We need less PWAs, not more. Many people are already confused enough when it comes to grasping the difference between websites and native applications. Another "standard" created to consolidate Google's position in the market.
I'm also confused about how privacy enhancing browser extensions work within a PWA. I've yet to get a full answer on this (it seems as if no one really knows) but it seems to me as if a PWA is more friendly to trackers and less friendly to users of the browser.
I work on the project - PWA's on desktop are essentially just tabs without the Chrome at the moment, so it all goes through the same plumbing right now. It's not more or less friendly to trackers, if you have an extension the extension should still run in the same context.
I'm not familiar with the details of implementing a PWA and how much it's tied to Chrome specifics (that would certainly be bad), but I generally disagree with you.
I feel like way too many companies are making native apps just for the sake of users being able to install them and have that icon on the home screen. Most of the time the app doesn't require any native-only functionalities, it could function as web app just fine, so it's a bunch of unnecessary overhead. And mobile platform owners love this as the growing ecosystem means more lock-in.
PWAs seem to be a nice middle ground solution to this problem IMHO.
PWAs aren't specific to Chrome, they are also being supported by other browser vendors.
In fact, PWAs are UWP apps on Windows, having access to all native UWP apis without additional FFI, or having to deal with the likes of Ionic, React Native and friends.
I get your viewpoint. I definitely don't want to be harassed by a website to "install" their PWA on the desktop, like how websites already harass me to "install" their app on my phone because it allows them to do more tracking.
However, if PWAs allow us to ditch electron for good, I'm all for them. Each electron app shipping its own browser copy and having full access to everything on my computer is a security nightmare.
I remember an early version of this from the iPhone2 days. The standard allows running the app offline, not supporting the desktop when mobile had this feature feels backwards.
I don't see these types of comments about Microsoft locking people into windows, chrome is managing to be both an application, and an OS.
PWAs are allowing better access to the device, things like offline access and File System access soon. Its more than just an icon for a website on your home screen.
I think the best browser definitely fluctuates over time. I started out with Mozilla c1995. Then have shifted through most of them at various points in time when I've become unhappy with my current choice. I went back to Firefox when they released their Quantum version and have been really happy with it. Haven't used Chrome much since then. But I'm always open to other browsers should something change in the future.
If you want to get away from Chrome my tip is to use Opera. Same engine underneath & can handle same extensions (with a proper extension installed) but without Google.
Opera is also closed source and has been bought by some Chinese consortium, so that may not be the best option if you want to get away from Google for privacy reasons.
Using Opera only superficially sidesteps the big Google problem, as you still contribute to the Chromium monoculture that reinforces Chrome's dominance and benefits Google.
It had been blocked by webrender if I remember correctly, now the work on fixing this issue has actually started. Markus Stange is a capable engineer as well so there's hope.
no, we need it; or we will go back to a fancy version of Internet Explorer 6 (that is, chrome browser): proprietary technology implementation, by a top player, against any standard... and spying on users (but that's new, I don't think IE 6 was that vicious).
It's funny, I see this comparison a lot and the people using it don't see how it misses the mark: the reason (the majority of tech) people hated SO MUCH on IE6 was not because it was proprietary, but because it was static and didn't bring get any advance, thus blocking the web's progress. Chrome doesn't have that issue, at worst you can claim it gives too much power to Google on decision about where the web goes, but not that it keeps it from progressing.
It was also not respecting the standards but only after a while (at release it was at the forefront of it), and that is also not a problem that Chrome can relate to.
I say that as someone who uses Chrome, enjoy it, but would also prefer if we didn't go back to a single engine being supported on the web (and I switched back to firefox on mobile, because of chrome lacks of support for ad blocking there).
By confusing what the fight is about and trying to make it about what it's not, I fear you make some people like me ignore it.
Chrome is just as bad but for different reasons. And perhaps even more dangerous (like slowly eroding privacy, or shaping the browser around Google’s revenue generating services). I think the analogy stands and the damage is similar in magnitude.
Was “for different reasons” too unclear? It’s right at the beginning of the comment. Different reasons but the impact is still dangerous.
For example IE6 was not reporting my location to MS despite me turning the option off. Just because some people are ok with that doesn’t make it less of a problem. It just makes it a different (bad) one.
And in the passive aggressiveness [0] of your comment you didn’t even think that there are far better reasons why IE6 sucked. If feels random and based less on long term use experience.
