[HN Gopher] De-AMP: Cutting out Google and enhancing privacy ___________________________________________________________________ De-AMP: Cutting out Google and enhancing privacy Author : w0ts0n Score : 533 points Date : 2022-04-19 16:07 UTC (6 hours ago) (HTM) web link (brave.com) (TXT) w3m dump (brave.com) | alanh wrote: | Recently I came across the AMP website at https://amp.dev/ (after | some years since first seeing it). It's really remarkable how | much Google wants to pretend this is an industry standard and not | their own little fiefdom. I don't see the word Google anywhere, | not even on the About page. | a5aAqU wrote: | The whole AMP thing is shady. Be sure to read this: | | https://wptavern.com/amp-has-irreparably-damaged-publishers-... | user3939382 wrote: | It kind of reminds me of the OOXML thing where Microsoft | hijacked the standards process for its own benefit. | lupire wrote: | The.dev gTLD is Google's; it exists for Google projects to hide | their Google relationships. | | amp.dev does make a tiny out of context mention at the bottom | of the page, that Google runs the AMP CDN. | | But overall it's obvious that the AMP Project trying to hide | it's Googleyness by being "Open JS Foundation", which itself is | a corporate trade group hijacking the word "Open". | mcdonje wrote: | Google administers .dev, but it's open. You or I could get a | .dev domain and use it for a project that has nothing to do | with Google. | matth3 wrote: | I've seen AMP pages really fail for retail sites. I followed this | link yesterday and ended up on an AMP page with no way to | purchase the item or continue on within the site. No idea if | that's the site's fault or Google's but it must be costing them | customers. | | https://www.google.com/amp/s/woodworkersworkshop.co.uk/amp/v... | misterbishop wrote: | AMP is probably the single worst thing Google has produced. But | as a Pixel 6 user, I think the real solution to bypassing AMP | would have to live at the VPN level. Using Firefox Nightly as my | primary browser, I don't really get AMP search results. The place | I see it is in Google's news feed on the right side of the home | screen. Brave wouldn't solve my problem there, and I already | trust Firefox more. | stiray wrote: | It is not the worst. It is just "one of them", how to get the | monopoly over web content. | misterbishop wrote: | It is the worst. It offers nothing to anyone, it has a | terrible user interface, and it breaks basic features of the | world wide web. | | If AMP is genuinely a way to enhance online user experiences, | then make it opt-in, instead of the current no-way-to-opt- | out. | kllrnohj wrote: | Ok there's a lot of amp hate here, and a lot of it justified, | but when amp first picked up steam as just a regular mobile | user it was _amazing_. I basically filtered searches to only | look at those with the amp icon because in the real world in | real conditions on mobile connections they legitimately & | consistently loaded 10x faster than non-amp pages. And | basically never had the dreaded random scroll jumps during | loading. | | Since then networks & phones got faster, a lot faster, and the | difference maybe isn't worth the cost anymore. Also I think the | amp restrictions have greatly relaxed, making amp just as slow? | But "single worst thing"? Hardly. At launch it _delivered_ and | big time, the UX experience was night & day. | tentacleuno wrote: | > Second, AMP is bad for security. By design, AMP confuses users | about what site they're interacting with. Users think they're | interacting with the publisher, when in actuality the user is | still within Google's control. User-respecting browsers defend | the site as the security and privacy boundary on the web, and | systems like AMP intentionally confuse this boundary. | | They've actually been pushing to confuse that boundary even more | since 2019, with their Signed Exchanges specification[0][1]. In | essence, when you (unintentionally) visit an AMP page from Google | Search, the URL typically starts with | google.com/amp/websiteyouwantedtogoto.com. Signed Exchanges is | essentially a way to drop the "google.com/amp/" bit, as | demonstrated by one of the animations on [0]. | | Even Cloudflare supported this and rolled it out on their free | tier[2]. | | [0]: https://developers.google.com/search/blog/2019/04/instant- | lo... | | [1]: https://www.theverge.com/2019/4/16/18402628/google-amp- | url-p... | | [2]: https://blog.cloudflare.com/announcing-amp-real-url/ | 37 wrote: | This seems insane and malicious as hell and I can't believe | it's being sold as a feature. It's essentially just lying to | users about which website they are currently visiting, or maybe | I'm missing something. | nybble41 wrote: | The original version where the content was served from | Google's cache without any cryptographic verification but | displayed as if it came from the original site was... | misguided at best. It meant that you were trusting Google's | servers to only cache the content and not modify it. | | The new system adds verification that the content is exactly | what was intended by the original site, despite being served | through a cache, so the user agent is no longer lying about | which website the user is visiting. Sure, the data was | fetched from Google, but that's not the important part. It's | been verified to have originated from the server shown in the | address bar. | jabbany wrote: | Google modifying the content is not really the threat model | most people care that much about though (similar concerns | exist with other caches/cdns)... | | Google redirecting traffic to servers they control to mine | interaction and interest data on the other hand... | nybble41 wrote: | That was Mozilla's objection to the Signed Exchange | standard: you lose some privacy because the cache server | can see the page data in the clear, even if they can't | modify it. But IMHO resisting Signed Exchange doesn't | help here at all, since you gave up that data to Google | when you followed the link (which is _not_ obfuscated). | It makes no difference at that point what is shown in the | address bar, as the page has already been served. Also, | since Signed Exchange means you don 't have to trust the | cache, it implies that Google's cache could be replaced | with a different (but still not fully trusted) server | behind the scenes without changing the result. | thomasahle wrote: | > you gave up that data to Google when you followed the | link | | I gave up information on what site I was visiting, but if | I enter any information on the page, won't that still go | to Google? It's going to look like I have an https end- | to-end channel with the site I'm visiting, but really | Google is Man-In-The-Middleing the whole thing? | nybble41 wrote: | > I gave up information on what site I was visiting, but | if I enter any information on the page, won't that still | go to Google? | | So far as I can tell the user agent uses the original | (non-Google) URL for the purpose of same-origin tests | when it's returned from Google's cache using the Signed | Exchanges standard, so the risk is effectively the same | as if the page were served from the original server and | Google were not involved. The page _could_ send anything | you enter to Google, but it would need to be coded that | way to begin with. It wouldn 't do so just because it was | served through their cache. | jabbany wrote: | > It makes no difference at that point what is shown in | the address bar, as the page has already been served. | | If this were truly the case (that it didn't matter), the | argument can be made that there is no reason to change | the host -- just show it as google.com like it does now. | The only reason that you'd want the address bar to show a | different domain (i.e. the "author" rather than | "publisher") is exactly