The end of uBlock Origin for Google Chrome?

Discussion in 'other software & services' started by mood, Oct 12, 2019.

  1. summerheat

    summerheat Registered Member

    Joined:
    May 16, 2015
    Posts:
    1,916
    I didn't find the posts regarding Firejail. Perhaps they are old, and Firejail has improved since then.

    In any case, Firejail basically uses the same technology as Chromium does. So if Firejail is affected by these problems, Chromium is probably, too. However, the difference is that in Chromium only the renderer is sandboxed while with Firejail the broker (which has access to the file system) is sandboxed as well. Besides, there is a nodbus switch which is enabled in the chromium-common.profile and firefox-common.profile (perhaps this had not been available at the time of the writing of these tweets).
     
  2. summerheat

    summerheat Registered Member

    Joined:
    May 16, 2015
    Posts:
    1,916
    I think we're getting OT here. But since you mentioned it: I don't know what the Copperhead guys (or actually Daniel Micay who is its the only developer right now, AFAIK) said. But nobody ever claimed that Rust prevents all security problems. However, its prevents whole classes of vulnerabilities like the infamous buffer overflows (which account for a high percentage of vulnerabilities in the past). Two nice examples and good reads about the advantages of Rust are here and here.

    I disagree. They don't make our system completely error-free and, hence, not 100% safe but safer.
     
  3. Daveski17

    Daveski17 Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    9,629
    Location:
    Lloegyr
    Well, I hope you're right about these 'facts'. As far as I can tell Vivaldi are pretty beholden to Blink/Chrome and its extensions. Google (and the advertising consortiums behind them) seem determined to nobble adblocking. It's what Manifest v3 is all about. As you can tell, I'm a tad pessimistic.
     
  4. 142395

    142395 Guest

    @wat0114 @summerheat
    Enter "@copperheados firejail" into Twitter search box w/out quotation. Tho I don't have Twitter account, I recommend to learn how to use Twitter search as it's a very good source of all kind of info and there are many more useful commands.

    I agree that it's OT and will stop here. But remember they're Linux security experts and Rust contributor, and their claim is NOT that Firejail or Rust is not perfect - everyone knows this. Using name space, seccomp-bpf, and capabililty do not mean two techs are same and there is a reason broker is not sandboxed. They may make your system safer, but only a bit, and my point was they can't compensate significant gap w/ Chromium so you have to choose either one.

    At least I know the Rust problem of stack safety was finally addressed (see Github), but what matters is not such an individual problems. There are reason they keep to say Firefox is significantly less secure and I would have agreed even w/out their Twitter, I already had written some of the reason in this forum several times. Yet Fx has its own goodness and this is why I use two browsers.

    Anyway, I'm more concerned on how DNR will finally be - at least it seems it's possible to implement sth like uBO dynamic filtering as I glanced at the document of DNR, but wanna hear from those who have deep understanding.

    [EDIT] BTW the reason you can't actually see ALL Twitter comments is blockage by ad-blocker IIRC, tho it's hard to call it as FPs.
     
    Last edited by a moderator: Oct 13, 2019
  5. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    6,736
    Location:
    USA
    I see that uBO is still available in the Chrome Web Store. Any indications of when this extension rejection is supposed to take place? TY

     
  6. Azure Phoenix

    Azure Phoenix Registered Member

    Joined:
    Nov 22, 2014
    Posts:
    1,369
    What got rejected was the developer version. And I already posted earlier that it managed to get approved.
     
  7. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    6,736
    Location:
    USA
    Very kind of you to repeat yourself for someone who missed what you already posted.
     
  8. Azure Phoenix

    Azure Phoenix Registered Member

    Joined:
    Nov 22, 2014
    Posts:
    1,369
  9. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    6,736
    Location:
    USA
  10. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    6,736
    Location:
    USA
  11. n8chavez

    n8chavez Registered Member

    Joined:
    Jul 19, 2003
    Posts:
    2,986
    Location:
    Location Unknown
    Will these new proposed changes alter any other filtering extensions, like Privacy Badger?
     
  12. The Seeker

    The Seeker Registered Member

    Joined:
    Oct 24, 2005
    Posts:
    1,317
    Location:
    Adelaide
    It would seem he is.

    Twitter
    GitHub
     
  13. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    6,736
    Location:
    USA
    Yup. It would seem.
     
  14. Azure Phoenix

    Azure Phoenix Registered Member

    Joined:
    Nov 22, 2014
    Posts:
    1,369
    For me, it appeared to be highly likely to be true considering in that post there was a link to the uBlock github issues page where it was confirmed to be approved.