You write as if you’d be ok with Chrome stabbing you in the eye as long as it’s not a CSS hack, the single reference issue all browsers are benchmarked against.
I've read it and I think it's way overblown. All I care about is solid support for standards and Chrome shines it that.
I picked them because I could test if you actually experienced it. Chrome at the moment is the best we have but it does come with strings attached. It has different problems indeed, surprise surprise, however I don't think that's that a big issue at all.
You should have started with that instead of the jab. Not only would it have been clear that it’s a personal opinion not a matter of fact (Chrome is better for me) but it would have also saved you the time of coming back later with the real single biggest issue of IE: standards.
The issues Chrome pose for most people right now are real. You don’t care about them for your personal reasons but disqualifying them because they’re not yours is very dismissive. You never know when your interests change.
> All I care about is solid support for standards and Chrome shines it that.
Except for cases when it doesn't feel like supporting the standard in question, or it claims their support is sufficient. A recent example could be support for <input autocomplete="..."> [0].
When ad blockers won't work, when you get DRM everywhere and trackers will be embedded in the browser, the tech will have progressed. Yet it will not be the progress you want to live.
It's like if suddenly you had only one car maker and say "it will be easier to design infrastructure for it". Yes, it will be. But it also mean you won't get innovation for you, only for the car maker.
For google that would mean pushing techs serving the ad and data collection business of course. But also in general, that would mean building for big companies. Adopting standards that are mostly beneficial to people that have the money to buy patents, setup many CDN, have high end engineers, invest in specialized hardware, etc.
"Chrome being a monopoly is bad because X" and I say there are lots of issue with only Chrome remaining but not X, it doesn't apply to Chrome. You answer by saying "but there is Y, and W, and Z, and ..." which is basically my point: no need to focus on what is not the issue.
IE6 era's Microsoft had an interest in the web stagnating, while Google doesn't. If anything, they used their position to push forward new things that others wanted to slow down.
It appears to me that Google is pushing forward some things while slowing down others. Obviously, Google will never be at the forefront of limiting what advertisers can do.
My biggest worry with a Chrome quasi monopoly would be the erosion of browser making competence and financial resources outside of Google.
So whenever Google's vested interests clash with what users want, there would be no one left to step up. Chromium would be open source, but only Google employees would know the source well enough to do anything with it.
It's a worry. I'm not saying it's the same as with a closed source IE back then.
I think you are wrong, or at least, I don't share your impression at all...
I was there when IE 6 was a thing, and no, nobody was complaining that IE was too static. That wasn't the main reason at all. One of the main problems is that it was too dynamic, but in a proprietary and unsafe way (ActiveX).
The problems IE6 had are vastly different from the problems Chrome presents. But I would argue the Chrome's are potentially worse. IE6 was a big problem mostly for developers who were perhaps better equipped to deal with them. Chrome not only has the chance to become the "singl;e browser" (if it's not already there) and direct the web wherever but it also poses problems directly to the users who are most definitely not equipped to handle them.
I see this as a much bigger issue than IE ever had. It's not technical so a simple patch in your web app won't fix it.
You also have the choice to buy clothes stitched together by children in Southeast-Asia under horrible conditions, but we all know that a responsible consumer decision looks different.
What I'm saying is, that "we have a choice" is a void argument if you have just been presented with a solid case that one choice is clearly better than the other.
You know, it's not like you couldn't use one browser for work and the other one for everything else. I certainly don't need to inspect WebSocket frames while booking a flight, reading the news, chatting with family on facebook, or shitposting on HN.
Was this motivated by something in the release notes, or are you just taking the opportunity to bang the Firefox drum? Should we expect this comment in every Chrome-related thread?
Somehow, the update to Chrome 73 managed to ruin Chrome Sync on my work Mac. I have to "unpause" sync every time I run Chrome and I'm logged out of every account after closing the app, although I do allow cookies and don't clear them on close. My passwords don't autofill anymore, either.
What's the point of buying into the whole Chrome Sync thing if it randomly dies for no apparent reason?
Desktop PWA update looks promising and considering the last update, allowed many to upload PWAs on Google Play store. I feel the promises are finally coming true.
This may be useful for improving security, especially of CDNs. Binary Transparency seems to be one of the use cases mentioned in the spec[1] - perhaps someday this would be used for an unified scheme for signing application packages/updates, without reinventing the wheel every time.
