I must admit, I didn’t really follow much of the early development of what would eventually become Mozilla Firefox at the time, so this is a fascinating read for me, from 2012.
Troy Hunt (the guy behind haveibeenpwned.com) on how the visual validation of PayPal’s EV security certificates have stopped appearing in Google Chrome. For over 8 months. Which kinda defeats the point of the EV cert…
I’ve cut down the number of browser extensions I use to the bare minimum now, and have stopped looking for ‘cool’ new ones.
My list of extensions is slightly longer—StopTheMadness, Better, 1Password and Inoreader. But that’s pretty much it. The Share menu handles all the other tasks that I’d have used an extension for in the past on Firefox.
I saw this in action earlier today. A website informed me that my browser (Safari 12 on Mac) was ‘unsupported’, so functionality would be reduced. Open Developer Menu, changes user agent to Chrome, same site works just fine.
I find myself using Reading Mode more and more when browsing. If I can’t do that, usually due to poor webpage design, I’ll resort to zooming in. Less pop, more readability!
Related to last post—I still have a lot of love for Mozilla Firefox, and the current ‘Quantum’ version is a major improvement. And I’m a big fan of their Container system for isolating various groups of websites so they cannot leak tracking info or follow you elsewhere.
I’ve started using Safari on macOS again as my primary browser, for the first time in many years. What surprises me most is a) how fast it is, b) how few extensions I need to add. For the majority of tasks, I can just use the Share menu. Mind=Blown.
One notable absent from the list of Web Standards is WebExtensions. WebExtensions are the generalized name of Google Chrome Extensions that became mainstream when Google achieved dominance over the desktop browser market and when Mozilla abandoned its own, and much more powerful, addons system based on XUL and privileged scripts.
A while ago, at a time Microsoft still had its own rendering engine, it initiated a Community Group on WebExtensions at the World Wide Web Consortium (W3C). With members from most browser vendors plus a few others, this seemed to be a very positive move not only for implementors but also for users.
But unfortunately, that effort went nowhere. Lack of commitment from other browser vendors and in particular Google, Microsoft abandoning its own rendering engine, lax Community Group instead of a formal W3C Working Group, the WebExtension draft specification has been in limbos for a while now and WebExtensions clearly remain the poor parent of Web Standards even if most people have at least one browser extension installed (usually some sort of ad-blocker).
You might already have heard about the proposed WedExtensions v3, after it was pointed out that one part of the new specification would have pretty much broken most ad-blockers and many security and online safety apps.
Even Amnesty International complained in a recent message! To me, the most important message posted in reply to the proposed changes is the following one:
Hi, we are the developer of a child-protection add-on, which strives to make the Internet safer for minors. This change would cripple our efforts on Chrome.
Talk about “don’t be evil”…
Daniel doesn’t mince his words about the core problems with WebExtensions:
- WebExtensions are not a mature part of the Open Web Platform. It completely lacks stability, and software vendors willing to use it must be ready to life-threatening (for them) changes at any time
- WebExtensions are fully in the hands of Google, that can and will change it any time based on its own interests only. It is not a Web Standard.
- Google is ready to make WebExtensions diverge from cross-browser interoperability at any time, killing precisely what brought vendors like us at Privowny to WebExtensions.
- Google Chrome is not what it seems to be, a browser based on an Open Source project that protects users, promotes openness and can serve as a basis tool for webcitizen’s protection.
Reading the above, and given the fact Google is able to impulse changes of such magnitudes with little or no impact study on vendors like us, we consider that WebExtensions are not a safe development platform any more. We will probably study soon an extraction of most of our code into a native desktop application, leaving only the minimum minimorum in the browser extension to communicate with web pages and of course with our native app.
The Open Web Platform is alive and vibrant. The Browser Extension ecosystem is in jail, subject to unpredictable harmful changes decided by one single actor. This must change, it’s not viable any more.