42 comments

[ 2.8 ms ] story [ 98.3 ms ] thread
Ymmv but as far as I’m concerned fixing a problem by hiding the evidence and pretending it doesn’t exist does not really count.

On the contrary, this makes the problem much, much worse by the url-bar no longer being a reliable indicator of the url actually fetched.

Can’t AMP just die already? That would actually solve the problem.

It's signed by the original site though...

By your argument, all URL's should say "Comcast", because all webpages you load at home are from Comcast...

They are not. They are served by the web-server specified in the url at the application level.

Routers, switches and repeaters in the middle are serving nothing, they are relaying IP packets at the transport layer.

If you can’t tell the difference, you may want to read up on basic network layers.

Yes, but I think you may be missing the point they were trying to make. This is simply a form of caching for content delivered over HTTPS that preserves the key properties of HTTPS. The browser gets the blob and confirms cryptographically the origin of the blob. It can then show the user that origin information so they can know where the content came from. This is the thing browser UI is supposed to communicate to the user.

This is why Google is analogous to Comcast here. Neither can mess with the content or impact its origin. They are just part of the packet transmission system in between.

Hence this is a huge win. Previously, AMP was served off of Google servers where Google was the man in the middle aware of and even able to manipulate the content. The scripts were running on their origin, etc.

Now with this signed exchange tech, the contract is between browser and origin server. The Google cache is now super dumb, which is a big improvement from a privacy and security perspective.

> Now with this signed exchange tech, the contract is between browser and origin server. The Google cache is now super dumb, which is a big improvement from a privacy and security perspective.

Transparently serving content from google when the url says something else is a complete loss of privacy and security from a user-perspective.

Only if the user doesn't understand how cryptographic signing and verification works. Otherwise, they'll know that doing things this ways actually creates stronger guarantees of privacy than what previously was done.
But now Google gets to track my requests where they previously couldn’t, because my request goes to their server.

That’s a massive loss of privacy right there. How is that even debatable?

Also given how Google works, I think it’s reasonable to assume that enabling this additional Google-tracking was the primary intention behind AMP.

Once they've been encrypted, it's all just gibberish to the intermediaries. If you truly do see this as a massive loss of privacy, then why are you not outraged at Comcast and others that regularly act as middlemen with your encrypted data today?
They see the URL I’m requesting. It’s trivial for them to request that same content.

My isp cannot do that because the url is part of an encrypted transfer, but a transfer google now has allowed themselves to snoop into.

Better headline would be, "Google to disguise AMP URLs"
Now give me the option to opt out of amp results in my search and it'll be perfect.
The lack of this option is the single most eloquent statement of Google's coercive intentions for AMP. It's incredibly easy to implement, and if they were really about improving user experience they'd provide it in a heartbeat.
There is an option but you have to use Firefox to enable it. For whatever reason Google doesn't give AMP links to Firefox users.
Because it results in a meaningful difference in page speed loading that makes Chrome faster than Firefox.
"The answer to the AMP URL problem are "signed exchanges", which allow a publisher's domain to be displayed in the browser address bar, even though the content is loaded from Google's cache when a user clicks on an AMP link in Google Search results."

Someone smart thought this was a good idea.

"This allows you to use first-party cookies and storage to customize content and simplify analytics integration. Your page appears under your URL instead of the google.com/amp URL."

Creating opacity in security and misdirection in trust is unwise for users. Making the address bar lie is dangerous.

I just don't get how the smart people at Google allow this to happen. The developers of Chrome and AMP can try to rationalize bad behavior but I'm surprised how all their coworkers let it stand. There was once a Google that would have been displeased with this kind of action.

How is the signed exchange materially different than just having the browser make the request when you click on a link?

Google hits the page beforehand, gets a cryptographically signed package of assets, verifies its contents and returns that to the user when the user clicks a link versus having the browser make the request itself at that time.

Agreed. As long as it's crypto-signed byte-for byte and matches exactly what the original website published, then the actual TCP connection used to deliver the data is irrelevant.
Then why have Google deliver it at all, instead of encouraging publishers to simply cache their pages and serve via CDN?

Amp is a solution that creates more problems than it helps. But it's a strategic move for Google to exert more control over publishers.

Google needs to deliver it or the browser wouldn’t be able to pre-cache the content for the user since it would leak to the publisher that the content was shown in a search result.
Again, this is a made up problem.

We don't need to pre-cache results. We just need faster loading websites without the bullshit JavaScript that does... Nothing.

Google can, and has since inception, shown a 2-sentence description plus a title. If I as a searcher find that useful, I click through to the publisher site. This is a good system.

AMP simply steals the entirety of the content from the publisher and serves it for them. That's not Google's job. And that's absolutely terrible for publishers.

The solution is to provide tools and guidelines for publishers to follow for a better user experience, not cut them out completely. Fix the problem at the root.

How is showing a page in < 100ms versus 2+ seconds a made up problem? There is no way without pre-fetching to deliver an instant experience.

Also, what do you mean that google steals content from publishers? Publishers are in control of the ads running on amp pages (and receive the revenue), with over 100 ad networks supported by it.

