undefined | Better HN

0 pointsJoshTriplett3y ago0 comments

I've talked to a number of real engineers within Google. The folks building the browser have no desire to kill adblocking; they're never going to include first-party adblocking (not least of which because antitrust), but they're not out to break third-party adblockers.

It really is the case that the same mechanisms that enable adblockers ("this extension may affect your traffic on every website") are also the mechanisms that enable malware in extensions, which are not at all rare.

0 comments

RunSet3y ago

> I've talked to a number of real engineers within Google. The folks building the browser have no desire to kill adblocking

Have you also consulted the actual decision-makers at the world's largest advertising corporation who sign those real engineers' paychecks?

encryptluks23y ago

Have you combed the bug tracker or submitted reasonable PRs and have proof that the decision makers are gatekeeping an open source project from implementing something that is clearly a better alternative?

ocdtrekkie3y ago

The solution here though is simple: As the sole publishing source of extensions users can install on Chrome, Google just needs to stop distributing malware from their extension store!

But of course, that would require Google actually take some responsibility and do some legwork and neither of those things are in their core competency.

If Google actually had any goals of improving security, they'd literally just delete the Chrome Web Store and start over and manually reviewing and approving extensions one by one.

JoshTriplettOP3y ago

If Google did that, there'd be widespread cries of "gatekeeping!". Mozilla was blasted for doing exactly the same thing.

ocdtrekkie3y ago

Here's the problem with that apologism: They already are gatekeeping. They made that call as soon as they removed sideloading extensions. The problem is Google is just a shoddy gatekeeper.

michaelt3y ago

They manually review and approve Android apps one-by-one.

The results have not garnered much acclaim.

I suppose you could argue they simply haven't budgeted enough $$$$ to get skilled reviewers taking enough time on each review.

ocdtrekkie3y ago

People reviewing the security of browser extensions should have the title of "engineer" at minimum.

Bear in mind browser extensions completely defeat all the benefits of HTTPS. If we aren't putting them through significant scrutiny there really is no reason for anyone at Google to claim to work on security at all. Extensions need to be treated as incredibly privileged code and vetted accordingly.

8note3y ago

Do the engineers actually control that decision?

blibble3y ago

have you heard of "plausible deniability"?

I very much doubt the upper management is stupid enough to tell the grunts that they're doing this to kill off adblockers

they know there will be intense regulatory scrutiny on this at some point in the future

the true factors that went into this decision will have been discussed verbally and in-person only

j / k navigate · click thread line to collapse

0 comments

RunSet3y ago

> I've talked to a number of real engineers within Google. The folks building the browser have no desire to kill adblocking

Have you also consulted the actual decision-makers at the world's largest advertising corporation who sign those real engineers' paychecks?

encryptluks23y ago

ocdtrekkie3y ago

The solution here though is simple: As the sole publishing source of extensions users can install on Chrome, Google just needs to stop distributing malware from their extension store!

But of course, that would require Google actually take some responsibility and do some legwork and neither of those things are in their core competency.

If Google actually had any goals of improving security, they'd literally just delete the Chrome Web Store and start over and manually reviewing and approving extensions one by one.

JoshTriplettOP3y ago

If Google did that, there'd be widespread cries of "gatekeeping!". Mozilla was blasted for doing exactly the same thing.

ocdtrekkie3y ago

Here's the problem with that apologism: They already are gatekeeping. They made that call as soon as they removed sideloading extensions. The problem is Google is just a shoddy gatekeeper.

michaelt3y ago

They manually review and approve Android apps one-by-one.

The results have not garnered much acclaim.

I suppose you could argue they simply haven't budgeted enough $$$$ to get skilled reviewers taking enough time on each review.

ocdtrekkie3y ago

People reviewing the security of browser extensions should have the title of "engineer" at minimum.

8note3y ago

Do the engineers actually control that decision?

blibble3y ago

have you heard of "plausible deniability"?

I very much doubt the upper management is stupid enough to tell the grunts that they're doing this to kill off adblockers

they know there will be intense regulatory scrutiny on this at some point in the future

the true factors that went into this decision will have been discussed verbally and in-person only

j / k navigate · click thread line to collapse