←back to thread

Bypassing Google's big anti-adblock update

(0x44.xyz)
1034 points deryilz | 2 comments | 12 Jul 25 19:06 UTC | HN request time: 0.434s | source
Show context
krackers ◴[12 Jul 25 19:41 UTC] No.44544544[source]
>They decided it wasn't a security issue, and honestly, I agree, because it didn't give extensions access to data they didn't already have.

So they admit that MV3 isn't actually any more secure than MV2?

replies(4): >>44544732 #>>44547024 #>>44548392 #>>44548589 #
Neywiny ◴[12 Jul 25 20:07 UTC] No.44544732[source]
I'd be shocked if anyone actually believes them. This article starts with the obvious conflict of interest. Of course letting an extension know what websites you visit and what requests are made is an insecure lifestyle. But I still do it because I trust uBO more than I trust the ad companies and their data harvesters.
replies(6): >>44544764 #>>44544794 #>>44544922 #>>44546339 #>>44547722 #>>44548288 #
amluto ◴[13 Jul 25 07:35 UTC] No.44548288[source]
No, MV3 really isn’t more secure. MV3 still allows extensions to inspect your requests — it just doesn’t allow extensions to block them.

It’s almost comical how weak the security/privacy argument for MV3 is. Chrome could have developed a sandboxed web request inspection framework to prevent data exfiltration, but they didn’t even try. Instead they nerfed ad blockers without adding any security.

replies(2): >>44551348 #>>44552700 #
1. mckravchyk ◴[13 Jul 25 16:01 UTC] No.44551348[source]
I remember that another comical argument was performance. Supposedly, having extensions run in the background all the time is bad. So it's better to constantly, completely re-initialize them whenever an event wakes them up.
replies(1): >>44552661 #
2. krackers ◴[13 Jul 25 19:07 UTC] No.44552661[source]
From https://github.com/uBlockOrigin/uBOL-home/wiki/Frequently-as...

>Keep in mind that uBO's own JavaScript-based network filtering engine has been measured to be faster than a well-known Rust-based filtering engine (though the measured difference back then was low single-digit µs, not something that will ever be perceivable by a end user).