I wish Google would do something against the so called 'Rogue Redirect Ads' in their AdSense network. Ads that redirect the parent frame.
When I browse the web on my Android phone, I get redirected to spam every 10 pageviews or so. And no, it's not a problem of the phone. It's a known issue that ads can break out of their iframe:
IMO Javascript should not be allowed in ads at all. Unless that gets implemented, I have the feeling that all blog posts about improving the user experience are just lip service.
> IMO Javascript should not be allowed in ads at all.
I agree fully. I think part of the issue is that the folks submitting ads want to collect a lot of data. They probably don't use that data (or if they do, not well), nor do I trust them to not collect very invasive and unsafe data, but I suspect for many folks that having their own JS payload makes or breaks a possible ad network.
Given concerns about Monero mining, redirects, and other hijinks, removing JS from ads is even more critical now. I think the compromise will be to give ads some kind of network provided hook to get data back to "home" eventually, though then the issues above only shift from the ad provider to the ad network provider.
Or at the very least, provide a domain-specific-language that "compiles" to JS that can do very limited things like animations and others.
That combined with requiring all of the assets to be hosted on the ad-network's servers would greatly improve the experience. (mainly because ad-networks are larger companies that the host website has a direct relationship with, so when users complain the site can talk to the ad-network, and the ad network can instantly do something about it)
Sadly, they have no incentive to do that, as those ads would be more expensive to create, most likely make less money, and most users that block ads block all of them regardless of how invasive they are. Adblockers treat all ads the same, and so now advertisers are faced with the choices of:
1. make more shitty invasive ads
2. make "better" ads (better for the user) and make less money while spending more and having users still block them anyway.
This is why I really believe that the "better ads" thing from google and others is a really good idea, because it helps re-align the incentives back with the user in some ways. If that works, shitty ads will be blocked much more widely, while good ads will get more views and more users.
Any source code to source code translation is considered transpilation until targeting byte code or other form of representation that is byte code, VM, or CPU specific. The terms do become blurred sometimes.
Google runs an ad network and releases a browser. Presumably he is aware that Chrome is doing something, but wishes that AdSense and DoubleClick would do something.
Focus is probably the best option on iOS but I don't trust Mozilla to block tracking the way I want it done, I'm far more comfortable with uBlock Origin handling it. If I want the extra protection of deleting my cookies and history on exit I'd rather just start a private tab. Most of the time, I want to stay logged in on sites.
Why Focus on iOS? iOS has had a framework for third party content blockers for years. If you install a content blocker for iOS, it also works with other apps depending on which webview they use. For instance they work with Feedly.
Not across the system, though. It only works in Safari. For system ad-blocking, the easiest option is via DNS based Ad-blocker services like Adguard Pro or Adblock (both are paid apps and available on the App Store).
There's also the VPN option. PIA, for example, comes with its own system ad-blocker (MACE) although it's nowhere as good as Adguard Pro (which allows you to use custom DNS server).
It's not just Safari. The only times I really care about ad blocking are using the web with safari and Feedly and watching video. The content blocker also works with web view embedded in Feedly.
I very seldomly watch live ad supported video. I have ad free Hulu. For the two networks that aren't on Hulu - CW and CBS, I watch VOD from them via Plex. Because of the way that the Plex channels work, they skip the ads.
For me it's not a matter of trust, it's just that there's no customizability to the ad-blocking on Focus, even at the level of choosing blocklists to subscribe to, or adding particular elements to be blocked.
I don't want a company that releases a "privacy focused browser" with telemetry enabled by default deciding which tracking is "ok" and which isn't. I love Firefox compared to other browsers but there's definitely some user-hostile choices being made at Mozilla and I'd rather they just not get involved in ad blocking (other than ensuring the add-on architecture allows proper blockers to do what they need to get the job done right).
Brave is not usable yet in mobile, from my experience. I'll give them a few more cycles before using it full time on phone. Desktop version is much better though.
Putting the ad in an iframe without the allow-top-navigation[0] sandbox permission could prevent that. Or if the ad naturally consists of an iframe then a browser extension could intercept the iframe load and add the equivalent CSP rule[1]. Or google could do that themselves.
I think they would still be allowed to open in a new tab.
Similar things happen on iOS, too. I can't tell you how many times I'm trying to go to a seemingly legitimate site on my iPhone and I get redirected a dozen times and end up at "You've won a free Samsung tablet!" instead of the content I asked for.
You're probably either not using the right ad-blocker or fail to configure the ad-block properly. If you just want a content-blocker that works in Safari- I find Purify works the best. If you want a full system ad-blocker which works in most apps- NYT, BBC, Chrome though not in the YouTube, Instagram, Twitter apps- it would have to be a DNS based Ad-blocker like Adguard Pro.
Thanks for reminding me about this problem. A few websites I visit have spammy ads that do this and it is very frustrating, but I forget as soon as I leave the loo.
I started getting them for a while a few month ago. It made browsing certain sites on my phone almost impossible, I'd get a rogue redirect literally every time I tried to access the page.
There is some work going on to remove Javascript, but it is slow going. Most publishers won't trade off revenue for performance and security so there is no incentive for the buyers to change their ways.
Giving publishers a choice would be a start. A checkbox 'Allow JavaScript' for AdSense publishers and a way to run revenue experiments about JS on/off.
That does raise the question is Google big/ubiquitous enough to force that on publishers? If Google unilaterally decided no more JS in ads., would the publishers grumble about it but adapt, or would they look to other ad networks.
Apologies if the comparison offends anyone but every time I see PR (public relations) about ad-blocking by Google, I see them as a company like Goldman Sachs, who has taken positions on both sides of a bet, so to speak.
There is a glaring conflict of interest as others have pointed out; it cannot be ignored. Through strategic acquisitons such as Doubleclick, Google and its subsidiaries are the largest warehouse of advertising on the www. The company is the machine that keeps web advertising humming along.
Google wants to keep everyone happy. Users are fed up with advertising. For example, Google could offer a search engine free of any ads, as they did in the early days.FN1 They have more than enough cash to do it. This would make users very happy. Google could try to support itself by selling something, besides advertising. But this will not happen. Why? (Rhetorical question. Not asking for an answer. We all know what it is.)
By creating a web-advertising juggernaut and collecting the maximum allowable quantity information about users through every means legally possible, (far beyond merely search engine usage) Google has taken a position against users (the ones who dislike ads) as well as for them (as argued in myriad PR pieces).
Google is not curbing it own actions (as the #1 promoter of advertising on the www), instead it is taking aim at advertisers. Some of those could be existing or potential clients (which might seem intriguing).
But while its clients (be they advertisers, users or others) may experience "losses", like Goldman (or not; sorry, bad analogy!), Google always "wins".
Any PR piece proclaiming that Google is taking sides with users (for a "better web") ignores that they also have taken sides with advertisers. Google has big bets on advertising. As everyone knows, users do not contribute significant inputs to the Google balance sheet; advertisers do.
FN1 At that time one of the Google founders called out advertising as being something to avoid. Interestingly, there was no "disruptive" vs "non-disruptive" advertising distinction.
> Google could offer a search engine free of any ads, as they did in the early days. They have more than enough cash to do it. This would make users very happy. Google could try to support itself by selling something, besides advertising.
This reasoning doesn't make sense to me. Many startups offer their services for free or low cost, burning cash, to acquire users/mind-share until they find a way to be profitable. Google and Facebook found advertising as that way, and thus survived instead of running out of money. And are able to offer their services for free.
"Google should ditch that and start again" doesn't even start to make sense.
I think his claim is more of "The Search Product" can be run as a loss-leading free product just like Youtube was, while they profit elsewhere.
And he covers this with the rhetorical question: They can do these things, but they don't, because being as anti-user as possible (while putting out the occasional fluff PR piece) earns them billions and billions and billions of dollars.
He's basically saying "Google could remove advertising and figure out how to make money without being one of the most user-hostile organizations in software history, but they don't because their hostility to privacy and their revolution in combining aggressively curated private data with advertising has made them one of the richest corporations in history"
what is this elsewhere of which you speak? Google apps for your domain? Youtube red? Android licensing fees?
The truth can be seen from the way users behave. Nobody wants to pay any money for online services, and if google were to stop advertising, they'd basically be bankrupt as the userbase is not willing to pay the equivalent amount to google that they derive from selling user data.
To be clear, Google doesn't sell user data to anyone. In fact, it's got the strongest of incentives to keep other companies or hackers away from the data of their users. Which is maybe why Google's security team is what it is.
Technically, most companies in the advertising space don't sell user data. They sell the ability to target users based on anonymized and pre-digested data. Google Search Ads and AdWords both work that way, as does pretty much all of Facebook's ads products.
As an example, Facebook might sell you the ability to target people between ages 12 and 20 located in major metropolitan centers in the US. You never bought any user data that let you flag individual users, but you are still "using" the data.
(Disclaimer and also claim to authority: I worked in ad tech.)
The end result is the same if Google sold your data to an advertiser or used the data to advertise on the same advertiser's behalf. So I find "Google sells your data to 3rd parties" to be an accurate enough description.
If you think the end result is the same, you are being very charitative in your guess of what those companies could do with your data. Without giving it much thought, for a start you would lose the ability to control what that data is and who has it.
I'm not sure why people keep saying that Google and Facebook is selling user data. Does that mean that if those companies started to actually do it, it wouldn't bother the claimants as they consider it being done already? Seems to me like an important distinction to make.
In comparison, are Uber selling software? Rather than using software to sell a service?
The relationship between that and "it's the same as if Google sold my data to third parties" is lost on me, honestly. Looks like you're trying to prove a sentiment instead of a point.
Obviously there is a technical difference between "Google sold my data" and what they actually do. My point is that the outcome is the same in both cases. It doen't matter to me which specific entity erodes my privacy. So in the larger scheme of things, Google did sell my data to advertisers.
Amazon doesn't directly sell you the AWS infrastructure. But they rent it to you. Google is doing something akin to that. If they had an opt out saying "Don't use my private data to show me ads" I'd no longer make the point they sell my data. But they don't provide any opt-out, and the effect is identical to my data being sold to advertisers.
When I pay Amazon to use AWS I get access to those machines. When I pay Google to display ads, I don't get access to the data of any user.
If a company sold your information, you can say bye bye to being able to restrict what that information is and who has it; you might as well consider it public from that point on. I don't think anybody in their right mind would call that difference a technicality.
Google does provide the opt out you say they don't, too: Browsing in incognito mode.
> not willing to pay the equivalent amount to google that they derive from selling user data
I think that's the GP's point -- but Google has enough cash in the bank that they could probably continue to provide services indefinitely if they took the decision to divest themselves of advertising and re-organise themselves appropriately.
> Nobody wants to pay any money for online services
I wish this meme would die already. Youtube red cannot be purchased in half the world. Google the search engine does not even have pay-for-no-ads offering that I know of.
You can't say they actually tried to get money from users yet.
Google has also learned the lesson though that ads which produce a negative user impression aren't sustainable, and bad for both Google and advertisers. They have a vested long-term interest in making ads palatable and useful, or their cash cow goes away. Their incentives mesh with mine -- I would be less likely to demand ad blocker if ads weren't so disruptive.
> If that were the case Chrome's disruptive ad blocker would have been released shortly after the rise of flash ads
This seems like an odd argument. Are uBlock's incentives unaligned with yours because they didn't release their adblocker earlier? What does the timing of the release have to do with anything?
> If that were the case I would be able to completely opt out of tracking and accept slightly less targeted ads
> uBlock's incentives unaligned with yours because they didn't release their adblocker earlier
Not really a fair comparison - uBlock aren't selling ads. Google are and have been for a decade. There have been many occasions that search has been compromised via advertising from the days of SERPs being mostly adsense mini sites years ago. The response to those also took years despite search being near ruined. Google could have done far more far sooner.
Well, I was just talking for myself. For instance, ad tracking personally doesn't bother me. What bothers me is intrusive ads that interrupt my normal browsing experience.
