I agree fully. I think part of the issue is that the folks submitting ads want to collect a lot of data. They probably don't use that data (or if they do, not well), nor do I trust them to not collect very invasive and unsafe data, but I suspect for many folks that having their own JS payload makes or breaks a possible ad network.
Given concerns about Monero mining, redirects, and other hijinks, removing JS from ads is even more critical now. I think the compromise will be to give ads some kind of network provided hook to get data back to "home" eventually, though then the issues above only shift from the ad provider to the ad network provider.
Or at the very least, provide a domain-specific-language that "compiles" to JS that can do very limited things like animations and others.
That combined with requiring all of the assets to be hosted on the ad-network's servers would greatly improve the experience. (mainly because ad-networks are larger companies that the host website has a direct relationship with, so when users complain the site can talk to the ad-network, and the ad network can instantly do something about it)
Sadly, they have no incentive to do that, as those ads would be more expensive to create, most likely make less money, and most users that block ads block all of them regardless of how invasive they are. Adblockers treat all ads the same, and so now advertisers are faced with the choices of:
1. make more shitty invasive ads
2. make "better" ads (better for the user) and make less money while spending more and having users still block them anyway.
This is why I really believe that the "better ads" thing from google and others is a really good idea, because it helps re-align the incentives back with the user in some ways. If that works, shitty ads will be blocked much more widely, while good ads will get more views and more users.
Any source code to source code translation is considered transpilation until targeting byte code or other form of representation that is byte code, VM, or CPU specific. The terms do become blurred sometimes.
Focus is probably the best option on iOS but I don't trust Mozilla to block tracking the way I want it done, I'm far more comfortable with uBlock Origin handling it. If I want the extra protection of deleting my cookies and history on exit I'd rather just start a private tab. Most of the time, I want to stay logged in on sites.
Why Focus on iOS? iOS has had a framework for third party content blockers for years. If you install a content blocker for iOS, it also works with other apps depending on which webview they use. For instance they work with Feedly.
Not across the system, though. It only works in Safari. For system ad-blocking, the easiest option is via DNS based Ad-blocker services like Adguard Pro or Adblock (both are paid apps and available on the App Store).
There's also the VPN option. PIA, for example, comes with its own system ad-blocker (MACE) although it's nowhere as good as Adguard Pro (which allows you to use custom DNS server).
It's not just Safari. The only times I really care about ad blocking are using the web with safari and Feedly and watching video. The content blocker also works with web view embedded in Feedly.
I very seldomly watch live ad supported video. I have ad free Hulu. For the two networks that aren't on Hulu - CW and CBS, I watch VOD from them via Plex. Because of the way that the Plex channels work, they skip the ads.
For me it's not a matter of trust, it's just that there's no customizability to the ad-blocking on Focus, even at the level of choosing blocklists to subscribe to, or adding particular elements to be blocked.
I don't want a company that releases a "privacy focused browser" with telemetry enabled by default deciding which tracking is "ok" and which isn't. I love Firefox compared to other browsers but there's definitely some user-hostile choices being made at Mozilla and I'd rather they just not get involved in ad blocking (other than ensuring the add-on architecture allows proper blockers to do what they need to get the job done right).
Putting the ad in an iframe without the allow-top-navigation sandbox permission could prevent that. Or if the ad naturally consists of an iframe then a browser extension could intercept the iframe load and add the equivalent CSP rule. Or google could do that themselves.
I think they would still be allowed to open in a new tab.
Similar things happen on iOS, too. I can't tell you how many times I'm trying to go to a seemingly legitimate site on my iPhone and I get redirected a dozen times and end up at "You've won a free Samsung tablet!" instead of the content I asked for.
You're probably either not using the right ad-blocker or fail to configure the ad-block properly. If you just want a content-blocker that works in Safari- I find Purify works the best. If you want a full system ad-blocker which works in most apps- NYT, BBC, Chrome though not in the YouTube, Instagram, Twitter apps- it would have to be a DNS based Ad-blocker like Adguard Pro.
That does raise the question is Google big/ubiquitous enough to force that on publishers? If Google unilaterally decided no more JS in ads., would the publishers grumble about it but adapt, or would they look to other ad networks.
Apologies if the comparison offends anyone but every time I see PR (public relations) about ad-blocking by Google, I see them as a company like Goldman Sachs, who has taken positions on both sides of a bet, so to speak.
There is a glaring conflict of interest as others have pointed out; it cannot be ignored. Through strategic acquisitons such as Doubleclick, Google and its subsidiaries are the largest warehouse of advertising on the www. The company is the machine that keeps web advertising humming along.
Google wants to keep everyone happy. Users are fed up with advertising. For example, Google could offer a search engine free of any ads, as they did in the early days.FN1 They have more than enough cash to do it. This would make users very happy. Google could try to support itself by selling something, besides advertising. But this will not happen. Why? (Rhetorical question. Not asking for an answer. We all know what it is.)
By creating a web-advertising juggernaut and collecting the maximum allowable quantity information about users through every means legally possible, (far beyond merely search engine usage) Google has taken a position against users (the ones who dislike ads) as well as for them (as argued in myriad PR pieces).
Google is not curbing it own actions (as the #1 promoter of advertising on the www), instead it is taking aim at advertisers. Some of those could be existing or potential clients (which might seem intriguing).
But while its clients (be they advertisers, users or others) may experience "losses", like Goldman (or not; sorry, bad analogy!), Google always "wins".
Any PR piece proclaiming that Google is taking sides with users (for a "better web") ignores that they also have taken sides with advertisers. Google has big bets on advertising. As everyone knows, users do not contribute significant inputs to the Google balance sheet; advertisers do.
FN1 At that time one of the Google founders called out advertising as being something to avoid. Interestingly, there was no "disruptive" vs "non-disruptive" advertising distinction.
> Google could offer a search engine free of any ads, as they did in the early days. They have more than enough cash to do it. This would make users very happy. Google could try to support itself by selling something, besides advertising.