    Either way, it seems uBlock is here to stay. Hope you have nice day. And that my replies didn't seem overly offensive in any way. If so, I sincerely apologize.
     
  15. n8chavez

    n8chavez Registered Member

    Joined:
    Jul 19, 2003
    Posts:
    2,986
    Location:
    Location Unknown
    This whole things seems to be moot. Why not just switch to adguard for Windows and bypass the browser restrictions outright?
     
  16. Azure Phoenix

    Azure Phoenix Registered Member

    Joined:
    Nov 22, 2014
    Posts:
    1,369
    Adguard doesn't have dynamic filtering. And there are users who use said feature on uBlock Origin
     
  17. n8chavez

    n8chavez Registered Member

    Joined:
    Jul 19, 2003
    Posts:
    2,986
    Location:
    Location Unknown
    If the filtering limit is going to be a problem, why not just split the difference; use Adguard for for Windows in conjunction with uMatrix? That way you get unrestricted filtering along with dynamic filtering that will be unaffected.
     
  18. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    6,736
    Location:
    USA
    Not overly. ;)
     
  19. Azure Phoenix

    Azure Phoenix Registered Member

    Joined:
    Nov 22, 2014
    Posts:
    1,369
    Sorry then. Hope you have a good day.
     
  20. 142395

    142395 Guest

    #24. I won't allow MitM for already much discussed (in past) reasons tho AG does relatively good job on this regard. Well, even if I allowed, it actually wouldn't eliminate the need to use the extension as AG uses whitelist (it's a good decision tho) for important sites like banks. And if uBO is killed, most likely uMatrix too.

    There are yet other reasons. When it comes to usability for those who write a filter by themselves, nothing beats uBO IMO. You can call AG from its extension (integrated mode) and see filtering log, and AG extension has an element picker, but all of them are not as sophisticated nor integrated as uBO's ones and the lack of dynamic filtering makes FP hunting a bit more bothering. AG also lacks "ignore generic cosmetic rules" option except for iOS. They claim optimized filter is a better solution, which I don't agree to. They even said nobody would use the option, obviously don't understand ppl like me who prioritize blockage over hiding.

    But combining them is one viable option for me.
     
  21. summerheat

    summerheat Registered Member

    Joined:
    May 16, 2015
    Posts:
    1,916
    Okay, found it. But you should not rely on Twitter posts which are several years old and address stuff which has been fixed since then.

    They basically are because these technologies are provided by the Linux kernel. Chromium, Firefox and Firejail only make use of these technologies.
    I don't know the reason - but the Chromium docs mention that there have been vulnerabilities in the IPC service in the past. Hence, if the broker is sandboxed in Firejail as well it is definitely an advantage.

    You should not rely too much on a document which is labelled as "being worked on and out of date." I don't know when this document was updated and if Firefox already had a sandbox similar to Chromium at that time. And if it comes to the JIT compiler, Firefox got W^X years ago, and a lot has changed since then. Firefox 70 will get further improvements. So again, I would not put too much confidence in old Twitter posts and documents which are probably outdated by now.
     
    Last edited: Oct 14, 2019
  22. 142395

    142395 Guest

    @summerheat
    It seems my English was bad, anyway, we should stop here. Not only it's OT, I know if we continue it will be at least 5-6 pages lengthy discussion and TBH I don't have such time now. So let's agree on disagree and focus on the topic.
     
  23. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    14,789
    Location:
    The Netherlands
    I didn't know about this. For now I don't need it, but I still hope that Vivaldi might open their own extension store if Google starts to sabotage ad-blockers.

    Yes I know, but apparently Google is already starting make things difficult even without implementing the planned changes to the ad-blocking API's in Chromium.
     
  24. Daveski17

    Daveski17 Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    9,629
    Location:
    Lloegyr
    It's all part of the same plan.
     
  25. AutoCascade

    AutoCascade Registered Member

    Joined:
    Feb 16, 2014
    Posts:
    740
    Location:
    United States
    At this point this is only being implemented in Chrome Canary which is Google's proprietary browser alpha - not Chromium but of course it'll end up in Chrome stable in a few months but at this point it's not going into Chromium because normally that would be the starting point - well that is an assumption.

    A fairly recent ARS Technica story said Chrome (not Chromium) has a 73% desktop browsing share, no longer maintained IE 5%, Safari 5% and FF 9% so there goes 73% of a dev's users.

    Maybe there's no link between the number of users potentially for these extensions and efforts put into them by the devs its just one of the things that comes to mind.

    The other is does something like the webrequest API need updating along the way? Curious if Google could try and cripple that from a 'web' point of view as I've often read that in the past they've made efforts to have the web work best with Chrome.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.