Ad Blocking is cyber security
Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ
⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.
Rules • Full Version
1. Posts must be related to the discussion of digital piracy
2. Don't request invites, trade, sell, or self-promote
3. Don't request or link to specific pirated titles, including DMs
4. Don't submit low-quality posts, be entitled, or harass others
Loot, Pillage, & Plunder
📜 c/Piracy Wiki (Community Edition):
💰 Please help cover server costs.
Ko-fi | Liberapay |
Malvertising (a portmanteau of "malicious software (malware) advertising") is the use of online advertising to spread malware.
It typically involves injecting malicious or malware-laden advertisements into legitimate online advertising networks and webpages.
Because advertising content can be inserted into high-profile and reputable websites, malvertising provides malefactors an opportunity to push their attacks to web users who might not otherwise see the ads, due to firewalls, more safety precautions, or the like.
Malvertising is "attractive to attackers because they 'can be easily spread across a large number of legitimate websites without directly compromising those websites'."
A better quote
We need more browser options, not just Firefox and 20 versions of chrome.
If you have the funds, donate to Mozilla. They're not only the main developers of the only major competing browser engine, but also do a lot of other good work. You can hope for others, but with Firefox only having single-digit usage share it needs all the help it can get.
You can’t legally donate to Firefox, as it is developed by a Corp (Mozilla Corp.). Donations go to Mozilla Foundation, which does… other things with you money. In other words, your money don’t go towards FF development.
So, if you donate thinking that your money helps Firefox development, you're doing it wrong.
To be fair, there are about 20 versions of Firefox too. It’s just that most of them aren’t there to Hoover up ad revenue.
A good project to support would be the Ladybird.
They don’t even have builds. How can we support tools the bulk of users can’t easily implement or recommend non technical people to try?
You can support by joining the project and helping them to fix issues. It's a young project, but they've been progressing really fast. Andreas Kling is one of the original developers of Safari, and in the past years he's been creating his own operating system (Serenity OS) and formed a team who've been doing their own JavaScript engine, web browser and a programming language together with the OS. It's a really fascinating story and I give all the respect for them for doing this. This is the work we have to do if we want to beat Google from taking the internet. It's us who need to step up and start fixing the internet.
https://awesomekling.github.io/Ladybird-a-new-cross-platform-browser-project/
I don’t disagree with you on alternatives but again it’s challenging for the technical folks amongst our peer groups to help adoption of an alternative if we can’t provide places for the folks we support to download the alternative and try it
There’s no way for any of my family or friends to understand how to build their own browser, let alone setup a WSL2 environment to make it work. Their eyes are going to glaze over at the thought then they’re going to go download something else.
Google basically made it so that it takes a large company to compete with all the """web features""" that they have, so good luck with that.
Stop using Google products I don’t know how else to fucking say it.
Chrome -> Firefox Drive -> sync or Dropbox or any number of options Sheets and productivity tools > libre office or Apache open office YouTube -> Invidious or even better, odysse Google search -> duck duck go, SearXNG, StartPage, etc Gmail -> not a ton of great options. I’d probably recommend proton mail but the FOSS email world is definitely lacking, or gets blocked or goes down, harder to self host etc.
helped with formatting:
Chrome -> Firefox
Drive -> sync or Dropbox or any number of options
Sheets and productivity tools > libre office or Apache open office
YouTube -> Invidious or even better, odysse
Google search -> duck duck go, SearXNG, StartPage, etc
Gmail -> not a ton of great options. I’d probably recommend proton mail but the FOSS email world is definitely lacking, or gets blocked or goes down, harder to self host etc.
And I agree for sure. In order I use firefox (and brave sometimes), Proton Drive, Apple Productivity suite (pages, numbers etc), and either startpage or qwant, and proton mail. I do still use use YouTube Premium, but the point is Google doesn't need to have its fingers in every aspect of my digital life.
FYI, you need two new lines (hit Enter twice) to actually get a new line in Lemmy.
Two new lines One new line.
-->since everyone is confused about this i'm gonna try to explain as best as i could and also clearing some misconceptions:
1# why this is such a big deal ?
if this gets implemented AND it gets widely adopted websites now can refuse to give you content if you are running a non complied browser, remember those website that say "oh you are using an ad blocker so disable it to access our site" they can detect this by various methods but ultimately all of them rely on running a JavaScript into your browser. which you guessed it, its easy to modify and tamper with manually or using extensions
now what WEI-API does is that it can verify the integrity of the web page ( JavaScript/HTML/CSS has not been modified ) and even tell the website what extensions - ad blocker detected no content for you - you are using and what browser you are using - firefox or brave detected no content for you - and do not be fooled into thinking that this can be spoofed. and website owners who think that they are running a business not a charity will implement this.
