Non-Chrome user here - does clearing Google cookies on exit sign you out of the browser-level account? If so, I could see some world where they wanted to avoid that UX. Of course, there are more honest ways to present this: e.g., a toggle in the same settings screen that gives you enough context to be able to opt in/out.
It's amazing the amount of crap people put up with in exchange for some comforts and conveniences these days (google, apple, amazon). Sad that so very few people put values first
Apple is the one looking to expand into health and wellness. The data Apple can harvest is going to become more and more valuable. They're rolling out home speakers and the Apple Watch is increasingly becoming a DYI diagnostic tool. I think it's a bit naive to think that Apple is somehow more altruistic than any other big tech company.
It's not altruism, it's just their business model happens to be more compatible with people's rights: Apple sells hardware at a premium price. Google monetizes data to push ads. Ads aren't a big part of premium experiences, Apple recognizes nobody likes them.
Which is why Apple devices generally only have ads in third party experiences, and Google shoves ads right in the default mail app.
There have never been third party ads in any default application on MacOS or iOS and I feel completely confident saying that.
You could make an argument of upselling, the music app prods your for a subscription to Apple Music or to buy songs on itunes- you could argue Apple TV shows content from providers you’re not subscribed to (next to ones which you are)- but those are first and second party ads.
> the music app prods your for a subscription to Apple Music or to buy songs on itunes- you could argue Apple TV shows content from providers you’re not subscribed to (next to ones which you are)
Exactly. Which is why I buy iPhones rather than Android handsets. I'll support Apple as long as their business model is privacy orientated but once they pivot (and I'm sure they will at some point in the future) then I'll switch to the next platform that supports my privacy -- assuming by that point that there are any such platforms left...
Which is why I think projects including PinePhone and Librem 5 are important, as they are privacy orientated and they need community driven support now to be usable in the future. The only other projects that get close are ones that use AOSP as a base like GrapheneOS or LineageOS with MicroG. But this introduces the same issue that Chromium forks have, which is the increasing maintenance burden.
Apple's business model is more compatible with rights YOU care about, but it is false to say it is compatible with "peoples rights"
Apple is more compatible with Privacy rights, but wholly not compatible with ownership rights, portability rights, free speech rights, etc.
Their draconian ecosystem policies around payment, hardware lock in, and platform lock in are IMO just as bad if not worse than Google draconian policies around data privacy
It seems however you do not place any value on anything other than privacy
This is an important point. There are no good guys in cell phones right now, at least none that are large enough on the stage to really scare Apple/Google.
EDIT: I feel like I should give a shout-out to Pinephone, LineageOS and GrapheneOS as some better options, although they are all obviously not mainline.
I personally think that the whole "privacy" thing started because their ecosystem is in trouble.
They created the app store and made apps ubiquitous.
Honestly, computers used to have so much promise. They helped us, and made us better.
But nowadays how many people have you heard say "I don't WANT to install an app". (I know, lots of people don't care)
And apple is trying to restore (a little) trust by saying they're for privacy.
Thing is, they have to play both sides. And they really can't be for privacy (like allow a firewall or block network access for an app) because then developers won't do anything on their platform.
They don’t have to be altruistic as long as their interests align with those of their customers. So far on privacy they’ve spent billions of dollars building a reputation for protecting user privacy, fought court cases and probably given up billions more in potential revenue from user data monetisation. I’m not about to give up using a smartphone or online apps, so given I need to make a choice, I’m happy with the one I’ve made so far.
All you have given is possible reasons Apple might compromise, but those have applied for many years. If they do start compromising then sure, let’s re-evaluate.
They have spent on _marketing_ privacy. Their court cases were a great exercise in PR. They still have the highest compliance rate with US government for turning over user data, which they hold the keys to, and the Chinese government. User data monetisation is not the only danger to be wary of, it just happens to be the one that gets trotted out most often.
The time to re-evaluate is already here, it's just hard to do so when you're already locked into their ecosystem.
It’s not as simple as taking the compliance rate. The question is, how much data do they hold that they can tune over. How much of it is client-side encrypted.
Twitter handing over the DMs for a user: very much problematic- they’re plaintext. Apple handing over the iMessage history for a user: much less problematic, it’s E2E encrypted. (though still an issue - metadata may still be plain)
Fundamentally it boils down to some trust level - how much of what apple says about their data storage is true?
I don’t understand how complying with the law and not criminalising their employees is a ding against them. I don’t think I’ve ever seen that used as a criticism of any other company, but it’s regularly used against Apple. It’s really bizarre. If you dont want companies complying with the law surely what we need to do is change the law and challenge governments. What matters is what they choose to do within the law, and as a customer I’m satisfied.
The difference is their business model. Google offers you free things, in exchange for showing you ads. Same with Facebook. This incentivizes them to find more ways to get more data about everyone.
Apple mostly makes money by selling you goods. Privacy can become a feature of those goods, increasing its value. They are incentivized to protect privacy.
This doesn't make Apple better. It's just that they're in a different market.
Except in the name of privacy they are now using it to expand its services to other sector. Payment, Cards, TV, Music, Wellness, what's next?
(Especially true when you see people continue to think their business model is still to sell you iPhone, Apple is no longer just an iPhone company anymore )
Many of these makes me uneasy. Especially when we have caught Tim Cook lying multiple times.
Could it be it's just peoples values are like that? That regular consumers are ignirant and short-sighted and care more about funny games and easy apps instead of privacy or quality?
That's _your_ definition which may have pretty much nothing to do with how other people see it. We won't be able to have a clear conversation about privacy until every person is on the game page about that.
Until you understand that, you'll continue to be "surprised" when people say they care about privacy but not the pet peeve you have.
"Ah okay, thanks for the clarification. Sounds like that doesn't apply to the internet then, because I'm just loading websites in a browser, I'm not talking to anyone. Thanks again for clearing that up!"
defining privacy in a contextually relevant and concise manner is hard.
Yep. Your problem is you're hiding all the inconvenient logging and generation of metadata propagating knowledge of my communication with your website beyond the scope of what was intended every time you propagate out metrics logs, or transaction data out to other third parties.
If you stop at "oh, an HTTP session happened", you're being a disingenuous maker and perpetuate of strawmen. It's almost always what happens with data by actors you invite into that "seemingly private HTTPS transaction" that violate the simplestsocial precept of the technical exchange.
Things branch off from there. If you can't see that as a fundamental breach of privacy and professional discretion, then again, it's likely you have a vested interest in not seeing it. It's damned obvious to anyone who doesn't.
Why would Google be interested in getting consent for something they can force without you being able to complain about it? That makes no business sense, and the only thing that makes Google change things is if there are dollars at stake.
And then only dollar amounts that move the needle (and if your choice negatively impacts the business by only a million dollars ayear, that's an irrelevant difference for Google. They literally don't care, because a million is peanuts, and does not move the needle)
Maybe if apple or google or FB or any of the massively profitable big tech cared to pay back fairly to creators there would be quality content. Right now with things as they are nobody seriously wants to join the crowd of beggars.
It’s not either this or that. It’s simply that people really don’t care about privacy on the internet, apart from situations they have been taught to be careful (eg internet banking).
They simply don’t think about their internet browser, their privacy and Google, in the same way most people don’t care about how toilet paper is made. Sure you can make a strong case why something is bad, but in the end people just keep buying the same brand of toilet paper.
Well, depends on how you define "alternative". If they were browsers, then perhaps NYTimes would only work in Firefox and WSJ would only work with Chrome. Technically, you can treat either as a replaceable commodity good as well...
From my experience the majority of non-tech people do not value software or online services and will balk at paying even a couple bucks for an app.
The other problem is that every service out there will pretend to treat you with respect and it's only when things go wrong that you learn the truth, by that point it's too late.
So you need to 1) look beyond the price and 2) know which companies lie and which don't when it comes to their marketing (or have a previous experience with them), otherwise they all pretend to treat their customers with respect.
There's a huge, billion dollar niche where Google used to be :
1. A box on a web page
2. Customers write words
3. Your software return a list of web pages that contain said words plus relevant ads.
Since sometime 2007 - 2009 and Google has dropped the requirement that results actually contains the word and it is extremely annoying.
I use DDG these days. They are just as bad, not better or worse but it is faster to add !g to a DDG search than to retype the query in DDG aftee first trying Google.
First other search engine to recreate the Google experience from before 2007 can charge me $10 a month and show ads on top of it and still get me as a happy customer.
~/chromiumDefault is the dir as it was created when I started Chromium for the first time and set all settings the way I like it. I update it every once in a while when I tweak a setting.
So, honest question, because I'm genuinely bewildered: why would you bother doing this, when Firefox exists, is perfectly functional, and isn't made by Google?
I’m back to Firefox after many years, it’s quite good and I don’t miss anything from Chrome other than one click translate page button. Also looks like FF has caught up Chrome performance-wise. It’s fast, it respects your privacy, very nice!
It actually feels faster than Chrome to me. I've been primarily on Firefox for the past few months and was really surprised to find Chrome not feeling as responsive when I tried to use it recently.
I've been using Firefox as my daily driver for perhaps a year or more now.
As well as the translate page button, the other great feature chrome has that I miss dearly is the highlights chrome has in the scrollbar when doing a ctrl-f find-in-page. That is super-useful and a real pain in the arse that Firefox does not support it.
I played around with prototyping an extension to replicate it (or as close as I could get) but it was hard to nicely override the ctrl-f hooks.
> Also, I block firefox myself. It phones home a lot, even when you tell it not to.
Do you have sources on this? I use Firefox on Mac OS with Little Snitch and have never had Firefox try to phone home with analytics disabled (a one click decision on first start of the app).
Settings one is interesting, it does appear that you cannot block it[0] and that is sad.
The other two appear to be safe browsing and automatic update related. Those two services can be disabled form the regular settings UI, I think? Have you found that to not work?
Shavar is the server from which Firefox downloads update to its Safe Browsing and Tracking Protection site lists. “Shavar” is the name of the differential update protocol Google designed and uses for Chrome Safe Browsing site list.
aus5 is the server from which Firefox downloads new Firefox updates. “aus” stands for Auto Update Service.
I’m not exactly what data is downloaded from firefox.settings.services.mozilla.com.
I really really really tried to give Firefox a chance, but gmail and some other sites are unusable, 40% are slower and admittedly the other 50% work just as fine as in Chrome.
There are some convenience issues with Firefox that bother me:
- It starts slower then Chromium.
- Right click and "Open in new private window" actually opens in a new private window. I prefer how Chromium does it, grouping all sites opened like this as tabs in one window.
- In Chromium, I can easily set any URL as a custom search engine with whatever parameters I like. In Firefox, I can't.
While I dont think you can set any url as a "search engine", you can set any url as a parameterized keyword bookmark. Create a bookmark, then edit its properties, put %s in the url, and assign it a keyword. This behavior is more straightforward to setup in chrome but it at least exists in firefox.
In my experience, Chromium renders and is interactive ~~faster~~ earlier, but they have about the same time between launch and browse. On Chromium, I launch, type in a site, hit enter, and wait and wait as it finishes actually starting up. FF takes longer to appear but is ready to browse as soon as it does. Or at least it did until some time in the last year or two, at which point it started taking a page out of Chromium's book. But honestly, I don't do cold starts that much so it doesn't bother me much one way or another.
I can't remark on the first two (I don't start my browser that often, it just status open, and most of my private browsing use cases are covered by the temporary containers extension), but the search engine issue (which is super annoying) can be solved with an extension:
I have an intermittent issue in FF across platforms/networks where I can watch in network console as I enter a URL, and I can see it not even trying to send the request. All I can find is a fixed issue from 2017 and I don't have the time nor inclination to try to figure out why this would be happening. Searching for a cool new browser for the Linux box but I might just install Chromium and be done with it.
I'm having a similar issue with FF. When I open FF and go to gmail.com, it doesn't load. I filed a bugzilla some time ago and it's still not fixed yet. FF is not usable for me so I switched back to Chrome.
For me sadly it's the WebSpeech API. A lot of sites that use speech-to-text and text-to-speech break on FF and also the voices FF aren't nearly as good as Chrome.
This bug has been pending for many years now and I don't think it ever going to be on their priority list soon.
I have had some problem with Firefox for many years, maybe 5 years since I've tried to use it.
The problem is whenever I start FF it hangs for 30 seconds before I can type the first url in. That duration and the fact that it's consistent means it's clearly a network timeout.
I have a locked down computer, layers of security enhancements so I kind of understand something I've done is causing it.
However, why should it lock up for 30 seconds if it can't do some background thing! On startup! It's an atrocious UI failure. And it's been this way for 5 years that I've been counting, through their Quantam speedup etc. Major flaw and unfixed for aeons of 6 week release cycles.
Btw it's not updating as it still updates ..
It's actually really bad design to have a lockup like that, and especially on the critical hot path of the first time you use it! It's a sign actually of bad user experience design, and it's one of a number of bad anti-user things I've found about it. Things that Chrome gets so right!
I want to ditch Chrome because of the many Google anti-features, but UX is also very important to me I use the browser all day every day and I'm extremely fast at the UI with advanced shortcuts etc. Firefox locking up for 30 whole seconds before I can use it not only destroys my flow but is actually an eternity - I could have about 40 chrome tabs opened with urls types and autocompleted or pasted into the url bar in that time ..
Sadly Firefox blows on a large number of design decisions. I get the impression that user experience is down the list at Mozilla, below either Google donations or SJW antics. Whatever, but they consistently fail on important points. I wish it wasn't so I truly do. I'm in the process of moving to Brave in anticipation of uBlock finally being sabotaged by Google.
