Categories
Links

nicu’s FOSS’n’stuff: A history of Mozilla browsers design

I must admit, I didn’t really follow much of the early development of what would eventually become Mozilla Firefox at the time, so this is a fascinating read for me, from 2012.

Categories
Links

PayPal’s Beautiful Demonstration of Extended Validation FUD

Troy Hunt (the guy behind haveibeenpwned.com) on how the visual validation of PayPal’s EV security certificates have stopped appearing in Google Chrome. For over 8 months. Which kinda defeats the point of the EV cert…

Categories
Links

How Safe Are Browser Extension? Adware Extensions Erode Trust in Apple, Google App Stores

I’ve cut down the number of browser extensions I use to the bare minimum now, and have stopped looking for ‘cool’ new ones.

Categories
Links

Which Safari extensions do you use?

My list of extensions is slightly longer—StopTheMadness, Better, 1Password and Inoreader. But that’s pretty much it. The Share menu handles all the other tasks that I’d have used an extension for in the past on Firefox.

Categories
Links

Reda Lemeden | We Need Chrome No More

I saw this in action earlier today. A website informed me that my browser (Safari 12 on Mac) was ‘unsupported’, so functionality would be reduced. Open Developer Menu, changes user agent to Chrome, same site works just fine.

Categories
Journal

I find myself using Reading Mode more and more when browsing. If I can’t do that, usually due to poor webpage design, I’ll resort to zooming in. Less pop, more readability!

Categories
Journal

Related to last post—I still have a lot of love for Mozilla Firefox, and the current ‘Quantum’ version is a major improvement. And I’m a big fan of their Container system for isolating various groups of websites so they cannot leak tracking info or follow you elsewhere.

Categories
Journal

I’ve started using Safari on macOS again as my primary browser, for the first time in many years. What surprises me most is a) how fast it is, b) how few extensions I need to add. For the majority of tasks, I can just use the Share menu. Mind=Blown.

Categories
Links

WebExtensions v3 considered harmful

Daniel Glazman:

The Open Web Platform is a careful and fragile construction billions of people, including millions of implementors rely on. HTML, CSS, JavaScript, the Document Object Model, the Web API and more are all standardized one way or another; that means vendors and stakeholders gather around a table to discuss all changes and that these changes must pass quality and/or availability criteria to be considered “shippable”.

One notable absent from the list of Web Standards is WebExtensions. WebExtensions are the generalized name of Google Chrome Extensions that became mainstream when Google achieved dominance over the desktop browser market and when Mozilla abandoned its own, and much more powerful, addons system based on XUL and privileged scripts.

[…]

A while ago, at a time Microsoft still had its own rendering engine, it initiated a Community Group on WebExtensions at the World Wide Web Consortium (W3C). With members from most browser vendors plus a few others, this seemed to be a very positive move not only for implementors but also for users.

But unfortunately, that effort went nowhere. Lack of commitment from other browser vendors and in particular Google, Microsoft abandoning its own rendering engine, lax Community Group instead of a formal W3C Working Group, the WebExtension draft specification has been in limbos for a while now and WebExtensions clearly remain the poor parent of Web Standards even if most people have at least one browser extension installed (usually some sort of ad-blocker).

You might already have heard about the proposed WedExtensions v3, after it was pointed out that one part of the new specification would have pretty much broken most ad-blockers and many security and online safety apps.

Even Amnesty International complained in a recent message! To me, the most important message posted in reply to the proposed changes is the following one:

Hi, we are the developer of a child-protection add-on, which strives to make the Internet safer for minors. This change would cripple our efforts on Chrome.

Talk about “don’t be evil”…

Daniel doesn’t mince his words about the core problems with WebExtensions:

  1. WebExtensions are not a mature part of the Open Web Platform. It completely lacks stability, and software vendors willing to use it must be ready to life-threatening (for them) changes at any time
  2. WebExtensions are fully in the hands of Google, that can and will change it any time based on its own interests only. It is not a Web Standard.
  3. Google is ready to make WebExtensions diverge from cross-browser interoperability at any time, killing precisely what brought vendors like us at Privowny to WebExtensions.
  4. Google Chrome is not what it seems to be, a browser based on an Open Source project that protects users, promotes openness and can serve as a basis tool for webcitizen’s protection.

Reading the above, and given the fact Google is able to impulse changes of such magnitudes with little or no impact study on vendors like us, we consider that WebExtensions are not a safe development platform any more. We will probably study soon an extraction of most of our code into a native desktop application, leaving only the minimum minimorum in the browser extension to communicate with web pages and of course with our native app.

After Mozilla that severely harmed its amazing addons ecosystem (remember it triggered the success of Firefox), after Apple that partly went away from JavaScript-based Safari extensions jeopardizing its addons ecosystem so much it’s anemic (I could even say dying), Google is taking a move that is harmful to Chrome extensions vendors. What is striking here is that Google is making the very same mistake Mozilla did: no prior discussion with stakeholders (hear extension implementors), release of a draft spec that was obviously going to trigger strong reactions, unmeasured impact (complexity, time and finances) on implementors, more and more restrictions on what it is possible to do but a too limited set of new features.

[…]

The Open Web Platform is alive and vibrant. The Browser Extension ecosystem is in jail, subject to unpredictable harmful changes decided by one single actor. This must change, it’s not viable any more.