As for binary transparency it's not enough to stamp the certificate (that's what CT logs do). The artifact would have to be stamped and published in a widely accessible source. Actually Binary Transparency doc published by Mozilla [1] creates a new regular certificate for new published binary thus utilizing CT infrastructure as it is today.
Xcode has similar functionality. It is the actual breakpoint, but you can just log the message (or make the computer to say it) and continue execution.
This was already technically possible, you could add a conditional breakpoint with a console log in the input and it wouldn't "break" because console.log returns undefined (false).
There was so much more than that, too... Mac IE5 had full support for transparent PNGs, a download manager, an auction manager (!), and a bunch of different color themes to match Apple's product line. It was easily better than even MSIE6, and it's a shame that Microsoft essentially abandoned the product after release, along with the Tasman rendering engine it used.
uBlock Origin is not ideal. But there's NewPipe at F-Droid for YouTube, it's also without the proprietary YouTube-API or any of Google's (proprietary) play-services. https://f-droid.org/en/packages/org.schabi.newpipe/
This is a huge release. Supporting PWA installation cross-platform provides a viable alternative to Electron-style bloat for many apps, and shipping SGX is useful for anyone who dislikes the AMP UX. Kudos to the Chrome team.
sandboxed file system access. People use electron because they need things like registry keys, reading/writing files from anywhere on the system, interaction with specific kernal functions, and tons of things browsers cannot give anywhere the same flexibility to without becoming a major vector for malware. Not to mention a lot of electron apps, like Spotify, use their own c++ libs, like Spotify json, because browser perf sucks.
You cannot sandbox and have native access, full stop.
The new design is space wasting. Check the URL bar for example, you type something and you get suggestions. The distance between each entry is huge. I don't have a touch interface on my desktop. It should be configurable. It was, until they removed the flags.
Tabs: with the old edgy style you saw "more" and was easier to click. This might be a personal choice though.
Account: Previously (on Windows) your Google account was displayed next to the minimize/maximize/close button. Now it's next to the icons for addons. Wasting space.
Difference between Linux and Windows: On Linux (Fedora, Ubuntu) you can use the scrollwheel to cycle through tabs when hovering over them. Doesn't work in Windows.
"When the browser loads this Signed Exchange, it can safely show your URL in the address bar because the signature in the exchange indicates the content originally came from your origin."
- the original website will not see these requests in its logs. Can visitors even tell that their browser is not accessing the server that shows up in the address bar? Their privacy is being violated.
- when the original website deletes or modifies a resource, the old outdated version may still be distributed by a 3rd party
Analytics could be done using JavaScript. (Or maybe some other way of triggering a request?)
Alternately, depending on your perspective, it could improve privacy, by making it easier to create web apps that don't phone home and disclose your IP address. Perhaps distributed on a DVD? (I don't know if it supports full offline access.)
Yes, reading stale content is possible. But this model of distribution is not new, it's how ordinary software distribution works. It's like downloading software from a mirror site, but the signature is automatically checked.
Or consider what Cloudflare does and that you need to give them use of your private key to make it work. It's a trade-off.
So Chrome supports dark theme, and PWAs can now be installed, but the PWA window does not support dark theme. Ironic. Two features developed in isolation?
What are they supposed to do with them, repaint Twitter and the others?
Especially since these apps basically have zero system elements other than 3 buttons (to clarify I'm talking about MacOS).
Make the huge title bar dark, just like in normal Chrome? You can already select dark theme inside Twitter, but it's irritating with the light title bar.
With `prefers-color-scheme` soon websites will be able to react to system theme too.
Intel SGX[0] is a specific technology supported by the CPU for encrypting application memory. Is the acronym used differently in the context with Chrome?
I briefly looked around and it seems like desktop PWA are not yet supported by Firefox. At least I haven't found a way to add an app to the desktop like we can do in Chrome. A bit disappointing.
Has anyone else noticed a reduction in New Tab icons? I used to have 10 defined, but now it will only show 8 of them. OSX 10.14.3, Chrome 73.0.3683.75.
It also seems to sometimes not want to display the text for the New Tab icons in white and picks a nearly-imperceptible slightly-darker grey.
133 comments
[ 3.1 ms ] story [ 192 ms ] threadThere are plenty of tricks to work around ad blockers.
