EDIT: Apologies. Updated with a link to what gorhill REALLY said:
Manifest v2 uBO will not be automatically replaced by Manifest v3 uBOL[ight]. uBOL is too different from uBO for it to silently replace uBO – you will have to explicitly make a choice as to which extension should replace uBO according to your own prerogatives.
Ultimately whether uBOL is an acceptable alternative to uBO is up to you, it’s not a choice that will be made for you.
Will development of uBO continue? Yes, there are other browsers which are not deprecating Manifest v2, e.g. Firefox.
This has been a long time in the making…hopefully Firefox will see a market share increase. Google is doing this right as they get slapped by an antitrust ruling ironically lol. If you haven’t already just go ahead and switch, if you like Lemmy you’ll probably like Firefox as well.
Side note: I try not to be negative here, but this would be a great time for Mozilla to get their act together as an organization. Love Firefox and the idea, but Mozilla has been pissing off the FOSS space for a while now with their decisions. If they’ve improved in recent years, disregard this.
The tricky part is that Google isn’t wrong about Manifest v3 increasing security for some people. Just allowing any extension to access the full URLs from a webpage is honestly pretty sketchy for most things that aren’t adblockers. Think about Beth in accounting who has 27 bloatware toolbar extensions installed on her home PC, which are happily collecting her full browser history and sending it off to gods know where. Manifest v3 is targeted at increasing security for those users, by making it more difficult for extensions to track you.
The issue is that it also makes ad blocking virtually impossible, because the blocker is forced to just trust that the browser is being truthful about what is and isn’t on the page. And when the browser (developed by one of the largest advertisers in the world) has a vested financial interest in displaying ads, there’s very little trust that the browser will actually be honest.
The issue is that there’s not some sort of “yes, I really want this extension to have full access” legacy workaround built in. Yes, it would inevitably be abused by those scummy extensions, which would just nag idiot users to allow them full access. And the idiot users, being idiots, would just do it without understanding the risks. Even if Chrome threw up all kinds of big red “hey make sure this extension actually needs full access and isn’t just tracking your shit” warning flags, there are still plenty of users who would happily give bloatware full access without reading any of the warnings. But it would also allow ad blockers to continue to function.
The single biggest security improvement you could make for Beth in accounting would be to install UBO. Where do you think she gets all those shitty toolbar extensions? That’s right, from ads.
This is targeted at destroying adblockers because Google is, first and foremost, an ad serving company. That’s their business model. It incidentally improves security for certain users in certain edge cases, because they need some kind of figleaf of legitimacy.
If it was about security then they should simply block Manifest v2 extensions from their store or at least start doing some actual verification of the extensions they host. Taking away freedom claiming it to be for security is almost always a lie.
Can you share some examples of things that pisses off the FOSS space? Mostly just curious to understand more
Here’s the most recent example:
The browser that promises “no shady privacy notices or advertiser backdoors” on its storefront has suddenly added an experimental feature to beam user interactions to advertisers and enables it by default. Many are not happy.
It should be noted that the advertisers get zero personal information, neither does Mozilla, and it has been designed in a way so that the data is impossible to fingerprint in a way that can tie it back to any individual person, machine, or specific location.
It’s a way for advertisers (and like it or not, a decent amount of the content we want has to be paid for somehow) to see how effective their ads are without anybody’s privacy being encroached on.
Should it have been turned on without informing the user? Fuck no. But there’s a lot of misinformation going around about this.
Personally I’ll still be using uBO, because I despise any ads at all, but if we are to have ads, the system Mozilla has built is just about the most ethical and privacy-respecting way to do it.
