I didn't remember the motivation behind this change but this sentence was enough to figure it out - and indeed, after looking it up, many accuse Google of having designed it to hobble ad blockers....
Limiting how thoroughly and frequently a browser extension can intercept and interact with web requests as a user browses the internet
I didn't remember the motivation behind this change but this sentence was enough to figure it out - and indeed, after looking it up, many accuse Google of having designed it to hobble ad blockers. Not that it's Bitwarden's concern.
I mean, that basically just means that adblockers have a hard limit where ad generators do not. Ad servers just need to retry loading the limit +1 and voila, ad blocker neutered. I dislike that my...
I mean, that basically just means that adblockers have a hard limit where ad generators do not. Ad servers just need to retry loading the limit +1 and voila, ad blocker neutered.
I dislike that my extensions are limited, but not the websites I load. Why are they gifted the magic ability to load infinite remote assets?
Can we also implement arbitrary limits for website assets? Say no webpage can load more than 2 MB of content without requesting the 'bloatedwebsite' permission.
Well, Chrome also plans to remove many of the ways websites can track you, like third party cookies for example. Of course, the other side of the coin is that since you're using chrome, google...
I dislike that my extensions are limited, but not the websites I load.
Well, Chrome also plans to remove many of the ways websites can track you, like third party cookies for example.
Of course, the other side of the coin is that since you're using chrome, google will still be able to track you, they'll just be the ONLY company that can do it now
If anything could be more blatantly anti-competition, it’s hard to imagine, and yet I haven’t heard any politicians from any country kicking up a stink about it… I’m even sorta surprised that I...
If anything could be more blatantly anti-competition, it’s hard to imagine, and yet I haven’t heard any politicians from any country kicking up a stink about it… I’m even sorta surprised that I haven’t heard other big advertisers kicking up a fuss too?
Couldn't dynamic web page ads just trigger ad blockers then? From what I understand, they can still have listeners well below 10 MB, do their ad blocking, and then turn off. It can also be on a...
Couldn't dynamic web page ads just trigger ad blockers then? From what I understand, they can still have listeners well below 10 MB, do their ad blocking, and then turn off. It can also be on a per-element basis, wherein the ad blockers actually restrict said elements that allow dynamic ads in the first place. Websites aren't allowed to throw at you non-pop-up content because that would be like malware. Yet.
An extension that can intercept and mess with all web requests is in an excellent position to spy on the user. You’re trusting it as much as the browser itself. Sure, it could block ads, but it...
An extension that can intercept and mess with all web requests is in an excellent position to spy on the user. You’re trusting it as much as the browser itself. Sure, it could block ads, but it could also inject ads, break competing websites, intercept passwords, and so on.
Password managers like Bitwarden are another example of high-trust apps, since it’s storing all your passwords.
There’s a slow but persistent trend towards more sandboxing and more restrictions on what code can do under the principle of least privilege. The browser itself is divided into processes with limited resources and permissions. Websites and mobile apps have a lot more restrictions than desktop apps. The requirement that service workers handle getting kicked out of memory at any time is reminiscent of how a mobile OS works.
This all adds up to significant engineering effort.
Lots of websites (like Tildes itself) and games don’t require any special permissions whatsoever. Web extensions themselves are a tiny niche. Often the things they do can’t be done in any other...
Lots of websites (like Tildes itself) and games don’t require any special permissions whatsoever. Web extensions themselves are a tiny niche. Often the things they do can’t be done in any other way, though.
Looks like a pretty good architecture upgrade. The move away from background pages has definitely been hard on devs. I hope the performance and memory improvements end up being worth it in the end...
Looks like a pretty good architecture upgrade. The move away from background pages has definitely been hard on devs. I hope the performance and memory improvements end up being worth it in the end though.
I didn't remember the motivation behind this change but this sentence was enough to figure it out - and indeed, after looking it up, many accuse Google of having designed it to hobble ad blockers. Not that it's Bitwarden's concern.
I mean, that basically just means that adblockers have a hard limit where ad generators do not. Ad servers just need to retry loading the limit +1 and voila, ad blocker neutered.
I dislike that my extensions are limited, but not the websites I load. Why are they gifted the magic ability to load infinite remote assets?
Can we also implement arbitrary limits for website assets? Say no webpage can load more than 2 MB of content without requesting the 'bloatedwebsite' permission.
Well, Chrome also plans to remove many of the ways websites can track you, like third party cookies for example.
Of course, the other side of the coin is that since you're using chrome, google will still be able to track you, they'll just be the ONLY company that can do it now
Joke's on them, I'm sticking with Firefox.
If anything could be more blatantly anti-competition, it’s hard to imagine, and yet I haven’t heard any politicians from any country kicking up a stink about it… I’m even sorta surprised that I haven’t heard other big advertisers kicking up a fuss too?
Couldn't dynamic web page ads just trigger ad blockers then? From what I understand, they can still have listeners well below 10 MB, do their ad blocking, and then turn off. It can also be on a per-element basis, wherein the ad blockers actually restrict said elements that allow dynamic ads in the first place. Websites aren't allowed to throw at you non-pop-up content because that would be like malware. Yet.
I think google will happily block loading assets they don't own or monetize from if that's what you're asking.
An extension that can intercept and mess with all web requests is in an excellent position to spy on the user. You’re trusting it as much as the browser itself. Sure, it could block ads, but it could also inject ads, break competing websites, intercept passwords, and so on.
Password managers like Bitwarden are another example of high-trust apps, since it’s storing all your passwords.
There’s a slow but persistent trend towards more sandboxing and more restrictions on what code can do under the principle of least privilege. The browser itself is divided into processes with limited resources and permissions. Websites and mobile apps have a lot more restrictions than desktop apps. The requirement that service workers handle getting kicked out of memory at any time is reminiscent of how a mobile OS works.
This all adds up to significant engineering effort.
This is true, but it's also true for literally every single bit of software you use.
And ultimately, I do trust my adblocker more than I trust Google.
Lots of websites (like Tildes itself) and games don’t require any special permissions whatsoever. Web extensions themselves are a tiny niche. Often the things they do can’t be done in any other way, though.
Okay, then I'll only start trusting them when they consider ads as technically an extension of a web page, rather than embeds.
Looks like a pretty good architecture upgrade. The move away from background pages has definitely been hard on devs. I hope the performance and memory improvements end up being worth it in the end though.