This reasoning doesn't make sense to me. Many startups offer their services for free or low cost, burning cash, to acquire users/mind-share until they find a way to be profitable. Google and Facebook found advertising as that way, and thus survived instead of running out of money. And are able to offer their services for free.
"Google should ditch that and start again" doesn't even start to make sense.
I think his claim is more of "The Search Product" can be run as a loss-leading free product just like Youtube was, while they profit elsewhere.
And he covers this with the rhetorical question: They can do these things, but they don't, because being as anti-user as possible (while putting out the occasional fluff PR piece) earns them billions and billions and billions of dollars.
He's basically saying "Google could remove advertising and figure out how to make money without being one of the most user-hostile organizations in software history, but they don't because their hostility to privacy and their revolution in combining aggressively curated private data with advertising has made them one of the richest corporations in history"
what is this elsewhere of which you speak? Google apps for your domain? Youtube red? Android licensing fees?
The truth can be seen from the way users behave. Nobody wants to pay any money for online services, and if google were to stop advertising, they'd basically be bankrupt as the userbase is not willing to pay the equivalent amount to google that they derive from selling user data.
To be clear, Google doesn't sell user data to anyone. In fact, it's got the strongest of incentives to keep other companies or hackers away from the data of their users. Which is maybe why Google's security team is what it is.
Technically, most companies in the advertising space don't sell user data. They sell the ability to target users based on anonymized and pre-digested data. Google Search Ads and AdWords both work that way, as does pretty much all of Facebook's ads products.
As an example, Facebook might sell you the ability to target people between ages 12 and 20 located in major metropolitan centers in the US. You never bought any user data that let you flag individual users, but you are still "using" the data.
(Disclaimer and also claim to authority: I worked in ad tech.)
The end result is the same if Google sold your data to an advertiser or used the data to advertise on the same advertiser's behalf. So I find "Google sells your data to 3rd parties" to be an accurate enough description.
If you think the end result is the same, you are being very charitative in your guess of what those companies could do with your data. Without giving it much thought, for a start you would lose the ability to control what that data is and who has it.
I'm not sure why people keep saying that Google and Facebook is selling user data. Does that mean that if those companies started to actually do it, it wouldn't bother the claimants as they consider it being done already? Seems to me like an important distinction to make.
In comparison, are Uber selling software? Rather than using software to sell a service?
Obviously there is a technical difference between "Google sold my data" and what they actually do. My point is that the outcome is the same in both cases. It doen't matter to me which specific entity erodes my privacy. So in the larger scheme of things, Google did sell my data to advertisers.
Amazon doesn't directly sell you the AWS infrastructure. But they rent it to you. Google is doing something akin to that. If they had an opt out saying "Don't use my private data to show me ads" I'd no longer make the point they sell my data. But they don't provide any opt-out, and the effect is identical to my data being sold to advertisers.
When I pay Amazon to use AWS I get access to those machines. When I pay Google to display ads, I don't get access to the data of any user.
If a company sold your information, you can say bye bye to being able to restrict what that information is and who has it; you might as well consider it public from that point on. I don't think anybody in their right mind would call that difference a technicality.
Google does provide the opt out you say they don't, too: Browsing in incognito mode.
> not willing to pay the equivalent amount to google that they derive from selling user data
I think that's the GP's point -- but Google has enough cash in the bank that they could probably continue to provide services indefinitely if they took the decision to divest themselves of advertising and re-organise themselves appropriately.
Google has also learned the lesson though that ads which produce a negative user impression aren't sustainable, and bad for both Google and advertisers. They have a vested long-term interest in making ads palatable and useful, or their cash cow goes away. Their incentives mesh with mine -- I would be less likely to demand ad blocker if ads weren't so disruptive.
> uBlock's incentives unaligned with yours because they didn't release their adblocker earlier
Not really a fair comparison - uBlock aren't selling ads. Google are and have been for a decade. There have been many occasions that search has been compromised via advertising from the days of SERPs being mostly adsense mini sites years ago. The response to those also took years despite search being near ruined. Google could have done far more far sooner.
I question whether a "large majority" of people using adblockers are aware they are doing anything other than blocking ads. The HN crowd tends to overestimate the tech-savviness of the general population when it comes to this stuff.
I understand what you were saying, but I made the (unfounded) assumption that most of the general ad-blocker population were turned onto it by someone they trust who is more computer-savvy, and those people will generally continue to recommend ad-blockers to their less-savvy friends as long as good reasons still exist.
Yes, but often I will temporarily lift the block to load the page (just a few mins ago I was on AWS announcement page, I couldn’t play a video unless I reload the page without content blocker. Not only do we have a tracking epidemic, we have external js issue. I have to either whitelist fonts.google.com and some other js libraries, or else explicitly reload page without blocker whenever I see a broken website... this security-privacy consciousness i is a good trade-off, but can we, as developers, do something?
It's not a hedge bet, necessarily. It's a way for them to get direct input from users on which ads are tolerable and which are not. This information will undoubtedly be used to make ads 'more tolerable' so that Google's bottom line is not impacted.
I wonder if we're heading into a new era where online advertisements will become indistinguishable from non-ads. For example, a picture of your friend vs a picture of your friend with a soda bottle subtly added. That would be more tolerable to most everyone when compared to a flashy gif of that soda bottle bouncing around in your browser.
Wouldn't that "picture of your friend with a soda bottle" be considered a violation of the property rights of whoever took that picture? (lets leave alone the idea that the ad insertion violates the viewer's rights to unadulterated content - that could potentially be waived as a part of the EULA/TOS).
>For example, Google could offer a search engine free of any ads, as they did in the early days.FN1 They have more than enough cash to do it.
Doesn't google still make like 80% of its revenue off advertising in search? If its true, then they really don't have the money to drop it
And instead of viewing it as double-betting, it can just as easily be seen as a compromise. They still want to advertise, and makes sense for them to want to, and the truly troublesome ads are poisoning the water for everyone, by leading (normal) people to total solutions ie adblock. Which is bad for business. In which case, you should expect them to find a middle-ground solution, and it would be absurd for google to move in either direction too strongly (because the money's not there).