I feel like way too many companies are making native apps just for the sake of users being able to install them and have that icon on the home screen. Most of the time the app doesn't require any native-only functionalities, it could function as web app just fine, so it's a bunch of unnecessary overhead. And mobile platform owners love this as the growing ecosystem means more lock-in.
PWAs seem to be a nice middle ground solution to this problem IMHO.
In fact, PWAs are UWP apps on Windows, having access to all native UWP apis without additional FFI, or having to deal with the likes of Ionic, React Native and friends.
However, if PWAs allow us to ditch electron for good, I'm all for them. Each electron app shipping its own browser copy and having full access to everything on my computer is a security nightmare.
What's missing in Firefox?
Opera also has a battery saving feature.
Tried running Edge for a while, which is gentle on battery, however Edge is just lacking.
However when I develop I always develop for Firefox first, but the Firefox developer tools are starting to age as well.
Has the web standards become so complex that it is inevitable that we will have a Chromium monoculture?
I want to believe, but I heard that multiple times and still can't even open simplest html websites without hearing the pain of my machine.
It's nice to have choiches.
Web monoculture make the web worse for everybody.
It was also not respecting the standards but only after a while (at release it was at the forefront of it), and that is also not a problem that Chrome can relate to.
I say that as someone who uses Chrome, enjoy it, but would also prefer if we didn't go back to a single engine being supported on the web (and I switched back to firefox on mobile, because of chrome lacks of support for ad blocking there).
By confusing what the fight is about and trying to make it about what it's not, I fear you make some people like me ignore it.
Do you know what a CSS hack is?
For example IE6 was not reporting my location to MS despite me turning the option off. Just because some people are ok with that doesn’t make it less of a problem. It just makes it a different (bad) one.
And in the passive aggressiveness [0] of your comment you didn’t even think that there are far better reasons why IE6 sucked. If feels random and based less on long term use experience.
You write as if you’d be ok with Chrome stabbing you in the eye as long as it’s not a CSS hack, the single reference issue all browsers are benchmarked against.
[0] https://news.ycombinator.com/newsguidelines.html
I picked them because I could test if you actually experienced it. Chrome at the moment is the best we have but it does come with strings attached. It has different problems indeed, surprise surprise, however I don't think that's that a big issue at all.
You should have started with that instead of the jab. Not only would it have been clear that it’s a personal opinion not a matter of fact (Chrome is better for me) but it would have also saved you the time of coming back later with the real single biggest issue of IE: standards.
The issues Chrome pose for most people right now are real. You don’t care about them for your personal reasons but disqualifying them because they’re not yours is very dismissive. You never know when your interests change.
Except for cases when it doesn't feel like supporting the standard in question, or it claims their support is sufficient. A recent example could be support for <input autocomplete="..."> [0].
[0]: https://www.reddit.com/r/programming/comments/ar1qj1//egl52w...
When ad blockers won't work, when you get DRM everywhere and trackers will be embedded in the browser, the tech will have progressed. Yet it will not be the progress you want to live.
It's like if suddenly you had only one car maker and say "it will be easier to design infrastructure for it". Yes, it will be. But it also mean you won't get innovation for you, only for the car maker.
For google that would mean pushing techs serving the ad and data collection business of course. But also in general, that would mean building for big companies. Adopting standards that are mostly beneficial to people that have the money to buy patents, setup many CDN, have high end engineers, invest in specialized hardware, etc.
"Chrome being a monopoly is bad because X" and I say there are lots of issue with only Chrome remaining but not X, it doesn't apply to Chrome. You answer by saying "but there is Y, and W, and Z, and ..." which is basically my point: no need to focus on what is not the issue.
Mozilla (then at 0.9.x) and Internet Explorer 5 for Mac were both significantly better.
You seem to be missing the link between monopoly and stagnation though. IE wasn't always stagnant. It brought us XMLHTTPRequest for instance.
I think the debate has to be about whether or not Chromium being open source changes the equation.
My biggest worry with a Chrome quasi monopoly would be the erosion of browser making competence and financial resources outside of Google.
So whenever Google's vested interests clash with what users want, there would be no one left to step up. Chromium would be open source, but only Google employees would know the source well enough to do anything with it.
It's a worry. I'm not saying it's the same as with a closed source IE back then.
