimes band-aides are useful if you're waiting for an open wound to heal. In the same way, when I give people privacy advice, I'm optimizing for things they can do right now.
Count me as another one who really doesn't understand how others can stand the unfiltered 'Modern Web', although I use a combination of JS whitelisting, HOSTS file, and a filtering proxy, so I might be on the extreme end.I've had to help others, whose computers did not have such blocking software (and they might not want to), and had to physically put my hand over parts of pages 'cluttered with moving shit' in order that it would not distract me and allow focusing on the content itself. These people are also the ones who tend to miss details in instructions and seem to blindly ignore things like (actually important) notifications and warning messages, which leads me to wonder if their natural state of mind while reading pages is so distracted that they have trouble focusing. Can you even begin to imagine how much of the Internet's total bandwidth is used on adware/shovelware/crapware? And crazier still, how much of the world finds most of the web completely unusable as a result?Imagine trying to browse modern web pages on a dial-up speed connection. Many sites now completely refuse to load until you load their JS, which calls some external JS, which then renders the page. I run almost every web page without JS and Cloudflare is the number 1 reason for not being able to access a page.
![]() Comments are closed.
|
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
January 2023
Categories |