Until there are better integrated controls for deciding which arbitrary code blobs run on your computer, a large majority of people using adblockers will continue to do so despite Google's efforts.
I question whether a "large majority" of people using adblockers are aware they are doing anything other than blocking ads. The HN crowd tends to overestimate the tech-savviness of the general population when it comes to this stuff.
I understand what you were saying, but I made the (unfounded) assumption that most of the general ad-blocker population were turned onto it by someone they trust who is more computer-savvy, and those people will generally continue to recommend ad-blockers to their less-savvy friends as long as good reasons still exist.
Yes, but often I will temporarily lift the block to load the page (just a few mins ago I was on AWS announcement page, I couldn’t play a video unless I reload the page without content blocker. Not only do we have a tracking epidemic, we have external js issue. I have to either whitelist fonts.google.com and some other js libraries, or else explicitly reload page without blocker whenever I see a broken website... this security-privacy consciousness i is a good trade-off, but can we, as developers, do something?
It's not a hedge bet, necessarily. It's a way for them to get direct input from users on which ads are tolerable and which are not. This information will undoubtedly be used to make ads 'more tolerable' so that Google's bottom line is not impacted.
I wonder if we're heading into a new era where online advertisements will become indistinguishable from non-ads. For example, a picture of your friend vs a picture of your friend with a soda bottle subtly added. That would be more tolerable to most everyone when compared to a flashy gif of that soda bottle bouncing around in your browser.
Wouldn't that "picture of your friend with a soda bottle" be considered a violation of the property rights of whoever took that picture? (lets leave alone the idea that the ad insertion violates the viewer's rights to unadulterated content - that could potentially be waived as a part of the EULA/TOS).
Well, we are used to the kind you spoke of already. Soda, fastfood and car brands are mentioned in films and music videos. But if some Javascript adds a soda bottle to my friend’s picture, I can see that as a potential violation (if you use facebook, you would probably get a “You and Bob have friends for ten years now” greeting slideshow... made by facebook with effects. But I haven’t heard anyone sueing FB yet).
>For example, Google could offer a search engine free of any ads, as they did in the early days.FN1 They have more than enough cash to do it.
Doesn't google still make like 80% of its revenue off advertising in search? If its true, then they really don't have the money to drop it
And instead of viewing it as double-betting, it can just as easily be seen as a compromise. They still want to advertise, and makes sense for them to want to, and the truly troublesome ads are poisoning the water for everyone, by leading (normal) people to total solutions ie adblock. Which is bad for business. In which case, you should expect them to find a middle-ground solution, and it would be absurd for google to move in either direction too strongly (because the money's not there).
Its not that they're taking sides, but that they're trying not to.
> There is a glaring conflict of interest as others have pointed out; it cannot be ignored. Through strategic acquisitons such as Doubleclick, Google and its subsidiaries are the largest warehouse of advertising on the www.
The point is, they're not only a near-monopoly in web advertising, but also have very detailed data about their competitors (via GA and many other products) AND now are controlling the channel for 60% of users. It's unbelievable they managed to pull this out and still so few people seem to care.
Meanwhile, Google still hasn't added a way disable auto-playing videos (regardless of whether a video is muted) in Chrome.
Safari has easy options to set both a default and per-site preferences (https://support.apple.com/guide/safari/stop-autoplay-videos-...), including a "Never Auto-Play" choice. Despite years of user complaints and a fairly clear resolution to them, Chrome either watered-down their fix or solved the wrong problem entirely.
This feature is not currently enabled because it can confuse some websites' video players. They can get stuck in a bad state because their JavaScript assumes the video is playing, but because Firefox didn't autoplay it the player buttons don't work correctly.
I hate these decisions by Firefox where they don't enable something because it would be inconvenient for websites! They should enable it and websites should fix their broken players.
Then their naive users would abandon them en masse because Facebook and YouTube won't work right. The thing to hate is that useful settings like this aren't in a more readily accessible preferences dialog for the rank and file to discover. You have to be told it's there or go spelunking through about:config.
> Meanwhile, Google still hasn't added a way disable auto-playing videos (regardless of whether a video is muted) in Chrome.
This bit is especially infuriating for me, as there seems to be a High Sierra issue with Chrome and videos (for me, at least - it's hard to figure out how widespread it is). They cause massive browser lag when they're on a page for me, to the point of missed characters while typing.
> you can set "Document user activation" in chrome://flags/#autoplay-policy & relaunch.
That won't fix the problem of auto-playing video on CNN or other sites that are not YT. Trying to read news from CNN is still a matter of waiting for the page to load, then wait for the video to load and start playing, then click on the pause button, and voila you can read in peace.
Quoting the blog post, Google’s decision that ”Muted autoplay is always allowed” is the problem. If any other Chrome users wondered why videos now auto-play without sound (even with this option set), at least based on the relatively minimal docs about this flag, this is why.
Note that Firefox' autoplay blocker breaks some video sites because the Javascript assumes the video is playing when it really isn't. However, with Firefox, videos never autoplay. Chrome's autoplay does not always work, but it doesn't seem to break sites.
I can't seem to find the issue, but in the Safari issue tracker, the point was made that given the way HTML5 video and APIs work, it is impossible to reliably prevent autoplay without breaking some sites. It seems that Firefox went for "reliably prevent autoplay" while Chrome went for "without breaking sites".
FWIW, I switched from Chrome to Firefox because of the autoplay issue.
Ug, I've been railing against this for a bit now. For anyone who is unclear what is happening, Chrome downloads a set of partial hashes for sites that are considered bad by this coalition. They don't provide the full list of sites (evil). Then if the site matches it, it phones home to get the full hash to see if it matches that. If it does, it applies the EasyList (non-cosmetic) ad block rules.
Problems:
* The list is totally opaque (I am wrong, see EDIT 2 below)
* They use the hard work of people like EasyList and subjectively apply it (though not that big of a deal, they do make it free/open for all uses after all)
* They build it into the browser instead of as an extension or working with the existing ad-block community
I urge everyone to keep with uBO and the like. How anyone can be for NN and then think a coalition can be an on-by-default gatekeeper of good or bad web items I'll never understand. At this point, I have a hard time separating browser from ISP wrt end user control and limited choice (especially for the masses who aren't familiar w/ these kinds of details).
EDIT: I should note that this is the same mechanism by which the safe browsing lists work that tell you a page may be bad. For consistency, I disagree with that too of course, but I find the motives and targets here to be much more sinister. I would also say switch to FF, but they also use the secret safe browsing lists, so they'll probably switch to this as well. I say find a Chromium/Gecko based browser w/ all the ancillary shit like this removed.
EDIT 2: There is a method of obtaining the entire list via the API, see comments below. I was wrong about the opacity and stand corrected. Still doesn't alleviate the concerns around gatekeeping. I wonder if Google would let me keep a running update of this list in GitHub so we can all watch changes and other things like adblockers could use it.
My problem is that Google was a founder of Better Ads and its designed to 1) protect their ad business, 2) stop people from wanting ad blockers, and 3) make the web nicer. Huge emphasis on #1.
Whenever you have the browser maker, and punitive actions controlled by the same party, and arbitrarily, its a recipe for disaster.
If Google really cared, they should spin Chrome off to a foundation, provide it a large amount of funding, and totally step aside.
Having the #1 web browser and the largest ad network, controlled by Google, even if you agree with what they are doing, is a recipe for disaster.
Google, of course, MUST protect its ad business, let's call his what it is.
So because of who they are Google should not be allowed to attempt to improve the quality of ads on the internet?
Why would Chrome being run a foundation that is funded overwhelmingly by Alphabet make a difference? Chromium is already public -- aren't there already forks that focus on privacy and ad blocking?
Google owns the DoubleClick platform - the largest ad server with the most sites and running the biggest ad exchange in the world. They approve, serve, and support all of the intrusive ad formats in the first place, even on their own websites.
This is absolutely not about quality but a political move to counteract ad blocking extensions and companies. While the intent seems noble, it's likely to cause no real improvements compared to better existing options like not serving these formats at all.
As long as websites display annoying ads, people will have the incentive to use ad-blockers, no matter how polished and non-intrusive DoubleClick ads be.
I don't think DFP is the biggest culprit of annoying ads. If they were,Google would definitely have taken the less controversial option of imposing stringent rules around DFP creatives. The biggest culprits are the up and coming ad networks that try to differentiate themselves and deliver big numbers for clients by providing super high impact ads.
Sure, I just don't see why that should be disqualifying. If they are too shy about blocking ads, then most users will not even perceive that this feature exists and the status quo is unchanged. If they block even a handful of the worst offenders, it's a win for Chrome users. And if those blocks encourage people to clean up their act then it's a win for everyone.
I don't know. Maybe there is still a small benefit but I think their main reason for participation is to steer the effort into a favorable to them direction. Some benefits will come out of it but any real progress will be blocked or massively watered down because it would cut into their bottom line.
For example, how could we ever confirm that Google treats reports on its ads the same as reports on other ads? It's unlikely that we will be able to make that confirmation, and should probably instead assume they are not treating them the same and insist that Google prove that they are. Err on the side of caution and all that.
>Sure, I just don't see why that should be disqualifying
The same reason every conflict of interest is a problem. You're not advocating for what's best for the side you are supposed to be representing because you are also representing a self interest.
I get the point, but what's the solution exactly then? The fundamental problem lies in how ads industry works and how the psychology of ads work. Given Google owns one of the largest ad platform, it has the "power" to decide how an ad should be displayed, right? Because of conflict of interest, then what is the solution? Every problem has to have some solution. The argument here and above is driving us into a circle - no one knows, so Google is the "obvious" choice. I don't want to see ads myself, tbh, and this announcement doesn't really make a big difference anyway, but I am specifically asking if not Google, who and what's next?
These are good points. I think the reason this kind of conflict really rubs the wrong way is because these kinds of things tend to have sour legacy effects at inopportune moments.
There isn’t an INTRINSIC conflict of interest. The ideal is fewer, more expensive ads with higher conversion rates. Is there a stable operating point, though?
In order to actually protect Chrome from Google influence, it would need to switch to the Firefox model: Selling default search to the highest bidder. It might, then, still be Google. But other search engines could bid for their share, and it would prevent Google from lowballing their funding.
(Also, imagine the hilarity if the default search of Chrome ever became Bing.)
> They use the hard work of people like EasyList and subjectively apply it (though not that big of a deal, they do make it free/open for all uses after all)
Again, I don't see the problem here. As you said, EasyList is free and open. It seems like your objection is just that you don't like the way its being used?
> They build it into the browser instead of as an extension or working with the existing ad-block community
I'd actually consider this a huge win. Everyone gets it by default (though you can turn it off in settings if you want), and it works on mobile, which doesn't currently allow extensions. What's your actual concern here?
> think a coalition can be an on-by-default gatekeeper of good or bad web items I'll never understand. At this point, I have a hard time separating browser from ISP wrt end user control and limited choice
There's a reason browsers are called the "user agent"; it's because their purpose is to make decisions and perform actions on behalf of the user. If a browser vendor wants to block ads on behalf of the user on sites which they deem to be using those ads in an abusive manner (and the standards for what is considered "abusive" in this case are actually pretty clear-cut: https://www.betterads.org/standards/) I don't see a problem with that. If you as a user don't want your user agent behaving that way, you can either tell it to stop (chrome://settings/content) or get yourself a new user agent. (And both of those actions are significantly easier than they are with your ISP I might add.)
> Again, I don't see the problem here. As you said, EasyList is free and open. It seems like your objection is just that you don't like the way its being used?
Not really my objection, I just wonder if it's the objection of the people putting in the work on those lists. I personally don't think it's a big issue.
> I'd actually consider this a huge win. Everyone gets it by default (though you can turn it off in settings if you want), and it works on mobile, which doesn't currently allow extensions. What's your actual concern here?