This is absolute fucking nonsense, FYI. You’re complaining about UX in the context of a bug triggered by your configuration. You could probably have identified the request that causes it in the time it took to write this comment.
I have the opposite problem, strangely: Firefox always starts instantly, but at some point in the last two months the autoupdate feature stopped working. A minute or two after starting FF, I get an in-browser popup that the autoupdater couldn't download the latest version automatically (even if I am on the latest version as I now update it manually).
I'm slowly cutting the cord with nearly all social media sites and other sites that track me for any reason, and as part of that, I'd like to get away from Chrome and use a truly open and privacy-focused browser. Every time I start Firefox, I'm turned off by how unpleasant it looks. The UI is just bad. Sharp corners, asymmetrical margins, crowded menus, lack of whitespace. The rendered colors don't match Chrome. Fonts aren't as smooth. It's like switching from MacOS to Linux. Things just don't look good, and that matters.
I am not entirely confident in this but from my perspective, a simplistic reading of what you say appears to be "I want privacy but only if I don't have to endure even minor inconveniences for it."
This may never happen unless privacy was as profitable as selling data on people's behaviour.
You put a gram of sarcasm on your simplistic reading, but I think you need to realize that anything people use daily, even hourly, needs to make them feel comfortable. For whatever reason, the poster you're replying to is bothered by him but for something he has to deal with so often, it's hard to override that feeling.
I guess what I'm really saying is that frequently used things probably involve human phycology and emotions just as much as someone's intelligence.
That’s awesome. I took that cord cutting one step further.
I completely stopped using all products and services from FAAMG and committed to a complete digital detox plan. Using my devices with a clear intention in mind, rather than getting sucked into a dopamine driven vortex of dark patterns, has changed my life for the better.
For email, I made a protonmail and I’m still in the slow process of changing my email over on all the critical websites I depend on. For my phone, I got a Light Phone II. For my desktop and laptop OSes, I use Linux distros (Solus and Manjaro are my favorites). For GPS, I use a Garmin, and for reading, I use a Kobo e-reader.
It’s ironic that devices that do everything for us, instead of specializing in one important thing, have negatively impacted our lives when they were supposed to improve them.
Im back to FF for almost a year now. I am experiencing a lot of hiccups, freezes and crashes. I think FF should concentrate to improve the browser first and foremost. They’ve been adding a lot of useless (to me) features but the broswer is still buggy. It’s their time to claim their market back from chrome, or it will start happening soon and I think they should just concentrate on the browser.
Are you on Windows by any chance? I experience that with Firefox only when I use Windows (i.e. almost never, fortunately). I switched to Firefox on my main computer (Linux) a year ago and I could not be happier. It consumes much less memory than Chrome, it's way faster (that's my impression, I haven't measured that in any way) and it is a lot more customizable. I removed a lot of stuff from the context menu for example.
As a bonus, it isn't made by Google. I was a hardcore Google fan a few years ago, but after seeing what they are doing with Chrome and the internet, I just could not keep using Chrome any longer.
It seema like a losing battle trying to make Google products not act as malware when they are designed for that purpose. It is so much easier to just use Firefox.
That's a little unfair. Emacs has bad defaults because some person, somewhere, fourty-ish years ago, honestly thought they were good (probably correctly for their use-case). Chrome has bad defaults intentionally, to benefit a corporation.
Obviously tab behavior in Emacs c-mode is not a comparable default
to how Google configures Chrome(ium).
It was more of a joke as the answer to "How do I make Emacs do this" could resolve in a "Easy, just do this" followed by some arcane lisp macros that would have taken two years of research and experience to be able to compile.
And on the day that “mktemp” fails for some reason, that script will then delete your entire home directory.
That's a good point but an incredibly lazy comment. I think the possible failure of 'mktemp' could be protected against by using 'set -e' at the start of the script.
I think this test should be performed when you logged out from
the Chrome profile. Youtube, Google Docs and Google search automatically pick it when you logged in.
Wow, that UI looks deceptive. Maybe if an organization like the FTC “nudged” Google with fines, or DOJ looked at other options, the smart folks at Google would get better at these sort of things once they’d had the proper incentives given to them.
Along with sign-in-to-sync, AMP, URL hiding, upcoming manifest v3, Google is doing their best to benefit advertising and data collection. As the market leader in ads, it is textbook anti-competitive behavior, but the courts will have to decide if it is legally.
This isn't the highly visible anticompetitive behavior which might cause a backlash. Regular people, or even journalists or judges won't even understand what cookie clearing on exit means.
If there's antitrust sentiments towards Google, it needs to come from some where else.
On the other hand, a corporation cannot be allowed to continue its anti-competitive practice just because the subject is too complex for an average person to comprehend.
Techology isn't going away and is becoming ever more important. It seems obvious to me that we will need cross-domain specialists to handle cases such as this in the future -- someone with both a legal and computer science background.
> Many of the most important challenges confronting the legal profession lie at the intersection of science, technology, law, and policy. Emerging science and technologies, such as AI, big data, social media, genomics, and neuroscience, demand an interdisciplinary approach and visionary leadership. Students in the JD/MA in Bioethics and Science Policy program spend their three years at Duke focusing on these intersectional problems and preparing themselves for a seat at the table in these discussions for decades to come and earn an additional degree while doing so.
This is something I've often called a retreat into complexity. Classic example: food corpo gets flak for putting something nasty into their products. They then switch to using an alternative that's just as harmful, just with harder to spot effects.
Although politicians and the court does not understand the cookie, That doesn't mean we won't have a backlash. It just doesn't guarantee the backlash is technologically sound. EU's cookie law, for example, is just stupid from the pure technical standpoint.
It's your computer that store a cookie to local storage. It's your computer that decide to send back previously stored cookie. And they're crying like they don't have a consent.
> It's your computer that store a cookie to local storage. It's your computer that decide to send back previously stored cookie. And they're crying like they don't have a consent.
Fortunately, EU regulators understand that non-technical users exist and need protection from abuse.
People understand perfectly well when you abstract it by one level: Google's web browser ignore's some of the user's privacy settings on sites Google owns.
> Regular people, or even journalists or judges won't even understand what cookie clearing on exit means.
It's been almost 30 years since the Cypherpunks. When billions of dollars or existential business threats are at stake, regular people are motivated to find a technically-knowledgeable peer for advice. There have now been several generations of financially successful tech entrepreneurs, some of whom move in non-tech circles.
There were plenty of last straws. The missing piece is a powerful enough entity that has interest in regulating them. No, despite the GDPR the EU is not that.
Exactly, compared to what could be the maximum fine, there are no high profile cases. This is the point, GDPR is as useful as much as it is enforced, which is lackluster at best. We are not talking about a one off, for example Google has been continuously violating GDPR for years at this point.
Combined with the latest twitter bout of censorship, the hammer is going to hit tech soon... very hard. They are running out of friends on both the left and right.
twitter isn't doing those, they're losing friends through censorship. which they legally have every right to, but the powers that be are now campaigning to change that legal protection (exemption? sinve no one understands the second amendment)
They have every right to do it legally and you're right that the rules will probably change. People say "just go and make another platform" but Google literally tried and failed to make their own (Google+). If they cant do it who really can? Its not happening or it will take centuries/enormous resources to gain traction and compete. So we are left with an oligopoly that is censoring in lockstep and that's an issue for all sides because eventually its not them, its you, with time (amongst other issues). I think the platforms are a huge threat to democracy personally and I hope the new rules are meaningful and not just a knee jerk makeshift reaction.
That argument of "just go and make another platform" is misled anyways: Even if I build another platform: Twitter is still the primary communication channel of the US President. Which means that all secondary users (interested citizens, journalists, ...) hang out there as well. Thus whoever they block there or not has an impact, even if my competitor has a few hundred million users.
Google+ just wasn't very good, the argument that no one else can do it doesn't sit right with me because google was half assing that from the beginning.
I think those are the optics because it never took off so it looked half-assed but they made an effort (Google+ was also launched a long time ago so it looks antiquated by todays standards). Maybe a better argument is that its been decades and nobody is meaningfully competing with facebook or Twitter in their respective categories even though there is tremendous economic incentive to do so. Network effects are very difficult to break. When the president is on Twitter nobody wants to be on Bob's basement network. Its locked in a feedback loop.
Follow up comment here because Ive apparently reached my limit for a while: I believe you. I still think a Google half-ass is going to be a stronger effort than another start ups full out stab at it. Facebook is the biggest "country" on earth almost by a factor of 2x with 2.7 billion people. Its just other worldy large and difficult to compete with especially today. But I get what you're saying.
I was following pretty heavy at the time, and unfortunately "made an effort" looked pretty poor to me. You are right network effects are difficult and if google wanted to throw it's full weight behind the problem instead of just dipping their toes they had the capital to shift opinion. I think this is far more likely google didn't have the will to make that a fully focused problem.
Social media platforms are mature enough that half hearted efforts like Google’s won’t work.
But tiktok and Snapchat work. You know: real sustained efforts. Instagram launched 9 months before google plus. That should give you an idea of the landscape that google operated in. Instagram— with 13 employees at acquisition in 2012– works.
Google isn’t a determiner of what works. They’re one of the laziest implementers of new services/startups.. they literally throw something out there and try to coast off their name. In markets where the customers are mostly satisfied, lazy stuff like that doesn’t create a winning product.
Sometimes a narrow lane is found in social media in general, but I would argue the competition is still minimal or non existent for crossing lanes. For instance Twitter and snapchat and Tiktok are very different. I view the social media landscape as an oligopoly rather than monopolistic and they rarely cross into each others territory. Also the rate of new meaningful competitors just is not occurring fast enough when a democracy like the US has elections every 4 years. Theres a mismatch in competitor lane crossing and the rate at which democracy operates. Theres been what...2 or 3 major new social networks with limited scope that dont really compete with each other in 20 years on the western side? Its just not enough to make an impact and give people choice especially as we see them act in tandum.
A separate platform requires a compelling story. Google proves merely that money and dev talent aren't enough no matter how much you have of either or both.
You’re allowed to say whatever you want and I’m allowed to sue you if you tell lies about me. Twitter and other social media platforms are made exempt from this because they are hosting other people’s content and they’d be sued into oblivion if they could be held responsible for what everyone posts on their service. But as soon as they start censoring whatever they want, they aren’t a true public platform anymore, the content you see is what they want you to see. So they should also be liable to civil suits if the information they allow to disseminate is not true. This isn’t about the second amendment, IMO.
They were NEVER a public platform they were always a private company. Its a commonly repeated untruth that as soon as they start moderating they cease to be protected. Nothing could be further from the truth 230 specifically protects their right to moderate.
People advocating that position usually have a very specific idea about how they want sites to be moderated, but section 230 is about not treating platforms as if they're the speaker when one of their users posts illegal speech, regardless of moderation. Of course, politically biased speech is not illegal, so it's really about punishing platforms for moderation somebody doesn't like.
A more reasonable target for a 230 carve-out would be recommendation algorithms. Those aren't merely passively hosting user-generated content, but actively selecting what they think you should see to keep you engaged with the platform. Featuring content rather than showing it ordered by some simple criterion like time should be treated as editorializing rather than moderation. If a human editor decides to feature lies I tweet about you on their "best tweets of the week" page, you may be able to sue them for libel. If twitter's algorithm shows lies I tweet about you to a large audience, you currently can't.
Arguing that the recommendation algorithm is editorializing is an argument for the choice of algorithm being an instance of free speech which would be protected from such meddling.
I don't think current law and understanding of same allows any major changes to how we treat platforms. I tend to think that any major changes in the law are liable to be for the worse because even well meaning law makers seem to possess a mostly incompetent perspective on tech.
The algorithm would have free speech protections under such a scheme, and it's likely courts in the US would conclude that it does under current law. Those do not necessarily extend to repeating lies that I have published about you, which are not protected as free speech.
The company has a free speech interest in choosing the algorithm to make it clear. Lies might be protected speech but 230 makes it very clear whom you are allowed to sue regarding those lies. Wishing the law was different doesn't change the law.
To use the actual text, it indemnifies them from lawsuits arising from:
> any action voluntarily taken in good faith to restrict access to or availability of material that the provider or user considers to be obscene, lewd, lascivious, filthy, excessively violent, harassing, or otherwise objectionable, whether or not such material is constitutionally protected;
So long as their actions are in good faith, and the content can be lumped into "otherwise objectionable" (as I'm sure most anything could), they are well within Section 230 protection. Even if they have an implicit bias in their moderation. Even if they have an explicit bias in their moderation that they put in their ToS. It specifically says "that the provider or user considers obscene...", which explicitly states the bias of the provider is considered.
The only way Twitters moderation could remove their Section 230 protections is if they did it in bad faith. If they were doing it specifically to try to lose Trump the election, that might count as bad faith because it has nothing to do with limiting access. They are, however, free to remove everything he posts because they find him to be objectionable. Or to remove things they think they are objectionable. Or to only remove violations of their ToS when Trump does it, because they find him or his past patterns objectionable. Or because they find it more likely to lead to flamewars, etc on the site when he does it. Etc, etc, it's mostly a hypothetical because you have to prove bad faith, which is hard unless someone is dumb enough to write it in an email.
Twitter violating its own ToS and/or promises to the users sounds like an example of bad faith. (This would not apply if Twitter's marketing was 'Fuck you! we do whatever we want', instead they promote themselves as a fair platform)
Moreover the entire exemption does not apply when the `provider` is not a provider but is actually a publisher using editorial discretion.
(for example if twitter decided to ban false statements in tweets this would clearly put them outside of section 230 immunity)
I would recommend citing legal scholars instead of YouTube personalities. The person you are quoting its a Canadian lawyer of no meaningful repute who gave up his legal career of a paltry decade to become a YouTube influencer. He has never even been licensed to practice law in the United States.