Its not that they're taking sides, but that they're trying not to.
> There is a glaring conflict of interest as others have pointed out; it cannot be ignored. Through strategic acquisitons such as Doubleclick, Google and its subsidiaries are the largest warehouse of advertising on the www.
The point is, they're not only a near-monopoly in web advertising, but also have very detailed data about their competitors (via GA and many other products) AND now are controlling the channel for 60% of users. It's unbelievable they managed to pull this out and still so few people seem to care.
Meanwhile, Google still hasn't added a way disable auto-playing videos (regardless of whether a video is muted) in Chrome.
Safari has easy options to set both a default and per-site preferences (https://support.apple.com/guide/safari/stop-autoplay-videos-...), including a "Never Auto-Play" choice. Despite years of user complaints and a fairly clear resolution to them, Chrome either watered-down their fix or solved the wrong problem entirely.
Then their naive users would abandon them en masse because Facebook and YouTube won't work right. The thing to hate is that useful settings like this aren't in a more readily accessible preferences dialog for the rank and file to discover. You have to be told it's there or go spelunking through about:config.
> Meanwhile, Google still hasn't added a way disable auto-playing videos (regardless of whether a video is muted) in Chrome.
This bit is especially infuriating for me, as there seems to be a High Sierra issue with Chrome and videos (for me, at least - it's hard to figure out how widespread it is). They cause massive browser lag when they're on a page for me, to the point of missed characters while typing.
> you can set "Document user activation" in chrome://flags/#autoplay-policy & relaunch.
That won't fix the problem of auto-playing video on CNN or other sites that are not YT. Trying to read news from CNN is still a matter of waiting for the page to load, then wait for the video to load and start playing, then click on the pause button, and voila you can read in peace.
Quoting the blog post, Google’s decision that ”Muted autoplay is always allowed” is the problem. If any other Chrome users wondered why videos now auto-play without sound (even with this option set), at least based on the relatively minimal docs about this flag, this is why.
I can't seem to find the issue, but in the Safari issue tracker, the point was made that given the way HTML5 video and APIs work, it is impossible to reliably prevent autoplay without breaking some sites. It seems that Firefox went for "reliably prevent autoplay" while Chrome went for "without breaking sites".
FWIW, I switched from Chrome to Firefox because of the autoplay issue.
Ug, I've been railing against this for a bit now. For anyone who is unclear what is happening, Chrome downloads a set of partial hashes for sites that are considered bad by this coalition. They don't provide the full list of sites (evil). Then if the site matches it, it phones home to get the full hash to see if it matches that. If it does, it applies the EasyList (non-cosmetic) ad block rules.
* The list is totally opaque (I am wrong, see EDIT 2 below)
* They use the hard work of people like EasyList and subjectively apply it (though not that big of a deal, they do make it free/open for all uses after all)
* They build it into the browser instead of as an extension or working with the existing ad-block community
I urge everyone to keep with uBO and the like. How anyone can be for NN and then think a coalition can be an on-by-default gatekeeper of good or bad web items I'll never understand. At this point, I have a hard time separating browser from ISP wrt end user control and limited choice (especially for the masses who aren't familiar w/ these kinds of details).
EDIT: I should note that this is the same mechanism by which the safe browsing lists work that tell you a page may be bad. For consistency, I disagree with that too of course, but I find the motives and targets here to be much more sinister. I would also say switch to FF, but they also use the secret safe browsing lists, so they'll probably switch to this as well. I say find a Chromium/Gecko based browser w/ all the ancillary shit like this removed.
EDIT 2: There is a method of obtaining the entire list via the API, see comments below. I was wrong about the opacity and stand corrected. Still doesn't alleviate the concerns around gatekeeping. I wonder if Google would let me keep a running update of this list in GitHub so we can all watch changes and other things like adblockers could use it.
Google owns the DoubleClick platform - the largest ad server with the most sites and running the biggest ad exchange in the world. They approve, serve, and support all of the intrusive ad formats in the first place, even on their own websites.
This is absolutely not about quality but a political move to counteract ad blocking extensions and companies. While the intent seems noble, it's likely to cause no real improvements compared to better existing options like not serving these formats at all.
I don't think DFP is the biggest culprit of annoying ads. If they were,Google would definitely have taken the less controversial option of imposing stringent rules around DFP creatives. The biggest culprits are the up and coming ad networks that try to differentiate themselves and deliver big numbers for clients by providing super high impact ads.
Sure, I just don't see why that should be disqualifying. If they are too shy about blocking ads, then most users will not even perceive that this feature exists and the status quo is unchanged. If they block even a handful of the worst offenders, it's a win for Chrome users. And if those blocks encourage people to clean up their act then it's a win for everyone.
I don't know. Maybe there is still a small benefit but I think their main reason for participation is to steer the effort into a favorable to them direction. Some benefits will come out of it but any real progress will be blocked or massively watered down because it would cut into their bottom line.
For example, how could we ever confirm that Google treats reports on its ads the same as reports on other ads? It's unlikely that we will be able to make that confirmation, and should probably instead assume they are not treating them the same and insist that Google prove that they are. Err on the side of caution and all that.
I get the point, but what's the solution exactly then? The fundamental problem lies in how ads industry works and how the psychology of ads work. Given Google owns one of the largest ad platform, it has the "power" to decide how an ad should be displayed, right? Because of conflict of interest, then what is the solution? Every problem has to have some solution. The argument here and above is driving us into a circle - no one knows, so Google is the "obvious" choice. I don't want to see ads myself, tbh, and this announcement doesn't really make a big difference anyway, but I am specifically asking if not Google, who and what's next?
In order to actually protect Chrome from Google influence, it would need to switch to the Firefox model: Selling default search to the highest bidder. It might, then, still be Google. But other search engines could bid for their share, and it would prevent Google from lowballing their funding.
(Also, imagine the hilarity if the default search of Chrome ever became Bing.)
> They use the hard work of people like EasyList and subjectively apply it (though not that big of a deal, they do make it free/open for all uses after all)
Again, I don't see the problem here. As you said, EasyList is free and open. It seems like your objection is just that you don't like the way its being used?
