Is the Librewolf option included in those three? Because that (a patch on top of newest Firefox) is something I have been wanting for a long time and I just recently realized someone had done it.
> Chromium is the best of these options.
Easiest is maybe the word you are looking for here?
Because best depends on your goals. If your goal is to reduce dependency on Google (as it is for many here) it could be close to directly counterproductive.
Right now, if Mozilla goes bust, then the last hope for web standards is the fact that Apple's mobile OS rules preclude shipping Blink on iOS. If everything is Chrome, then we're right back to the days of Adobe Flash Player, where bugs in one implementation effectively become part of the spec.
If we didn't have or didn't care about this problem, then yes - we could just clip FLoC out of the browser and run that. However, that also assumes Google won't mandate FLoC or ban alternative browsers. Their recent attempts to cut down on credential stuffing through headless CEF browsers[1] have already made it harder to actually ship an alternative browser that can log into Google. So hypothetical future Evil Google could totally say "no FLoC, no service" and we would be screwed.
[0] This is the same reason why WebSQL died on the vine. SQL is a standard with a lot of wiggle room, enough that most applications either only work on one particular flavor of DB, or ship separate drivers for each DB they need to work with. In practice everyone shipped SQLite, so WebSQL was just "here's a sandboxed SQLite instance".
[1] Which, BTW, is not a bad thing in and of itself.
It ultimately matters because if we didn't all use Chrome, Google would have to compete more on good things, instead of building bad things that we have to remove. Basically, it's the position of the privacy whack-a-mole oveton window.
For example I used to be part of a team that ran an important DNS service. We purpously used several different server softwares on different nodes to increase resiliency.
Tell the people you know to switch from Google Chrome to another browser as their primary one. Google will still pester them on Google’s online properties to install Chrome, and may resort to other tricks on Android. But we are at a time when this can gather momentum and result in some good for all in the future (not mainly for Google, as it seems to be now).
Ads should be a display only HTML tag that just allows limited read only display WITH NO JAVASCRIPT. This would remove tracking and malware and force ads to be targeted on the content page not on the user.
If you don't want to follow the rules (against anti-competitive practices) of a certain set of countries, perhaps you shouldn't have offices in that set of countries? Just an idea...
Sure, it's a technicality, but Irish law still applies
California and Virginia also enacted similar laws. More lawmakers need to understand tech.
If you literally look up the most upvoted HN article about FLoC [1], it specifies two main issues with FLoC in BOLD: Fingerprinting and Cross-context exposure. Which if I understand correctly the Topics API fixes. But the article implies that these are minor problems that we never really cared that much about.
Whether it is this or constant aggressive writing, it seems that the goal of this blog post is to simply inspire anger and hate, while not furthering the discussion on the topic. Which makes this article unhelpful (if not damaging) to the goal of personal data privacy.
[1] https://news.ycombinator.com/item?id=26344013 [2] https://www.eff.org/deeplinks/2021/03/googles-floc-terrible-...
However I think the article is right in the sense that we shouldn't miss the forest for the trees. Image you were robbed and the robber suddenly asked if your issue with him could be solved if he only took half of what's in your wallet. Surely that would be an improvement but it doesn't solve the root issue of him robbing you in the first place.
In the same sense, I think pulling attention back to the fact that Google is building third-party tracking right into the browser - and also aggressively protecting the whole concept of tracking as some sort of fundamental necessity of the web - is justified.
The pejorative robbed is doing a lot of heavy lifting here. Advertising is how users pay for free services. Making the form of payment more agreeable is a worthwhile goal.
As full disclosure I earn a living in the advertising ecosystem. Any feature that means stakeholders stop asking me to invent backdoor fingerprinting and correlate against data obtained from shady brokers is a welcome step in my opinion.
The blog post makes sensible points identifying Google's PR based response. Thus your ad hominem attack on the blog instead of the content makes me wonder if you have conflicts of interest regarding this topic?
There isn't much to discuss, I would think. This is an extremely user-hostile feature to be implemented in the clients (browsers) which comes with a lot of downsides, and absolutely no benefit to the user. I don't know how detached people at Google must be to consider this okay, or to think that any of the privacy-focused browsers would join in on this.
chrome://settings/privacySandbox
Evolution from FLoC
FLoC ended its experiment in July of 2021. We've received valuable feedback from the community^1 and integrated it into the Topics API design. A highlight of the changes, and why they were made, are listed below:
FLoC didn't actually use Federated learning, so why was it named Federated Learning of Cohorts?