because it _does matter_ to the | user! | madeofpalk wrote: | Why exactly does it matter to the end user? | | Given Signed Exchanges are entirely opt-in by the | publisher/website operator, what's the difference between | this and a CDN? Isn't that "lying" about what site you're | on? It's not theverge.com - it's Cloudflare! | nybble41 wrote: | It makes no difference _for privacy_ in that you already | told Google which page you were going to by following the | link. Naturally the address shown in the URL bar matters | to the user or we wouldn 't be discussing this at all. | With Signed Exchanges it can correctly reflect the origin | of the content rather than being cluttered with | irrelevant details about the cache server. | 37 wrote: | >It makes no difference at that point what is shown in | the address bar | | This is ridiculous. Of course it makes a difference. The | address bar is how basically 100% of users know what site | they are on. | nybble41 wrote: | It makes no difference _for privacy_ in that you already | told Google which page you were going to by following the | link. If they implemented AMP as a more traditional | redirect instead of a cache then they would get the same | information and you would still see the non-Google site | in the address bar at the end. | magicalist wrote: | I feel like this conversation comes up in every signed | exchange thread, and it's also always pointed out that | this is how CNAME records and CDNs already work, except | now the response is signed by the author. | dmw_ng wrote: | This hasn't been true since the first third-party JS | script was published. In reality a giant proportion of | web users today are 'on Google' or 'on CloudFlare' or 'on | CloudFront' even if they aren't aware of it. The address | bar has been broken in this regard for at least a decade | BrendanEich wrote: | ICYMI, | https://twitter.com/BrendanEich/status/1516492008700796929 | kodablah wrote: | I was hoping SXG would help people leverage CDNs on their | mostly-static domain without requiring TLS termination. I | wonder if there is enough non-AMP value there to make the spec | worth it. | HNHatesUsers wrote: | perihelions wrote: | How does AMP interact with Brave's advertising monetization, BAT? | jonathansampson wrote: | Great question. Brave's advertising is presently done on the | New Tab Page, via Sponsored Images. No AMP impact there. Users | who opt-in to Brave's Ad Notifications will occasionally | (frequency thresholds are governed by the user) see a native | notification displayed outside of the browser. No apparent AMP | impact there either. | | Where AMP could impact things is for the publisher. Publishers | are able to verify their domains/properties, and receive BAT | contributions from Brave users visiting their content. If that | publisher is having their content served through Google's | domain, that would impact their ability to receive support from | visitors. | [deleted] | a5aAqU wrote: | For Firefox: | | https://addons.mozilla.org/en-US/firefox/addon/amp2html/ | silicon2401 wrote: | For some reason, I got this idea at some point that brave has a | built in crypto miner as its form of monetization. Can anyone | confirm if that's true or not? A browser cutting out amp sounds | like exactly the kind of browser I want | | Edit: not sure why I got downvoted. I'm asking a genuine question | because I'm always looking for google alternatives, and firefox | has been disappointing lately. | jaywalk wrote: | They do have a weird crypto thing (not a miner, as far as I | know) but it's easy to disable and forget about. | PaulBGD_ wrote: | They're monetized by selling ads in exchange for BAT, plus they | probably hold plenty of BAT which they can sell over time as | they continue to increase its value. | jonathansampson wrote: | No miner; in fact we were the first browser (to my knowledge) | to block crypto-miners back in 2017/18 when they began | appearing on the Web (and being delivered via third-party ad | networks). | | Brave does come with Brave Rewards, and optional component | which enables users to participate in privacy-preserving | advertising (ads are matched locally, on your device). Users | who opt-in receive 70% of the associated revenue for ads they | see. Rewards are delivered in the form of BAT (and ERC-20 | token), which can be kept, or gifted to content creators across | the Web as a means of support. | silicon2401 wrote: | Thanks for squashing that rumor. I'll definitely give brave a | try with that crypto rumor resolved and the news that brave | cuts out amp | InCityDreams wrote: | I'm a joe blow. Average user. I've been using brave for 3+ | years. I try the other browsers fairly regularly. Always | come back to brave. Check the brave:// flags (?), and go | through _every_ option under settings. | | I have the crypto off, but - looking more at the brave site | (including the many problems), I'm beginning to err.... be | convinced(!?). | smoldesu wrote: | > Users who opt-in receive 70% of the associated revenue for | ads they see. | | The other 30 percent goes right to Brave's pockets. In other | words, they directly profit off of showing you | advertisements. | | > Rewards are delivered in the form of BAT (and ERC-20 | token), which can be kept, or gifted to content creators | across the Web as a means of support. | | *only if those creators have an ERC-20 wallet. Many creators | (like Tom Scott) have had their likeness appropriated without | their consent to advertise this monetization scheme, despite | the fact that they have no intention of ever using the | service. As such, Brave dangles their ad revenue over their | head, refusing to pay out in anything other than their own | altcoin. It's a scummy design, arguably many times worse than | the act of advertising in the first place. | | I hate ads, and I go to extreme lengths to stop them and the | scummy behavior they inspire. That's why I can't support | Brave in good conscience. | jonathansampson wrote: | > The other 30 percent goes right to Brave's pockets. In | other words, they directly profit off of showing you | advertisements. | | Correct. We are able to continue developing Brave with the | remaining 30%. In this arrangement, the user chooses | whether or not to opt-in, governs the degree to which they | will participate, receives more than 2x what Brave gets, | and never has their data harvested in the process. Win-win, | no? | | Regarding the Tom Scott topic, you're quite mistaken there | as well. Please see this response (to another user in this | thread) for context: | https://news.ycombinator.com/item?id=31086397. | | Brave offers auto-conversion of received BAT into various | other types of assets and currencies. If you prefer | Bitcoin, for example, you can choose to have your BAT | automatically converted into that asset. No requirement to | hold BAT. | aww_dang wrote: | My only problem is the KYC. I'm happy people are making | money with ads. The KYC stuff is contrary to the privacy | narrative. Fix that and I'm sold as a user, publisher and | ad buyer. | jonathansampson wrote: | KYC isn't required for users. You can download Brave, | opt-in to Rewards, earn BAT, and support content creators | across the Web, and all without KYC. But if you wish to | deposit/withdraw, then KYC is required (by relevant AML | laws/regulations). Brave can't break the law if we wish | to reform the Web into a privacy-preserving medium for | communication and more. It's not up to us whether KYC is | part of the equation; we have to follow the law. | smoldesu wrote: | > Correct. We are able to continue developing Brave with | the remaining 30%. In this arrangement, the user chooses | whether or not to opt-in, governs the degree to which | they will participate, receives more than 2x what Brave | gets, and never has their data harvested in the process. | Win-win, no? | | Not