His opinion is out of sync with what legal scholars and indeed an what an author of the law says the law means.
Just on a laymans reading of the text good faith isn't given in some universal context of fairness or fair play it is given in the sentence.
> any action voluntarily taken in good faith to restrict access to or availability of material that the provider or user considers to be obscene, lewd, lascivious, filthy, excessively violent, harassing, or otherwise objectionable, whether or not such material is constitutionally protected;
Good faith herein means actually because they found it objectionable not for some ulterior motive.
In order to assert that the removal wasn't protected under 230 you would be asked to prove the contents of the minds of the decision makers that the removal was NOT because they found it objectionable. They could literally argue that they found the effort to influence the election itself objectionable and suppressed it therefore and be safe within the boundaries of the law.
In fact good faith .... otherwise objectionable is so broad as to encompass virtually any removal for any reason
Furthermore finding that one removal wasn't protected under 230 wouldn't magically dispel all legal protection it would mean for the purpose of THAT removal someone could sue them if they had just legal grounds.
Personally* I have doubts[1] about this reasoning, in that it doesn't cover how this would not apply to the New York Times.
I can agree with your interpretation that where the protection of section 230 applies companies would be allowed to remove basically whatever they want.
But there need to be a criterion distinguishing why Twitter can claim this immunity while newspapers cannot. The rights granted need to have some kind of obligation.
From what I understand the people that are trying to attack this immunity have mostly given up with the argument "Twitter monopolized a space for discussions so it should be held to constitutional standards like telephone companies" or "social media platforms are clearly acting as publishers of their content" and are rather trying to push "social media companies falsely promised open forums to users and content creators only to hit them with draconian rules once a monopoly was established" (had facebook (or youtube) had the same ToS since its inception it would have never become a monopoly).
With this last argument the entire question of section 230 is sidestepped.
As far as I understand it will not actually accomplish anything soon; a lawsuit on these premises was successful against Patreon, but those were very special circumstances.
* I am even more remote from the US than a Canadian lawyer, but I do not see my role as telling the courts what they should do, but rather as someone that is trying to understand what is happening and trying to develop informed opinions.
You say you doubt my reasoning but substitute none of your own save for a stale youtube link to the diatribe of a non entity and a link introduced but then neither explained nor contexualized.
I honestly don't know entirely what it is trying to express. "Proving Too Much" seems to be a complete non sequitur I have no idea what you fallacy you are suggesting is expressed by the prior or any other post on this subject.
>But there need to be a criterion distinguishing why Twitter can claim this immunity while newspapers cannot. The rights granted need to have some kind of obligation.
You can institute new obligations as soon as you buy your own congress critter and get them to write new laws. If you believe such obligations are already expressed in law kindly cite the statute and section.
The distinction between the print copy published by the New York Times and say reddit/twitter/facebook is literally that this is the distinction the law makes. It doesn't have to make sense to you to be the law of the land. Particularly the short comprehensible section already the primary topic of discussion.
If you want to dig into why it seems relatively obvious. The finite first party content is dear and expensive and the act of curation is already inherently an expectation. Asking a publication to take legal responsibility for what they publish is a tolerable and reasonable burden.
Reddit/Twitter/Facebook solicit users to produce a veritable ocean of content for which they offer users a chance to communicate to their fellows and a small amount of server time which per unit is paid for by a slightly larger income from ads provided with that content.
Legal responsibility for content shared between you and I would be a herculean task, impractical, intractable, and expensive that would leave them with little choice but to cease operations.
Indeed few people actually want this what they want is 230 to be used like a club to keep people like twitter from shaping the conversation despite owning the property on which you expect discussion to take place and no law providing such a right to someone else's megaphone.
What I was trying to say is that there is a continuum between the New York Times kind of editorial control and Reddit/Twitter/Facebook moderation of content.
I am not saying that section 230 should not apply, I am saying that, to my knowledge, under current laws if a social media company decide to apply excessive editorial control (let's say twitter decides to only allow factually true tweets) they would lose the protections granted by section 230.
> The rights granted need to have some kind of obligation.
By "need" I meant that I believe these obligations already exist in laws.
> Proving too much
By proving too much I meant to say that since section 230 does not apply to newspapers the law must make a difference between them. To my understanding this difference is editorial control.
Finally I am not trying to have a debate over this, I am only trying to understand better the issue; I clearly have a side/bias, and I am trying to learn more about the many other facets of the issue.
>, I am saying that, to my knowledge, under current laws if a social media company decide to apply excessive editorial control (let's say twitter decides to only allow factually true tweets) they would lose the protections granted by section 230.
There is no clause that specifies that a company even can in a blanket fashion "lose protection" in such a fashion.
First relevant section.
(c) Protection for “Good Samaritan” blocking and screening of offensive material
(1) Treatment of publisher or speaker
No provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information content provider.
This is completely without qualification.
Second relevant section
(2) Civil liability
No provider or user of an interactive computer service shall be held liable on account of—
(A) any action voluntarily taken in good faith to restrict access to or availability of material that the provider or user considers to be obscene, lewd, lascivious, filthy, excessively violent, harassing, or otherwise objectionable, whether or not such material is constitutionally protected;
or
(B) any action taken to enable or make available to information content providers or others the technical means to restrict access to material described in paragraph (1).[1]
It says you can't be held liable for blocking something in "good faith" Nowhere on earth does it suggest that any action will cause you as an actor can lose protection under this act. It just says that no action taken in good faith can result in you being held liable for that particular act.
This means that in order for a party to sue they would have to prove both that they were blocked in bad faith AND completely aside from this title they possessed a legitimate cause to sue.
To be completely clear someone could post on reddit the libelous allegation that you ate babies causing you to lose your job at the day care a clearly obvious cause of action and then the ceo of reddit could personally block your profile to keep you from running against him for mayor of your little town. A judge could agree that your content was blocked in bad faith and you STILL wouldn't be able to sue reddit for the baby story.
If you don't like that reddit or facebook or twitter blocked your story your problem becomes finding a legal right to exercise your legitimate freedom of speech VIA their platform.
The DMCA has existed for 24 years longer than some readers here have been out of diapers and I can no platform has been censured yet for removing deplorables in a nation full of both deplorables and lawyers. It seems likely none ever will without a new law not a new interpretation.
It applies to the New York Times comment page or indeed places where they offer people who don't work for the times a place to communicate. When someone who is paid by the times writes an article for publication they are responsible for that work.
> By proving too much I meant to say that since section 230 does not apply to newspapers the law must make a difference between them. To my understanding this difference is editorial control.
Instead of guessing what the difference is why not read the very short section 230? The difference is that 230 specifically deals with the web. The difference isn't editorial control its literally that the law directly speaks to the web. I would suggest in half the time required to watch the video one could read 230 twice over. This misunderstanding directly stems from concerning oneself with bad secondary sources.
I agree that the second amendment is often debated as to its intended (or proper) meaning, but I think you're talking about first amendment protections here.
The powers that wont be are complaining about censorship but as we all look back on the last 4 years and all the dead people the people running the government for the last 4 years are more apt to ask social media why they didn't do more.
Based on what I see people complain about in twitter the criticism is on a different axis: selective and inconsistent application of rules to appease whatever group they are worried at the moment.
In terms of regulations this is within reach of possible changes to how the notorious section 230 is applied.
I don't think he understands the Streisand effect in this context. It was inevitable either way that the majority would hear about the fake Hunter Biden story the ideal case for both the truth and for Biden is that people hear about it in the context of it being fake crap being propagated by an unreliable source instead of having it laundered through a million and one personal contacts who can rightfully claim to be sharing a legit piece of news.
“A lie will go round the world while truth is pulling its boots on.”
C. H. Spurgeon,
Whereas a truth is may be amplified by ineffective blocking a lie may be irreparably damaged if the truth gets there first.
Regarding 230 the primary author of the statute disagrees with Thomas.
>Why was this? It is because Thomas is not a conservative but, rather, a radical—one whose entire career on the Court has been devoted to undermining the rules of precedent in favor of his own idiosyncratic interpretation of the Constitution.
Personally this sounds like an intensely editorial decision on Twitter side then.
Anyway what I was referring to was how Twitter's moderators decided to restrict this news based on it being obtained through hacking, but few days ago had nothing against Trump tax story that was based on illegally obtained documents.
I had a problem with the Biden hard drive story because I believe its a lie. I have no reason to believe the tax story was anything but honest. Twitter's difficulty is not wanting to admit why they censored it.
This may not directly relate to monopolistic behaviour - but I remember once (pretty recently) when Jack/someone in his team revealed a screenshot of an interface in their backend that literally allows them to control public mood and opinion- such as trends, shadow banning, etc.
To me, that is scarier than just being a monopoly. Imagine, you pull the right switches during an election campaign that could sway public opinions in the last minute (regardless of the political party you support).
How they aren't under serious scrutiny after releasing such interfaces to the public is a grave concern to me.
I have even stronger concerns about Murdoch's media empire. Whatever Twitter might or might not be doing is child's play compared to what Murdoch is definitely doing.
These types of social interactions aren’t fungible. There are a finite number of viable social interactions to be discovered. Once discovered, network effects push towards consolidation to one platform offering that experience.
If you consider “social media” as a market, it has healthy competitive landscape. If you consider different styles of social interaction as separate markets, they’ve cornered markets. I don’t see competition in these spaces. Facebook != Twitter, and I feel that is why both can exist. Behemoths in neighboring spaces opt to buy a social experience instead of trying to compete with their own.
The missing piece, IMO, isn’t regulation around “censorship” for these platforms. It’s regulation that results in a rich market of products around a single style of social interaction. Example: regulation around interoperability.
The social media companies are arguing that "social media" is not an industry by itself. They certainly aren't going to have to argue that they don't have a monopoly on a specific genre of social media.
Within businesses, people have evolved far past market definitions where widget x¹ competes with widget x². Our political savvy as consumers would improve if we could see that as well.
For example, why would Google approve a product like Stadia? What does it compete with? Nintendo, yes but not really, since so many Stadia players have a Switch also... just like most of us have Facebook and Twitter accounts. But maybe they're true competition is Netflix? Social media? Users are giving Google their time = data = insights = further monopolistic advertising power.
I am not sure exclusively is a requirement for being considered competition. Netflix and Disney Plus are competitors but that doesn't stop me from subscribing to both.
Can you please elaborate a bit more on the fungible interactions part? I am not sure I understand that bit.
Suppose Tesla tomorrow becomes the sole manufacturer of battery powered cars. However, the good (dirty?) old petroleum based cars are still out there and on the road (not a lot but still). However, everyone wants an electric car in future - will that make Tesla a monopoly?
How will it be different or same in this case of Twitter or Facebook?
It has to do with interchangeable goods. Typically, only interchangeable goods are in competition. I.e. if I want paper towels, I can buy Brawny or I can buy the store brand. I may have a preference towards one or the other based on price or performance or something else, but if the store is out of one, I'll just buy the other and move on with life.
A petroleum based car is largely interchangeable with an electric car, assuming we're talking one that will probably comply with environmental regulations over it's lifetime. I might prefer an electric car because of the environment, or to support the movement, or whatever, but at the end of the day, a petroleum car still gets me where I'm going. Tesla is unlikely to become a monopoly because even in the electric vehicle space, there are interchangeable goods. I'm not intimately aware, but it sounds like there are a couple other companies that make competitive models.
Where that interchangeability can get weird and not so clear is on a more specific market, where users don't necessarily have a choice. Tesla is the only company (afaik) that makes a fully electric truck. You could possibly argue that Tesla has a monopoly on fully electric trucks; I think the question becomes, are other goods interchangeable? Is a petroleum truck interchangeable? Is a fully electric SUV interchangeable?
Applied to social media, each of the major social media networks offers or encourages a substantially different type of social interaction. Twitter is largely for piecemeal content, and is largely more public than other forms of interaction. It leads to really high levels of engagement, and lots of flame wars. Instagram is all about photos, people go for the glamour. Facebook attempts to make you engage with your network more, I find people share more personal information there. Reddit is more anonymous than the other two, and builds around the concept of communities, which are featured more prominently than the other platforms.
I think we all agree nobody has a monopoly on social media. The question is whether it's possible to have a monopoly on a particular form of social media. Are Reddit and Instagram interchangeable for you? They aren't for me, so I would say that they aren't in competition and as such, the existence of Reddit doesn't prevent Instagram having a monopoly any more than the existence of Chiquita does.
"Social media" is an incredibly diverse category of services. Deciding the monopoly status of a company based on the health of competition in social media is like deciding whether to break up Standard Oil based on the health of the entire raw materials goods sector. It's not a granular enough measure, because it contains several non-interchangeable goods. If Standard Oil jacks up the price of oil, I can't just go buy iron instead; I can't put steel in gas tank. Likewise, if I get pissed off at Facebook and decide to quit, I can't just go somewhere else. My 80 year old grandma is on Facebook, teaching her to use Twitter is going to be a problem, and I generally don't know if I want to expose my grandma to the cesspool that Twitter can sometimes be. The services are not interchangeable to me, so Facebook has a monopoly on that service. My choices are to play by their rules, or to just bow out of the experience entirely. Let's say we ignore the legal technicalities of a monopoly for a moment; doesn't the outcome look remarkably similar? If this doesn't count a monopoly, it seems to lead to the same place, and perhaps it's non-monopoly status is due to a flaw in the law, rather than being expected behavior.
"Being a monopoly" isn't illegal; abusing a monopoly position is what gets you in trouble. What does Twitter do that would be considered abuse of their monopoly position on Twitter-like social interaction?