> They build it into the browser instead of as an extension or working with the existing ad-block community
I'd actually consider this a huge win. Everyone gets it by default (though you can turn it off in settings if you want), and it works on mobile, which doesn't currently allow extensions. What's your actual concern here?
> think a coalition can be an on-by-default gatekeeper of good or bad web items I'll never understand. At this point, I have a hard time separating browser from ISP wrt end user control and limited choice
There's a reason browsers are called the "user agent"; it's because their purpose is to make decisions and perform actions on behalf of the user. If a browser vendor wants to block ads on behalf of the user on sites which they deem to be using those ads in an abusive manner (and the standards for what is considered "abusive" in this case are actually pretty clear-cut: https://www.betterads.org/standards/) I don't see a problem with that. If you as a user don't want your user agent behaving that way, you can either tell it to stop (chrome://settings/content) or get yourself a new user agent. (And both of those actions are significantly easier than they are with your ISP I might add.)
> Again, I don't see the problem here. As you said, EasyList is free and open. It seems like your objection is just that you don't like the way its being used?
Not really my objection, I just wonder if it's the objection of the people putting in the work on those lists. I personally don't think it's a big issue.
> I'd actually consider this a huge win. Everyone gets it by default (though you can turn it off in settings if you want), and it works on mobile, which doesn't currently allow extensions. What's your actual concern here?
A bigger win would be to allow mobile extensions. It's strange to use a decision Google makes as a reason Google has to do something this way instead, ha. That it's on by default makes those of us on the non-user side of the web wary of the slippery slope of browsers not being neutral about what is shown to our users.
> I don't see a problem with that. If you as a user don't want your user agent behaving that way, you can either tell it to stop (chrome://settings/content) or get yourself a new user agent.
I'm more concerned with the site developer side than the user side. If something ships to millions of users and begins to exercise non-neutral control over content, you should become concerned. It's like TVs constantly updating a list of shows they won't allow to be shown on their TV. You might tell a user to go change the settings of the TV, but as a someone making the video, would you not be concerned? Or glasses that limit some of what you get to see by default, or headphones that disable some of what you get to hear by default, or cars that don't allow you to enter some areas by default, etc. I hope it's clear that conduits like these need to remain neutral.
Okay, yeah. Looking at it from a site developer's perspective I can see where you're coming from. In fact, I'm certain that many sites which do display Annoying Ads are going to be pretty ticked off by this move.
However, I think the type of "content" Chrome is discriminating against here is pretty far removed from what most users would consider "content". They're not basing the decision on whether to block ads on a news site on the _content_ of its articles, but on the placement of its ads.
To the extent that ads can be considered "content" then yeah, Google's not being content-neutral here, but while site owners might consider ads to be "content", I suspect most users don't.
It's a pretty similar situation with Google's Safe Browsing system. While a malicious site operator might consider malware to be "content", malware is almost certainly not the sort of content the user came to the site for.
While I would also personally prefer this functionality as an extension rather than as "bloatware" (although it's not exactly useless), I believe having it built-in will better the majority of Chrome users who are not savvy (or aware) enough to install extensions, which as of Dec 2010 was only 1/3 of Chrome users (the most recent stats from Chromium I can find) .
Unfortunately.. I don't see a dispute button. If Google won't let you dispute like blacklisted mailserver, I see class action lawsuits because ultimately with such high % of market share, Google and his pal Chrome will decide whether your business thrives or dies.
Only one site at a time. I want to see them all. Other ad blockers let me do this with their lists. Google is no stranger to supporting big list downloads. They are choosing not to and should not be defended. Sure they can say they don't want the offenders to know they are offending, but they can find that out anyways. I think in reality, they want to maintain the keys to the lists which means not giving it away and keeping it secret.
That's assuming that it's a simple process to publish a huge list. Keep in mind that Safe Browsing is much more complex than an adblock list. They allow actions from site owners via Search Console, and track many types of threats (phishing sites, malicious downloads).
My guess would be there isn't a simple canonical list, and it's more of a heuristic evaluation where certain thresholds will trigger site warnings.
In this case an API would be more up-to-date, and less computationally expensive than serving large, always-changing lists. It was likely just the more logical choice. Though I'm assuming the new ads functionality uses the same Safe Browsing infrastructure.
>Sure they can say they don't want the offenders to know they are offending
Actually not the case at all. They send alerts to sites that are affected by Safe Browsing via Search Console.
Makes you type-in a single URL. There is no way to use a keyword to get a list of items back. My point is that it should be trivial for google to do this, since this is their core competency.
I fail to understand whats so special about maintaining a tiny list of website URLs that anybody can access at any time? I'd wager you can fit 10+ million URLs per GB. The wayback machine has 300 billion+ pages of full page historical content and you can access all of it. This is entirely within Google's wheelhouse. Certainly, there could be other factors to not handout the list, but I'm merely speaking about the engineering aspect here.
All true. And I have found a place to obtain the list (see other comments). I do think the list as it relates to how the browser uses it is not that complex (is or isn't an "unsafe" or "bad ads" site).
I didn't say they couldn't. What I said is that such a list wouldn't make as much sense because it would always be out of date. A programmer looks at that problem and sees that an API makes more sense.
I downloaded the entire list via the API just fine. What is the difference between an API and a download? Answer: authorization control. It doesn't have to be a fixed file on their side...a URL can serve just what the API does like a download. But then they wouldn't know who wanted it.
> I should note that this is the same mechanism by which the safe browsing lists work that tell you a page may be bad. For consistency, I disagree with that too of course, but I find the motives and targets here to be much more sinister.
Out of curiosity what is your objection to the Safe Browsing lists?
I personally have my router blocking sites at the IP level and DNS rejecting queries for domains off this list.
I can't remember the last time I couldn't visit a site because it was on the list but with the prevalence of zero-day malware and naive users on my network, I'd rather just not even deal with the potential.
> Out of curiosity what is your objection to the Safe Browsing lists?