really? There's no reason you should be entitled to | that money. You're effectively doing nothing in this | scenario: at least traditional ads actually support the | content that is delivered on the site you access. | Blocking ads isn't morally objectionable, but playing the | role of the middleman and the tax collector certainly is. | You can pretend like you deserve the compensation all you | want, but from a technical level it's a pretty petty move | that's ultimately designed to take advantage of the end- | user and turn them into revenue-generating cattle. Yes, | they get more money per ad, but they also don't have the | benefit of scale. Individually, these users make what, no | more than $3 a month from opting-in to ads? Meanwhile, | Brave pockets hundreds of thousands. It doesn't add up. | | > Regarding the Tom Scott topic, you're quite mistaken | there as well. Please see this response (to another user | in this thread) for context | | So, I wasn't mistaken. Reading through that comment, | you're basically admitting that you made a mistake, and | had to rush out an update as damage control for a pretty | obviously dark pattern. Case closed, don't treat me like | a moron. | | > Brave offers auto-conversion of received BAT into | various other types of assets and currencies. If you | prefer Bitcoin, for example, you can choose to have your | BAT automatically converted into that asset. No | requirement to hold BAT. | | But you still need to hold crypto. That's not a | refutation for the ERC-20 wallet point. | | Ultimately, I think the Brave team is falling into the | self-righteous Apple trap. Pretending like you always | know what's best for your users and hiding behind a guise | of privacy is pretty laughable, and it certainly doesn't | make for good optics in the eyes of the greater FOSS and | privacy community. | Vladimof wrote: | I thought that Google finally gave up on AMP... I guess not | fidrelity wrote: | As someone who myself relies on Google's SEO traffic I'm a bit | hesitant to say this (but luckily I'm small enough that Google | doesn't care about me at all): AMP is terrible for everyone | except Google themselves. It's a plain abuse of their quasi | monopoly and I support everything that fights AMP. | | Another reason why I'm happy to use Brave both on desktop and | especially on mobile. | codalan wrote: | Right on. Hopefully this feature is added to Vivaldi Mobile, too. | anticristi wrote: | I wonder that the EU commission hasn't used GDPR or some anti- | conpetition law to ban AMP in the EU. | Nextgrid wrote: | GDPR enforcement is severely lacking unfortunately. None of the | record-breaking "4% of global turnover" fines have materialized | even for malicious actors that definitely deserve it. | nomilk wrote: | My main gripe with AMP may seem pedantic or even petty, but it's | the way it messes with the URL. Copying and sharing or saving a | URL is fundamental to web, and AMP makes me have to mess around | to get that standard URL. It's about as small as first world | problems get, but it's annoying all the same. | BuckRogers wrote: | _It 's about as small as first world problems get, but it's | annoying all the same._ | | This logic needs to stop. We may as all well live in mud huts. | Then we can have "real problems". You can presume privilege is | your problem, or, we can continue to strive for better | conditions always as a culture. Low standards will lead you | exactly where you belong, your mud hut. | seelmobile wrote: | [Google employee, opinions are my own] | | This was 'fixed' by Signed Exchanges[0] which sites can | implement. This is (imho) a cool new web tech that got drowned | out in the AMP noise. | | [0] https://web.dev/signed-exchanges/ | pineconewarrior wrote: | Last I checked, this feature is paywalled behind specific | certificate authorities. | | Any news on that? | seelmobile wrote: | I don't work in this space and hadn't heard of it this. A | quick search suggests LetsEncrypt and Mozilla are | intentionally not implementing support: https://community.l | etsencrypt.org/t/cansignhttpexchanges/153... | fooey wrote: | It's a thing _only_ Google wants, so it 'll be an | interesting flex of their monopoly powers if it goes | anywhere | | Very similar to what they tried and failed to do with FLOC | | I suspect Google is solidly in too many anti-competitive | crosshairs around the world to be able to pull anything | like this off. | jwr wrote: | Google doesn't want you to use URLs. Google wants you to use | Google. Makes sense. | folkrav wrote: | Doesn't sound petty to me. | lupire wrote: | Even without AMP, Chrome is dedicated to hiding URLs from | users. | freedomben wrote: | This bothers me greatly too and is my biggest gripe. I | understand it's hard to build something like amp without that, | but I think it will have unfortunate reverberations for many | years to come. Especially if at some point Google pulls the | plug on Amp. Will all those amp links suddenly die? | gruturo wrote: | It's neither pedantic nor petty - I find it so annoying too. | It's like a car wash operator placing an unwanted sticker on my | windshield. | knodi wrote: | I fucking hate APM. As firefox iOS user I can't seem to get rid | of it. | pedro2 wrote: | thankfully it was replaced by ACPI | fleddr wrote: | Google's AMP has to be one of the best examples of how | manipulative Google has become towards developers, users, the | world. | | AMP is presented as "the web on a diet", and AMP's speed | advantage supposedly achieved by its clever and enforced | constraints. Protecting us irresponsible web developers from | coding slow pages. Sounds believable, sounds good. | | Problem is, that's not at all the reason AMP is fast. It's fast | because as you scroll through Google's search results on mobile, | AMP pages are preloaded as you scroll by them. Then you click one | and its instantly there, because it was preloaded. | | Which is something Google does not do for non-AMP pages, for | "privacy reasons". Which is quite rich when you force users of a | publication to consume it via Google in the case of an AMP page. | Anyway, this is why an AMP page has a 3-5s head-start compared to | any other non-AMP page. | | As more and more people notice the blatant lie that is AMP | "performance", here comes the next manipulative tactic. They show | some vulnerability. | | "OK OK, maybe this wasn't the proper 'standard' way to do it, but | we were in a rush to solve the performance crisis". | | The performance "crisis" for which there seems little internal | Google consensus, as every single fucking of their own products | violate best practices or actively contribute to it (Google tag | manager), yet never get a ranking penalty, but I digress. | | This next part is a stroke of genius. What really happened here | is that Google failed to fully trick the user. They want the user | to believe they are on domain.abc whilst in reality they are on | google.com. They tried all kinds of hacky glitchy methods to | conceal reality but could never make it water tight. | | So by admitting to some error and promising to improve their | game, they'll now use the standardized approach: signed | exchanges. | | Good guy Google "listened" to criticism by now implementing a | standard that allows them to FULLY trick the user, as it's built | right into the browser. So they'll be back. | | So whenever Google tries to sell something as good (speed, web | standards), know how full of deceit they are. The other tactic is | "open source", as if that means anything. | | You know what the real disappointment is though? The complete | lack of regulation. How on earth can a company that is a | monopolist in search, browsers, analytics AND advertising do an | obvious power grab like this in the open and just fully get away | with it, not a care in the world? | | We need