I’m not suggesting they’ve violated laws. I’m suggesting new regulation targeting “censorship” might not be the best approach. They’ve cornered a medium of communication. People are upset by their moderation policies. By breaking the users out of the Facebook silo, through regulation, you can create a marketplace of experiences where there was once a monopoly. Each experience comes with its own moderation strategy.
From watching the past several times they've been called before congress, it's abundantly clear that several congressmen (mostly from one party) do not.
I'm, sadly, not so sure that straw will come any time soon. Major tech companies have been under fire for years now and nothing managed to break them. Not saying it'll never happen but monumental shifts like that can take decades to pass.
I think that’s the reason they’re doing it; they realize it’s just a matter of time before regulation comes so they’re throwing caution to the winds until then to maximize profit
As long as the political "contributions" still flowing into the right politicians, you can bet if there is any change, it will be adding more regulation that is too expensive for small players comply.
I want to tell Google where I live so I can say "ok Google, navigate home" and get directions home without having to touch my phone. If there's a phrase that gets hands-free directions for starred items without having to say the whole address, Google doesn't make that easy to figure out.
Everyone who uses their phone while driving thinks they're one of the few who can do it safely, whether they're fully engrossed in a text conversation speeding down the freeway, or tapping an icon while stopped at a traffic light. Deep down, I think that too. That's why I can't give myself excuses to do it.
Home and work are very "special" cases in that it's someplace most people regularly go to and from. So the app sends you personalized driving alerts/reminders, traffic updates, etc. There are definitely reasons for it, it's just not worth it to some. Others just have no idea that some of these nice goodies are helpful and not eerie and "privacy invading". So what if Google knows where I live and work? Frankly, that's something the government should know anyways, and it's failing abysmally judging by the amount of crime it's missing.
I worked around that by briefly enabling history, setting the Home address and then immediately turning history back off. Obviously not ideal but it solved the problem for me.
It might still be processed in aggregate, but they stop associating years of precise locations to your account.
I’d be surprised if they don’t follow that wish just for PR and legal reasons alone. The fewest people will actually opt out or if they do accidentally opt back in since the “enable web and location data” action appears anywhere from Maps to Google Home setup.
What data? The location history feature in only on briefly while you are setting your Home location and once you turn it off again it stops collecting it. You also can go into your Google account and verify what information (if any) was collected in that window and delete it if you really feel that strongly about it.
This is really just Google using hostile UX to badger people into enabling location history and (in their eyes - hopefully) leaving it on.
And another shitty thing is that I can't tell them to omit certain websites from my search results, while at the same time they insist they need my information "to improve my experience".
My theory is that such a feature would take away too much power from Google being able to control the "sorting" of the search results and it would pull away the veil of what they really do (or don't do). I think the bulk of the common search queries and information on the web (that isn't exotic and super-unique) is accumulated at any one point by a handful of websites (think 100-1000-10000?).
It's highly conceivable that one could get a completely novel and diverse web and search experience if we were to exclude those concentrated websites entirely from search results. At that point, google can no longer slide on just showing the top results from a tiny subset of their index, and would be forced to always show results from the entire index. As opposed to now where 99.9% of the time, they mostly show you results from that smaller subset and 0.1% of the time show you the rest (that is of course only if you have a super-specific query or you force them with some of their remaining search modifiers).
This is exactly it. There's nothing personalised about Google search results. It doesn't show what I want to see, it shows what they want to show me.
I'd like a search engine where I have some input on the ranking of sites shown to me. Some sites are crap and I never want to see them, other sites are ranked low but often have info I'm interested in.
Even just let me vote my search results up or down on relevance. I can vote on everything else, why not this? (Though ideally, I'd love to be able to devise my own algorithm for these things.)
I doubt that there can be much of a legal angle: the defense would be to think of Chrome as a client software for Google services. That client software can additionally interact with many third party services if they follow open web standards, but why should that have legal implications on how it interacts with their own services? It's a very dissatisfying situation.
Web standards are not laws. Would I be outraged if a car's design language would follow some aesthetic conventions (another set of "rules" that are not laws) but not others?
I'm certainly not happy with how Google is using their position, but is it illegal? Should it be? Even a Pixel phone can install and use Firefox. You might perhaps make a case out of how all SDK WebViews end up being Chrome (-ish), but as long as a third party app embedding their own web view would not be rejected by Play, that's still more open than significant other parts of the smartphone market. Sure, Google is using a position of power and everybody who isn't a major shareholder shouldn't exactly be happy about it, but itvit abusing? In a way assailable on legal grounds?
If that's the case, why is Safari already worse than manifest v3, already hiding URLs, already promoting Apple News (more anticompetitive than AMP), and not even offering the ability to clear storage on exit?
Because Safari is a niche player. Anti competitive behavior matters a lot more when you have a stranglehold on a market than when you are just a bit player.
That's not for me to answer, but for Apple I guess. Maybe someone who works there can shine a light on this. Speculation about the URL bit would probably center on Apple tending to put form over function. Promoting Apple News -> because it cost them a lot of money to get it in the first place and they are trying to recoup that money. Not that I would ever even look at it, I don't think a hardware manufacturer is the best place to get my news fix.
As far as I can see, Manifest v3 addressed all the major concerns. It was a developmental spec and they adapted it based on feedback. What problems still remain that you take issue with?
Where have you seen any source that isn't Google or Microsoft say that it "addressed all the major concerns"?
And what exactly has changed in the past year to do so?
My understanding is that webRequest blocking is deprecated and a limited size static list will replace it. No?
Edit: spec still shows ~35,000 total block entries, far too few. A medium sized marketing firm could, on their own, set up 70,000 distinct s3 bucket URLs, or a large one could easily justify that many distinct domains. Many existing block lists and uBlock's dynamic (uncountable) behavior far outstrip these limitations. This spec will break the back of ad blocking for good, and Chrome engineers and PMs know it.
Google is the one that made the changes in response to feedback. If you're rejecting them as a source of those changes, then you're setting impossible goal posts.
The changes included greatly increasing the rule list size, allowing dynamic rules, not requiring the list be included in the manifest (for independent updates), and the ability to adjust some network headers.
As I said, they addressed all the major concerns that I saw raised.
uBlock currently has ~75,000 rules. That list isn't getting smaller, so which 50% of the rules would you cut?
In a few years, which 2/3 of the rules would you cut?
How is this a win for consumers? How have they addressed those major concerns?
Edit: That was stock, I just added a few lists and passed 100,000 network filter rules. Please explain to me slowly, as if I were a child, how a static limit of 30,000 rules is a bigger number than 100,000, and why my computer with 128GB of RAM memory can't possibly support more than 30,000 rules?
I like declarativeNetRequest and think that the tradeoffs are reasonable, especially after the last revision[2]. Ad blocker extensions are a major security risk, and this fully eliminates the risk without breaking most of the functionality.
Adblocker extensions need full access to all network traffic and all it takes is a single person's account or machine to be compromised to get access to millions of browsers. Chrome extension compromises are a somewhat common occurrence - see [1] for a recent example.
I want ad blocking without giving the extension access to my cloud accounts, bank statements or company intranet.
My current solution is to use the ExtensionSettings[3] Chrome policy to blacklist extensions from particularly sensitive domains like accounts.google.com, my bank and the company intranet, but it's a clunky solution - I still want tracking and ad scripts blocked on those!
This is only true in the sense that an all-purpose browser is "a major security risk". That is to say, it's not true in any coherent sense.
Yes, the ad blocker needs to be trustworthy, and there are a variety of approaches for furthering that goal.
> Adblocker extensions need full access to all network traffic and all it takes is a single person's account or machine to be compromised to get access to millions of browsers.
Again, you could say the same about the browser itself. Even if it were infeasible for extension developers to implement more security safeguards, that would be a flaw in the Chrome Web Store, not in the concept of web extensions.
A trivial "backspace to go back" extension needs access to all sites. Fraudsters buy semi-popular extensions and load them up with tracking and link rewriting malware, unhindered by Google.
Their continued "refinement" of the core ad blocker APIs while all these abuses and deficiencies go unaddressed is extremely suspicious.
> A trivial "backspace to go back" extension needs access to all sites.
Yes, this is bad and a big security risk. I don't use any extensions that request this permission. My company even pushes a Chrome policy that outright blocks them.
Manifest v3 fixes this by taking away blanket <all_urls> permissions. This would break ad blockers, so they add declarativeWebRequest and remove the blocking webRequest API that would be useless anyway.
There's a lot of hyperbole and exaggeration thrown around the subject of manifest v3 and declarativeNetRequest, but everything we've seen so far suggests that it really is an attempt to restrict ad blockers to a level Google is comfortable with (the level of Google's existing partner, AdBlockPlus).
Some relevant points:
- Google still hasn't raised the rules count like it announced last year in the blog post you linked. The current API is still limited to 30k rules. (the dynamic rule count is ridiculously low too)
- Even if the rule count were unlimited, having a static list of rules handicaps more complex algorithms like those used in uBlock Origin, that aren't limited to "if URL in URL_LIST then block". For instance, a Levenshtein-distance-based algorithm can't be implemented with declarativeNetRequest.
- Manifest v3 doesn't seem to prevent extensions from examining traffic, just blocking it. So Google's stance that its API is against data mining, not ad blockers in particular seems hypocritical.
- Similarly, its stance that the proposed API is more efficient is extremely dubious. Modern WebAssembly has close-to-C++ performance, meanwhile ads and analytics are one of the biggest source of slowdowns of the modern net. The idea that restricting adblockers would improve performance in the general case is absurd.
Overall I have the same view of adblockers as I have of pirate sites: they're very convenient for me and I like to have them, but I don't begrudge corporations for doing everything they can to get rid of them. In a world where most of the internet is funded by ads, I understand why Google would want to find ways to make adblockers just a little less powerful.
But Google's insistence that it isn't doing exactly that, and that its API is technically motivated, reads as corporate nonsense. They haven't responded at all how I'd expect them to if the whole controversy was just a misunderstanding.
> - Google still hasn't raised the rules count like it announced last year in the blog post you linked. The current API is still limited to 30k rules. (the dynamic rule count is ridiculously low too)
Manifest v3 is still in development, so I'm assuming that this simply hasn't happened yet. It definitely needs to fit uBlock Origin's default rule set and I don't see them backtracking on the 150k announcement.
> - Even if the rule count were unlimited, having a static list of rules handicaps more complex algorithms like those used in uBlock Origin, that aren't limited to "if URL in URL_LIST then block". For instance, a Levenshtein-distance-based algorithm can't be implemented with declarativeNetRequest.
This is the explicit trade-off that is being made. I'll gladly accept this limitation in exchange for not having to trust the ad blocker extension.
> - Similarly, its stance that the proposed API is more efficient is extremely dubious. Modern WebAssembly has close-to-C++ performance, meanwhile ads and analytics are one of the biggest source of slowdowns of the modern net. The idea that restricting adblockers would improve performance in the general case is absurd.
The blog post explains this - the issue isn't the (in the case of uBlock, carefully written and very fast) extension code, but the IPC overhead in routing all requests through the extension. The Chromium teams loves metrics and they wouldn't make this claim without having substantial data to back it up - it's not a matter of opinion, but objectively quantifiable.
> - Manifest v3 doesn't seem to prevent extensions from examining traffic, just blocking it. So Google's stance that its API is against data mining, not ad blockers in particular seems hypocritical.
The blocking version sits in the critical path, the non-blocking one can be called asynchronously. This is consistent with their reasoning.
There's no good reason for us to not be able to have 150k (or unlimited) rules now. The fact that we have this completely arbitrary and far too low restriction clearly shows that Google is not making even a passing attempt to enable adblockers to do their job.
One point, Google regularly makes false announcements about unpopular changes. When they changed search results to better hide which ones are ads they announced they’d backtrack on it, then didn’t. When they started hiding parts of the URL they backtracked on it, waited a few months, then re-implemented it. When they decided “don’t be evil” isn’t really appropriate for them any more they said it’d only apply to Alphabet not Google, then waited a few months, then applied it to Google.
> the IPC overhead in routing all requests through the extension
The case has never been made that this is the issue of why wesites take long to load nowadays, and rather the finding is that content blockers help significantly page load speed.[1]
You seem eager to uncritically accept Google claims while leaving out the views of the critics.[2]
> Even if the rule count were unlimited, having a static list of rules handicaps more complex algorithms like those used in uBlock Origin, that aren't limited to "if URL in URL_LIST then block".
Google is deeply afraid of machine learning based ad blocking. You can only camouflage ads so much before they don't serve their purpose. Forcing ad blockers to use a primitive blocking method prevents smarter ad blockers from being built.
Chrome is a security risk. Blocking extensions because "security" is just taking away control from the user. Why should Google be the arbiter of whether something I install is secure or not?
a corporate strategy. We cannot blame engineer because we are made to believe they made it because of their manager. And we cannot blame those manager because we are made to believe higher manager did it. And ultimately we cannot blame anyway and just say Google did it. And now nobody cares because people think google is very large organization we cannot blame whole organization for small things.
I will blame them for making such system. If we blame them I think ultimately this issue is going to be solved?
To me it seems to be that way if you logged into chrome (and therefore into all google services). It seems reasonable that it does not log you out(e.g. delete cookies) when restarting the browser, even when setting it otherwise.
But those things are why i don't use chrome anymore so I can't verify it.
[Article author here] I'm not logged into Chrome or any Google services. I've gone through everything in chrome://settings and disabled all of the Google-related settings.
A tangent but, a lot of google's sites disobey browser standards and rules like for example sound autoplay on load. When you visit https://santatracker.google.com/ or youtube, it automatically plays sound without any user interaction, which is impossible for non Google sites to do
Wow, this is terrifying. I am a big supported of Google and dislike the recent attacks on FAANG, but this is shocking to me. If they are exempting themselves from this, what else could they be doing?!