The gatekeeping and phoning home (even though it is privacy conscious). But it's not a strong objection. In general I prefer browsers to be neutral by default and make no HTTP requests behind the scenes, but I acknowledge that's unreasonable for most users. It's less about my personal objection and more about an objection to on-by-default corporate decision making being deployed to millions of users.
While safe browsing hasn't come under much scrutiny due to its limited scope and that it hasn't been abused, I suspect it won't be long before someone's site has its ads blocked unfairly by the coalition. I understand with human review and pending-vs-actual-blockage incubation they are attempting to alleviate false positives, but the internet is too large IMO and the rules are subjective (so I can have a site with a 29% ad density?).
Right now, per your metaphor, all the chickens are being eaten. It's a clusterfuck out there with some of these ads. But I also don't want to go the opposite way and (to extend the metaphor) have a fox so vicious, it keeps _myself_ away from the chickens (a la AdBlock extensions), such that my favorite websites go away because I'm not supporting their revenue stream.
Google does not have an interest in showing you shitty ads. They have an interest in providing their clients with ads that are acted upon and that web users appreciate, and they have an interest in having a browser that does that with as little friction as possible.
I'd say their incentives are perfectly aligned with ours.
>I'd say their incentives are perfectly aligned with ours
Speak for yourself. I hate advertising and would rather see that whole revenue method burn to the ground and pay the $2/mo or whatever to use my favorite services.
Ads have ruined everything they have touched (radio, satellite radio, TV, cable TV, satellite TV, magazines, highway scenery, etc) and they are well into the process of ruining the internet.
In addition to bloating every site and exposing you to higher malware risk, they encourage companies to violate your privacy as much as possible and exploit psychological weaknesses to get you to buy stuff you didn't want or need to begin with.
Google's incentives are to spread this poison so they are not aligned with mine at all.
Be careful what you wish for, your favorite services might not exist without advertising. Sure, you might be willing to pay for the service, but would enough people be willing to pay to keep the service afloat? Probably not in a large number of cases. Advertising is the necessary evil that keeps the internet afloat.
They have an interest in showing you non-shitty ads. They sell non-shitty ads. Therefore they have an interest in showing you their ads.
They also own the most popular way those ads are shown: through their web browser. This browser has the ability (at Google's sole discretion) to block shitty ads, of which all of them are run by their direct competitors.
So what's happening is, Google is giving themselves the right to block parts of the Internet they don't like, with the implied statement of "if you want your ads to be seen by Chrome users, buy them from us or else we might block them".
That is a classic protection racket. "Want your ads to be seen? Better buy them from us, or... bad things will happen."
> I would also say switch to FF, but they also use the secret safe browsing lists, so they'll probably switch to this as well.
They use this by default, but you're free to turn it off, and that setting (unlike others) seems to sync just fine using Firefox Sync. Just checked and it's off. I turned it off once years ago and switched between OSs and different devices in the meantime, and it's still off.
Don't know if the same is possible on Chrome.
> I should note that this is the same mechanism by which the safe browsing lists work that tell you a page may be bad. For consistency, I disagree with that too of course, but I find the motives and targets here to be much more sinister.
I agree with you completely on this one.
I had to turn that off on two layers, on a browser level, and inside my antivirus' firewall. My antivirus now constantly complains that I'm "not fully protected" because I don't want it to do web filtering for me.
I do support other private browsing techniques that stay on my device, like first party isolation, and adblock-like lists that are downloaded on my device.
Both are available in Firefox, and using them doesn't collide with my stance on NN, since I'm the one preventing the content from being fetched by my machines.
Not really, just based on the blog post and comments at https://news.ycombinator.com/item?id=16297550 and elsewhere where myself and others looked at the code. I could be wrong on some aspects of course and would welcome being corrected.
Also, I cannot find a clear explanation from Google how the internal details of this ad blocker work (how they manage the hashes on their side, where this coalition list is maintained, etc). I would love a link, but alas with these kinds of things transparency is usually the first thing to go, especially since people don't demand it.
Efficiency is distributing the entire list (and they do distribute an indexed and unindexed full EasyList, you can see it in your user's Chome data folder). I doubt it's too big to download in indexed form for a desktop and keep updating with deltas. At the least, I'd like the option.
EDIT: Updating from previous statement saying I couldn't find where to get the list. I have now obtained it from  and put it at  (caution, it's a large gist).
(Disclaimer: haven't worked on Chrome in ~7 years.)
This weird hashing scheme comes from safe browsing (which blacklists sites that install malware etc.). I guess (without specific knowledge of it) it was just reused for this ads thing because they had all the code handy for it,
both the browser-side code and serving code.
I recall the weird hashing scheme was carefully designed to balance some concerns. For example when it phones home, it phones home with a hash of the current URL so that it doesn't reveal the current URL to the server (unless the URL is already in the server-side blacklist). I also think it was intentional that the client didn't get a list of all known-malware URLs. I can't find any design docs for it at the moment better than https://developers.google.com/safe-browsing/v4/ . It may well be the case that the hashing scheme doesn't make sense at all in this context.
The hashing scheme definitely does address privacy concerns. It's that the whole list isn't present and relies on a Google API that troubles me. Surely the list is not too large to download on desktop, but maybe it is. I'd like the option of instead having it all on my desktop and downloading deltas instead of the hash check. The best "design docs" I've found is the golang impl at https://github.com/google/safebrowsing/.
I'm not sure if you're a Google PR drone or just naive, but people have been talking about this for years...
Ya know the nice little extensions Google has added over the years to their search page? Like speed test, recipes, dictionary, a rudimentary calculator, map locations, etc??
Most of the information is stuff they stole from other websites. They put it in the search results now so you won't go to those terrible websites yourself and stop looking at Google ads. And nobody can stop it because if you block Google spiders your website dies.
So the only people that can fight Google stealing all their shit are other Titans like Facebook and LinkedIn. Everyone else is getting their content lifted and moved into search results.