A bigger win would be to allow mobile extensions. It's strange to use a decision Google makes as a reason Google has to do something this way instead, ha. That it's on by default makes those of us on the non-user side of the web wary of the slippery slope of browsers not being neutral about what is shown to our users.
> I don't see a problem with that. If you as a user don't want your user agent behaving that way, you can either tell it to stop (chrome://settings/content) or get yourself a new user agent.
I'm more concerned with the site developer side than the user side. If something ships to millions of users and begins to exercise non-neutral control over content, you should become concerned. It's like TVs constantly updating a list of shows they won't allow to be shown on their TV. You might tell a user to go change the settings of the TV, but as a someone making the video, would you not be concerned? Or glasses that limit some of what you get to see by default, or headphones that disable some of what you get to hear by default, or cars that don't allow you to enter some areas by default, etc. I hope it's clear that conduits like these need to remain neutral.
Okay, yeah. Looking at it from a site developer's perspective I can see where you're coming from. In fact, I'm certain that many sites which do display Annoying Ads[1] are going to be pretty ticked off by this move.
However, I think the type of "content" Chrome is discriminating against here is pretty far removed from what most users would consider "content". They're not basing the decision on whether to block ads on a news site on the _content_ of its articles, but on the placement of its ads.
To the extent that ads can be considered "content" then yeah, Google's not being content-neutral here, but while site owners might consider ads to be "content", I suspect most users don't.
It's a pretty similar situation with Google's Safe Browsing system. While a malicious site operator might consider malware to be "content", malware is almost certainly not the sort of content the user came to the site for.
While I would also personally prefer this functionality as an extension rather than as "bloatware" (although it's not exactly useless), I believe having it built-in will better the majority of Chrome users who are not savvy (or aware) enough to install extensions, which as of Dec 2010 was only 1/3 of Chrome users (the most recent stats from Chromium I can find) [1].
Unlike some others, I don't doubt the good intentions this road is paved with. But to keep with the NN analogy, less savvy users would also prefer paying for a cheaper, more restricted internet.
For anyone curious why Google chose to implement it this way, it's because they're using a bloom filter for the first check. This is much more space efficient than storing the entire list in memory.
Unfortunately.. I don't see a dispute button. If Google won't let you dispute like blacklisted mailserver, I see class action lawsuits because ultimately with such high % of market share, Google and his pal Chrome will decide whether your business thrives or dies.
Only one site at a time. I want to see them all. Other ad blockers let me do this with their lists. Google is no stranger to supporting big list downloads. They are choosing not to and should not be defended. Sure they can say they don't want the offenders to know they are offending, but they can find that out anyways. I think in reality, they want to maintain the keys to the lists which means not giving it away and keeping it secret.
That's assuming that it's a simple process to publish a huge list. Keep in mind that Safe Browsing is much more complex than an adblock list. They allow actions from site owners via Search Console, and track many types of threats (phishing sites, malicious downloads).
My guess would be there isn't a simple canonical list, and it's more of a heuristic evaluation where certain thresholds will trigger site warnings.
In this case an API would be more up-to-date, and less computationally expensive than serving large, always-changing lists. It was likely just the more logical choice. Though I'm assuming the new ads functionality uses the same Safe Browsing infrastructure.
>Sure they can say they don't want the offenders to know they are offending
Actually not the case at all. They send alerts to sites that are affected by Safe Browsing via Search Console.
Google Search works like an API. You search the keyword, they run it through their algorithms. There's no download of their entire search index because that would be impossible.
Makes you type-in a single URL. There is no way to use a keyword to get a list of items back. My point is that it should be trivial for google to do this, since this is their core competency.
I fail to understand whats so special about maintaining a tiny list of website URLs that anybody can access at any time? I'd wager you can fit 10+ million URLs per GB. The wayback machine has 300 billion+ pages of full page historical content and you can access all of it. This is entirely within Google's wheelhouse. Certainly, there could be other factors to not handout the list, but I'm merely speaking about the engineering aspect here.
All true. And I have found a place to obtain the list (see other comments). I do think the list as it relates to how the browser uses it is not that complex (is or isn't an "unsafe" or "bad ads" site).
I didn't say they couldn't. What I said is that such a list wouldn't make as much sense because it would always be out of date. A programmer looks at that problem and sees that an API makes more sense.
I downloaded the entire list via the API just fine. What is the difference between an API and a download? Answer: authorization control. It doesn't have to be a fixed file on their side...a URL can serve just what the API does like a download. But then they wouldn't know who wanted it.
> I should note that this is the same mechanism by which the safe browsing lists work that tell you a page may be bad. For consistency, I disagree with that too of course, but I find the motives and targets here to be much more sinister.
Out of curiosity what is your objection to the Safe Browsing lists?
I personally have my router blocking sites at the IP level and DNS rejecting queries for domains off this list.
I can't remember the last time I couldn't visit a site because it was on the list but with the prevalence of zero-day malware and naive users on my network, I'd rather just not even deal with the potential.
> Out of curiosity what is your objection to the Safe Browsing lists?
The gatekeeping and phoning home (even though it is privacy conscious). But it's not a strong objection. In general I prefer browsers to be neutral by default and make no HTTP requests behind the scenes, but I acknowledge that's unreasonable for most users. It's less about my personal objection and more about an objection to on-by-default corporate decision making being deployed to millions of users.
While safe browsing hasn't come under much scrutiny due to its limited scope and that it hasn't been abused, I suspect it won't be long before someone's site has its ads blocked unfairly by the coalition. I understand with human review and pending-vs-actual-blockage incubation they are attempting to alleviate false positives, but the internet is too large IMO and the rules are subjective (so I can have a site with a 29% ad density?).
Right now, per your metaphor, all the chickens are being eaten. It's a clusterfuck out there with some of these ads. But I also don't want to go the opposite way and (to extend the metaphor) have a fox so vicious, it keeps _myself_ away from the chickens (a la AdBlock extensions), such that my favorite websites go away because I'm not supporting their revenue stream.
Google does not have an interest in showing you shitty ads. They have an interest in providing their clients with ads that are acted upon and that web users appreciate, and they have an interest in having a browser that does that with as little friction as possible.
I'd say their incentives are perfectly aligned with ours.
>I'd say their incentives are perfectly aligned with ours
Speak for yourself. I hate advertising and would rather see that whole revenue method burn to the ground and pay the $2/mo or whatever to use my favorite services.
Ads have ruined everything they have touched (radio, satellite radio, TV, cable TV, satellite TV, magazines, highway scenery, etc) and they are well into the process of ruining the internet.
In addition to bloating every site and exposing you to higher malware risk, they encourage companies to violate your privacy as much as possible and exploit psychological weaknesses to get you to buy stuff you didn't want or need to begin with.
Google's incentives are to spread this poison so they are not aligned with mine at all.
Be careful what you wish for, your favorite services might not exist without advertising. Sure, you might be willing to pay for the service, but would enough people be willing to pay to keep the service afloat? Probably not in a large number of cases. Advertising is the necessary evil that keeps the internet afloat.
If my favorite services are not sustainable in a subscription model then I would rather they die off until someone more innovative finds a way to make it work without advertising.
I mean, you're always free to not browse them in that case. People that would prefer those services not to die off, can then keep using them with advertising.
Right now, all of the chickens are being eaten. If we get a fox that only occasionally eats a chicken, but keeps the other more vicious foxes away, that's a net win.
They have an interest in showing you non-shitty ads. They sell non-shitty ads. Therefore they have an interest in showing you their ads.
They also own the most popular way those ads are shown: through their web browser. This browser has the ability (at Google's sole discretion) to block shitty ads, of which all of them are run by their direct competitors.
So what's happening is, Google is giving themselves the right to block parts of the Internet they don't like, with the implied statement of "if you want your ads to be seen by Chrome users, buy them from us or else we might block them".
That is a classic protection racket. "Want your ads to be seen? Better buy them from us, or... bad things will happen."
> I would also say switch to FF, but they also use the secret safe browsing lists, so they'll probably switch to this as well.
They use this by default, but you're free to turn it off, and that setting (unlike others) seems to sync just fine using Firefox Sync. Just checked and it's off. I turned it off once years ago and switched between OSs and different devices in the meantime, and it's still off.
Don't know if the same is possible on Chrome.
> I should note that this is the same mechanism by which the safe browsing lists work that tell you a page may be bad. For consistency, I disagree with that too of course, but I find the motives and targets here to be much more sinister.
I agree with you completely on this one.
I had to turn that off on two layers, on a browser level, and inside my antivirus' firewall. My antivirus now constantly complains that I'm "not fully protected" because I don't want it to do web filtering for me.
I do support other private browsing techniques that stay on my device, like first party isolation, and adblock-like lists that are downloaded on my device.
Both are available in Firefox, and using them doesn't collide with my stance on NN, since I'm the one preventing the content from being fetched by my machines.
Not really, just based on the blog post and comments at https://news.ycombinator.com/item?id=16297550 and elsewhere where myself and others looked at the code. I could be wrong on some aspects of course and would welcome being corrected.
Also, I cannot find a clear explanation from Google how the internal details of this ad blocker work (how they manage the hashes on their side, where this coalition list is maintained, etc). I would love a link, but alas with these kinds of things transparency is usually the first thing to go, especially since people don't demand it.
The Safe Browsing distribution is for efficiency (less bandwidth, less in-memory data to store). The Better Ads Standard list can be obtained here (unhashed): https://developers.google.com/ad-experience-report/
Efficiency is distributing the entire list (and they do distribute an indexed and unindexed full EasyList, you can see it in your user's Chome data folder). I doubt it's too big to download in indexed form for a desktop and keep updating with deltas. At the least, I'd like the option.
EDIT: Updating from previous statement saying I couldn't find where to get the list. I have now obtained it from [0] and put it at [1] (caution, it's a large gist).
(Disclaimer: haven't worked on Chrome in ~7 years.)
This weird hashing scheme comes from safe browsing (which blacklists sites that install malware etc.). I guess (without specific knowledge of it) it was just reused for this ads thing because they had all the code handy for it,
both the browser-side code and serving code.
I recall the weird hashing scheme was carefully designed to balance some concerns. For example when it phones home, it phones home with a hash of the current URL so that it doesn't reveal the current URL to the server (unless the URL is already in the server-side blacklist). I also think it was intentional that the client didn't get a list of all known-malware URLs. I can't find any design docs for it at the moment better than https://developers.google.com/safe-browsing/v4/ . It may well be the case that the hashing scheme doesn't make sense at all in this context.
The hashing scheme definitely does address privacy concerns. It's that the whole list isn't present and relies on a Google API that troubles me. Surely the list is not too large to download on desktop, but maybe it is. I'd like the option of instead having it all on my desktop and downloading deltas instead of the hash check. The best "design docs" I've found is the golang impl at https://github.com/google/safebrowsing/.
I'm not sure if you're a Google PR drone or just naive, but people have been talking about this for years...
Ya know the nice little extensions Google has added over the years to their search page? Like speed test, recipes, dictionary, a rudimentary calculator, map locations, etc??
Most of the information is stuff they stole from other websites. They put it in the search results now so you won't go to those terrible websites yourself and stop looking at Google ads. And nobody can stop it because if you block Google spiders your website dies.
So the only people that can fight Google stealing all their shit are other Titans like Facebook and LinkedIn. Everyone else is getting their content lifted and moved into search results.
It's so pervasive that I'm not even going to bother to find you links. Ironically, you can just Google something like "Google destroyed my business" and find plenty of results. Google does a lot of things I support but they also destroy businesses intentionally with reckless abandon. For instance, I find it impossible to believe Google didn't think it would destroy Speedtest.com when it added a widget to the search page. Or Allrecipes when they started stealing their content and ploping it on the search page.
Some of the things Google does these days are thinly veiled as being for "convenience" or "security" when they're really just a monopoly stomping out various competitors.