The comment implies that this is somehow hardcoded just for Google sites, which is not true. Autoplay is allowed for sites with a high enough media engagement index. You can check chrome://media-engagement.
The media engagement index is based on a user's past activity on a site, but Chrome has a special list of "preloaded" sites that are allowed to autoplay video even without any prior media engagement.
One has to wonder whether they intentionally obfuscate this list. It sounds like they “trained” a browser, and captured the resulting state. I’m sure you can argue this makes things more fair (we trained it using real world behavior!), but I really can’t give them the benefit of the doubt anymore.
It's generated by a Python script [0] from a list of URLs, but the input list doesn't seem to be included in the Chromium source (only the binary output of this tool).
> The pre-seeded site list is generated based on the global percentage of site visitors who train Chrome to allow autoplay for that site; a site will be included on the list if a sizable majority of site visitors permit autoplay on it. The list is algorithmically generated, rather than manually curated, and with no minimum traffic requirement. With the implementation of the autoplay policy for Web Audio in M71, Web Audio playback is also included in calculating the MEI score for a given site.
Will this not have some kind of self-reinforcing behavior, as the measurements are biased towards sites that are currently unmuted by default?
According to the MEI it actively measures user behavior and one of the most important measures is that a video is unmuted. From the document:
“The MEI is meant to allow media heavy websites (e.g. YouTube, Netflix) that rely on autoplay for their core experience. It is a non-goal to allow websites with a “good media behaviour” to autoplay without restrictions”
It doesn’t sound too good, and still doesn’t really explain how everything is seeded.
Amazing. I once built a web app with autoplay, which worked for me, probably because I was using the app a lot which gave it high media engagement, but didn't work for others, and I never figured out the problem until now.
That site doesnt even load in my browser... I only see the Google wave (Firefox mobile v6x)... but on the other hand, there are Firefox extensions that make websites load as if you were using Chrome.
I read somewhere - I believe on HN actually, some time ago - that a number of high profile sites were exempted from this restriction, Netflix among them. Really, wasn't this a thread right here on HN, saying that this was anti-competitive, oligopoly essentially, making any other sites of smaller competitors and upstarts automatically worse off? I'm sure someone will be able to provide a link...
There are other examples where only the large sites benefit while everybody else has to play by stricter rules: "EU Parliament bans geoblocking, exempts Netflix and other streaming services" -- https://www.dw.com/en/eu-parliament-bans-geoblocking-exempts...
EDIT: User teraflop posted a link to the list of "sites that are allowed to autoplay video even without any prior media engagement" right here in this thread https://news.ycombinator.com/item?id=24818178
The android gmail app is horrible with this. They load a couple of your emails above ads so that the ads start on the second or third row.
And the re-ordering happens as your mails and the ads are loading! You might be about to tap your email, then the ads load in and you suddenly click on an ad. Or you want to tap the top row, but the app decides to put a different email above the ads and you end up tapping into the wrong mail because it was reordered just before the tap.
> But they purposefully use CLS in Search to increase clicks on Ads
You present this as a fact, but it would be absurd that Google would use such a cheap and easily detected trick to increase CTR. It would be bordering on ad fraud and I'm sure that Google, of all companies, knows better than that.
Occam's Razor says that this is a stupid async content loading bug, which they subsequently fixed. I've never seen this happen and when I just tried it without adblocker with that exact search term, it didn't - the page loaded with the ad.
For example, the scourge of "people also ask" at the top of search results, that appears synchronously where the top result was a second ago, and has a randomly-generated container ID to prevent easy blocking. Not an ad, but, equivalently, content that I didn't ask for but that Google, for some reason, clearly really wants me to click on.
> You present this as a fact, but it would be absurd that Google would use such a cheap and easily detected trick to increase CTR.
3 years ago and I wouldn't believed it at all but around 2 years ago I saw it happen consistently with a colleague at the desk next to me.
I cannot say for sure that it wasn't an extension in his browser but I can say for sure that I think Google has been really busy tearing down the mountains of trust they had before 2007 - 2009.
Similarly, thanks to async ad loading, gmail replaces first two items in my email list with ads with such a convinient delay that I accidentaly click on the ads more often than I would like to. Occam's razor would say that if it can bring more money, it is not accident.
Accidental clicks are invalid clicks according to Google's own documentation[1][2].
For this to not be an accident, one would have to assume that Google actually makes more money from those invalid clicks, and that someone decided that yep, rendering ads asynchronously was a decent and legal approach at increasing advertising revenue, and requested the GMail team to implement it.
This kind of corporate misbehavior is not unheard of, but I just can't imagine it happening at Google.
It's much more likely that this is just unfortunate UX design to "improve" rendering performance without considering users on slow connections.
(I can reproduce this one just fine in desktop GMail - on the first render of the "Promotions" tab, the ads render asynchronously)
"No you don't understand: invalid clicks are things that happen on other peoples properties. You definitely meant to click that ad in gmail. We know, we're google, you can definitely trust us about this"
'Unfortunate UX design to 'improve' rendering' is the plausible-deniability they can use to justify this.
> This kind of corporate misbehavior is not unheard of, but I just can't imagine it happening at Google.
I definitely can, I don't think anywhere is immune to this once you reach a certain scale. They have a profit-motive to make money, they will absolutely try and get away with as much as they possibly can.
Reddit and Twitter starts video with muted sound on my browser (Edge).
My guess from someone who had to develop a web video player at work, many websites will attempt to autoplay the video with sound and if it fails, it's easy to catch the failure event, they will mute the video and try again.
I'm talking specifically about Chrome. There's no web standard that says what a browser must do about autoplay requests, and Chrome permits a large number of sites to autoplay with sound on.
Web browsers are also capable of determining that autoplay on technically-not-load-but-automatic counts as autoplay. (There's even text in the spec about it.) In particular, they can tell whether it is in response to a user action/gesture on the site or not.
Chrome has some special logic about autoplay. The following page describes them, but I feel like it's a bit more complicated in more recent versions of Chrome.
> [...] which is impossible for non Google sites to do
No, they don't. This is false. It's a mechanism called Media Engagement Index, Google properties have zero advantage, and any site can get a high score.
Chrome ships with a preloaded MEI assembled from global telemetry data, which is then trained locally:
This is part of the plan, but I find this angle to give too much credit to Google.
Once they reached a dominant ad network position their whole strategy has been “advancing the web is advancing our revenue”, and it bled into mobile to the point where building and maintaining a whole ecosystem for free makes sense as long as they stay the search and ad engine of choice (that’s the only thing they’ll fight to impose).
Chrome is built in the same optics: push forward the web and webapps as long as search is theirs.
The underlying problem isn't that Google sites are directly excluded, it is that Local Storage, Database Storage, and Service Workers aren't cleared by that setting, and that Google uses those for persistence.
Is this being evil or was support just not added when those were introduced? I have absolutely no idea. But I agree with fixing the underlying bug in Chromium either way.
> Local Storage, Database Storage, and Service Workers aren't cleared by that setting, and that Google uses those for persistence.
I always search with a specific Google.ca domain with cookie and javascript disabled. It worked really well and Google knew zero shit about my search habits on my Gmail account.
google knows it should do these things slowly. Nice in future my insurance company will show me ads on basis of how much fit i am by watching my computer usage. If i see computer for more than 8 hour they think i am unhealthy and will not give insurance. Good job google. And to all those people using chrome you are reason this is happening.
The Chicago School invented the “free markets can do no wrong” ideology that denies the possibility of monopoly, but Bork is the one who weaponized it to cripple antitrust, in plain violation of the statutes. The article is from a right-wing site, BTW.
God, people are so quick to jump on the Google-hate train and then advocate for a politicized justice department to hop in and somehow make everything better. Mozilla is just as guilty as Google. Mozilla has Firefox sync and Chrome has its own sync. This is basically to stop clearing browser data from automatically disabling sync, which most people would want. There are a plethora of third-party tools that allow you to clear your browser data completely if you want. There is nothing stopping you from using them, and you'd also be surprised how much you can do (including disabling Google Sync) from a simple policy file.
Stop waiting on your government to fix things because they aren't going to. If you want to fix things, then build your own tools to abstract syncing, bookmarks, and other features from the browser. They exist, whether you've ever taken the time to look or not. Somehow it is easier though for people to simply say... The government will fix it for me, rather than fixing things yourself.
Mozilla does not have other websites and an advertising platform tied to your browser history, and bookmarks. Firefox Sync is basically a standalone service.
The author posted elsewhere in this thread that they were signed out of Google entirely. So sync was disabled.
>Mozilla is just as guilty as Google.
Since Mozilla doesn't do anything similar when not signed into their sync service, this is plainly false.
>If you want to fix things, then build your own tools to abstract syncing, bookmarks, and other features from the browser. They exist, whether you've ever taken the time to look or not.
If you're not highly technical, you're not entitled to privacy?
>Somehow it is easier though for people to simply say... The government will fix it for me, rather than fixing things yourself.
It's simple. Some of us believe that a base level of privacy is a human right. And the only entities capable of facilitating those human rights are governments.
> The author posted elsewhere in this thread that they were signed out of Google entirely. So sync was disabled.
I once had an issue similar to this, and it turned out to be an issue with my profile. Once I manually deleted the site data the problem didn't come back. They admit that this may be a bug and I wouldn't be surprised to find out it is, but regardless there are plenty of other options including ephemeral profiles that you can use by setting a policy. If they aren't signed into sync, then I also suggest they disable syncing from the settings and the policy as well.
> Since Mozilla doesn't do anything similar when not signed into their sync service, this is plainly false.
They _just_ install Pocket and a bunch of other unrelated services and send your DNS queries to third-parties, as well as opting you into recommendations and telemetry.
> If you're not highly technical, you're not entitled to privacy?
You don't have to be highly technical. There are a lot of options for Google accounts to disable ad personalization, history, third-party access, etc. In fact, I find it much easier than almost every other company I come across. The documentation is easy to follow and is so easy my kids could do it. I'm all for privacy, but at the same time the rules need to be applied equally to all companies. Just attacking Google isn't going to fix the issue, in fact it will make it worse by giving a politicized government the ability to go after anyone that they feel doesn't represent their political goals.
> It's simple. Some of us believe that a base level of privacy is a human right. And the only entities capable of facilitating those human rights are governments.
We don't live in a socialist society that believes that humans have fundamental rights to basic necessities. I'm all for privacy being a human right, but shouldn't housing, healthcare, etc also be human rights? Google gives a lot away for free. Until we start addressing other issues, privacy as a human right will never be on the table and when it happens you can't just apply the rules to one or two companies. It has to be equal.
I honestly don't know how to debate someone who would equate the privacy invasions of Google with Mozilla. You say in one comment that "there are a plethora of third-party tools that allow you to clear your browser data [...] you'd also be surprised how much you can do [...] from a simple policy file." and in the very next comment insist that "it's easy!".
Lastly, your suggestion that we shouldn't enshrine privacy in law because we haven't enshrined other important things is nonsense. As you well know, enshrining privacy in law would cost the taxpayer $0 while the others you mentioned would literally cost trillions.
Chrome creates a unique ID for each user (there has been much discussion about the entropy vs the uniqueness for the install key), they have been found to give a pass for Google Analytics when visiting from Chrome, etc. And what else do you expect when it is in their interest to track you (and to have a excuse to justify their knowledge when found out in other grey areas).
EDIT: The quote above is from Casablanca, was once very famous [1]
516 comments
[ 3.4 ms ] story [ 303 ms ] threadI'm not familiar with that term. Does it mean a "Do Yourself In" diagnostic tool?
Which is why Apple devices generally only have ads in third party experiences, and Google shoves ads right in the default mail app.
For Apple services, of course, which raises some pretty intense anti-trust concerns.
There have never been third party ads in any default application on MacOS or iOS and I feel completely confident saying that.
You could make an argument of upselling, the music app prods your for a subscription to Apple Music or to buy songs on itunes- you could argue Apple TV shows content from providers you’re not subscribed to (next to ones which you are)- but those are first and second party ads.
That's what I mean.
> but those are first and second party ads.
But ads are ads.
Apple is more compatible with Privacy rights, but wholly not compatible with ownership rights, portability rights, free speech rights, etc.
Their draconian ecosystem policies around payment, hardware lock in, and platform lock in are IMO just as bad if not worse than Google draconian policies around data privacy
It seems however you do not place any value on anything other than privacy
EDIT: I feel like I should give a shout-out to Pinephone, LineageOS and GrapheneOS as some better options, although they are all obviously not mainline.
They created the app store and made apps ubiquitous.
Honestly, computers used to have so much promise. They helped us, and made us better.
But nowadays how many people have you heard say "I don't WANT to install an app". (I know, lots of people don't care)
And apple is trying to restore (a little) trust by saying they're for privacy.
Thing is, they have to play both sides. And they really can't be for privacy (like allow a firewall or block network access for an app) because then developers won't do anything on their platform.
All you have given is possible reasons Apple might compromise, but those have applied for many years. If they do start compromising then sure, let’s re-evaluate.
The time to re-evaluate is already here, it's just hard to do so when you're already locked into their ecosystem.
Twitter handing over the DMs for a user: very much problematic- they’re plaintext. Apple handing over the iMessage history for a user: much less problematic, it’s E2E encrypted. (though still an issue - metadata may still be plain)
Fundamentally it boils down to some trust level - how much of what apple says about their data storage is true?
> The question is, how much data do they hold that they can tune over.
https://www.androidcentral.com/apple-may-have-ditched-encryp...
Exactly. You just summed up why capitalism works in a single brilliant sentence.