It's so pervasive that I'm not even going to bother to find you links. Ironically, you can just Google something like "Google destroyed my business" and find plenty of results. Google does a lot of things I support but they also destroy businesses intentionally with reckless abandon. For instance, I find it impossible to believe Google didn't think it would destroy Speedtest.com when it added a widget to the search page. Or Allrecipes when they started stealing their content and ploping it on the search page.
Some of the things Google does these days are thinly veiled as being for "convenience" or "security" when they're really just a monopoly stomping out various competitors.
Remember how Google used to punish "cloaking"? Well now they quietly allow you to do whatever the hell you want which led to all the news site paywalls. These sites we're tired of Google stealing all their shit and powerful enough as a group to stand up to it. Google sits on it's hands because they know if they stop it they will end up in court, probably for antitrust
The fact that real Googlers post here eliminates the need for PR to post. Google employees are participants willing supporting Google in exchange for money so they are incentivized to post only good things about Google or risk violating policy/getting fired. They are even incentivized to scrutinize every negative post about Google because it's an attack on their livelihood and moral choices (whether or not to continue working there).
I'm not suggesting the dead post's particular case is true. I'm just pointing out that it's a company's dream to have engineers voluntarily spending time on a forum like this where they have identified themselves as employees. They are implicitly doing PR for free.
Well you're looking at this in a very saccharine light. Have you been following the discussion leading up to this? There have been very pointed questions about how truly independent the coalition for better ads is. There's questions about and advertising company blocking advertisements from other companies. There's questions about the layer of the browser this was added to. There's questions about even what the better ads coalition purports to do!
Can the coalition truly be independent when their only active enforcer is a member? Would that coalition defy that one member ever?
Under what circumstances will other sites and advertisers learn of updates to ads? Will that policy remain? Will google always have a head start?
What of ads and scripts designed to track and de-anonymize you? What of ads that consume huge amounts of bandwidth passively while not otherwise being annoying? These policies seem directed only at the aesthetic of the web.
And really, it remains to be seen if our long term interests are in line with googles, if you asked me, I'd very much say no.
>To us, your experience on the web is a higher priority than the money that these annoying ads may generate — even for us."
That's begs the question - Why were those ads approved by Google in the first place? They were the source of the problem to begin with !! Also, before we rush to judgement, how much revenue were those ads generating for Google in the first place? I would respect them a bit more if they actually are taking a hit on this.
>But Google has demonstrated over the years that they're willing to sacrifice their short-term gains to maximize their long-term gains.
How have they demonstrated that? Could you elaborate?
>> But Google has demonstrated over the years that they're willing to sacrifice their short-term gains to maximize their long-term gains.
> How have they demonstrated that? Could you elaborate?
Before Google, web search results were rotten. Advertisers could push their sites onto the front page, and paid ads were indistinguishable from organic results.
Google's innovation was to deliver pure search results with the highest relevance, with zero influence from advertisers. Ads were separate and labeled as such.
By sacrificing near-term ad revenue, Google built trust with users, and won search in the long-term.
Google could have kept Android closed and charged for licenses. But by open-sourcing it and allowing competitors to use it, they sacrificed short-term license revenue to build a much larger ecosystem.
Google capitulated to government demands that they censor search results in China. But then they reversed course, exited mainland China, and sacrificed revenue from that massive market. Long-term, active censorship would damage Google's reputation.
>Advertisers could push their sites onto the front page, and paid ads were indistinguishable from organic results.
>Google's innovation was to deliver pure search results with the highest relevance, with zero influence from advertisers. Ads were separate and labeled as such.
Have you tried using Google without an adblocker recently?
If I search "buy a car" using Chrome on Android the entire screen of my phone is filled with ads that I need to scroll past to get to the "pure" search results. The only indication that they are ads is a tiny box 1/8 the size of a fingernail. The top result on the embedded Google maps box is also an ad.
Very polite of the malware to put a tiny ad tag on the ads it is managing to inject into a HSTS pinned website on a browser that doesn't allow any addons or extensions. I also like they way they perfect match Google's site design.
Most of the better ads standards have more to do with ad placement than with the ads themselves. It's not particularly easy for Google to reliably detect whether their ads are embedded in a pop-up, for example: https://www.betterads.org/desktop-pop-up-ad/
I suspect that they're more afraid of ad blockers than the competition, although I could be wrong. If users are annoyed by intrusive ads they're more likely to install an ad blocker. If they do that they're likely to block google's less-intrusive ads as well.
This may have been true a couple years ago, but I don't think it's true anymore. The majority of people are annoyed by ads, and all it takes is one friend to tell them to "install this to not see ads" or a nephew to come over for them to have access to an ad blocker. I'd estimate this percentage as closer to 50%.
I think you forgot the "/s". Kudos on keeping a straight face after the initial quote, though.
But seriously, this line:
> To us, your experience on the web is a higher priority than the money that these annoying ads may generate — even for us."
Is a flat out lie and you should know better by now.
Unless the "us" speaking here is a very specific (and powerless) subset of whoever could be speaking for Google. Which would make it merely disingenuous.
And even then their actions require a lot more before they deserve that kind of trust again.
> We've been trained that every corporate action is selfish, by definition against our interests.
If we had been trained we might've gotten to this conclusion sooner and prevent some of the worse shit that's happened because of it. But we weren't trained (what would have trained us?).
I'd rather say we've been extremely slow to recognize that even though the law recognizes corporations as persons (in some places), they are in fact, inhuman. And they will continue to act with complete disregard to human interests. I think it's still useful to think of corporations as organisms, just not of our species, in the same way that a fungus is not the same species as its substrate.
Some people "at the top" believe they are in control, but they are in control as much as you can be in control sitting on top of a wild, untamed beast. And you've seen it, corporations replace "the top people" like any other employee and it doesn't change much. Not nearly as much as they want you to think. It's more like trimming your fingernails than getting a heart transplant.