Remember how Google used to punish "cloaking"? Well now they quietly allow you to do whatever the hell you want which led to all the news site paywalls. These sites we're tired of Google stealing all their shit and powerful enough as a group to stand up to it. Google sits on it's hands because they know if they stop it they will end up in court, probably for antitrust
Especially here of all places. I can't think of many sites where PR-fueled statements would be countered more, and there are enough "real" Googlers around to provide that insight already.
The fact that real Googlers post here eliminates the need for PR to post. Google employees are participants willing supporting Google in exchange for money so they are incentivized to post only good things about Google or risk violating policy/getting fired. They are even incentivized to scrutinize every negative post about Google because it's an attack on their livelihood and moral choices (whether or not to continue working there).
I'm not suggesting the dead post's particular case is true. I'm just pointing out that it's a company's dream to have engineers voluntarily spending time on a forum like this where they have identified themselves as employees. They are implicitly doing PR for free.
"It’s important to note that some sites affected by this change may also contain Google ads.
To us, your experience on the web is a higher priority than the money that these annoying ads may generate — even for us."
Many of us are wired to see changes like this as a power grab camouflaged with flowery words, or possibly another step on the slippery slope to censorship and government control.
We've been trained that every corporate action is selfish, by definition against our interests.
But Google has demonstrated over the years that they're willing to sacrifice their short-term gains to maximize their long-term gains.
Since their long-term gains depend on a vibrant, open web, sometimes their long-term selfish actions are actually in our interest, too.
Well you're looking at this in a very saccharine light. Have you been following the discussion leading up to this? There have been very pointed questions about how truly independent the coalition for better ads is. There's questions about and advertising company blocking advertisements from other companies. There's questions about the layer of the browser this was added to. There's questions about even what the better ads coalition purports to do!
Can the coalition truly be independent when their only active enforcer is a member? Would that coalition defy that one member ever?
Under what circumstances will other sites and advertisers learn of updates to ads? Will that policy remain? Will google always have a head start?
What of ads and scripts designed to track and de-anonymize you? What of ads that consume huge amounts of bandwidth passively while not otherwise being annoying? These policies seem directed only at the aesthetic of the web.
And really, it remains to be seen if our long term interests are in line with googles, if you asked me, I'd very much say no.
>To us, your experience on the web is a higher priority than the money that these annoying ads may generate — even for us."
That's begs the question - Why were those ads approved by Google in the first place? They were the source of the problem to begin with !! Also, before we rush to judgement, how much revenue were those ads generating for Google in the first place? I would respect them a bit more if they actually are taking a hit on this.
>But Google has demonstrated over the years that they're willing to sacrifice their short-term gains to maximize their long-term gains.
How have they demonstrated that? Could you elaborate?
>> But Google has demonstrated over the years that they're willing to sacrifice their short-term gains to maximize their long-term gains.
> How have they demonstrated that? Could you elaborate?
Before Google, web search results were rotten. Advertisers could push their sites onto the front page, and paid ads were indistinguishable from organic results.
Google's innovation was to deliver pure search results with the highest relevance, with zero influence from advertisers. Ads were separate and labeled as such.
By sacrificing near-term ad revenue, Google built trust with users, and won search in the long-term.
Other examples:
Google could have kept Android closed and charged for licenses. But by open-sourcing it and allowing competitors to use it, they sacrificed short-term license revenue to build a much larger ecosystem.
Google capitulated to government demands that they censor search results in China. But then they reversed course, exited mainland China, and sacrificed revenue from that massive market. Long-term, active censorship would damage Google's reputation.
>Advertisers could push their sites onto the front page, and paid ads were indistinguishable from organic results.
>Google's innovation was to deliver pure search results with the highest relevance, with zero influence from advertisers. Ads were separate and labeled as such.
Have you tried using Google without an adblocker recently?
If I search "buy a car" using Chrome on Android the entire screen of my phone is filled with ads that I need to scroll past to get to the "pure" search results. The only indication that they are ads is a tiny box 1/8 the size of a fingernail. The top result on the embedded Google maps box is also an ad.
Very polite of the malware to put a tiny ad tag on the ads it is managing to inject into a HSTS pinned website on a browser that doesn't allow any addons or extensions. I also like they way they perfect match Google's site design.
A webpage can have both Google ads and dodgy-ad-co ads. If they have the dodgy-ad-co ads then Google will apply the easylist to the page, which will remove the Google ads as well as the dodgy ones.
Most of the better ads standards have more to do with ad placement than with the ads themselves. It's not particularly easy for Google to reliably detect whether their ads are embedded in a pop-up, for example: https://www.betterads.org/desktop-pop-up-ad/
All they want to do is to squash most of the competition . In a long term all of the small players in the ad industry will not survive if they have to fight with ad blocking software AND google.
I suspect that they're more afraid of ad blockers than the competition, although I could be wrong. If users are annoyed by intrusive ads they're more likely to install an ad blocker. If they do that they're likely to block google's less-intrusive ads as well.
This may have been true a couple years ago, but I don't think it's true anymore. The majority of people are annoyed by ads, and all it takes is one friend to tell them to "install this to not see ads" or a nephew to come over for them to have access to an ad blocker. I'd estimate this percentage as closer to 50%.
As long as google is fighting to make the internet better, and the competition is actively trying to make it worse, I'm okay with the competition being squashed.
I think you forgot the "/s". Kudos on keeping a straight face after the initial quote, though.
But seriously, this line:
> To us, your experience on the web is a higher priority than the money that these annoying ads may generate — even for us."
Is a flat out lie and you should know better by now.
Unless the "us" speaking here is a very specific (and powerless) subset of whoever could be speaking for Google. Which would make it merely disingenuous.
And even then their actions require a lot more before they deserve that kind of trust again.
> We've been trained that every corporate action is selfish, by definition against our interests.
If we had been trained we might've gotten to this conclusion sooner and prevent some of the worse shit that's happened because of it. But we weren't trained (what would have trained us?).
I'd rather say we've been extremely slow to recognize that even though the law recognizes corporations as persons (in some places), they are in fact, inhuman. And they will continue to act with complete disregard to human interests. I think it's still useful to think of corporations as organisms, just not of our species, in the same way that a fungus is not the same species as its substrate.
Some people "at the top" believe they are in control, but they are in control as much as you can be in control sitting on top of a wild, untamed beast. And you've seen it, corporations replace "the top people" like any other employee and it doesn't change much. Not nearly as much as they want you to think. It's more like trimming your fingernails than getting a heart transplant.
Of course, nation states are just the same. Conglomerate hierarchies of humans, doing whatever to stay in existence as a sort of entity. Problem was they were caged by design, rules, from the bottom up. This was because we needed them to be, we saw tyrannies rising when we didn't. So we made rules to bind them, deliberately stunted like bonsai trees, to preserve our individual freedom and not become cogs or ants. So they subverted the meaning of "freedom", because we should be free to make new corporations (conglomerate hierarchies, egregores, group minds, call them however you like), because you know, freedom! Except this exploit existed even within the nation states that were deliberately stunted to not grow out of control. Just don't feed them after midnight, okay?
And then we were free to create corporations, without stunts, or rules or restrictions to preserve actual real individual human freedom.
And of course these new corporations quickly grew to become more powerful than many nation states. REALLY quickly, if you think about it, if you compare it to the speed at which nation states exchange power and conquer one another. But corporations kill at sub-decade frequency currently.
I went a bit off a tangent here sorry, and I doubt this is the proper forum to share this kind of thing either. But just stop and think for a moment, who or what is writing those words you just quoted. It's not something that could ever be your "friend".
Of course, ads with exploits and malware that inject into your computer can be invisible and hard to detect as "intrusive", which this doesn't seem to recognize or handle. I'll stick with ad-block.
This justification always reminds me of the advice to run SSH on a non-standard port.
Sure, I guess that makes you less of a target for bad actors, but if your browser can be compromised by simply visiting a website, that's a serious problem that's going to bite you whether you block ads or not.
It's much closer to the advice to run antivirus, use a firewall, and apply updates. Exploits are discovered, but there are often mitigations available before fixes come around. By applying the mitigations (AV, firewall, adblock) you can prevent at least some of the exploits until fixes (browser updates) are released.
You're saying that theoretically, because there may be worse exploits from advanced actors that can target you for visiting a website, you shouldn't worry about basic security and whitelisting?
Do you not lock your door at night, either, just because someone could smash through your windows?
The SSH on a nonstandard port thing... I do it so I know if I see a failed login attempt, it's someone who is trying a lot harder than the average attacker and something I should investigate more fully.
Are there stats on how malware spreads? I suspect hacked websites & spam email are a more common source of infection than ad networks. It's not theoretical nor does it imply an advanced actor.
It's important to note that the "flagging" is not done by users, but by Google themselves. And they do this based on the Better Ads Standards. After the initial flagging, the site owners are notified, and have 30 days to fix it, until the ads on the site are blocked. They then of course can still fix it, and get the ads unblocked.
You jest, but the the goal of this "coalition" is to do good enough to not make you want to do that. Of course, the human review built in would preclude most of the large botnet attempts. An analogy:
This is exactly what came to my mind when I saw the headline. I'm sure this will happen, and a new arms race will ensue. Users are better off with uBlock Origin and such, instead of relying on advertising companies to handle ads better.
Let’s talk about “acceptable ads”. Do you think they exist?
I don’t. I avoid ads for two reasons: first that they’re fundamentally biased, manipulative information sources, second that they drain attention, screen space, battery life, etc. I’m much more worried about the first than the second, yet “acceptable ads” (partially) addresses the second without touching the first.
> I avoid ads for two reasons: first that they’re fundamentally biased, manipulative information sources, second that they drain attention, screen space, battery life, etc.
Neither of these points need to be true. Consider if someone had a text ad which said “We made widgets. Click here to see our widgets”. There's nothing manipulative about that, it need not use more than a small amount of network or CPU to deliver, and all but the most extreme members of the no logo camp would tend to agree that there's nothing manipulative about it.
> first that they’re fundamentally biased, manipulative information sources
Is an NPR-style “this program is sponsored by <big company>” manipulative or biased? What about the Amazon ads you get on a Google search for most consumer products, where it's clear who paid for them, they make no claim that the product is the best product or that they have the lowest prices, only stating that you can buy one from them, etc.?
> second that they drain attention, screen space, battery life,
Do Google text ads really do any of those? What about a static JPEG?
Remember, I'm not saying that the state of online advertising isn't terrible but that it's not fundamentally so. The industry has raced to the bottom but it'd clear up in days if publishers stopped allowing offensive ads to run on their sites or Chrome started actively blocking them.
Do you mean that it’s more reliable to discern the truth from ads than when the bias isn’t clear? Isn’t it even more reliable when interests are aligned, for example in the use of turn signals?
> Do you mean that it’s more reliable to discern the truth from ads than when the bias isn’t clear?
No, I think that it's easier to reject (overt) ads manipulation because their bias is clear, compared to forms of manipulation where the goal of the manipulation is less clear; this doesn't help you get to the truth (except in some cases where that is revealed by what even the ad is forced to admit against its interest, or hinted at by what it avoids) from the ad content itself.
I would say for free services, I'm ok with ads (like metafilter)... but for free sites that collect our every click and keystroke and sell it for gobs of money to marketing megacorops, they should be paying us!
I don't know how you can argue against all ads, no exception, without at least somehow addressing the problem of content currently financed by ads.
Journalism provides a necessary service for a democracy, and unpaid bloggers haven't actually made much of a dent into real, investigative journalism. Hell, they haven't even made a dent into regular ask-questions-at-press-conferences journalism.
Which leaves paywalls. But even if I everyone bought subscriptions to the top 5 or so publications they read regularly, we would all drastically reduce the variety of sources we get our news from. No fan of Breitbart is going to pay for the New York Times, even though now, they might (sometimes accidentally) come across an article offering them a glimpse of real journalism.
It's really easy to try: Just for a month or so, don't visit any sites showing advertisement that you haven't paid for.