2#will using firefox save me?
if this gets widely adopted and you inevitably encounter a website that require this ( for your job ,school or your bank ) you have no choice but to use chrome just like when your banking apps refuse to work because your phone is rooted which means that SAFETY-NET is broken
3#why this is a threat to begin with?
this is only viable if the web adopt it so why bother?, well guess what google is famous for making its services very easy to integrate and well documented just look on how easy it is to integrate google analytics and google adsense* into websites and how many of them use it in the internet.
4#what can we do to prevent this?
this is my personal opinion but i think we simply can't, this not like the reddit incident were very large portion of the user base was upset most people don't know/care/give-a-fuck about web technologies and how they work.
#and Finally "but google said they don't plan to use this to fingerprint you (Device ID) or track your browser history or interfere with the work of extensions"
do you really believe that a company like google whose bread and butter is advertising would not make it easier for themselves, a company who has been exposed time and time again for lying and having ulterior motives ( you don't need to look far just look into what manifest-v3 did )
remember those website that say “oh you are using an ad blocker so disable it to access our site”
I can easily imagine this not being a necessary, anymore. Just let the website using this WEI API automatically disable all browser extensions on a WEI-enabled site. Why not, after all? Why should you dictate the traffic you receive on your computer? Why should you own anything?
I will happily stop visiting any website that demands I use an approved browser.
Well, those of us who care all say that but I for one have to access government and banking websites in several countries, if they implement this I have no choice. This abomination must be prevented in the first place.
You can use Chrome for those websites if they completely break, and Firefox for everything else.
Banks and government websites don't tend to have adverts.
We can criticize the EU, but they would not allow or force people to install Chrome in order to access government web sites.
... Until all the sites you absolutely need to use in order to *function in society *require approved devices with proper tracking.
So you fight it now by switching away from Google as much as you can.
Remember when browsers just browsed....
I really want to push the What's Cool! button
Holy cow im getting nostalgia and I wasn't even alive when Netscape was a thing, I think...
Fuck I'm old.
This is exactly why everyone should use fully idenpendted browser like Firefox
Yet another vitally important front in the war on general purpose computing (it's a short and important read imo)
Fuck Google, and fuck DRM.
Users like visiting websites that are expensive to create and maintain, but they often want or need to do it without paying directly. These websites fund themselves with ads, but the advertisers can only afford to pay for humans to see the ads, rather than robots.
Won't you think of the poor poor ad companies?
Half the internet now seems to be bots creating content purely for the enjoyment of other bots. Typing any kind of difficult question into a search engine will now have you dodging a minefield of AI generated articles, none of which contain any useful information other than what they've scraped from other AI generated pages.
Users like visiting websites that are expensive to create and maintain
Do they actually, or is that just all they have to visit anymore? Would users not be happier visiting a bunch of cheap geocities pages with blink tags instead of tracking cookies?
I see so many comments from people saying they'll jump ship if Google adds this to Chrome. They'll move over to Firefox right away. But the thing most people don't know is one reason Google has such a broad reach is they make it so crazy easy to integrate their services for developers.
So, yes, users who dislike what they're doing should stop using Google products if possible. But, more importantly, developers or project managers, etc. should all resist the urge to utilize this kind of feature even if it's easy.
I work at a vpn/adblocker company and we just finished releasing an updated mv3 extension that does block ads effectively (among other things) but the feature set is limited vs mv2 because of the changes. Furthermore, google has actually pushed back their mandated release schedule for mv3 compliance because something less than 30% of the extensions on their store are anywhere close to ready for it (which if they pushed ahead with mv3 they would effectively break 70% of what's on there overnight).
The DRM shit is just next-level bad though. Enshitification 101.
The thing is mv3 is not needed nor wanted by anyone, they are actively shoving an unnecessary product down our throats to show us more ads.
I will keep on using Firefox and Librewolf until the web goes back to webpages that load in text only browsers in less than 2 secs
"Do no evil." ...unless it's projected as profitable, in which case, evil that shit up!
They ditched the "don't be evil" years ago. Now it's "As many ads as possible".
I hear that they can cover up to 80% of a user's visual field without inducing seizures.
How is the worlds biggest ad distributor also the worlds biggest browser maker without it being an anti-trust violation?
i cant believe people still use chrome.
Also it’s not kinda drm, it is drm. Like fr