Of course, nation states are just the same. Conglomerate hierarchies of humans, doing whatever to stay in existence as a sort of entity. Problem was they were caged by design, rules, from the bottom up. This was because we needed them to be, we saw tyrannies rising when we didn't. So we made rules to bind them, deliberately stunted like bonsai trees, to preserve our individual freedom and not become cogs or ants. So they subverted the meaning of "freedom", because we should be free to make new corporations (conglomerate hierarchies, egregores, group minds, call them however you like), because you know, freedom! Except this exploit existed even within the nation states that were deliberately stunted to not grow out of control. Just don't feed them after midnight, okay?
And then we were free to create corporations, without stunts, or rules or restrictions to preserve actual real individual human freedom.
And of course these new corporations quickly grew to become more powerful than many nation states. REALLY quickly, if you think about it, if you compare it to the speed at which nation states exchange power and conquer one another. But corporations kill at sub-decade frequency currently.
I went a bit off a tangent here sorry, and I doubt this is the proper forum to share this kind of thing either. But just stop and think for a moment, who or what is writing those words you just quoted. It's not something that could ever be your "friend".
This justification always reminds me of the advice to run SSH on a non-standard port.
Sure, I guess that makes you less of a target for bad actors, but if your browser can be compromised by simply visiting a website, that's a serious problem that's going to bite you whether you block ads or not.
It's much closer to the advice to run antivirus, use a firewall, and apply updates. Exploits are discovered, but there are often mitigations available before fixes come around. By applying the mitigations (AV, firewall, adblock) you can prevent at least some of the exploits until fixes (browser updates) are released.
The SSH on a nonstandard port thing... I do it so I know if I see a failed login attempt, it's someone who is trying a lot harder than the average attacker and something I should investigate more fully.
It's important to note that the "flagging" is not done by users, but by Google themselves. And they do this based on the Better Ads Standards. After the initial flagging, the site owners are notified, and have 30 days to fix it, until the ads on the site are blocked. They then of course can still fix it, and get the ads unblocked.
This is exactly what came to my mind when I saw the headline. I'm sure this will happen, and a new arms race will ensue. Users are better off with uBlock Origin and such, instead of relying on advertising companies to handle ads better.
Let’s talk about “acceptable ads”. Do you think they exist?
I don’t. I avoid ads for two reasons: first that they’re fundamentally biased, manipulative information sources, second that they drain attention, screen space, battery life, etc. I’m much more worried about the first than the second, yet “acceptable ads” (partially) addresses the second without touching the first.
> I avoid ads for two reasons: first that they’re fundamentally biased, manipulative information sources, second that they drain attention, screen space, battery life, etc.
Neither of these points need to be true. Consider if someone had a text ad which said “We made widgets. Click here to see our widgets”. There's nothing manipulative about that, it need not use more than a small amount of network or CPU to deliver, and all but the most extreme members of the no logo camp would tend to agree that there's nothing manipulative about it.
> first that they’re fundamentally biased, manipulative information sources
Is an NPR-style “this program is sponsored by <big company>” manipulative or biased? What about the Amazon ads you get on a Google search for most consumer products, where it's clear who paid for them, they make no claim that the product is the best product or that they have the lowest prices, only stating that you can buy one from them, etc.?
> second that they drain attention, screen space, battery life,
Do Google text ads really do any of those? What about a static JPEG?
Remember, I'm not saying that the state of online advertising isn't terrible but that it's not fundamentally so. The industry has raced to the bottom but it'd clear up in days if publishers stopped allowing offensive ads to run on their sites or Chrome started actively blocking them.
> Do you mean that it’s more reliable to discern the truth from ads than when the bias isn’t clear?
No, I think that it's easier to reject (overt) ads manipulation because their bias is clear, compared to forms of manipulation where the goal of the manipulation is less clear; this doesn't help you get to the truth (except in some cases where that is revealed by what even the ad is forced to admit against its interest, or hinted at by what it avoids) from the ad content itself.
I would say for free services, I'm ok with ads (like metafilter)... but for free sites that collect our every click and keystroke and sell it for gobs of money to marketing megacorops, they should be paying us!
I don't know how you can argue against all ads, no exception, without at least somehow addressing the problem of content currently financed by ads.
Journalism provides a necessary service for a democracy, and unpaid bloggers haven't actually made much of a dent into real, investigative journalism. Hell, they haven't even made a dent into regular ask-questions-at-press-conferences journalism.
Which leaves paywalls. But even if I everyone bought subscriptions to the top 5 or so publications they read regularly, we would all drastically reduce the variety of sources we get our news from. No fan of Breitbart is going to pay for the New York Times, even though now, they might (sometimes accidentally) come across an article offering them a glimpse of real journalism.
It's really easy to try: Just for a month or so, don't visit any sites showing advertisement that you haven't paid for.
Does this include something that flashes / moves (within its self-contained box) even though it doesn't take over the screen?
How is it that it's not outrageous to people that in the middle of a news article, a box with flashing colors and a picture of a woman in a bikini isn't something obviously extremely undesirable? The activity of reading requires concentration, if you're reading something that requires thought, that is. I'm baffled that our tolerance level for this didn't drop to the pitchfork level.
conceptually. However, the metric we use to dictacte that conceptual argument is what screws us (Americans). We have chosen increase in price as the primary metric.
It becomes the responsibility of the accuser to prove and provide evidence of increased prices based on monopoly position. The Exponent podcast did a nice description of this last summer I believe (not sure what episode).
I would like to take a second off topic and point out that the design of their blog^1 is really atrocious for a number of reasons
- Massive, truly gargantuan header and footer that steals 40-50% of usable screen space for.... white space
- Terrible type selection that is kerned too closely and is too thin to comfortably read on a white background. Eye strain is SIGNIFICANT.
Like, come the heck on Google. You're trying to make the internet a better place. Maybe practice what you preach and follow Day 1, 101 course UX principles like "choose a type that is legible" and "don't use half of your article vertical space for pointless globs of white space in your header and footer"
Firefox beta on Android is slow, but wrorst is if you use Google's search tools (like time range) Google sends Firefox a search results page without that ability or many other things (plus side, there's no amp).
There are a few of them, but i didn't want to keep fighting against Google and chrome is going to take up space on my phone regardless. I only have 16gb of internal storage so I'm often struggling with that. (Android seems to work their hardest to make the expandable micosd not very useful).