Apple mostly makes money by selling you goods. Privacy can become a feature of those goods, increasing its value. They are incentivized to protect privacy.
This doesn't make Apple better. It's just that they're in a different market.
(Especially true when you see people continue to think their business model is still to sell you iPhone, Apple is no longer just an iPhone company anymore )
Many of these makes me uneasy. Especially when we have caught Tim Cook lying multiple times.
> It’s just exceptionally difficult to quantify what “privacy” is.
No, it’s really not difficult:
Don’t try to learn more about me than what I explicitly choose to tell you myself.
Until you understand that, you'll continue to be "surprised" when people say they care about privacy but not the pet peeve you have.
Is that exceptionally difficult for you to quantify as well?
As someone else said: It isn't that hard at all. Unless, of course, your paycheck is reliant on you not understanding it.
We talk, and you don't go telling other people what we talked about, or keeping ledgers, or training models, etc.
It isn't that hard at all. Unless, of course, your paycheck is reliant on you not understanding it.
defining privacy in a contextually relevant and concise manner is hard.
If you stop at "oh, an HTTP session happened", you're being a disingenuous maker and perpetuate of strawmen. It's almost always what happens with data by actors you invite into that "seemingly private HTTPS transaction" that violate the simplestsocial precept of the technical exchange.
Things branch off from there. If you can't see that as a fundamental breach of privacy and professional discretion, then again, it's likely you have a vested interest in not seeing it. It's damned obvious to anyone who doesn't.
How about asking the users what privacy means to them.
Why is the concept of "consent" so hard to user-hostile devs?
And then only dollar amounts that move the needle (and if your choice negatively impacts the business by only a million dollars ayear, that's an irrelevant difference for Google. They literally don't care, because a million is peanuts, and does not move the needle)
They simply don’t think about their internet browser, their privacy and Google, in the same way most people don’t care about how toilet paper is made. Sure you can make a strong case why something is bad, but in the end people just keep buying the same brand of toilet paper.
The other problem is that every service out there will pretend to treat you with respect and it's only when things go wrong that you learn the truth, by that point it's too late.
So you need to 1) look beyond the price and 2) know which companies lie and which don't when it comes to their marketing (or have a previous experience with them), otherwise they all pretend to treat their customers with respect.
1. A box on a web page
2. Customers write words
3. Your software return a list of web pages that contain said words plus relevant ads.
Since sometime 2007 - 2009 and Google has dropped the requirement that results actually contains the word and it is extremely annoying.
I use DDG these days. They are just as bad, not better or worse but it is faster to add !g to a DDG search than to retype the query in DDG aftee first trying Google.
First other search engine to recreate the Google experience from before 2007 can charge me $10 a month and show ads on top of it and still get me as a happy customer.
As well as the translate page button, the other great feature chrome has that I miss dearly is the highlights chrome has in the scrollbar when doing a ctrl-f find-in-page. That is super-useful and a real pain in the arse that Firefox does not support it.
I played around with prototyping an extension to replicate it (or as close as I could get) but it was hard to nicely override the ctrl-f hooks.
FYI, you can press the enter button to go to the next highlighted word in Find-in page.
When was firefox actually significantly slower? That is x2 slower or worse.
Also, I block firefox myself. It phones home a lot, even when you tell it not to.
Do you have sources on this? I use Firefox on Mac OS with Little Snitch and have never had Firefox try to phone home with analytics disabled (a one click decision on first start of the app).
The other two appear to be safe browsing and automatic update related. Those two services can be disabled form the regular settings UI, I think? Have you found that to not work?
[0] https://support.mozilla.org/en-US/kb/how-stop-firefox-making...
Then I blocked it and got this constant nag pane "Firefox cannot update to the latest version". all. the. time.
I finally found out some magic on macos:
that got rid of the nag paneReasoning there seems good enough but I’m not sold on it being absolutely required.
aus5 is the server from which Firefox downloads new Firefox updates. “aus” stands for Auto Update Service.
I’m not exactly what data is downloaded from firefox.settings.services.mozilla.com.
- It starts slower then Chromium.
- Right click and "Open in new private window" actually opens in a new private window. I prefer how Chromium does it, grouping all sites opened like this as tabs in one window.
- In Chromium, I can easily set any URL as a custom search engine with whatever parameters I like. In Firefox, I can't.
In my experience, Chromium renders and is interactive ~~faster~~ earlier, but they have about the same time between launch and browse. On Chromium, I launch, type in a site, hit enter, and wait and wait as it finishes actually starting up. FF takes longer to appear but is ready to browse as soon as it does. Or at least it did until some time in the last year or two, at which point it started taking a page out of Chromium's book. But honestly, I don't do cold starts that much so it doesn't bother me much one way or another.
https://addons.mozilla.org/en-US/android/addon/add-custom-se...
No, an extension shouldn't be necessary, but it works (I use it to search with searx).
This bug has been pending for many years now and I don't think it ever going to be on their priority list soon.
The problem is whenever I start FF it hangs for 30 seconds before I can type the first url in. That duration and the fact that it's consistent means it's clearly a network timeout.
I have a locked down computer, layers of security enhancements so I kind of understand something I've done is causing it.
However, why should it lock up for 30 seconds if it can't do some background thing! On startup! It's an atrocious UI failure. And it's been this way for 5 years that I've been counting, through their Quantam speedup etc. Major flaw and unfixed for aeons of 6 week release cycles.
Btw it's not updating as it still updates ..
It's actually really bad design to have a lockup like that, and especially on the critical hot path of the first time you use it! It's a sign actually of bad user experience design, and it's one of a number of bad anti-user things I've found about it. Things that Chrome gets so right!
I want to ditch Chrome because of the many Google anti-features, but UX is also very important to me I use the browser all day every day and I'm extremely fast at the UI with advanced shortcuts etc. Firefox locking up for 30 whole seconds before I can use it not only destroys my flow but is actually an eternity - I could have about 40 chrome tabs opened with urls types and autocompleted or pasted into the url bar in that time ..
Sadly Firefox blows on a large number of design decisions. I get the impression that user experience is down the list at Mozilla, below either Google donations or SJW antics. Whatever, but they consistently fail on important points. I wish it wasn't so I truly do. I'm in the process of moving to Brave in anticipation of uBlock finally being sabotaged by Google.
https://news.ycombinator.com/newsguidelines.html
This may never happen unless privacy was as profitable as selling data on people's behaviour.
My apologies if I have misunderstood you.
I guess what I'm really saying is that frequently used things probably involve human phycology and emotions just as much as someone's intelligence.
I completely stopped using all products and services from FAAMG and committed to a complete digital detox plan. Using my devices with a clear intention in mind, rather than getting sucked into a dopamine driven vortex of dark patterns, has changed my life for the better.
For email, I made a protonmail and I’m still in the slow process of changing my email over on all the critical websites I depend on. For my phone, I got a Light Phone II. For my desktop and laptop OSes, I use Linux distros (Solus and Manjaro are my favorites). For GPS, I use a Garmin, and for reading, I use a Kobo e-reader.
It’s ironic that devices that do everything for us, instead of specializing in one important thing, have negatively impacted our lives when they were supposed to improve them.
https://addons.mozilla.org/en-US/firefox/addon/firefox-color...
As a bonus, it isn't made by Google. I was a hardcore Google fan a few years ago, but after seeing what they are doing with Chrome and the internet, I just could not keep using Chrome any longer.
It seema like a losing battle trying to make Google products not act as malware when they are designed for that purpose. It is so much easier to just use Firefox.
It was more of a joke as the answer to "How do I make Emacs do this" could resolve in a "Easy, just do this" followed by some arcane lisp macros that would have taken two years of research and experience to be able to compile.
Seriously, if you care about the internet don't use any webkit browser.
I think --incognito makes no difference if you throw away the data dir anyhow.
That's a good point but an incredibly lazy comment. I think the possible failure of 'mktemp' could be protected against by using 'set -e' at the start of the script.
It was.
If there's antitrust sentiments towards Google, it needs to come from some where else.
https://www.politico.com/news/2020/10/10/feds-may-target-goo...
Techology isn't going away and is becoming ever more important. It seems obvious to me that we will need cross-domain specialists to handle cases such as this in the future -- someone with both a legal and computer science background.
> Many of the most important challenges confronting the legal profession lie at the intersection of science, technology, law, and policy. Emerging science and technologies, such as AI, big data, social media, genomics, and neuroscience, demand an interdisciplinary approach and visionary leadership. Students in the JD/MA in Bioethics and Science Policy program spend their three years at Duke focusing on these intersectional problems and preparing themselves for a seat at the table in these discussions for decades to come and earn an additional degree while doing so.
Thanks, I'm using this from now on.
I wager that Google will be very quick to declare this a bug and fix it ASAP.
https://www.blog.google/products/chrome/product-updates-base...
This 2018 CNET article has more details:
https://www.cnet.com/news/google-promises-chrome-changes-aft...
It's your computer that store a cookie to local storage. It's your computer that decide to send back previously stored cookie. And they're crying like they don't have a consent.
Fortunately, EU regulators understand that non-technical users exist and need protection from abuse.
Neither does the user, not by themselves anyway. Only the website knows really.
It's been almost 30 years since the Cypherpunks. When billions of dollars or existential business threats are at stake, regular people are motivated to find a technically-knowledgeable peer for advice. There have now been several generations of financially successful tech entrepreneurs, some of whom move in non-tech circles.
Are there not serious fines for companies saying they opted you out of this kind of data collection and then not actually abiding by your requests?
France Sweden and the UK is already in on that action, Im sure others will follow.
Follow up comment here because Ive apparently reached my limit for a while: I believe you. I still think a Google half-ass is going to be a stronger effort than another start ups full out stab at it. Facebook is the biggest "country" on earth almost by a factor of 2x with 2.7 billion people. Its just other worldy large and difficult to compete with especially today. But I get what you're saying.
But tiktok and Snapchat work. You know: real sustained efforts. Instagram launched 9 months before google plus. That should give you an idea of the landscape that google operated in. Instagram— with 13 employees at acquisition in 2012– works.
Google isn’t a determiner of what works. They’re one of the laziest implementers of new services/startups.. they literally throw something out there and try to coast off their name. In markets where the customers are mostly satisfied, lazy stuff like that doesn’t create a winning product.
A more reasonable target for a 230 carve-out would be recommendation algorithms. Those aren't merely passively hosting user-generated content, but actively selecting what they think you should see to keep you engaged with the platform. Featuring content rather than showing it ordered by some simple criterion like time should be treated as editorializing rather than moderation. If a human editor decides to feature lies I tweet about you on their "best tweets of the week" page, you may be able to sue them for libel. If twitter's algorithm shows lies I tweet about you to a large audience, you currently can't.
I don't think current law and understanding of same allows any major changes to how we treat platforms. I tend to think that any major changes in the law are liable to be for the worse because even well meaning law makers seem to possess a mostly incompetent perspective on tech.
Section 230 protect the right to moderate within bounds.
> any action voluntarily taken in good faith to restrict access to or availability of material that the provider or user considers to be obscene, lewd, lascivious, filthy, excessively violent, harassing, or otherwise objectionable, whether or not such material is constitutionally protected;
So long as their actions are in good faith, and the content can be lumped into "otherwise objectionable" (as I'm sure most anything could), they are well within Section 230 protection. Even if they have an implicit bias in their moderation. Even if they have an explicit bias in their moderation that they put in their ToS. It specifically says "that the provider or user considers obscene...", which explicitly states the bias of the provider is considered.
The only way Twitters moderation could remove their Section 230 protections is if they did it in bad faith. If they were doing it specifically to try to lose Trump the election, that might count as bad faith because it has nothing to do with limiting access. They are, however, free to remove everything he posts because they find him to be objectionable. Or to remove things they think they are objectionable. Or to only remove violations of their ToS when Trump does it, because they find him or his past patterns objectionable. Or because they find it more likely to lead to flamewars, etc on the site when he does it. Etc, etc, it's mostly a hypothetical because you have to prove bad faith, which is hard unless someone is dumb enough to write it in an email.
Anyway:
Twitter violating its own ToS and/or promises to the users sounds like an example of bad faith. (This would not apply if Twitter's marketing was 'Fuck you! we do whatever we want', instead they promote themselves as a fair platform)
Moreover the entire exemption does not apply when the `provider` is not a provider but is actually a publisher using editorial discretion. (for example if twitter decided to ban false statements in tweets this would clearly put them outside of section 230 immunity)
His opinion is out of sync with what legal scholars and indeed an what an author of the law says the law means.
Just on a laymans reading of the text good faith isn't given in some universal context of fairness or fair play it is given in the sentence.
> any action voluntarily taken in good faith to restrict access to or availability of material that the provider or user considers to be obscene, lewd, lascivious, filthy, excessively violent, harassing, or otherwise objectionable, whether or not such material is constitutionally protected;
Good faith herein means actually because they found it objectionable not for some ulterior motive.
In order to assert that the removal wasn't protected under 230 you would be asked to prove the contents of the minds of the decision makers that the removal was NOT because they found it objectionable. They could literally argue that they found the effort to influence the election itself objectionable and suppressed it therefore and be safe within the boundaries of the law.
In fact good faith .... otherwise objectionable is so broad as to encompass virtually any removal for any reason
Furthermore finding that one removal wasn't protected under 230 wouldn't magically dispel all legal protection it would mean for the purpose of THAT removal someone could sue them if they had just legal grounds.
I don't believe your source provided one.
I can agree with your interpretation that where the protection of section 230 applies companies would be allowed to remove basically whatever they want.
But there need to be a criterion distinguishing why Twitter can claim this immunity while newspapers cannot. The rights granted need to have some kind of obligation.