Does this include something that flashes / moves (within its self-contained box) even though it doesn't take over the screen?
How is it that it's not outrageous to people that in the middle of a news article, a box with flashing colors and a picture of a woman in a bikini isn't something obviously extremely undesirable? The activity of reading requires concentration, if you're reading something that requires thought, that is. I'm baffled that our tolerance level for this didn't drop to the pitchfork level.
I feel like they will get sued for that extremely quickly, considering their dominating position (Chrome) and being in the ad-serving business at the same time.
conceptually. However, the metric we use to dictacte that conceptual argument is what screws us (Americans). We have chosen increase in price as the primary metric.
It becomes the responsibility of the accuser to prove and provide evidence of increased prices based on monopoly position. The Exponent podcast did a nice description of this last summer I believe (not sure what episode).
I would like to take a second off topic and point out that the design of their blog^1 is really atrocious for a number of reasons
- Massive, truly gargantuan header and footer that steals 40-50% of usable screen space for.... white space
- Terrible type selection that is kerned too closely and is too thin to comfortably read on a white background. Eye strain is SIGNIFICANT.
Like, come the heck on Google. You're trying to make the internet a better place. Maybe practice what you preach and follow Day 1, 101 course UX principles like "choose a type that is legible" and "don't use half of your article vertical space for pointless globs of white space in your header and footer"
Firefox beta on Android is slow, but wrorst is if you use Google's search tools (like time range) Google sends Firefox a search results page without that ability or many other things (plus side, there's no amp).
It's pretty amazing that Google can discriminate so obviously against competitors and not be punished like Microsoft rightfully was whem I was young...!
Proof of monopoly abuse right here: no technical reason, just a wish to crush competition.
There are a few of them, but i didn't want to keep fighting against Google and chrome is going to take up space on my phone regardless. I only have 16gb of internal storage so I'm often struggling with that. (Android seems to work their hardest to make the expandable micosd not very useful).
Reasonable in your case but I'll remind everyone here that we used to fight tooth and nail against Microsoft back in the days
- and we won: I'm now free to use Linux at work. I think cloud computing as we know it happened as a result of the liberation of server class operating systems etc.
So my suggestion is we continue to make noise until we get meaningful change.
(And just like with MS back in the days I don't think everyone working for Google is evil, it just seems to be next to impossible to have that kind of power as a company and not abuse it.)
For the same reason that they expect websites not to display a different content when they see the googlebot UA for instance? It's pretty shady behavior IMO, that's not how the web is supposed to function. It's something I would've expected from Microsoft more than 10 years ago. I guess chrome really is the new IE.
I also expect them to do the right thing because of "Don't Be Evil", but that doesn't really mean much anymore, right?
Google depends on external things too - especially the foss community. Eg, if github sees a connection coming from Google that is /not/ their indexing bot, give them a limited page.
It's a shame the EC hasn't looked into this as part of its antitrust investigation against Google. And I'm talking about Google not allowing ad-blockers in the Play Store, not about Chrome not having an adblock extension. That's just their decision not to have extensions on the mobile Chrome, and I can respect that, even though I know it sucks. However, it should be illegal for Google to block adblockers in the store, considering its Android monopoly in the EU.
Just use Firefox with Adblock/Ublock/Noscript. Even better, turn off Javascript and you'll never see an ad again.
Unfortunately, there are too many devs who build their sites that completely get crippled if you by default don't allow Javascript.
Even if you enable it, the site may still be doomed, because it tries to load fonts, libraries, css and who-knows-what kind of s* from external sites.
Fg newage apatheistic anarchist hippie devs. Don't bundle in tons of dependencies to your freaking sites. If one of the dependencies goes down, so does your site. F* you! And f* those whorebag ads!
I appreciate the step forward, but what I really want is for my browser to block:
* Battery-draining junk code
* Bandwidth-hogging videos and GIFs
* Spreading information about me cross-origin
I would take an annoying page-covering PNG that I can close, over a tiny banner doing animations in Javascript, an auto-play video, a huge GIF which is basically a video, or the countless trackers which build databases about every site I visit.
As such this change will not entice me to disable my ad blocker. Not even close.
I found immediately ironic that I was reading a post about how Google values the user so much that they built Chrome, a browser that gets out of your way and gives more of your screen over to the websites you are viewing but the site where this article is posted covers half my screen with site-navigation chrome that is 80% whitespace and that pops in and out semi-unpredictably. Sigh.
If someone else said this already please forgive me. The worst ads are the one with a phony close X. You click it and you are driven to the webpage anyway. It seems to me you could test for this.
When I'm trying to visit some page, and I get an unrelated spammy popover that is hard to get rid of... I've gathered cause I know how this stuff works that it's _probably_ from a misbehaving google ad, but I don't know how I'd identify that to flag it, or if I'd spend the time to do so. I usually just get out of there.
It seems to me that it's irrelevant if you agree with Google's Ad Strategy or not. The problem is that Google gets to make the choices, they are now in a position to decide, via the proxy of Better Ads, whats allowed on the "Open Web". IMHO, this is just one more step in a less-open Internet.
Be nice if Chrome offered, for a fee, a premium, ad-free experience, AND they shared the profits from that service with the visited web sites (in lieu of Ad placement revenue).
I know that title isn't 100% right, but (a) the one on the blog is pretty much useless and (b) a more correct title would've been too long. Open to suggestions.
The title ("Chrome will stop displaying ads that are repeatedly flagged as disruptive") is wrong in a couple of ways.
According to the post:
"... Chrome will stop showing all ads on sites that repeatedly display these most disruptive ads after they’ve been flagged.
To determine which ads not to show, we’re relying on the Better Ads Standards from the the Coalition for Better Ads, an industry group dedicated to improving the experience of the ads we see on the web. ..."
They are a bit vage in this post, but as we know from other posts and press briefings, this means:
The site owners will get a notice when Google has found that their site is displaying ads not compliant with the Better Ads Standards. When they don't fix this until after 30 days, all ads on the site are blocked, even those complying with the standards. The site owners can then of course still fix it, and get removed from the block list.
So the "flagging" is actually done by Google, and means the owners of the site get a notice.
We really, really don’t need Coalitions, Committees and other crap to tell us what ads are acceptable. This stuff is so straightforward that it’s mind-boggling we are still debating it:
1. Don’t be annoying: NO sound, NO video, NO auto-anything, NO flashy animation, NO obnoxious bright colors. What is so wrong with the discreet images and text that newspapers and magazines have used since forever?
2. Don’t disrespect me: NO treating my data plan as an infinite well for downloading crap, NO ad networks that can’t be bothered to have proper security, NO obscenely-complex tracking scripts, and NO trickery to make me click (pop-anything, delayed loading, etc.).
How about if Google stops taking ads for malware like MacKeeper on YouTube? Speaking to Google: you guys are OK with promoting malware in exchange for money?
> When we built Chrome, we wanted to create a way for people to interact with the magic that is the web, without the browser getting in the way. We created a browser that took up minimal space on your screen...
Only for websites clutter that free space with hideously large and empty headers and unmovable footers that cover a good 20% to 30% of vertical space that would be better spent on the actual content of the page. (If I want to navigate your site, give me link to your homepage, and I'll take it from there.) Oh, and lets not forget those social sharing icons, even for people who don't social network!
Let's rub salt into the wound:
> (These ads are) designed to be disruptive and often stand in the way of people using their browsers for their intended purpose—connecting them to content and information.
Do you have a screenshot? I don't feel like enabling JS for that site. Moreover, a screenshot would keep your argument understandable for readers who might encounter your comment in a year or later, when that site changed their layout or perhaps doesn't exist anymore.
I certainly like the idea of blocking these types of ads at first blush. I don't know much about the source of the "disruptive" label so that could be a bone of contention. I would assume there will be some UI element saying that Chrome blocked a "disruptive ad" similar to when it blocks popups but they didn't describe that in the post. Overall, I am optimistic.
The "flagging" is done by Google, not users. And according to the post:
"Chrome will stop showing all ads on sites that repeatedly display these most disruptive ads after they’ve been flagged."
You can disable it in content settings. It's a new permission, just like Notifications, JavaScript, and Sound. Basically you just have to turn on the "Allow sites to show Annoying Ads" permission.
In the near future article on HN frontpage: "large Chinese bot network to notify Google of dangerous site to hire".
You want your competitor site to be down, our 100,000 strong unique IP addresses bot network will take 2 weeks to notify Google of a harmful website. Just give us an URL of your competitor and wire us $10,000 and watch them being wiped out of the net! Guaranteed!
"It’s important to note that some sites affected by this change may also contain Google ads. To us, your experience on the web is a higher priority than the money that these annoying ads may generate—even for us."
Fundamentally, the setup is that Google is blocking all ads (and all ad revenue) on sites that serve any ads that don't comply with a certain Google-defined policy. Google of course makes certain that this policy allows whatever ads Google wants to serve.
What is the most plausible outcome? That sites want ad revenue, do not want to take risks on losing it, and hence will only use Google for ads (because those will by definition comply with the policy).
It's true that if a site serves both Google and non-Google ads Google may end up punishing the site (no ad revenue), even if it means some revenue loss for Google from the now-blocked Google ads. But if the goal is to make sure sites do not do this mixing of Google and non-Google ads, that seems like an acceptable cost to pay to achieve the goal, from Google's point of view.
All ads are disruptive, as they are designed to draw your attention. If you can ignore an ad it did not serve the purpose it was created for. Does it mean Chrome blocks all ads now? Don't hold your breath.
One of the few exceptions that I can think of would be skymall. It is a magazine with only ads for overpriced useless stuff that you can read about (and maybe buy) while on a flight. I would normally read the entire magazine during the boring flight.
It's the day after Valentine's Day in the US... the most advertised, over-hyped, over-extended and shoved down your throat day of the year for us guys.
"That's a nice website you have there. It would be a shame if you couldn't display ads."
How is this anything other than a hilariously transparent shake-down? An ad company that controls both ends of the ad pipeline (Chrome and Adsense) is "protecting" people not by blocking terrible ads, but by blocking all ads on sites it deems "disruptive."
I assume Google's customer support staff can contact the owners of blacklisted sites and sell them more Adsense inventory, or encourage them to stop doing business with competing ad vendors.
When I browse the web on my Android phone, I get redirected to spam every 10 pageviews or so. And no, it's not a problem of the phone. It's a known issue that ads can break out of their iframe:
https://www.androidpolice.com/2017/11/08/heres-protect-rogue...
IMO Javascript should not be allowed in ads at all. Unless that gets implemented, I have the feeling that all blog posts about improving the user experience are just lip service.
I agree fully. I think part of the issue is that the folks submitting ads want to collect a lot of data. They probably don't use that data (or if they do, not well), nor do I trust them to not collect very invasive and unsafe data, but I suspect for many folks that having their own JS payload makes or breaks a possible ad network.
Given concerns about Monero mining, redirects, and other hijinks, removing JS from ads is even more critical now. I think the compromise will be to give ads some kind of network provided hook to get data back to "home" eventually, though then the issues above only shift from the ad provider to the ad network provider.
That combined with requiring all of the assets to be hosted on the ad-network's servers would greatly improve the experience. (mainly because ad-networks are larger companies that the host website has a direct relationship with, so when users complain the site can talk to the ad-network, and the ad network can instantly do something about it)
Sadly, they have no incentive to do that, as those ads would be more expensive to create, most likely make less money, and most users that block ads block all of them regardless of how invasive they are. Adblockers treat all ads the same, and so now advertisers are faced with the choices of:
1. make more shitty invasive ads
2. make "better" ads (better for the user) and make less money while spending more and having users still block them anyway.
This is why I really believe that the "better ads" thing from google and others is a really good idea, because it helps re-align the incentives back with the user in some ways. If that works, shitty ads will be blocked much more widely, while good ads will get more views and more users.
That is a perfect example of the definition of transpiler!
I've only ever heard it used for source-to-source compilers for JavaScript dialects.