modernized digital regulation, drastically. | travisgriggs wrote: | > Google's AMP has to be one of the best examples of how | manipulative Google has become towards developers, users, the | world. | | It's a publicly traded company (which makes rich people richer | AND funds our retirement plans). It's simply optimizing its | feedback loops. Any publicly traded company gets more and more | evil as it extracts more and more value. | | To change this, we'll have to recognize how ubiquitous of a | utility for all walks of life the internet has become. And | begin thinking about certain aspects of it in the same way we | do other public utilities. | nanidin wrote: | I de-AMP'd by switching my default mobile search to DDG. | mastazi wrote: | But AMP can pop up in unexpected places, for example Twitter | links on mobile used to be AMP until recently. Just changing | search engine will not prevent AMP completely | phreack wrote: | I felt literally forced to leave Google on mobile by AMP. DDG's | results are often worse and I end up having to !g, and it's | always a punch in the stomach having to see two screens worth | of poorly marked ad-results, SEO spam and AMP - all of those | getting worse every month. And even then, their indexing of | sites like Stack Overflow, Reddit, and other major players with | good content is still miles ahead than DDG when I'm trying to | find the solution to a problem. | mdoms wrote: | I didn't realise AMP still exists. It definitely seems to be less | relevant today, I hardly ever find myself on AMP pages anymore. I | assumed Google had killed it. | disadvantage wrote: | It's easy to slag AMP because it's Google, and privacy-aware | people really don't like Google and denounce all their actions | without even thinking. But on the other hand: what if AMP is | actually a good thing? Like if it speeds up the web and addresses | web obesity, why not embrace it? | dogleash wrote: | Yes, that's the carrot. Now look for the stick. | | >what if AMP is actually a good thing? | | People said this when AMP was first announced too. | | Good for people with lives comfortable enough to be so off- | guard that this didn't set off any alarm bells; but businesses | are not your friends. | | Thankfully with the benefit of time and hindsight the Texas | Attorney General has documented some of the catches for us: | https://www.texasattorneygeneral.gov/sites/default/files/ima... | jonathansampson wrote: | Please see the "Why is AMP Harmful?" section :) | https://brave.com/privacy-updates/18-de-amp/#why-is-amp-harm... | robonerd wrote: | So what if it saves me a few milliseconds of load time and | megabyte or two of RAM? _Maybe_ that has some value a shitty | mobile connection, but such marginal gains are not worth | conceding _even more_ control of the web to Google. I 'd rather | websites take 10 minutes to load than have Google MITM my life. | UberFly wrote: | If you run Pi-Hole here's the RegEx to add to your blacklist | | ^(.+\\.)?amp\\..+\\.com$ | | ^(.+\\.)?ampproject\\.org$ | [deleted] | shadowgovt wrote: | Honestly, this is win-win and I applaud Brave for taking on this | engineering task. | | - Users who are concerned about AMP can use Brave to bypass | Google's infrastructure | | - Users for whom AMP is a benefit can continue to use it | | - Everybody wins | stiray wrote: | Really? What happens when google no longer indexes non amp | pages as most of the web pages are on amp? Just a thought | teaser. As it looks like there is not much people seeing | further from their noses. | RedComet wrote: | Brave has a search engine for that. | shadowgovt wrote: | > What happens when google no longer indexes non amp pages as | most of the web pages are on amp? | | Your thought experiment is equivalent to "What happens when | Google no longer indexes the open web," and I think the | answer is "Bing takes Google's place." | s17n wrote: | Totally agree! (And I'm usually in these threads just to defend | AMP) | BuckRogers wrote: | While I moved to Edge after 19 years on Firefox and I'm happy | with it, for me it's clear that Brave is the new Firefox. | lern_too_spel wrote: | This reads like a parody of somebody who doesn't understand the | web making their own modifications and proudly sharing their | project. They explain how AMP works by preloading and then they | contradict themselves by saying it loads slower. It can't load | slower for people reaching an AMP page from an aggregator page. | | Then they say that it monopolizes the web. It competes with | preloading technologies like Apple News, which require the | publisher to work directly with the aggregator. Any aggregator | can consume AMP, just like any aggregator can load RSS, but | nobody complained that RSS and Google's RSS aggregator | monopolized the web or that the RSS posts were served from Google | Reader instead of the publisher. | jonathansampson wrote: | I think you read too quickly, or skipped over a few key parts. | | Yes, AMP can cause some pages/content to load more slowly. This | was stated in the write-up, and supported a link to Google's | own DOJ disclosures. In that source we read that Google knew | that some publishers avoided AMP because their own pages were | shown to load more quickly without it, especially considering | 1-second throttling on Google's part for non-AMP pages, aimed | to give AMP a "nice comparative boost". | lern_too_spel wrote: | I think you didn't read that report at all. The nice | comparative boost was for ads. AMP pages loaded from an | aggregator are rendered before you click on them, and the DOJ | disclosures did not dispute that this would cause them to | load faster for users as it obviously would. | bigp3t3 wrote: | Nobody complained about Google's RSS monopolizing because the | search engine doesn't provide RSS URLs in the top results, | unlike they do for AMP links, at least nearly as frequently. | RSS is also far from a similar case study to AMP in how web | content is delivered. RSS optional, AMP was a lazy web dev's | means to presenting pages over mobile without having to think | about layout. At least that's what if felt like to me as a web | user. | lern_too_spel wrote: | And how is showing AMP in top results monopolizing the web? | Bing does the same thing. A social news aggregator could do | the same thing if it thinks people could read the article and | go back to scrolling the feed faster. | | AMP loads instantly. There is nothing lazy about supporting | it. Just like RSS, it requires extra work for the publisher | to get the user the instant-loading behavior they desire. | freediver wrote: | I haven't noticed that many AMP pages recently. Is it still a | thing and what kind of sites use them? | lern_too_spel wrote: | Google no longer marks AMP pages in its results, but Bing does. | perihelions wrote: | - _" what kind of sites use them?"