From what I understand the people that are trying to attack this immunity have mostly given up with the argument "Twitter monopolized a space for discussions so it should be held to constitutional standards like telephone companies" or "social media platforms are clearly acting as publishers of their content" and are rather trying to push "social media companies falsely promised open forums to users and content creators only to hit them with draconian rules once a monopoly was established" (had facebook (or youtube) had the same ToS since its inception it would have never become a monopoly).
With this last argument the entire question of section 230 is sidestepped.
As far as I understand it will not actually accomplish anything soon; a lawsuit on these premises was successful against Patreon, but those were very special circumstances.
[1] https://slatestarcodex.com/2013/04/13/proving-too-much/
* I am even more remote from the US than a Canadian lawyer, but I do not see my role as telling the courts what they should do, but rather as someone that is trying to understand what is happening and trying to develop informed opinions.
I honestly don't know entirely what it is trying to express. "Proving Too Much" seems to be a complete non sequitur I have no idea what you fallacy you are suggesting is expressed by the prior or any other post on this subject.
>But there need to be a criterion distinguishing why Twitter can claim this immunity while newspapers cannot. The rights granted need to have some kind of obligation.
You can institute new obligations as soon as you buy your own congress critter and get them to write new laws. If you believe such obligations are already expressed in law kindly cite the statute and section.
The distinction between the print copy published by the New York Times and say reddit/twitter/facebook is literally that this is the distinction the law makes. It doesn't have to make sense to you to be the law of the land. Particularly the short comprehensible section already the primary topic of discussion.
If you want to dig into why it seems relatively obvious. The finite first party content is dear and expensive and the act of curation is already inherently an expectation. Asking a publication to take legal responsibility for what they publish is a tolerable and reasonable burden.
Reddit/Twitter/Facebook solicit users to produce a veritable ocean of content for which they offer users a chance to communicate to their fellows and a small amount of server time which per unit is paid for by a slightly larger income from ads provided with that content.
Legal responsibility for content shared between you and I would be a herculean task, impractical, intractable, and expensive that would leave them with little choice but to cease operations.
Indeed few people actually want this what they want is 230 to be used like a club to keep people like twitter from shaping the conversation despite owning the property on which you expect discussion to take place and no law providing such a right to someone else's megaphone.
If you don't like it start your own website.
I am not saying that section 230 should not apply, I am saying that, to my knowledge, under current laws if a social media company decide to apply excessive editorial control (let's say twitter decides to only allow factually true tweets) they would lose the protections granted by section 230.
> The rights granted need to have some kind of obligation.
By "need" I meant that I believe these obligations already exist in laws.
> Proving too much
By proving too much I meant to say that since section 230 does not apply to newspapers the law must make a difference between them. To my understanding this difference is editorial control.
Finally I am not trying to have a debate over this, I am only trying to understand better the issue; I clearly have a side/bias, and I am trying to learn more about the many other facets of the issue.
It's a short law read it.
https://www.law.cornell.edu/uscode/text/47/230
There is no clause that specifies that a company even can in a blanket fashion "lose protection" in such a fashion.
First relevant section.
This is completely without qualification.Second relevant section
It says you can't be held liable for blocking something in "good faith" Nowhere on earth does it suggest that any action will cause you as an actor can lose protection under this act. It just says that no action taken in good faith can result in you being held liable for that particular act.This means that in order for a party to sue they would have to prove both that they were blocked in bad faith AND completely aside from this title they possessed a legitimate cause to sue.
To be completely clear someone could post on reddit the libelous allegation that you ate babies causing you to lose your job at the day care a clearly obvious cause of action and then the ceo of reddit could personally block your profile to keep you from running against him for mayor of your little town. A judge could agree that your content was blocked in bad faith and you STILL wouldn't be able to sue reddit for the baby story.
If you don't like that reddit or facebook or twitter blocked your story your problem becomes finding a legal right to exercise your legitimate freedom of speech VIA their platform.
The DMCA has existed for 24 years longer than some readers here have been out of diapers and I can no platform has been censured yet for removing deplorables in a nation full of both deplorables and lawyers. It seems likely none ever will without a new law not a new interpretation.
If I had to guess I might point at employer liability or contract laws, but it might be a discovery for another day
Instead of guessing what the difference is why not read the very short section 230? The difference is that 230 specifically deals with the web. The difference isn't editorial control its literally that the law directly speaks to the web. I would suggest in half the time required to watch the video one could read 230 twice over. This misunderstanding directly stems from concerning oneself with bad secondary sources.
In terms of regulations this is within reach of possible changes to how the notorious section 230 is applied.
I recommend https://www.youtube.com/watch?v=O1OhE4w0TAU for a competent commentary.
“A lie will go round the world while truth is pulling its boots on.”
C. H. Spurgeon,
Whereas a truth is may be amplified by ineffective blocking a lie may be irreparably damaged if the truth gets there first.
Regarding 230 the primary author of the statute disagrees with Thomas.
https://www.techdirt.com/articles/20200625/11032444780/autho...
Justice Thomas is the Giligan of the supreme court.
https://www.newyorker.com/news/daily-comment/clarence-thomas...
>Why was this? It is because Thomas is not a conservative but, rather, a radical—one whose entire career on the Court has been devoted to undermining the rules of precedent in favor of his own idiosyncratic interpretation of the Constitution.
Anyway what I was referring to was how Twitter's moderators decided to restrict this news based on it being obtained through hacking, but few days ago had nothing against Trump tax story that was based on illegally obtained documents.
If you consider “social media” as a market, it has healthy competitive landscape. If you consider different styles of social interaction as separate markets, they’ve cornered markets. I don’t see competition in these spaces. Facebook != Twitter, and I feel that is why both can exist. Behemoths in neighboring spaces opt to buy a social experience instead of trying to compete with their own.
The missing piece, IMO, isn’t regulation around “censorship” for these platforms. It’s regulation that results in a rich market of products around a single style of social interaction. Example: regulation around interoperability.
Within businesses, people have evolved far past market definitions where widget x¹ competes with widget x². Our political savvy as consumers would improve if we could see that as well.
For example, why would Google approve a product like Stadia? What does it compete with? Nintendo, yes but not really, since so many Stadia players have a Switch also... just like most of us have Facebook and Twitter accounts. But maybe they're true competition is Netflix? Social media? Users are giving Google their time = data = insights = further monopolistic advertising power.
Suppose Tesla tomorrow becomes the sole manufacturer of battery powered cars. However, the good (dirty?) old petroleum based cars are still out there and on the road (not a lot but still). However, everyone wants an electric car in future - will that make Tesla a monopoly?
How will it be different or same in this case of Twitter or Facebook?
A petroleum based car is largely interchangeable with an electric car, assuming we're talking one that will probably comply with environmental regulations over it's lifetime. I might prefer an electric car because of the environment, or to support the movement, or whatever, but at the end of the day, a petroleum car still gets me where I'm going. Tesla is unlikely to become a monopoly because even in the electric vehicle space, there are interchangeable goods. I'm not intimately aware, but it sounds like there are a couple other companies that make competitive models.
Where that interchangeability can get weird and not so clear is on a more specific market, where users don't necessarily have a choice. Tesla is the only company (afaik) that makes a fully electric truck. You could possibly argue that Tesla has a monopoly on fully electric trucks; I think the question becomes, are other goods interchangeable? Is a petroleum truck interchangeable? Is a fully electric SUV interchangeable?
Applied to social media, each of the major social media networks offers or encourages a substantially different type of social interaction. Twitter is largely for piecemeal content, and is largely more public than other forms of interaction. It leads to really high levels of engagement, and lots of flame wars. Instagram is all about photos, people go for the glamour. Facebook attempts to make you engage with your network more, I find people share more personal information there. Reddit is more anonymous than the other two, and builds around the concept of communities, which are featured more prominently than the other platforms.
I think we all agree nobody has a monopoly on social media. The question is whether it's possible to have a monopoly on a particular form of social media. Are Reddit and Instagram interchangeable for you? They aren't for me, so I would say that they aren't in competition and as such, the existence of Reddit doesn't prevent Instagram having a monopoly any more than the existence of Chiquita does.
"Social media" is an incredibly diverse category of services. Deciding the monopoly status of a company based on the health of competition in social media is like deciding whether to break up Standard Oil based on the health of the entire raw materials goods sector. It's not a granular enough measure, because it contains several non-interchangeable goods. If Standard Oil jacks up the price of oil, I can't just go buy iron instead; I can't put steel in gas tank. Likewise, if I get pissed off at Facebook and decide to quit, I can't just go somewhere else. My 80 year old grandma is on Facebook, teaching her to use Twitter is going to be a problem, and I generally don't know if I want to expose my grandma to the cesspool that Twitter can sometimes be. The services are not interchangeable to me, so Facebook has a monopoly on that service. My choices are to play by their rules, or to just bow out of the experience entirely. Let's say we ignore the legal technicalities of a monopoly for a moment; doesn't the outcome look remarkably similar? If this doesn't count a monopoly, it seems to lead to the same place, and perhaps it's non-monopoly status is due to a flaw in the law, rather than being expected behavior.
You don’t have to be anti-competitive or abusing a monopoly to be the target of regulation.
And who even is "they"? The entire tech sector? FAANG? Or just whoever makes the rounds in the news at any given point?
https://github.com/microg/UnifiedNlp
User consented to "personalization of experience", and that's all it is. Personalised ads.
My solution is a shortcut on my homescreen to my address, or somewhere close.
One click is worth it and for someone who pays more attention than most to the windscreen, safe enough for me.
What does that achieve? They still receive your data, unless you are logged off and not using any google software.
I’d be surprised if they don’t follow that wish just for PR and legal reasons alone. The fewest people will actually opt out or if they do accidentally opt back in since the “enable web and location data” action appears anywhere from Maps to Google Home setup.
This is really just Google using hostile UX to badger people into enabling location history and (in their eyes - hopefully) leaving it on.
https://qz.com/1131515/google-collects-android-users-locatio...
Filter out: Pinterest, YouTube, WikiHow, and all the other garbage SEO farms.
However there is a browser extension you can install. It's either endorsed or developed by duckduckgo.
they stopped providing it for some reason...
I liked it for blocking quora/pintrest/w3schools/...
I just tried it for W3schools and it worked
personally I don't want some random third-party having the ability to exfiltrate my google cookie via an auto-updating extension
Driven by the same motivation, I've first adapted a userscript [1], but later replaced it with simple uBlock Origin filters:
[1] https://github.com/darekkay/config-files/blob/master/userscr...It's highly conceivable that one could get a completely novel and diverse web and search experience if we were to exclude those concentrated websites entirely from search results. At that point, google can no longer slide on just showing the top results from a tiny subset of their index, and would be forced to always show results from the entire index. As opposed to now where 99.9% of the time, they mostly show you results from that smaller subset and 0.1% of the time show you the rest (that is of course only if you have a super-specific query or you force them with some of their remaining search modifiers).
I'd like a search engine where I have some input on the ranking of sites shown to me. Some sites are crap and I never want to see them, other sites are ranked low but often have info I'm interested in.
Even just let me vote my search results up or down on relevance. I can vote on everything else, why not this? (Though ideally, I'd love to be able to devise my own algorithm for these things.)
We’re talking about access to the internet, something that people are increasingly acknowledging as a primary need. Regulations will follow.
I'm certainly not happy with how Google is using their position, but is it illegal? Should it be? Even a Pixel phone can install and use Firefox. You might perhaps make a case out of how all SDK WebViews end up being Chrome (-ish), but as long as a third party app embedding their own web view would not be rejected by Play, that's still more open than significant other parts of the smartphone market. Sure, Google is using a position of power and everybody who isn't a major shareholder shouldn't exactly be happy about it, but itvit abusing? In a way assailable on legal grounds?
And what exactly has changed in the past year to do so?
My understanding is that webRequest blocking is deprecated and a limited size static list will replace it. No?
Edit: spec still shows ~35,000 total block entries, far too few. A medium sized marketing firm could, on their own, set up 70,000 distinct s3 bucket URLs, or a large one could easily justify that many distinct domains. Many existing block lists and uBlock's dynamic (uncountable) behavior far outstrip these limitations. This spec will break the back of ad blocking for good, and Chrome engineers and PMs know it.
Spec: https://developer.chrome.com/extensions/declarativeNetReques...
The changes included greatly increasing the rule list size, allowing dynamic rules, not requiring the list be included in the manifest (for independent updates), and the ability to adjust some network headers.
As I said, they addressed all the major concerns that I saw raised.
In a few years, which 2/3 of the rules would you cut?
How is this a win for consumers? How have they addressed those major concerns?
Edit: That was stock, I just added a few lists and passed 100,000 network filter rules. Please explain to me slowly, as if I were a child, how a static limit of 30,000 rules is a bigger number than 100,000, and why my computer with 128GB of RAM memory can't possibly support more than 30,000 rules?
I wonder what they've actually addressed. It looks like this was just lip service:
> Additionally, we are currently planning to change the rule limit from maximum of 30k rules per extension to a global maximum of 150k rules.
Source: https://blog.chromium.org/2019/06/web-request-and-declarativ...
16 months later the limit is still 30,000.
Source: https://developer.chrome.com/extensions/declarativeNetReques...
To give some context, it looks a clean installation of uBlock Origin would require nearly 80,000 rules.
> 79,972 network filters + 39,856 cosmetic filters
Adblocker extensions need full access to all network traffic and all it takes is a single person's account or machine to be compromised to get access to millions of browsers. Chrome extension compromises are a somewhat common occurrence - see [1] for a recent example.
I want ad blocking without giving the extension access to my cloud accounts, bank statements or company intranet.