But I would prefer if the did not deliver Javascript inside ads in the first place.
And presumably the use of this lie was to provide an example to support your argument that ads should not contain Javascript at all?
There's also the VPN option. PIA, for example, comes with its own system ad-blocker (MACE) although it's nowhere as good as Adguard Pro (which allows you to use custom DNS server).
I very seldomly watch live ad supported video. I have ad free Hulu. For the two networks that aren't on Hulu - CW and CBS, I watch VOD from them via Plex. Because of the way that the Plex channels work, they skip the ads.
Putting the ad in an iframe without the allow-top-navigation[0] sandbox permission could prevent that. Or if the ad naturally consists of an iframe then a browser extension could intercept the iframe load and add the equivalent CSP rule[1]. Or google could do that themselves. I think they would still be allowed to open in a new tab.
[0] https://developer.mozilla.org/en-US/docs/Web/HTML/Element/if... [1] https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Co...
I was... rather surprised. One of AMP's huge value props is preventing that type of garbage.
I'm also surprised that the publisher did that, I hope that'd be a good way to get blacklisted from the higher search ranking placement.
And now I have FF and uBlock Origin on my phone.
There is a glaring conflict of interest as others have pointed out; it cannot be ignored. Through strategic acquisitons such as Doubleclick, Google and its subsidiaries are the largest warehouse of advertising on the www. The company is the machine that keeps web advertising humming along.
Google wants to keep everyone happy. Users are fed up with advertising. For example, Google could offer a search engine free of any ads, as they did in the early days.FN1 They have more than enough cash to do it. This would make users very happy. Google could try to support itself by selling something, besides advertising. But this will not happen. Why? (Rhetorical question. Not asking for an answer. We all know what it is.)
By creating a web-advertising juggernaut and collecting the maximum allowable quantity information about users through every means legally possible, (far beyond merely search engine usage) Google has taken a position against users (the ones who dislike ads) as well as for them (as argued in myriad PR pieces).
Google is not curbing it own actions (as the #1 promoter of advertising on the www), instead it is taking aim at advertisers. Some of those could be existing or potential clients (which might seem intriguing).
But while its clients (be they advertisers, users or others) may experience "losses", like Goldman (or not; sorry, bad analogy!), Google always "wins".
Any PR piece proclaiming that Google is taking sides with users (for a "better web") ignores that they also have taken sides with advertisers. Google has big bets on advertising. As everyone knows, users do not contribute significant inputs to the Google balance sheet; advertisers do.
FN1 At that time one of the Google founders called out advertising as being something to avoid. Interestingly, there was no "disruptive" vs "non-disruptive" advertising distinction.
This reasoning doesn't make sense to me. Many startups offer their services for free or low cost, burning cash, to acquire users/mind-share until they find a way to be profitable. Google and Facebook found advertising as that way, and thus survived instead of running out of money. And are able to offer their services for free.
"Google should ditch that and start again" doesn't even start to make sense.
And he covers this with the rhetorical question: They can do these things, but they don't, because being as anti-user as possible (while putting out the occasional fluff PR piece) earns them billions and billions and billions of dollars.
He's basically saying "Google could remove advertising and figure out how to make money without being one of the most user-hostile organizations in software history, but they don't because their hostility to privacy and their revolution in combining aggressively curated private data with advertising has made them one of the richest corporations in history"
what is this elsewhere of which you speak? Google apps for your domain? Youtube red? Android licensing fees?
The truth can be seen from the way users behave. Nobody wants to pay any money for online services, and if google were to stop advertising, they'd basically be bankrupt as the userbase is not willing to pay the equivalent amount to google that they derive from selling user data.
As an example, Facebook might sell you the ability to target people between ages 12 and 20 located in major metropolitan centers in the US. You never bought any user data that let you flag individual users, but you are still "using" the data.
(Disclaimer and also claim to authority: I worked in ad tech.)
It's the same with Google, you cannot control your data and what they do with it.
I'm not sure why people keep saying that Google and Facebook is selling user data. Does that mean that if those companies started to actually do it, it wouldn't bother the claimants as they consider it being done already? Seems to me like an important distinction to make.
In comparison, are Uber selling software? Rather than using software to sell a service?
Can I find out what data Google has on me?
Amazon doesn't directly sell you the AWS infrastructure. But they rent it to you. Google is doing something akin to that. If they had an opt out saying "Don't use my private data to show me ads" I'd no longer make the point they sell my data. But they don't provide any opt-out, and the effect is identical to my data being sold to advertisers.
If a company sold your information, you can say bye bye to being able to restrict what that information is and who has it; you might as well consider it public from that point on. I don't think anybody in their right mind would call that difference a technicality.
Google does provide the opt out you say they don't, too: Browsing in incognito mode.
I think that's the GP's point -- but Google has enough cash in the bank that they could probably continue to provide services indefinitely if they took the decision to divest themselves of advertising and re-organise themselves appropriately.
I wish this meme would die already. Youtube red cannot be purchased in half the world. Google the search engine does not even have pay-for-no-ads offering that I know of.
You can't say they actually tried to get money from users yet.
If that were the case Chrome's disruptive ad blocker would have been released shortly after the rise of flash ads
If that were the case I would be able to completely opt out of tracking and accept slightly less targeted ads
We could go on and on here. Suffice to say I do not believe Google's incentives align with most on the web any more.
This seems like an odd argument. Are uBlock's incentives unaligned with yours because they didn't release their adblocker earlier? What does the timing of the release have to do with anything?
> If that were the case I would be able to completely opt out of tracking and accept slightly less targeted ads
You can opt out of tracking and ad targeting https://myaccount.google.com/u/1/privacy
Not really a fair comparison - uBlock aren't selling ads. Google are and have been for a decade. There have been many occasions that search has been compromised via advertising from the days of SERPs being mostly adsense mini sites years ago. The response to those also took years despite search being near ruined. Google could have done far more far sooner.
I'm kind of at my wits end... it's severely degrading my experience. Thinking of just disabling it for now and just relying on uBO
I wonder if we're heading into a new era where online advertisements will become indistinguishable from non-ads. For example, a picture of your friend vs a picture of your friend with a soda bottle subtly added. That would be more tolerable to most everyone when compared to a flashy gif of that soda bottle bouncing around in your browser.
> viewer's rights to unadulterated content
Not that I necessarily agree with you that this should be a right, but where in the world is anyone enforcing this as a right?
Doesn't google still make like 80% of its revenue off advertising in search? If its true, then they really don't have the money to drop it
And instead of viewing it as double-betting, it can just as easily be seen as a compromise. They still want to advertise, and makes sense for them to want to, and the truly troublesome ads are poisoning the water for everyone, by leading (normal) people to total solutions ie adblock. Which is bad for business. In which case, you should expect them to find a middle-ground solution, and it would be absurd for google to move in either direction too strongly (because the money's not there).
Its not that they're taking sides, but that they're trying not to.
The point is, they're not only a near-monopoly in web advertising, but also have very detailed data about their competitors (via GA and many other products) AND now are controlling the channel for 60% of users. It's unbelievable they managed to pull this out and still so few people seem to care.
I hear the job is great, and the technical challenges are certainly wonderful, but Google and Facebook are the perfect setup for a turn-key tyranny.
what could they possibly sell that would even come close to replacing ad revenue?
Google should be broken up over this type of behaviour. Spend too much money in Washington though.
Safari has easy options to set both a default and per-site preferences (https://support.apple.com/guide/safari/stop-autoplay-videos-...), including a "Never Auto-Play" choice. Despite years of user complaints and a fairly clear resolution to them, Chrome either watered-down their fix or solved the wrong problem entirely.
This bit is especially infuriating for me, as there seems to be a High Sierra issue with Chrome and videos (for me, at least - it's hard to figure out how widespread it is). They cause massive browser lag when they're on a page for me, to the point of missed characters while typing.
I tried setting the Autoplay policy at the browser level once but found that it was inconsistent and broke certain players. Iridium works perfectly.
However, it does not seem to do much, if anything, for me. I tend to just use Privacy Badger to block any site that looks like a CDN
That won't fix the problem of auto-playing video on CNN or other sites that are not YT. Trying to read news from CNN is still a matter of waiting for the page to load, then wait for the video to load and start playing, then click on the pause button, and voila you can read in peace.
Go to chrome://flags, search for Autoplay policy, and select Document user action is required.
Note that if you use the Imagus extension, this could block some videos/gifs/etc from playing when you hover over a link.
Here’s more: https://www.chromium.org/audio-video/autoplay
https://developers.google.com/web/updates/2017/09/autoplay-p...
Quoting the blog post, Google’s decision that ”Muted autoplay is always allowed” is the problem. If any other Chrome users wondered why videos now auto-play without sound (even with this option set), at least based on the relatively minimal docs about this flag, this is why.
I can't seem to find the issue, but in the Safari issue tracker, the point was made that given the way HTML5 video and APIs work, it is impossible to reliably prevent autoplay without breaking some sites. It seems that Firefox went for "reliably prevent autoplay" while Chrome went for "without breaking sites".
FWIW, I switched from Chrome to Firefox because of the autoplay issue.
Problems:
* The list is totally opaque (I am wrong, see EDIT 2 below)
* They use the hard work of people like EasyList and subjectively apply it (though not that big of a deal, they do make it free/open for all uses after all)
* They build it into the browser instead of as an extension or working with the existing ad-block community
I urge everyone to keep with uBO and the like. How anyone can be for NN and then think a coalition can be an on-by-default gatekeeper of good or bad web items I'll never understand. At this point, I have a hard time separating browser from ISP wrt end user control and limited choice (especially for the masses who aren't familiar w/ these kinds of details).
EDIT: I should note that this is the same mechanism by which the safe browsing lists work that tell you a page may be bad. For consistency, I disagree with that too of course, but I find the motives and targets here to be much more sinister. I would also say switch to FF, but they also use the secret safe browsing lists, so they'll probably switch to this as well. I say find a Chromium/Gecko based browser w/ all the ancillary shit like this removed.
EDIT 2: There is a method of obtaining the entire list via the API, see comments below. I was wrong about the opacity and stand corrected. Still doesn't alleviate the concerns around gatekeeping. I wonder if Google would let me keep a running update of this list in GitHub so we can all watch changes and other things like adblockers could use it.
Whenever you have the browser maker, and punitive actions controlled by the same party, and arbitrarily, its a recipe for disaster.
If Google really cared, they should spin Chrome off to a foundation, provide it a large amount of funding, and totally step aside.
Having the #1 web browser and the largest ad network, controlled by Google, even if you agree with what they are doing, is a recipe for disaster.
Google, of course, MUST protect its ad business, let's call his what it is.
Judge, jury, and executioner as they say.
Why would Chrome being run a foundation that is funded overwhelmingly by Alphabet make a difference? Chromium is already public -- aren't there already forks that focus on privacy and ad blocking?
This is absolutely not about quality but a political move to counteract ad blocking extensions and companies. While the intent seems noble, it's likely to cause no real improvements compared to better existing options like not serving these formats at all.
The same reason every conflict of interest is a problem. You're not advocating for what's best for the side you are supposed to be representing because you are also representing a self interest.
(Also, imagine the hilarity if the default search of Chrome ever became Bing.)
As you noted, this is false. See https://developers.google.com/ad-experience-report/
> They use the hard work of people like EasyList and subjectively apply it (though not that big of a deal, they do make it free/open for all uses after all)
Again, I don't see the problem here. As you said, EasyList is free and open. It seems like your objection is just that you don't like the way its being used?
> They build it into the browser instead of as an extension or working with the existing ad-block community
I'd actually consider this a huge win. Everyone gets it by default (though you can turn it off in settings if you want), and it works on mobile, which doesn't currently allow extensions. What's your actual concern here?