For the same reason that they expect websites not to display a different content when they see the googlebot UA for instance? It's pretty shady behavior IMO, that's not how the web is supposed to function. It's something I would've expected from Microsoft more than 10 years ago. I guess chrome really is the new IE.
I also expect them to do the right thing because of "Don't Be Evil", but that doesn't really mean much anymore, right?
It's a shame the EC hasn't looked into this as part of its antitrust investigation against Google. And I'm talking about Google not allowing ad-blockers in the Play Store, not about Chrome not having an adblock extension. That's just their decision not to have extensions on the mobile Chrome, and I can respect that, even though I know it sucks. However, it should be illegal for Google to block adblockers in the store, considering its Android monopoly in the EU.
I appreciate the step forward, but what I really want is for my browser to block:
* Battery-draining junk code
* Bandwidth-hogging videos and GIFs
* Spreading information about me cross-origin
As such this change will not entice me to disable my ad blocker. Not even close.
I found immediately ironic that I was reading a post about how Google values the user so much that they built Chrome, a browser that gets out of your way and gives more of your screen over to the websites you are viewing but the site where this article is posted covers half my screen with site-navigation chrome that is 80% whitespace and that pops in and out semi-unpredictably. Sigh.
When I'm trying to visit some page, and I get an unrelated spammy popover that is hard to get rid of... I've gathered cause I know how this stuff works that it's _probably_ from a misbehaving google ad, but I don't know how I'd identify that to flag it, or if I'd spend the time to do so. I usually just get out of there.
It seems to me that it's irrelevant if you agree with Google's Ad Strategy or not. The problem is that Google gets to make the choices, they are now in a position to decide, via the proxy of Better Ads, whats allowed on the "Open Web". IMHO, this is just one more step in a less-open Internet.
The title ("Chrome will stop displaying ads that are repeatedly flagged as disruptive") is wrong in a couple of ways.
According to the post:
"... Chrome will stop showing all ads on sites that repeatedly display these most disruptive ads after they’ve been flagged.
To determine which ads not to show, we’re relying on the Better Ads Standards from the the Coalition for Better Ads, an industry group dedicated to improving the experience of the ads we see on the web. ..."
They are a bit vage in this post, but as we know from other posts and press briefings, this means:
The site owners will get a notice when Google has found that their site is displaying ads not compliant with the Better Ads Standards. When they don't fix this until after 30 days, all ads on the site are blocked, even those complying with the standards. The site owners can then of course still fix it, and get removed from the block list.
So the "flagging" is actually done by Google, and means the owners of the site get a notice.
We really, really don’t need Coalitions, Committees and other crap to tell us what ads are acceptable. This stuff is so straightforward that it’s mind-boggling we are still debating it:
1. Don’t be annoying: NO sound, NO video, NO auto-anything, NO flashy animation, NO obnoxious bright colors. What is so wrong with the discreet images and text that newspapers and magazines have used since forever?
2. Don’t disrespect me: NO treating my data plan as an infinite well for downloading crap, NO ad networks that can’t be bothered to have proper security, NO obscenely-complex tracking scripts, and NO trickery to make me click (pop-anything, delayed loading, etc.).
> When we built Chrome, we wanted to create a way for people to interact with the magic that is the web, without the browser getting in the way. We created a browser that took up minimal space on your screen...
Only for websites clutter that free space with hideously large and empty headers and unmovable footers that cover a good 20% to 30% of vertical space that would be better spent on the actual content of the page. (If I want to navigate your site, give me link to your homepage, and I'll take it from there.) Oh, and lets not forget those social sharing icons, even for people who don't social network!
Let's rub salt into the wound:
> (These ads are) designed to be disruptive and often stand in the way of people using their browsers for their intended purpose—connecting them to content and information.
Do you have a screenshot? I don't feel like enabling JS for that site. Moreover, a screenshot would keep your argument understandable for readers who might encounter your comment in a year or later, when that site changed their layout or perhaps doesn't exist anymore.
I certainly like the idea of blocking these types of ads at first blush. I don't know much about the source of the "disruptive" label so that could be a bone of contention. I would assume there will be some UI element saying that Chrome blocked a "disruptive ad" similar to when it blocks popups but they didn't describe that in the post. Overall, I am optimistic.
In the near future article on HN frontpage: "large Chinese bot network to notify Google of dangerous site to hire".
You want your competitor site to be down, our 100,000 strong unique IP addresses bot network will take 2 weeks to notify Google of a harmful website. Just give us an URL of your competitor and wire us $10,000 and watch them being wiped out of the net! Guaranteed!
"It’s important to note that some sites affected by this change may also contain Google ads. To us, your experience on the web is a higher priority than the money that these annoying ads may generate—even for us."
Fundamentally, the setup is that Google is blocking all ads (and all ad revenue) on sites that serve any ads that don't comply with a certain Google-defined policy. Google of course makes certain that this policy allows whatever ads Google wants to serve.
What is the most plausible outcome? That sites want ad revenue, do not want to take risks on losing it, and hence will only use Google for ads (because those will by definition comply with the policy).
It's true that if a site serves both Google and non-Google ads Google may end up punishing the site (no ad revenue), even if it means some revenue loss for Google from the now-blocked Google ads. But if the goal is to make sure sites do not do this mixing of Google and non-Google ads, that seems like an acceptable cost to pay to achieve the goal, from Google's point of view.
All ads are disruptive, as they are designed to draw your attention. If you can ignore an ad it did not serve the purpose it was created for. Does it mean Chrome blocks all ads now? Don't hold your breath.
One of the few exceptions that I can think of would be skymall. It is a magazine with only ads for overpriced useless stuff that you can read about (and maybe buy) while on a flight. I would normally read the entire magazine during the boring flight.
"That's a nice website you have there. It would be a shame if you couldn't display ads."
How is this anything other than a hilariously transparent shake-down? An ad company that controls both ends of the ad pipeline (Chrome and Adsense) is "protecting" people not by blocking terrible ads, but by blocking all ads on sites it deems "disruptive."