My current solution is to use the ExtensionSettings[3] Chrome policy to blacklist extensions from particularly sensitive domains like accounts.google.com, my bank and the company intranet, but it's a clunky solution - I still want tracking and ad scripts blocked on those!
[1]: https://news.ycombinator.com/item?id=24803740
[2]: https://blog.chromium.org/2019/06/web-request-and-declarativ...
[3]: https://support.google.com/chrome/a/answer/9867568?hl=en
This is only true in the sense that an all-purpose browser is "a major security risk". That is to say, it's not true in any coherent sense.
Yes, the ad blocker needs to be trustworthy, and there are a variety of approaches for furthering that goal.
> Adblocker extensions need full access to all network traffic and all it takes is a single person's account or machine to be compromised to get access to millions of browsers.
Again, you could say the same about the browser itself. Even if it were infeasible for extension developers to implement more security safeguards, that would be a flaw in the Chrome Web Store, not in the concept of web extensions.
Their continued "refinement" of the core ad blocker APIs while all these abuses and deficiencies go unaddressed is extremely suspicious.
Yes, this is bad and a big security risk. I don't use any extensions that request this permission. My company even pushes a Chrome policy that outright blocks them.
Manifest v3 fixes this by taking away blanket <all_urls> permissions. This would break ad blockers, so they add declarativeWebRequest and remove the blocking webRequest API that would be useless anyway.
Some relevant points:
- Google still hasn't raised the rules count like it announced last year in the blog post you linked. The current API is still limited to 30k rules. (the dynamic rule count is ridiculously low too)
- Even if the rule count were unlimited, having a static list of rules handicaps more complex algorithms like those used in uBlock Origin, that aren't limited to "if URL in URL_LIST then block". For instance, a Levenshtein-distance-based algorithm can't be implemented with declarativeNetRequest.
- Manifest v3 doesn't seem to prevent extensions from examining traffic, just blocking it. So Google's stance that its API is against data mining, not ad blockers in particular seems hypocritical.
- Similarly, its stance that the proposed API is more efficient is extremely dubious. Modern WebAssembly has close-to-C++ performance, meanwhile ads and analytics are one of the biggest source of slowdowns of the modern net. The idea that restricting adblockers would improve performance in the general case is absurd.
Overall I have the same view of adblockers as I have of pirate sites: they're very convenient for me and I like to have them, but I don't begrudge corporations for doing everything they can to get rid of them. In a world where most of the internet is funded by ads, I understand why Google would want to find ways to make adblockers just a little less powerful.
But Google's insistence that it isn't doing exactly that, and that its API is technically motivated, reads as corporate nonsense. They haven't responded at all how I'd expect them to if the whole controversy was just a misunderstanding.
Manifest v3 is still in development, so I'm assuming that this simply hasn't happened yet. It definitely needs to fit uBlock Origin's default rule set and I don't see them backtracking on the 150k announcement.
> - Even if the rule count were unlimited, having a static list of rules handicaps more complex algorithms like those used in uBlock Origin, that aren't limited to "if URL in URL_LIST then block". For instance, a Levenshtein-distance-based algorithm can't be implemented with declarativeNetRequest.
This is the explicit trade-off that is being made. I'll gladly accept this limitation in exchange for not having to trust the ad blocker extension.
> - Similarly, its stance that the proposed API is more efficient is extremely dubious. Modern WebAssembly has close-to-C++ performance, meanwhile ads and analytics are one of the biggest source of slowdowns of the modern net. The idea that restricting adblockers would improve performance in the general case is absurd.
The blog post explains this - the issue isn't the (in the case of uBlock, carefully written and very fast) extension code, but the IPC overhead in routing all requests through the extension. The Chromium teams loves metrics and they wouldn't make this claim without having substantial data to back it up - it's not a matter of opinion, but objectively quantifiable.
> - Manifest v3 doesn't seem to prevent extensions from examining traffic, just blocking it. So Google's stance that its API is against data mining, not ad blockers in particular seems hypocritical.
The blocking version sits in the critical path, the non-blocking one can be called asynchronously. This is consistent with their reasoning.
With Manifest v3, blanket host permissions are going away, which addresses data mining extensions and would make the existing blocking webRequest API impractical: https://twitter.com/justinschuh/status/1138889508512866304
The case has never been made that this is the issue of why wesites take long to load nowadays, and rather the finding is that content blockers help significantly page load speed.[1]
You seem eager to uncritically accept Google claims while leaving out the views of the critics.[2]
* * *
[1] https://www.debugbear.com/blog/2020-chrome-extension-perform...
[2] https://www.eff.org/de/deeplinks/2019/07/googles-plans-chrom...
Google is deeply afraid of machine learning based ad blocking. You can only camouflage ads so much before they don't serve their purpose. Forcing ad blockers to use a primitive blocking method prevents smarter ad blockers from being built.
I have one for banking, for example, with zero extensions
I just do what I'm told.
I will blame them for making such system. If we blame them I think ultimately this issue is going to be solved?
Sheer arrogance of the devs in chrome related threads, I hate it.
But those things are why i don't use chrome anymore so I can't verify it.
It's the perfect kind of example needed by the anti trust authorities to justify breaking up Google in parts.
— George Orwell, 1984
These are the kind of tricks a shady company would do. So disappointed what Google is doing to the web the last few years.
It isn't obvious to me from this that Google are privileging their own sites above others here
The preloaded list is in the source code (https://github.com/chromium/chromium/blob/master/chrome/brow...) but it's encoded as a finite state automaton that makes it a bit difficult to enumerate the list of whitelisted domains.
The preimage space is finite and easily enumerated.
https://news.ycombinator.com/item?id=24819473
[0] https://github.com/chromium/chromium/blob/615d5eed47c10d8890...
https://www.chromium.org/audio-video/autoplay/autoplay-pre-s...
According to the MEI it actively measures user behavior and one of the most important measures is that a video is unmuted. From the document:
“The MEI is meant to allow media heavy websites (e.g. YouTube, Netflix) that rely on autoplay for their core experience. It is a non-goal to allow websites with a “good media behaviour” to autoplay without restrictions”
It doesn’t sound too good, and still doesn’t really explain how everything is seeded.
Here is the code: https://gist.github.com/NeatMonster/e9cdb01441a3cd842e6a20fd...
And here is the plain-text list: https://gist.github.com/NeatMonster/e9cdb01441a3cd842e6a20fd...
There are other examples where only the large sites benefit while everybody else has to play by stricter rules: "EU Parliament bans geoblocking, exempts Netflix and other streaming services" -- https://www.dw.com/en/eu-parliament-bans-geoblocking-exempts...
EDIT: User teraflop posted a link to the list of "sites that are allowed to autoplay video even without any prior media engagement" right here in this thread https://news.ycombinator.com/item?id=24818178
But they purposefully use CLS in Search to increase clicks on Ads https://twitter.com/andyhattemer/status/1262564268890820609
And the re-ordering happens as your mails and the ads are loading! You might be about to tap your email, then the ads load in and you suddenly click on an ad. Or you want to tap the top row, but the app decides to put a different email above the ads and you end up tapping into the wrong mail because it was reordered just before the tap.
You present this as a fact, but it would be absurd that Google would use such a cheap and easily detected trick to increase CTR. It would be bordering on ad fraud and I'm sure that Google, of all companies, knows better than that.
Occam's Razor says that this is a stupid async content loading bug, which they subsequently fixed. I've never seen this happen and when I just tried it without adblocker with that exact search term, it didn't - the page loaded with the ad.
3 years ago and I wouldn't believed it at all but around 2 years ago I saw it happen consistently with a colleague at the desk next to me.
I cannot say for sure that it wasn't an extension in his browser but I can say for sure that I think Google has been really busy tearing down the mountains of trust they had before 2007 - 2009.
For this to not be an accident, one would have to assume that Google actually makes more money from those invalid clicks, and that someone decided that yep, rendering ads asynchronously was a decent and legal approach at increasing advertising revenue, and requested the GMail team to implement it.
This kind of corporate misbehavior is not unheard of, but I just can't imagine it happening at Google.
It's much more likely that this is just unfortunate UX design to "improve" rendering performance without considering users on slow connections.
(I can reproduce this one just fine in desktop GMail - on the first render of the "Promotions" tab, the ads render asynchronously)
[1]: https://support.google.com/google-ads/answer/42995?hl=en
[2]: https://www.blog.google/products/ads/preventing-accidental-c...
'Unfortunate UX design to 'improve' rendering' is the plausible-deniability they can use to justify this.
> This kind of corporate misbehavior is not unheard of, but I just can't imagine it happening at Google.
I definitely can, I don't think anywhere is immune to this once you reach a certain scale. They have a profit-motive to make money, they will absolutely try and get away with as much as they possibly can.
My guess from someone who had to develop a web video player at work, many websites will attempt to autoplay the video with sound and if it fails, it's easy to catch the failure event, they will mute the video and try again.
Web browsers are also capable of determining that autoplay on technically-not-load-but-automatic counts as autoplay. (There's even text in the spec about it.) In particular, they can tell whether it is in response to a user action/gesture on the site or not.
https://developers.google.com/web/updates/2017/09/autoplay-p...
No, they don't. This is false. It's a mechanism called Media Engagement Index, Google properties have zero advantage, and any site can get a high score.
Chrome ships with a preloaded MEI assembled from global telemetry data, which is then trained locally:
https://www.chromium.org/audio-video/autoplay/autoplay-pre-s...
Would they have made the same choice of preloading a default seed if they had no properties in the seed ? who knows
Once they reached a dominant ad network position their whole strategy has been “advancing the web is advancing our revenue”, and it bled into mobile to the point where building and maintaining a whole ecosystem for free makes sense as long as they stay the search and ad engine of choice (that’s the only thing they’ll fight to impose).
Chrome is built in the same optics: push forward the web and webapps as long as search is theirs.
https://github.com/brave/brave-browser/issues/1127
They merged in a (partial?) bug fix in 2019:
https://github.com/brave/brave-ios/pull/883
The underlying problem isn't that Google sites are directly excluded, it is that Local Storage, Database Storage, and Service Workers aren't cleared by that setting, and that Google uses those for persistence.
Is this being evil or was support just not added when those were introduced? I have absolutely no idea. But I agree with fixing the underlying bug in Chromium either way.
You could argue that a Service Worker should not be cleared since that is more than likely not personal data exactly.
I always search with a specific Google.ca domain with cookie and javascript disabled. It worked really well and Google knew zero shit about my search habits on my Gmail account.
https://www.theamericanconservative.com/articles/robert-bork...
The Chicago School invented the “free markets can do no wrong” ideology that denies the possibility of monopoly, but Bork is the one who weaponized it to cripple antitrust, in plain violation of the statutes. The article is from a right-wing site, BTW.
And in the end, the open web was gone.
Yours truly, 2025.
Stop waiting on your government to fix things because they aren't going to. If you want to fix things, then build your own tools to abstract syncing, bookmarks, and other features from the browser. They exist, whether you've ever taken the time to look or not. Somehow it is easier though for people to simply say... The government will fix it for me, rather than fixing things yourself.
Pretty big difference.
>Mozilla is just as guilty as Google.
Since Mozilla doesn't do anything similar when not signed into their sync service, this is plainly false.
>If you want to fix things, then build your own tools to abstract syncing, bookmarks, and other features from the browser. They exist, whether you've ever taken the time to look or not.
If you're not highly technical, you're not entitled to privacy?
>Somehow it is easier though for people to simply say... The government will fix it for me, rather than fixing things yourself.
It's simple. Some of us believe that a base level of privacy is a human right. And the only entities capable of facilitating those human rights are governments.
I once had an issue similar to this, and it turned out to be an issue with my profile. Once I manually deleted the site data the problem didn't come back. They admit that this may be a bug and I wouldn't be surprised to find out it is, but regardless there are plenty of other options including ephemeral profiles that you can use by setting a policy. If they aren't signed into sync, then I also suggest they disable syncing from the settings and the policy as well.
> Since Mozilla doesn't do anything similar when not signed into their sync service, this is plainly false.
They _just_ install Pocket and a bunch of other unrelated services and send your DNS queries to third-parties, as well as opting you into recommendations and telemetry.
> If you're not highly technical, you're not entitled to privacy?
You don't have to be highly technical. There are a lot of options for Google accounts to disable ad personalization, history, third-party access, etc. In fact, I find it much easier than almost every other company I come across. The documentation is easy to follow and is so easy my kids could do it. I'm all for privacy, but at the same time the rules need to be applied equally to all companies. Just attacking Google isn't going to fix the issue, in fact it will make it worse by giving a politicized government the ability to go after anyone that they feel doesn't represent their political goals.
> It's simple. Some of us believe that a base level of privacy is a human right. And the only entities capable of facilitating those human rights are governments.
We don't live in a socialist society that believes that humans have fundamental rights to basic necessities. I'm all for privacy being a human right, but shouldn't housing, healthcare, etc also be human rights? Google gives a lot away for free. Until we start addressing other issues, privacy as a human right will never be on the table and when it happens you can't just apply the rules to one or two companies. It has to be equal.
Lastly, your suggestion that we shouldn't enshrine privacy in law because we haven't enshrined other important things is nonsense. As you well know, enshrining privacy in law would cost the taxpayer $0 while the others you mentioned would literally cost trillions.
Not a very convincing argument.
Chrome creates a unique ID for each user (there has been much discussion about the entropy vs the uniqueness for the install key), they have been found to give a pass for Google Analytics when visiting from Chrome, etc. And what else do you expect when it is in their interest to track you (and to have a excuse to justify their knowledge when found out in other grey areas).
EDIT: The quote above is from Casablanca, was once very famous [1]
[1]: https://www.youtube.com/watch?v=SjbPi00k_ME