_ | | Here's a good sample set (AMP posts on Reddit, sorted (roughly) | by popularity): | | https://old.reddit.com/user/AmputatorBot/?sort=top&t=week | p1peridine wrote: | "AmputatorBot" lol | rchaud wrote: | Commercial blogsites that post often, and specifically focus on | 'new' stories that people are searching for online. | | Think websites that do news, celebrity gossip, music, games and | movies. | KennyBlanken wrote: | They pop up on reddit fairly frequently. Lot of news sites push | them, hard...when people get a share link, especially on | mobile, they end up with an amp link. Lot of subreddits have | automod rules that delete amp links, and there are bots that | look for amp links and reply to the comment with a de-amp'd | link. | halotrope wrote: | On a slight tangent: I am a very happy user of "Amplosion" on | iOS. Gets rid of this god-awful AMP bullshit for good. Did not | see any AMP "enhanced" page for two years now. | | https://apps.apple.com/de/app/amplosion-redirect-amp-links/i... | karlzt wrote: | That's mentioned in the article. | sydthrowaway wrote: | Imagine working at Google on AMP | | The banality of evil | dafelst wrote: | Join Google to change the world as a top tier software | engineer, then spend all your time updating protobuf | definitions to keep internal tools glued together as Yet | Another Widely Used Internal API implements breaking changes. | | Such a lot of wasted talent. | fellerts wrote: | I wanted to read the justification for why "AMP harms users' | privacy, security and internet experience", but the link | ironically points to a Google doc for which access is restricted. | Is there an open version of this somewhere? | jonathansampson wrote: | That link is meant to jump to https://brave.com/privacy- | updates/18-de-amp/#why-is-amp-harm..., just a bit further down | the page. Apologies for the confusion | gundmc wrote: | I don't remember coming across many AMP pages recently. Since | Google stopped favoring AMP in the search results the other year, | it seemed like AMP was dying off. Is this feature even still | relevant in 2022? | gruturo wrote: | Kudos to Brave - they're a sometimes weird actor, but some of | their initiatives are commendable, and they often do what Mozilla | should have, but didn't. | | I rarely end up in AMP pages on my mobile, but when it happens I | immediately feel like I stepped on a turd, and promptly backtrack | / close the tab before it hijacks my back button, half the | screen, standard controls (including doing something weird to | scrolling) and other unpleasantries like banners whose "x" | somehow overlaps my browser's bars, and are therefore out of | reach (and said browser bars somehow do NOT autohide when | scrolling, unlike on normal pages) | | Getting AMP results from Google search has been one of the | drivers leading me to switch to DDG, so congrats Google, one less | customer. | mulmen wrote: | > Getting AMP results from Google search has been one of the | drivers leading me to switch to DDG, so congrats Google, one | less customer. | | It is a cliche but you are not Google's customer. You are their | product. If you don't find AMP compelling they don't want to | serve you ads anyway. | bbarnett wrote: | Yes, but less product is less profit, and they _do_ want to | sell you ads, AMP or not! | | So yes, it is a loss for Google. | agilob wrote: | Brave is doing for us all the things Mozilla promised | dralley wrote: | And a lot of other shaddy things that Mozilla has never done, | like the affiliate link hijacking (which yes, was supposedly | a "bug" but you have to admit that it's an awfully convenient | "bug"), and setting up crypto wallets for content creators | without solicitation and then collecting money on their | behalf. | celsoazevedo wrote: | Maybe it's because I use Brave (as a "Chrome with less | Google" and with all the crypto stuff disabled), but when I | look at the "shady things" they've done, it doesn't look | that shady: | | - The affiliate link "hijacking" was - if I remember | correctly - to sites of crypto companies that partner with | them. I'd prefer if this didn't happen, but most seem to be | fine when other browsers (Safari, Firefox, etc) add | something like "?client=safari" when searching or when | their search engine (eg: DDG) use affiliate links to sites | like Amazon or Ebay. It's not a new thing. | | - The money collection (brave rewards)... if one doesn't | understand how the system works, it looks like they are | stealing money... but the money is returned to the sender | after a while if the website/creator doesn't claim it. Is | this that bad? | | And then there's them not blocking some trackers (Google, | Facebook, etc) by default, but if they did, they would | break logins on many websites. | | Maybe all this is bad, but I'm not sure if there's any | browser out there without a history of shady behaviour. | Even Mozilla has messed up a few times. | dralley wrote: | >The money collection (brave rewards)... if one doesn't | understand how the system works, it looks like they are | stealing money... but the money is returned to the sender | after a while if the website/creator doesn't claim it. Is | this that bad? | | I don't think anyone ever accused them of _stealing_ that | money, but yes, hijacking people 's personal brands to | collect money without their explicit knowledge is a bad | thing. | | Imagine if I saw the icon and gave "them" money via Brave | instead of joining their Patreon or some other official | channel that they explicitly set up. If they don't | collect, then yes, I might get my money back - nothing | was "stolen". But that was money I wanted to send to the | content creator in that particular moment, and that | creator will probably never see it. The creator got | screwed out of money that otherwise would have gone to | them. | jonathansampson wrote: | Please see the second half of this response: | https://news.ycombinator.com/item?id=31086397. | | Imagine I presented you with $10 (from my own pocket), | and asked you where it should be spent. You told me | "Doc's Pub, over on 9th." So I walked over to Doc's Pub, | but found them to be closed. So I waited outside for a | few hours, just incase they opened up. I later went home | and wrote down "try to spend $10 at Doc's tomorrow." | | Brave staked users with BAT (from our token sale). Users | could direct that BAT to the sites/properties of their | choosing. The BAT then went into an omnibus settlement | wallet (note: the BAT originated in one Brave wallet, and | was sent to another Brave wallet). | | There was no hijacking of brands, or anything of that | nature. I would encourage you again to please visit the | aforementioned link. In it I mention our blog post on the | topic, which includes screenshots and more. I hope this | helps! | celsoazevedo wrote: | Maybe the problem is the way it used to work and not so | much how it works right now? Things seem to have changed | a bit. | | At least for websites I have to manually click the Brave | Rewards icon (wasn't prompted to do it on a new profile) | and it shows if the site is verified or not: | | - My personal website (verified): | https://i.imgur.com/WZykI2U.png | | - Google[.]com (unverified): | https://i.imgur.com/89XvzIz.png | | And if we hover over the "unverified creator" text, this | is displayed: https://i.imgur.com/IfKQUME.png | | I guess the right way to do this is to only allow | tips/donations for websites already verified... still, if | you're going to use Brave Rewards, you probably have an | idea of how it works. | | Maybe things are different for creators on platforms like | YouTube? I don't know how it works. I couldn't find a way | to make a direct contribution with Brave Rewards. | w0ts0n wrote: | >hijacking people's personal brands to collect money | without their explicit knowledge is a bad thing. | | Brave gave users BAT to tip content creators. They tipped | it, if it wasn't claimed in 90d, Brave returned the BAT | to the pool. There was no collecting money. It was | Brave's promotional BAT and it never actually left | Brave's possession unless claimed. | | The issue was that it wasn't clear if the creator had or | hadn't signed up. Which was fixed within 48h. | jonathansampson wrote: | Heads up: I work at Brave. As such, I encourage you to | check my claims, verify my sources, and don't take anything | I say for granted. Always happy to provide more context as | needed :) | | Firefox literally sends your keystrokes to Google, right | out of the box. Brave, however, was found to be the most | private popular browser by reputable researchers: https://w | ww.scss.tcd.ie/Doug.Leith/pubs/browser_privacy.pdf. | | Brave [never] hijacked links either. Affiliate Links were | offered among suggested sites for relevant search input. So | if you searched "Binance," the browser would offer (among | other