> think a coalition can be an on-by-default gatekeeper of good or bad web items I'll never understand. At this point, I have a hard time separating browser from ISP wrt end user control and limited choice
There's a reason browsers are called the "user agent"; it's because their purpose is to make decisions and perform actions on behalf of the user. If a browser vendor wants to block ads on behalf of the user on sites which they deem to be using those ads in an abusive manner (and the standards for what is considered "abusive" in this case are actually pretty clear-cut: https://www.betterads.org/standards/) I don't see a problem with that. If you as a user don't want your user agent behaving that way, you can either tell it to stop (chrome://settings/content) or get yourself a new user agent. (And both of those actions are significantly easier than they are with your ISP I might add.)
Not really my objection, I just wonder if it's the objection of the people putting in the work on those lists. I personally don't think it's a big issue.
> I'd actually consider this a huge win. Everyone gets it by default (though you can turn it off in settings if you want), and it works on mobile, which doesn't currently allow extensions. What's your actual concern here?
A bigger win would be to allow mobile extensions. It's strange to use a decision Google makes as a reason Google has to do something this way instead, ha. That it's on by default makes those of us on the non-user side of the web wary of the slippery slope of browsers not being neutral about what is shown to our users.
> I don't see a problem with that. If you as a user don't want your user agent behaving that way, you can either tell it to stop (chrome://settings/content) or get yourself a new user agent.
I'm more concerned with the site developer side than the user side. If something ships to millions of users and begins to exercise non-neutral control over content, you should become concerned. It's like TVs constantly updating a list of shows they won't allow to be shown on their TV. You might tell a user to go change the settings of the TV, but as a someone making the video, would you not be concerned? Or glasses that limit some of what you get to see by default, or headphones that disable some of what you get to hear by default, or cars that don't allow you to enter some areas by default, etc. I hope it's clear that conduits like these need to remain neutral.
However, I think the type of "content" Chrome is discriminating against here is pretty far removed from what most users would consider "content". They're not basing the decision on whether to block ads on a news site on the _content_ of its articles, but on the placement of its ads.
To the extent that ads can be considered "content" then yeah, Google's not being content-neutral here, but while site owners might consider ads to be "content", I suspect most users don't.
It's a pretty similar situation with Google's Safe Browsing system. While a malicious site operator might consider malware to be "content", malware is almost certainly not the sort of content the user came to the site for.
[1]: https://www.betterads.org/standards/
[1] https://blog.chromium.org/2010/12/year-of-extensions.html
Isn't there an open API for querying this information, as well as their webapp? It can't be all that secret.
https://transparencyreport.google.com/safe-browsing/search
Unfortunately.. I don't see a dispute button. If Google won't let you dispute like blacklisted mailserver, I see class action lawsuits because ultimately with such high % of market share, Google and his pal Chrome will decide whether your business thrives or dies.
My guess would be there isn't a simple canonical list, and it's more of a heuristic evaluation where certain thresholds will trigger site warnings.
In this case an API would be more up-to-date, and less computationally expensive than serving large, always-changing lists. It was likely just the more logical choice. Though I'm assuming the new ads functionality uses the same Safe Browsing infrastructure.
>Sure they can say they don't want the offenders to know they are offending
Actually not the case at all. They send alerts to sites that are affected by Safe Browsing via Search Console.
>In this case an API would be more up-to-date, and less computationally expensive than serving large, always-changing lists.
Like Google search?
I fail to see whats hard about returning a large list of items. Its their entire organizations' core competency.
https://transparencyreport.google.com/safe-browsing/search
Makes you type-in a single URL. There is no way to use a keyword to get a list of items back. My point is that it should be trivial for google to do this, since this is their core competency.
I fail to understand whats so special about maintaining a tiny list of website URLs that anybody can access at any time? I'd wager you can fit 10+ million URLs per GB. The wayback machine has 300 billion+ pages of full page historical content and you can access all of it. This is entirely within Google's wheelhouse. Certainly, there could be other factors to not handout the list, but I'm merely speaking about the engineering aspect here.
Oh please. Claiming Google can't publish a giant list is really disingenuous. The question is really if they want to or not.
Out of curiosity what is your objection to the Safe Browsing lists?
I personally have my router blocking sites at the IP level and DNS rejecting queries for domains off this list.
I can't remember the last time I couldn't visit a site because it was on the list but with the prevalence of zero-day malware and naive users on my network, I'd rather just not even deal with the potential.
The gatekeeping and phoning home (even though it is privacy conscious). But it's not a strong objection. In general I prefer browsers to be neutral by default and make no HTTP requests behind the scenes, but I acknowledge that's unreasonable for most users. It's less about my personal objection and more about an objection to on-by-default corporate decision making being deployed to millions of users.
While safe browsing hasn't come under much scrutiny due to its limited scope and that it hasn't been abused, I suspect it won't be long before someone's site has its ads blocked unfairly by the coalition. I understand with human review and pending-vs-actual-blockage incubation they are attempting to alleviate false positives, but the internet is too large IMO and the rules are subjective (so I can have a site with a 29% ad density?).
Google does not have an interest in showing you shitty ads. They have an interest in providing their clients with ads that are acted upon and that web users appreciate, and they have an interest in having a browser that does that with as little friction as possible.
I'd say their incentives are perfectly aligned with ours.
Speak for yourself. I hate advertising and would rather see that whole revenue method burn to the ground and pay the $2/mo or whatever to use my favorite services.
Ads have ruined everything they have touched (radio, satellite radio, TV, cable TV, satellite TV, magazines, highway scenery, etc) and they are well into the process of ruining the internet.
In addition to bloating every site and exposing you to higher malware risk, they encourage companies to violate your privacy as much as possible and exploit psychological weaknesses to get you to buy stuff you didn't want or need to begin with.
Google's incentives are to spread this poison so they are not aligned with mine at all.
Disclaimer: they work for Google
They also own the most popular way those ads are shown: through their web browser. This browser has the ability (at Google's sole discretion) to block shitty ads, of which all of them are run by their direct competitors.
So what's happening is, Google is giving themselves the right to block parts of the Internet they don't like, with the implied statement of "if you want your ads to be seen by Chrome users, buy them from us or else we might block them".
That is a classic protection racket. "Want your ads to be seen? Better buy them from us, or... bad things will happen."
Seems pretty reasonable.
They use this by default, but you're free to turn it off, and that setting (unlike others) seems to sync just fine using Firefox Sync. Just checked and it's off. I turned it off once years ago and switched between OSs and different devices in the meantime, and it's still off.
Don't know if the same is possible on Chrome.
> I should note that this is the same mechanism by which the safe browsing lists work that tell you a page may be bad. For consistency, I disagree with that too of course, but I find the motives and targets here to be much more sinister.
I agree with you completely on this one.
I had to turn that off on two layers, on a browser level, and inside my antivirus' firewall. My antivirus now constantly complains that I'm "not fully protected" because I don't want it to do web filtering for me.
I do support other private browsing techniques that stay on my device, like first party isolation, and adblock-like lists that are downloaded on my device.
Both are available in Firefox, and using them doesn't collide with my stance on NN, since I'm the one preventing the content from being fetched by my machines.
Also, I cannot find a clear explanation from Google how the internal details of this ad blocker work (how they manage the hashes on their side, where this coalition list is maintained, etc). I would love a link, but alas with these kinds of things transparency is usually the first thing to go, especially since people don't demand it.
EDIT: Updating from previous statement saying I couldn't find where to get the list. I have now obtained it from [0] and put it at [1] (caution, it's a large gist).
0 - https://developers.google.com/ad-experience-report/v1/refere... 1 - https://gist.github.com/cretz/18594176f791fc0ede26078f76cf12...
This weird hashing scheme comes from safe browsing (which blacklists sites that install malware etc.). I guess (without specific knowledge of it) it was just reused for this ads thing because they had all the code handy for it, both the browser-side code and serving code.
For safe browsing, as I recall the data format was designed with Mozilla -- that tech predated the existence of Chrome. There's some history about it here: https://wiki.mozilla.org/Security/Safe_Browsing and https://wiki.mozilla.org/Phishing_Protection:_Design_Documen...
I recall the weird hashing scheme was carefully designed to balance some concerns. For example when it phones home, it phones home with a hash of the current URL so that it doesn't reveal the current URL to the server (unless the URL is already in the server-side blacklist). I also think it was intentional that the client didn't get a list of all known-malware URLs. I can't find any design docs for it at the moment better than https://developers.google.com/safe-browsing/v4/ . It may well be the case that the hashing scheme doesn't make sense at all in this context.
Oh, wait...
Ya know the nice little extensions Google has added over the years to their search page? Like speed test, recipes, dictionary, a rudimentary calculator, map locations, etc??
Most of the information is stuff they stole from other websites. They put it in the search results now so you won't go to those terrible websites yourself and stop looking at Google ads. And nobody can stop it because if you block Google spiders your website dies.
So the only people that can fight Google stealing all their shit are other Titans like Facebook and LinkedIn. Everyone else is getting their content lifted and moved into search results.
It's so pervasive that I'm not even going to bother to find you links. Ironically, you can just Google something like "Google destroyed my business" and find plenty of results. Google does a lot of things I support but they also destroy businesses intentionally with reckless abandon. For instance, I find it impossible to believe Google didn't think it would destroy Speedtest.com when it added a widget to the search page. Or Allrecipes when they started stealing their content and ploping it on the search page.
Some of the things Google does these days are thinly veiled as being for "convenience" or "security" when they're really just a monopoly stomping out various competitors.
Remember how Google used to punish "cloaking"? Well now they quietly allow you to do whatever the hell you want which led to all the news site paywalls. These sites we're tired of Google stealing all their shit and powerful enough as a group to stand up to it. Google sits on it's hands because they know if they stop it they will end up in court, probably for antitrust
Do you really believe Google has PR people that are paid to reply on posts on HN? It could be, but I find this quite incredible.
(Saying this as an Eng Googler, I have absolutely no insight on how the whole "business" side of the organisation works.)
I'm not suggesting the dead post's particular case is true. I'm just pointing out that it's a company's dream to have engineers voluntarily spending time on a forum like this where they have identified themselves as employees. They are implicitly doing PR for free.
To us, your experience on the web is a higher priority than the money that these annoying ads may generate — even for us."
Many of us are wired to see changes like this as a power grab camouflaged with flowery words, or possibly another step on the slippery slope to censorship and government control.
We've been trained that every corporate action is selfish, by definition against our interests.
But Google has demonstrated over the years that they're willing to sacrifice their short-term gains to maximize their long-term gains.
Since their long-term gains depend on a vibrant, open web, sometimes their long-term selfish actions are actually in our interest, too.
Can the coalition truly be independent when their only active enforcer is a member? Would that coalition defy that one member ever?
Under what circumstances will other sites and advertisers learn of updates to ads? Will that policy remain? Will google always have a head start?
What of ads and scripts designed to track and de-anonymize you? What of ads that consume huge amounts of bandwidth passively while not otherwise being annoying? These policies seem directed only at the aesthetic of the web.
And really, it remains to be seen if our long term interests are in line with googles, if you asked me, I'd very much say no.
That's begs the question - Why were those ads approved by Google in the first place? They were the source of the problem to begin with !! Also, before we rush to judgement, how much revenue were those ads generating for Google in the first place? I would respect them a bit more if they actually are taking a hit on this.
>But Google has demonstrated over the years that they're willing to sacrifice their short-term gains to maximize their long-term gains.
How have they demonstrated that? Could you elaborate?
> How have they demonstrated that? Could you elaborate?
Before Google, web search results were rotten. Advertisers could push their sites onto the front page, and paid ads were indistinguishable from organic results.
Google's innovation was to deliver pure search results with the highest relevance, with zero influence from advertisers. Ads were separate and labeled as such.
By sacrificing near-term ad revenue, Google built trust with users, and won search in the long-term.
Other examples:
Google could have kept Android closed and charged for licenses. But by open-sourcing it and allowing competitors to use it, they sacrificed short-term license revenue to build a much larger ecosystem.
