- cross-posted to:
- [email protected]
- cross-posted to:
- [email protected]
EDIT: Apologies. Updated with a link to what gorhill REALLY said:
Manifest v2 uBO will not be automatically replaced by Manifest v3 uBOL[ight]. uBOL is too different from uBO for it to silently replace uBO – you will have to explicitly make a choice as to which extension should replace uBO according to your own prerogatives.
Ultimately whether uBOL is an acceptable alternative to uBO is up to you, it’s not a choice that will be made for you.
Will development of uBO continue? Yes, there are other browsers which are not deprecating Manifest v2, e.g. Firefox.
The tricky part is that Google isn’t wrong about Manifest v3 increasing security for some people. Just allowing any extension to access the full URLs from a webpage is honestly pretty sketchy for most things that aren’t adblockers. Think about Beth in accounting who has 27 bloatware toolbar extensions installed on her home PC, which are happily collecting her full browser history and sending it off to gods know where. Manifest v3 is targeted at increasing security for those users, by making it more difficult for extensions to track you.
The issue is that it also makes ad blocking virtually impossible, because the blocker is forced to just trust that the browser is being truthful about what is and isn’t on the page. And when the browser (developed by one of the largest advertisers in the world) has a vested financial interest in displaying ads, there’s very little trust that the browser will actually be honest.
The issue is that there’s not some sort of “yes, I really want this extension to have full access” legacy workaround built in. Yes, it would inevitably be abused by those scummy extensions, which would just nag idiot users to allow them full access. And the idiot users, being idiots, would just do it without understanding the risks. Even if Chrome threw up all kinds of big red “hey make sure this extension actually needs full access and isn’t just tracking your shit” warning flags, there are still plenty of users who would happily give bloatware full access without reading any of the warnings. But it would also allow ad blockers to continue to function.
The single biggest security improvement you could make for Beth in accounting would be to install UBO. Where do you think she gets all those shitty toolbar extensions? That’s right, from ads.
This is targeted at destroying adblockers because Google is, first and foremost, an ad serving company. That’s their business model. It incidentally improves security for certain users in certain edge cases, because they need some kind of figleaf of legitimacy.
Ads and crappy installers, all though that seems less common than it used to be. I can’t say if that’s a general trend or tunnel vision due to me not installing crapware.
If it was about security then they should simply block Manifest v2 extensions from their store or at least start doing some actual verification of the extensions they host. Taking away freedom claiming it to be for security is almost always a lie.
Verify! But what will all the “Cändy Crunch 7 Browser Edition with 12 Free Play Levels” players do?