suggestions), an affiliate link for the site. Users | could then choose to browse to the property with the | affiliate link, and in so doing support the development of | Brave. No impact to privacy or security at all. | | The mistake here was with input handling. Built to handle | search input, this feature also mistakenly handled fully- | qualified domains. While we intended the app to offer | affiliate links (when relevant) to something like "what is | binance?", it was also offering them for "binance.us". The | latter case was corrected quickly (and the feature itself | was disabled out of the box). | | More about that on our blog: https://brave.com/referral- | codes-in-suggested-sites/. | | To your second point, about setting up crypto wallets and | soliciting donations on behalf of non-participating | publishers, you're mistaken there as well. | | To prime the support-system in Brave (called Brave Payments | at the time), we staked Brave users with tokens, inviting | them to direct those tokens to creators they would like to | support. More clearly, Brave gave Brave users say over | where Brave ought to direct its own tokens. | | Unfortunately, our UI/UX wasn't very clear about which | creators were verified, and which were not (we followed the | Twitter approach, marking verified creators with a | checkmark, but doing nothing for others). This resulted in | some confusion at the end of 2018, where users were | directing Brave's tokens to non-participating creators | (most notably Tom Scott). | | We received considerably helpful feedback about how the | system could be improved (both from a UI/UX side, and | operationally). Frankly, I don't think I've ever seen our | team work so hard, and churn out such a monumental update | in so little time. We had made massive changes within 48 | hours IIRC. Creators were explicitly marked as verified or | unverified in all cases, the BAT that Brave stakes with | users would remain in the local wallet until it could be | received by a verified creator. And BAT that sat pending | for 90 days would be unlocked again for the user to direct | elsewhere. | | Tom Scott was kind enough to review our changes, and | explicitly gave us his approval soon-thereafter. What is | now 'Brave Rewards' wouldn't be doing so well today were it | not for Tom and so many other incredible users helping us | find the best path forward. | | More about that on our blog: https://brave.com/rewards- | update/ | lupire wrote: | I appreciate this respectful, thorough, evidence-backed | response to criticism that makes claims you dispute. It's | so rare on HN and the wider world. | agilob wrote: | Not that I'm downplaying your points, but please next | time start a comment saying you're working for Brave ;) | jonathansampson wrote: | Good point. On Twitter my name is "BraveSampson," and I | often forget that isn't the case here as well. FWIW, I'm | Sampson, and I work in Developer Relations at Brave. I | have that in my bio here, to help a bit. | dave5104 wrote: | > On Twitter my name is "BraveSampson," | | It doesn't look like this is the case, fwiw. (Unless your | HN profile lists an outdated handle?) | jonathansampson wrote: | Nice catch! I was referring to | https://twitter.com/BraveSampson/. Profile updated. | benatkin wrote: | > Firefox literally sends your keystrokes to Google, | right out of the box. | | Keystrokes in the URL bar. | bduerst wrote: | Which is how instant search works, right? | | Describing the cost without explaining the why is | _really_ putting a spin on things. | nocman wrote: | Yeah, I don't like that this is the default, but "Firefox | literally sends your keystrokes to Google" could easily | be interpreted by many people to mean _all_ of your | keystrokes (not just the ones typed in the URL bar). | | It would have been better to say "by default Firefox | literally sends every keystroke you type in the URL bar | to Google". | | In my opinion it _is_ a user-hostile "feature", and | should be pointed out, but not in way that could be so | wildly misinterpreted. | benatkin wrote: | > In my opinion it is a user-hostile "feature", and | should be pointed out, but not in way that could be so | wildly misinterpreted. | | I agree. I don't like a lot of what Mozilla does but I | don't like Brave at all, so I'll gladly defend Mozilla | against hyperbole coming from Brave. Brave isn't even a | browser, so I just ignore it most of the time. | freeplay wrote: | It can also be disabled in preferences if you don't like | that functionality. | [deleted] | tempest_ wrote: | People around here love to pile on Mozilla for every | perceived slight or misstep but they rarely have any ideas | on how Mozilla is supposed to fund itself. | | Some of the ire is earned but I have yet to see how Mozilla | is supposed to fund Firefox development without that google | search bar. | devmunchies wrote: | > they rarely have any ideas on how Mozilla is supposed | to fund itself | | If we're talking about the Mozilla foundation, they | should seek donations and grants and focus on being the | best user web tooling. | | If we're talking about the corp, they could've kept rust | under the umbrella and pioneered the WASI runtime and | built an alternative to k8s that runs webassemblies and | built out a paid cloud infra. | | It doesn't make sense to have a foundation that is user | aligned and a corp that is user hostile. There should be | aligned incentives. | agilob wrote: | In 2013/2014 when Snowden started whiste-blowing we were | hoping for Mozilla to monetize privacy, but they never | did. They only recently made some very poor attempts at | private email, VPN and integrated some DoH. They were | very hesitant for any cryptocurrencies integration. I | would be happy to pay for a serious VPN and email service | (remember Mozilla owns Thuderbird) with promises like | Tutanota or Proton have. They could have acquired them, | but instead they acquired pocket. Mozilla had the perfect | brand and enough userbase to do it. Mozilla started doing | that work 5-7 years too late and did too little to be | meaningful. I feel they are doomed now and their space is | shrinking and there's no future for Firefox in the long | term. | | There's a lot that can be added here: | | Mozilla promised to opensource pocket server and never | did. | | They promised to hire someone full-time for Thunderbird, | but never did. afair there is a German company that has | full-time developer working on Thuderbird. | | They promised a VPN... yes, delivered something. | | They promised anonymous email, I know they were giving | access by invites, but nothing more about it. | | They promised to unfork Tor browser and integrate Tor | into Firefox, they were even running a few Tor nodes. | | Remember how hyped everyone here was for Servo in Firefox | and electron competitor? | | MDN could have integration with GH or GL and educational | content for web development, they literally had | resources, brand and ability to join an online university | and give degrees or at least serious bootcamps. Mozilla | was a meaningful brand to do it. | | They had a lot of opportunities to sell privacy, we | literally demanded it from them, but they weren't | interested in listening. Instead they delivered 6 | rebrands each breaking my muscle memory. | | Do you remember how they advised EU to regulate monopoly | on the webbrowser market? There was time when they had | all ability, but 0 will to keep it this way | https://en.wikipedia.org/wiki/BrowserChoice.eu | kyleee wrote: | on the other hand, colorways | Terry_Roll wrote: | agilob wrote: | wow this escalated so fucking fast i have no idea what | happened | [deleted] | blihp wrote: | By not spending the >$1 billion they've taken in over the | last decade as fast as they got it. A billion+ is a ton | of money in the open source world and had they been | responsible stewards they would have been able to fund | development for a very long time without short term | funding concerns. The fact that they've pissed away every | cent taken in is their problem. | wintermutestwin wrote: | >how Mozilla is supposed to fund itself. | | 1. Stick to building a more private browser | | 2. Become a non-profit or Benefit Corp | | 3. Fund #1 through all of us donating and encouraging our | less tech savvy connections to use it and donate | drath wrote: | 1. Why focus on privacy? The niche is already taken by | brave 2. To do so, they'd have to drop their half-billion | default search engine deals 3. Currently, the donation | figure is about $20mil. They'd have to somehow | additionally collect $1.5 from every single user annually | to prevent layoffs. | vasco wrote: | For starters Mozilla could operate with a much smaller | footprint, much less projects in parallel and less vanity | projects. That would reduce the amount of money required | by a lot, which is the big problem in the first place. | | Developing a browser isn't easy and requires a few teams | of developers, but in 2020 it spent 242 million dollars | in software development costs, 137 million dollars in | administrative costs and 37 million dollars in marketing | and branding costs. I don't live in a lala land where I | think you can develop a browser for free, but I think we | can all agree that you don't need to spend this amount of | money on it either. Are 100 developers enough? 200? How | much does that cost? Do they all need San Francisco | salaries to develop a good browser? | | In terms of funding, they got 440 million dollars from | royalties (what they get from setting default search | engines on their browser) and 25 million dollars in | subscription revenue (Pocket and VPN subscriptions type | things - products they actually sell). | | Now, can you develop a browser on 25 million dollars per | year? Maybe it's cutting it short, but for sure there | could be a strategy to invest more on this side of the | equation to phase out the need to be Google's bitch in a | more intentional way. | | Source: | https://assets.mozilla.net/annualreport/2020/mozilla- | fdn-202... | mattnewton wrote: | > Are 100 developers enough? 200? How much does that | cost? | | 100-200 developers probably roughly costs on the order of | 25-50 million a year (assuming a made up number of 250k | fully loaded cost with benefits and taxes, which might be | lower or higher than their average, idk. This number | seems almost too conservative to my gut). From this back | of the envelope math, I don't think the royalties | business is enough to support the development cost alone. | | > Do they all need San Francisco salaries to develop a | good browser? | | If you don't want them to leave to work on safari or | chrome, probably? This experiment was more or less tried | by opera, right? | | Brave gets away with a lot lower overhead by bascially | piggybacking off chrome. Opera similarly gave up selling | their own browser engine and cut their development teams | while switching to another wrapper on blink. Firefox | could become yet another skinning of blink and chrome | code, but it's not clear to me how that's helping them | with being "Google's bitch in a more intentional way". | | I think there are problems with Mozilla's side project | expenditures, there is definitely some bloat, and they | have had some expensive failures like Firefox phone. | However I don't think Mozilla could have survived without | Google's funding and people vastly underestimate how | expensive quality software is. | vasco wrote: | > From this back of the envelope math, I don't think the | royalties business is enough to support the development | cost alone. | | Did you mean subscription business? Like I mentioned, the | royalties were 440 million which is way larger than | 25-50. If you put 200 developers on this project, with | fully loaded costs of 400k / year each, that's 80 million | dollars per year. You add 20 million dollars for | administrative and other expenses and we come to 100 | million dollars per year burn rate. | | In 2020 they made ~25M on subscriptions, if 50 of the 200 | developers focus on improving the subscription business, | at the current rate of growth they had from 2019-2020, in | a few years they could totally phase out of needing | royalties at all to cover their $100M / year expenses, | with 200 developers earning competitive salaries. | mattnewton wrote: | Yes, sorry, I meant non-royalties business. I don't | believe the kind of growth you mentioned is likely, but | maybe I am missing things about their business. I think | they bet big on diversifying with other initiatives like | Firefox phone that just didn't hit, lots of browser | things like you were talking about. | agilob wrote: | >Brave gets away with a lot lower overhead by bascially | piggybacking off chrome | | Chromium get contributions from a few big companies, why | couldn't Mozilla create a "contributor community group" | something like Java has? Oracle keeps control over Java | but there is a democratic process on what gets into | Java/JDK. At some point Samsung was contributing to servo | when it still was experimental. | TedDoesntTalk wrote: | > why couldn't Mozilla create a "contributor community | group" something like Java has? | | Mozilla regularly accepts code from unpaid community | members and has since its inception. | roughly wrote: | It'd be a nice start if they'd let me give them money for | their product. | xtat wrote: | This is the thing everyone always points to when they hand | wave "a lot of other shady things" - not sure why folks | generally like to FUD Brave. I was working there when this | issue happened and it was a very big deal internally and | was patched immediately. FWIW I got zero hint that this was | some kind of shady thing someone would have been trying to | sneak in. | BrendanEich wrote: | You wrote "link" which is an element in a page, but we | never "hijacked" or rewrote any such URL-bearing element. | (We do for De-AMP, now.) Please dont fall for such lies | about us couched as "link hijacking". | | https://news.ycombinator.com/item?id=31088549 | pmurt7 wrote: | Mozilla faces blowback after slipping Mr Robot plugin into | Firefox: | | https://www.theverge.com/2017/12/16/16784628/mozilla-mr- | robo... | huhtenberg wrote: | There's an irony there somewhere. I can feel it. | coldpie wrote: | I like having more than one browser engine in the world, but | I do hope Brave pushes Mozilla to do more. | alanh wrote: | To be fair, Brave doesn't really have their own browser | engine (it's Chromium), but it is good to have browser | choice, so I agree with the sentiment. (I am a Brave user.) | devmunchies wrote: | Agree, but at least brave has the expertise and interests | ($$) that if chromium goes off the rails, they could fork | and maintain an alternative. | reflexco wrote: | Except building the only modern alternative rendering engine | on desktop, which is necessary to keep web standards serving | the users instead of Google! | nickysielicki wrote: | I'm surprised that Apple doesn't have a desire to play this | role. They don't sell ads so there's no cannibalism and they | have painted themselves (and advertised themselves) publicly as | a company that cares about privacy and security. It seems like | a natural avenue to win users in a world where the Windows | alternative has more analytics and spyware than ever. | | A man can dream. | HNHatesUsers wrote: | admax88qqq wrote: | Apple only nominally cares about the web. They would rather | all interactions go through apps and the app store where they | get their cut. | toper-centage wrote: | It's funny because if you go watch the iPhone launch | presentation, Jobs was all about the web, and having web | apps on your phone. Fast forward and