I was there when IE 6 was a thing, and no, nobody was complaining that IE was too static. That wasn't the main reason at all. One of the main problems is that it was too dynamic, but in a proprietary and unsafe way (ActiveX).
Read, for example, this article from 2002, when "Phoenix" (aka Firefox) was launched: https://www.geek.com/news/mozilla-launches-new-faster-browse...
IE was pushed down the throat of everybody, and the main consumer complaints was "it's bloated".
For developers instead, the craze of the day was to pass the Acid test: we are talking about CSS implementation. We are talking about open standards.
Open standards where the main concerns for developers: http://davidnaylor.org/blog/2005/04/web-standards-acid2-test...
Acid 2 and Acid 3 where a the main thing during the browsers wars (https://en.wikipedia.org/wiki/Browser_wars). And they were ALL about standards.
I see this as a much bigger issue than IE ever had. It's not technical so a simple patch in your web app won't fix it.
What's the point of buying into the whole Chrome Sync thing if it randomly dies for no apparent reason?
This may be useful for improving security, especially of CDNs. Binary Transparency seems to be one of the use cases mentioned in the spec[1] - perhaps someday this would be used for an unified scheme for signing application packages/updates, without reinventing the wheel every time.
[0]: https://developers.google.com/web/updates/2019/03/nic73#sgx
[1]: https://wicg.github.io/webpackage/draft-yasskin-http-origin-...
Currently only one CA provides paid certificates with a special extension so that the cert can be used to sign SXG files [0].
[0]: https://www.digicert.com/account/ietf/http-signed-exchange.p...
As for binary transparency it's not enough to stamp the certificate (that's what CT logs do). The artifact would have to be stamped and published in a widely accessible source. Actually Binary Transparency doc published by Mozilla [1] creates a new regular certificate for new published binary thus utilizing CT infrastructure as it is today.
[1]: https://wiki.mozilla.org/Security/Binary_Transparency
If we're at Mozilla, it's also interesting to see what's their position on SXG [2]. There is only one spec there with that status there.
[2]: https://mozilla.github.io/standards-positions/
It seems the real issue at the moment is that it just isn't a high priority for them.
Displays the origin of the content?
This is one of our longer term visions for the API, not there just yet.
Break point like console logging is a neat idea.
And safari's own devtools inherited it years ago.
edit: looked it up, was introduced in Safari 8 (2014): https://news.ycombinator.com/item?id=8585122
* Dark mode is now supported on Mac, and Windows support is on the way.
https://wicg.github.io/construct-stylesheets/
They added two new methods to solve the FOUC (flash of unstyled content) problem.
It can easily become part of the standard if the feedback is positive.
2) Download and install Firefox Nightly
3) Switch default Search engine to DuckDuckGo
4) Install uBlockOrigin
5) Enjoy web and youtube without Ads !
1.5) Start IE
You cannot sandbox and have native access, full stop.
Tabs: with the old edgy style you saw "more" and was easier to click. This might be a personal choice though.
Account: Previously (on Windows) your Google account was displayed next to the minimize/maximize/close button. Now it's next to the icons for addons. Wasting space.
Difference between Linux and Windows: On Linux (Fedora, Ubuntu) you can use the scrollwheel to cycle through tabs when hovering over them. Doesn't work in Windows.
"When the browser loads this Signed Exchange, it can safely show your URL in the address bar because the signature in the exchange indicates the content originally came from your origin."
- the original website will not see these requests in its logs. Can visitors even tell that their browser is not accessing the server that shows up in the address bar? Their privacy is being violated.
- when the original website deletes or modifies a resource, the old outdated version may still be distributed by a 3rd party
Alternately, depending on your perspective, it could improve privacy, by making it easier to create web apps that don't phone home and disclose your IP address. Perhaps distributed on a DVD? (I don't know if it supports full offline access.)
Yes, reading stale content is possible. But this model of distribution is not new, it's how ordinary software distribution works. It's like downloading software from a mirror site, but the signature is automatically checked.
Or consider what Cloudflare does and that you need to give them use of your private key to make it work. It's a trade-off.
With `prefers-color-scheme` soon websites will be able to react to system theme too.
[0] https://software.intel.com/en-us/sgx
intel sgx: software guard extensions
chrome sgx: Signed HTTP(????) Exchanges
It also seems to sometimes not want to display the text for the New Tab icons in white and picks a nearly-imperceptible slightly-darker grey.