Google capitulated to government demands that they censor search results in China. But then they reversed course, exited mainland China, and sacrificed revenue from that massive market. Long-term, active censorship would damage Google's reputation.
>Google's innovation was to deliver pure search results with the highest relevance, with zero influence from advertisers. Ads were separate and labeled as such.
Have you tried using Google without an adblocker recently?
If I search "buy a car" using Chrome on Android the entire screen of my phone is filled with ads that I need to scroll past to get to the "pure" search results. The only indication that they are ads is a tiny box 1/8 the size of a fingernail. The top result on the embedded Google maps box is also an ad.
I search with Chrome on Android every day, with no ad blockers, and this never happens.
Very polite of the malware to put a tiny ad tag on the ads it is managing to inject into a HSTS pinned website on a browser that doesn't allow any addons or extensions. I also like they way they perfect match Google's site design.
A webpage can have both Google ads and dodgy-ad-co ads. If they have the dodgy-ad-co ads then Google will apply the easylist to the page, which will remove the Google ads as well as the dodgy ones.
Does it? This is not at all obvious to me. Do you mind sharing your reasoning for this claim?
To the point of not receiving salaries? I’ve little sympathy here.
Edit: autocorrect fixes
But seriously, this line:
> To us, your experience on the web is a higher priority than the money that these annoying ads may generate — even for us."
Is a flat out lie and you should know better by now.
Unless the "us" speaking here is a very specific (and powerless) subset of whoever could be speaking for Google. Which would make it merely disingenuous.
And even then their actions require a lot more before they deserve that kind of trust again.
> We've been trained that every corporate action is selfish, by definition against our interests.
If we had been trained we might've gotten to this conclusion sooner and prevent some of the worse shit that's happened because of it. But we weren't trained (what would have trained us?).
I'd rather say we've been extremely slow to recognize that even though the law recognizes corporations as persons (in some places), they are in fact, inhuman. And they will continue to act with complete disregard to human interests. I think it's still useful to think of corporations as organisms, just not of our species, in the same way that a fungus is not the same species as its substrate.
Some people "at the top" believe they are in control, but they are in control as much as you can be in control sitting on top of a wild, untamed beast. And you've seen it, corporations replace "the top people" like any other employee and it doesn't change much. Not nearly as much as they want you to think. It's more like trimming your fingernails than getting a heart transplant.
Of course, nation states are just the same. Conglomerate hierarchies of humans, doing whatever to stay in existence as a sort of entity. Problem was they were caged by design, rules, from the bottom up. This was because we needed them to be, we saw tyrannies rising when we didn't. So we made rules to bind them, deliberately stunted like bonsai trees, to preserve our individual freedom and not become cogs or ants. So they subverted the meaning of "freedom", because we should be free to make new corporations (conglomerate hierarchies, egregores, group minds, call them however you like), because you know, freedom! Except this exploit existed even within the nation states that were deliberately stunted to not grow out of control. Just don't feed them after midnight, okay?
And then we were free to create corporations, without stunts, or rules or restrictions to preserve actual real individual human freedom.
And of course these new corporations quickly grew to become more powerful than many nation states. REALLY quickly, if you think about it, if you compare it to the speed at which nation states exchange power and conquer one another. But corporations kill at sub-decade frequency currently.
I went a bit off a tangent here sorry, and I doubt this is the proper forum to share this kind of thing either. But just stop and think for a moment, who or what is writing those words you just quoted. It's not something that could ever be your "friend".
1) Users that tolerate some ads no longer need to install an adblocker.
2) Legit advertisers don't get their ads blocked because fewer people use ad blockers
3) Crappy advertisers go out of business.
Now lets hope that GDPR manages to get rid of the ubiquitous tracking and the web might actually become a nicer place again!
Sure, I guess that makes you less of a target for bad actors, but if your browser can be compromised by simply visiting a website, that's a serious problem that's going to bite you whether you block ads or not.
You're saying that theoretically, because there may be worse exploits from advanced actors that can target you for visiting a website, you shouldn't worry about basic security and whitelisting?
Do you not lock your door at night, either, just because someone could smash through your windows?
Which makes it an even less effective analogy.
Bittorrent:Netflix::uBlock-Origin:Coalition-for-better-ads
[0] https://github.com/dhowe/AdNauseam/wiki/FAQ#what-is-the-effs...
I don’t. I avoid ads for two reasons: first that they’re fundamentally biased, manipulative information sources, second that they drain attention, screen space, battery life, etc. I’m much more worried about the first than the second, yet “acceptable ads” (partially) addresses the second without touching the first.
Neither of these points need to be true. Consider if someone had a text ad which said “We made widgets. Click here to see our widgets”. There's nothing manipulative about that, it need not use more than a small amount of network or CPU to deliver, and all but the most extreme members of the no logo camp would tend to agree that there's nothing manipulative about it.
For the record, I don't buy ads and I subscribe to sites like ArsTechnica.com which allow me to pay to disable ads.
> first that they’re fundamentally biased, manipulative information sources
Is an NPR-style “this program is sponsored by <big company>” manipulative or biased? What about the Amazon ads you get on a Google search for most consumer products, where it's clear who paid for them, they make no claim that the product is the best product or that they have the lowest prices, only stating that you can buy one from them, etc.?
> second that they drain attention, screen space, battery life,
Do Google text ads really do any of those? What about a static JPEG?
Remember, I'm not saying that the state of online advertising isn't terrible but that it's not fundamentally so. The industry has raced to the bottom but it'd clear up in days if publishers stopped allowing offensive ads to run on their sites or Chrome started actively blocking them.
Humans are fundamentally biased, manipulative information sources.
(Overt, not organic or otherwise covert) ads are just human acts where the bias and intended manipulation are unusually transparent.
No, I think that it's easier to reject (overt) ads manipulation because their bias is clear, compared to forms of manipulation where the goal of the manipulation is less clear; this doesn't help you get to the truth (except in some cases where that is revealed by what even the ad is forced to admit against its interest, or hinted at by what it avoids) from the ad content itself.
Journalism provides a necessary service for a democracy, and unpaid bloggers haven't actually made much of a dent into real, investigative journalism. Hell, they haven't even made a dent into regular ask-questions-at-press-conferences journalism.
Which leaves paywalls. But even if I everyone bought subscriptions to the top 5 or so publications they read regularly, we would all drastically reduce the variety of sources we get our news from. No fan of Breitbart is going to pay for the New York Times, even though now, they might (sometimes accidentally) come across an article offering them a glimpse of real journalism.
It's really easy to try: Just for a month or so, don't visit any sites showing advertisement that you haven't paid for.
How is it that it's not outrageous to people that in the middle of a news article, a box with flashing colors and a picture of a woman in a bikini isn't something obviously extremely undesirable? The activity of reading requires concentration, if you're reading something that requires thought, that is. I'm baffled that our tolerance level for this didn't drop to the pitchfork level.
https://upload.wikimedia.org/wikipedia/commons/thumb/5/5a/Br...
It becomes the responsibility of the accuser to prove and provide evidence of increased prices based on monopoly position. The Exponent podcast did a nice description of this last summer I believe (not sure what episode).
- Massive, truly gargantuan header and footer that steals 40-50% of usable screen space for.... white space
- Terrible type selection that is kerned too closely and is too thin to comfortably read on a white background. Eye strain is SIGNIFICANT.
Like, come the heck on Google. You're trying to make the internet a better place. Maybe practice what you preach and follow Day 1, 101 course UX principles like "choose a type that is legible" and "don't use half of your article vertical space for pointless globs of white space in your header and footer"
1: https://i.imgur.com/0mJjdMq.png
How about some browse neutrality from Google?
Proof of monopoly abuse right here: no technical reason, just a wish to crush competition.
Or am I missing something?
- and we won: I'm now free to use Linux at work. I think cloud computing as we know it happened as a result of the liberation of server class operating systems etc.
So my suggestion is we continue to make noise until we get meaningful change.
(And just like with MS back in the days I don't think everyone working for Google is evil, it just seems to be next to impossible to have that kind of power as a company and not abuse it.)
I also expect them to do the right thing because of "Don't Be Evil", but that doesn't really mean much anymore, right?
Unfortunately, there are too many devs who build their sites that completely get crippled if you by default don't allow Javascript.
Even if you enable it, the site may still be doomed, because it tries to load fonts, libraries, css and who-knows-what kind of s* from external sites.
Fg newage apatheistic anarchist hippie devs. Don't bundle in tons of dependencies to your freaking sites. If one of the dependencies goes down, so does your site. F* you! And f* those whorebag ads!
* Battery-draining junk code
* Bandwidth-hogging videos and GIFs
* Spreading information about me cross-origin
I would take an annoying page-covering PNG that I can close, over a tiny banner doing animations in Javascript, an auto-play video, a huge GIF which is basically a video, or the countless trackers which build databases about every site I visit.
As such this change will not entice me to disable my ad blocker. Not even close.
Also, what is your threshold for 'bandwidth-hogging' videos and GIFs? Do you trust content-lengths from the server?
According to the post:
"... Chrome will stop showing all ads on sites that repeatedly display these most disruptive ads after they’ve been flagged.
To determine which ads not to show, we’re relying on the Better Ads Standards from the the Coalition for Better Ads, an industry group dedicated to improving the experience of the ads we see on the web. ..."
They are a bit vage in this post, but as we know from other posts and press briefings, this means:
The site owners will get a notice when Google has found that their site is displaying ads not compliant with the Better Ads Standards. When they don't fix this until after 30 days, all ads on the site are blocked, even those complying with the standards. The site owners can then of course still fix it, and get removed from the block list.
So the "flagging" is actually done by Google, and means the owners of the site get a notice.
1. Don’t be annoying: NO sound, NO video, NO auto-anything, NO flashy animation, NO obnoxious bright colors. What is so wrong with the discreet images and text that newspapers and magazines have used since forever?
2. Don’t disrespect me: NO treating my data plan as an infinite well for downloading crap, NO ad networks that can’t be bothered to have proper security, NO obscenely-complex tracking scripts, and NO trickery to make me click (pop-anything, delayed loading, etc.).
https://github.com/cpeterso/clickbait-blocklist/
Only for websites clutter that free space with hideously large and empty headers and unmovable footers that cover a good 20% to 30% of vertical space that would be better spent on the actual content of the page. (If I want to navigate your site, give me link to your homepage, and I'll take it from there.) Oh, and lets not forget those social sharing icons, even for people who don't social network!
Let's rub salt into the wound:
> (These ads are) designed to be disruptive and often stand in the way of people using their browsers for their intended purpose—connecting them to content and information.
Screenshot: https://ibb.co/f1eOGS
You can simply scroll p and it’s gone. It’s also at the top of the page, not interrupting your reading.
It’s far better than an overlay that requires you to close it by hitting a tiny x.
Huge ad with autoplay video.
And the standards for what is considered "disruptive" are here: https://www.betterads.org/standards/
I'd rather them have a way for me to disable the floating videos usually on news sites.
You want your competitor site to be down, our 100,000 strong unique IP addresses bot network will take 2 weeks to notify Google of a harmful website. Just give us an URL of your competitor and wire us $10,000 and watch them being wiped out of the net! Guaranteed!
"It’s important to note that some sites affected by this change may also contain Google ads. To us, your experience on the web is a higher priority than the money that these annoying ads may generate—even for us."
What is the most plausible outcome? That sites want ad revenue, do not want to take risks on losing it, and hence will only use Google for ads (because those will by definition comply with the policy).
It's true that if a site serves both Google and non-Google ads Google may end up punishing the site (no ad revenue), even if it means some revenue loss for Google from the now-blocked Google ads. But if the goal is to make sure sites do not do this mixing of Google and non-Google ads, that seems like an acceptable cost to pay to achieve the goal, from Google's point of view.
How is this anything other than a hilariously transparent shake-down? An ad company that controls both ends of the ad pipeline (Chrome and Adsense) is "protecting" people not by blocking terrible ads, but by blocking all ads on sites it deems "disruptive."