This is true. The intent had been to integrate federated learning into FLOC but we found that on-device computation offered enough utility and better privacy.
FLoC added too much fingerprinting data to the ecosystem
The Topics API significantly reduces the amount of cross-site identifiable information. The coarseness of the topics makes each topic a very weak signal; different sites receiving different topics further dilutes its utility for fingerprinting.
Stakeholders wanted the API to provide more user transparency
The Topics API uses a human-readable taxonomy which allows users to recognize which topics are being sent (e.g., in UX).
Stakeholders wanted the API to provide more user controls
With a topic taxonomy, browsers can offer a way (though browser UX may vary) for users to control which topics they want to include
The Topics API will have a user opt-out mechanism
FLoC cohorts might be sensitive
FLoC cohorts had unknown meaning. The Topics API, unlike FLoC, exposes a curated list of topics that are chosen to avoid sensitive topics. It may be possible that topics, or groups of topics, are statistically correlatable with sensitive categories. This is not ideal, but it's a statistical inference and considerably less than what can be learned from cookies (e.g., cross-site user identifier and full-context of the visited sites which includes the full url and the contents of the pages).
FLoC shouldn't automatically include browsing activity from sites with ads on them (as FLoC did in its initial experiment)
To be eligible for generating users' topics, sites wil have to use the API.
https://github.com/jkarlin/topics
It is remarkable to me that Google can freely experiment on whomever they wish. If the experiments demonstrate negative effects, e.g., generation of execssive amounts of fingerprinting, it's unfortunate for those who were swept up in these "experiments".
Why not ask users if they want to volunteer to particpate in a trial/experiment.
Imagine if drug companies did not obtain permission to test their compounds on new patients. Instead they just substituted the new drug into what they sold on the market. Same label. Chrome is Chrome, right. Nevermind all the undisclosed variations and experiments. For example, "field trials" identified by only a number. This is hardly informed disclosure and consent.
1. This is amusing. What users were solicited for feedback. Perhaps they are referring to some surveillance they conducted, looking for mentions of FLoC.
A peak into their mindset that foretold what they were thinking and where they were headed.
They sell you and your privacy to their "associates" --- aka, anyone willing to pay in some way. Their concern for your interests only extends to the level required to invade your privacy.
The thing I find most disappointing is the fact that it took so many so long to realize this.
The lure of "free" useful things is greater than most's concern/understanding of the capabilities of tech. Gmail is useful. GDocs is useful. Search is useful. Googs has been very smart on exactly the tools they've brought to market so that the lure is maximized.
Still baffled by the ambiguous name given to this secretive, exploitive set of companies, "tech". What the heck is it. Its everything and nothing, IMO. A cover.
The company is an intermediary, what many in other industries refer to as a "middleman". HN commenters have tried to attack this term in the past, but I just saw it a few months ago being used in a marketing slogan on the side of a company van. People outside of HN know what it means. Perhaps those who argue it is ambiguous on HN are "tech" workers who are aware of its accepted connotation in the real world. Otherwise why be concerned with the term.
Tech means technology. Nothing ambiguous about it.
Problem solved.
Disclaimer: I don’t use Brave because I don’t want to see more ads. In the 90s, there were little banner ads that ran on your pc in the same app that helped you connect to the internet. That’s essentially what Brave is, except I don’t NEED to see more ads, as I needed to pay for internet in the early days. Just us a browser that blocks cookies.
Why is that wrong?
If you want to consume content that costs money to produce that is being paid for via advertisement, and your user agent blocks said advertisement, why should you be entitled to that content?
I wanted to play with Brave Rewards, and it's actually surprisingly involved to enable it and get it to start showing ads... By default, Brave is pretty much "just another Chrome clone", albeit with default privacy settings that everyone but Chrome has accepted should be standard.
FWIW, NetZero was pretty cool if you couldn't afford the phone bill for using AOL. :P
NetZero & Juno, the good ol’ days of free dialup!
I don’t, I’ve never used Brave.
From https://brave.com/brave-rewards/
Brave Ads do not replace current web page ads. By default, Brave blocks privacy-invading web ads and trackers that are embedded in page content. Joining Brave Rewards and viewing Brave Ads does not affect your current blocking settings for each website you visit. The ads you see as part of Brave Rewards are shown separately from your browsing experience and are not the same as the invasive, performance-sapping ads embedded in websites.