I don't need a page to show up in 100ms. 2 seconds isn't a problem. 5 seconds is, but I'll wait it out for something I'm really interested in.

Regardless, this stuff can all be done externally with current tech. Fairly easily. Serving up cached pages and lazy loading images resolves 90% of pagespeed issues. Removing JavaScript where it's not needed (almost everywhere) is another huge step.

There is no legitimate reason - zero - for Google to go so hamfisted with this. The only reason it's being shoved down everyone's throat is because it gives them more control over publishers.

I care about 2 seconds.

Tech should be instant. 100ms is near enough instant in my book. Anything more is sub-par. It's wasting human time and attention. It's slowing people down from doing what they want to do.

Imagine pages loaded in 100ms. You could flick through them by holding down a key like scrubbing through a video for a scene you like. You could eliminate tabs in a browser because there's no need to have many open at once when you can switch to any webpage with no delay. Think about it - tabs are simply a crutch to have a small set of webpages ready-loaded and quick to switch to! Thats how badly we need instant load webpages - we have invented workarounds!

Just because people have become normalized to something taking too long isn't a reason to not strive to make it better.

>Think about it - tabs are simply a crutch to have a small set of webpages ready-loaded and quick to switch to!

Usually not because the page takes long to load, but because we need to quickly switch between contexts. The biggest slow down here is not the page load speed, but the _human_ interactions required to get to that other context. Tabs exist because we don't have enough screen real estate to display all the multiple contexts we need at the same time.

Frankly I don't perceive a performance difference between AMP results and regular results. There are abysmally slow pages, but those are the minority of pages I visit, and they often do not invest in AMPifying their page.

I mean really, if AMP was so valued by users, Google wouldn't have to artificially pin all AMP results at the top of their search results. They wouldn't have to limit the ability to opt-out. They could offer an AMP sibling result and see which one wins out the SEO war. But by forcing AMP links to the top, they force publishers to give over their content to Google's servers or be dropped from search results. This is a monopolizing play, not an openness play.

I'm with you. 100ms would be amazing.

But AMP is too high of a cost to pay. It's just not the right answer. The negatives greatly outweigh the benefits.

> I just don't get how the smart people at Google allow this to happen.

We'll probably never get a true answer to this, can only speculate. This appears to be group(s)think in action, where the involved parties feel justified, even entitled, to make this change for the 'betterment of the web'.

Think back to when the Chrome/ium team decided to hide 'www' and 'm' from URLs and had to roll back that decision pretty quickly. I cannot find the post where an engineer indicated that in their internal discussions this seemed like a good idea.

Given the massive browser share that Chrome/ium commands, the decisions being made around tampering with the address bar and making it behave in a way that does not reflect the underlying protocols, would not occur in a team with healthy debate around the merits and dangers of such actions - so I believe that debate is either not happening or simply being suppressed at multiple levels within the organisation.

> Think back to when the Chrome/ium team decided to hide > 'www' and 'm' from URLs and had to roll back that decision > pretty quickly. I cannot find the post where an engineer > indicated that in their internal discussions this seemed > like a good idea.

Wasn't it Apple who started with this? I seem to recall seeing their web browser only showing the main domain of the website.

> Making the address bar lie is dangerous

This x1000.

The only positive constant users have had since 1994 is that the URL doesn't lie. You can look at it and figure out if you're safe or not. Now Google wants to hide that from users by this masquerading going on. That is simply terrible and doomed to be exploited in the years to come.

The only people who win here are the scammers who will defraud users.

You can‘t really, though. Many people have been fooled by fake URL‘s. Nobody checks the cert. To say nothing of the non-human-readable token URL‘s in emails.

Password managers and hardware tokens (Android phones too now) are actually a much better defense against phishing.

Can you explain how scamming is possible?

The page shown to user is cryptographically verified to have been fetched from the url shown to the user in chrome’s url bar.

Maybe not directly scamming exploiting this mechanism, but it might destroy the healthy habit of URL checking and being aware of what is going on. Instead people are given a false "seamless" experience. In the future similar white lies might be adopted by other companies, and eventually exploited. Just like the endless bombardment of cookies warnings trained people to just click through "OK"s and "Accept"s. Paired with introduction of the new Google portals, people might get used to opening a site within a site, or a site that is not the site. Now you can scam people by making them believe your shady website has a seamless Paypal/Visa portal, but it's just a css copycat and a private database of fools.

I don't know why I'm always weary of increased levels of abstraction in interfaces.

>I just don't get how the smart people at Google allow this to happen

B/c people at Google have the delusion that they are the internet.

When will Google stop acting like it owns the internet? Also, isn't this highly exploitable form a security stand point?
Why is google unable to work with CNAME again, I’m sure amp.washingtonpost.com would suffice? This seems like a Rube Goldberg machine for something with tons of existing solutions...
Google does not control that.
You could easily point that URL at a Google server.
Sure, and point it elsewhere too.
Okay, what’s your point?
Google / chrome can’t prefetch content on amp.washingtonpost.com or it would leak that the publisher’s content was shown in a search result.