PWA are just recently | possible, barely supported, and Apple would really prefer | you not to use them. The incentives are clear, but it's | still a sad story. | hbn wrote: | It's not so much that Jobs was "all about the web," it's | just that he didn't want people writing bad software for | the iPhone so he was against allowing third-party apps on | it until after much convincing. | _jal wrote: | > Jobs was all about the web | | That was just the best answer he had to questions about | third-party apps until they had the infra in place for | it. | | Apple will never tell you ahead of time about changes | like that. So, while I wouldn't exactly call it lying, | you'll get answers like the above. | soperj wrote: | Why wouldn't you call it lying? | glatisaint wrote: | Because it was the truth at the time. | enos_feedler wrote: | Glad you've talked with leadership there and can confirm | what many suspect but can't prove | pid-1 wrote: | Understanding how a company makes money will tell you a | lot more than talking with any leader | | That's even more true for publicly traded companies | scarface74 wrote: | Apple makes money on games with in app purchases. Not | random apps that don't charge users on the phone. | admax88qqq wrote: | Fine, allow me to rephrase | | Based upon their actions I don't believe that Apple cares | about the web beyond the bare minimum they have to to | provide a tolerable browser experience for their users | until everything happens via Apps. | nixass wrote: | Is it brown in there? | lupire wrote: | For news, the common AMP use case, Apple uses Apple News | news.apple.com as their version of AMP hijacking websites. | | It's not a paid app, just part of the walled garden | experience. | scarface74 wrote: | Apple "cares about the web" and wants people to use the web | because Google pays them $12 billion+ a year to be the | default search engine. | | Most of the money Apple gets from the App Store is from pay | to win games - north of 80%. It came out in the Epic Trial. | | Apple doesn't really care if your banking app is a website | or an app. They don't make money either way. | | Most apps on the App Store that could be a web app don't | charge users. | s17n wrote: | The more native apps you use, the stickier the ios | platform is. To the extent that they don't care whether | you use the web or not, it's only because they've already | won in the markets that they care about and don't really | view Android as a serious threat anymore. | scarface74 wrote: | Every single app on my phone besides Overcast (the | podcast player) has an Android version. Hardly any non | game app developer creates apps for iOS only. | | Not only that, the data for those apps are on a remote | server that is accessible via any other platform. Even | when an app uses the standard file picker, you can choose | any installed cloud storage device to save and load files | - ie iCloud, Dropbox, Google Drive etc. | lern_too_spel wrote: | Apple gets at least $99 per year plus device sales and | usage data if it's an app. They also get to sell App | Store ads to competing banks. | scarface74 wrote: | $99 a year is a nothingburger. It wouldn't even move the | needle enough to motivate them. That's not even pure | profit. | | But the money they make on ads in the App Store has to | pale in comparison to how much they get from Google | [deleted] | searchableguy wrote: | Apple said there are 20 million registered developers in | _2018_. | | Now there must be more but $99 * 20 million is not | nothing in annual revenue which is mostly profit. | TedDoesntTalk wrote: | > nothingburger | | What the heck is a nothingburger? | [deleted] | nomel wrote: | > I'm surprised that Apple doesn't have a desire to play this | role. | | They're being paid handsomely, by Google: | | > In 2020, The New York Times reported that Apple receives an | estimated $8-12 billion per year in exchange for making | Google the default search on its devices. According to one | analyst, Google's payment to Apple in 2021 to maintain this | status quo may have reached up to $15 billion. | | 1. https://www.macrumors.com/2022/01/05/google-pays-apple- | stay-... | tyrfing wrote: | > They don't sell ads so there's no cannibalism | | Apple sells huge amounts of ads, I believe it's the fastest | growing part of the business right now. Estimates are $5 | billion in advertising revenue in 2021, with one projection | of $20 billion annually within 3 years. In addition to this, | Google pays them $15 billion to be the default search engine | and sell ads. | | https://www.ft.com/content/074b881f-a931-4986-888e-2ac53e286. | .. | 1propionyl wrote: | Apple does not offer an equivalent tool, however as of iOS | 13, the system hooks exist for one to be implemented. In | particular, there is Christian Selig's Amplosion (same author | as the Apollo Reddit client)[1], which works quite well. | Costs a few dollars up front, but well worth it. | | There is sadly not a version or equivalent on macOS, but | Christian has confirmed it is in-development. | | [1] https://apps.apple.com/us/app/amplosion-redirect-amp- | links/i... | | P.S. Pairs well with PiPifier to bypass YouTube not allowing | picture-in-picture or playing in the background without a | subscription, and a good ad blocker. | dexterdog wrote: | Why don't people just use a redirect extension and redirect | ^https?:\/\/(. _)(\ /amp\/|\?amp|\?amp=._)$ to https://$1 | lupire wrote: | Because that only works in browsers with extensions, and | extensions are yet another third party to trust. | mdavidn wrote: | AMP pages consume less power (thus battery life) on Apple's | mobile devices. | nostromo wrote: | Apple is disincentivized to take this on. | | Apple sells ads on search indirectly via Google. (Google pays | Apple to be the default search engine.) | | Google's payment to Apple is bigger than the revenue Apple | makes from the Apple Watch. | kingo55 wrote: | > sometimes weird actor | | Like that time Brave replaced links to a site with their own | affiliate links? Yeah, I no longer trust them. | BrendanEich wrote: | That never happened. We never "replaced links". | | The issue was about address bar input autocomplete for two | domains, binance.us and binance.com, along with keywords | which all browsers offer several possible autocompletions | for, we autocompleted by default not just via dropdown | suggestion, with referral code attribute identifying us (not | the user) to Binance at end of domain name. We fixed this | right away and made nothing off of it. But it was a blunder | for sure. | go_prodev wrote: | I generally trust the Brave folks, but have reservations about | rewriting URLs becoming a new tool in their toolbox. | | DDG sounds like a promising alternative. | spicybright wrote: | I'm sure it just changes the URL bar so you can see what | happens. | | Regardless, it's already in their tool box because they make | the browser. | | They could be re-writing urls and not showing you, if they | wanted to. And as long as no one notices, you can keep doing | it. | go_prodev wrote: | Good point. It also sounds better to build it in than | having a browser extension for it. | mastazi wrote: | > DDG sounds like a promising alternative | | Unfortunately, switching to a different search engine does | not prevent you from ever stepping onto AMP again. For | example all links in the mobile version of Twitter used to be | AMP until recently: | https://www.theverge.com/2021/11/19/22791002/twitter-amp- | ios... | nocman wrote: | I suspect go_prodev is referring to the DDG app ( | https://duckduckgo.com/app ) and not just the search | engine. | | I only recently became aware that the app existed, so I | don't know how/if it deals with all things AMP-based. | dheera wrote: | AMP sometimes helps me get past paywalls though. | GuB-42 wrote: | I didn't experience anything you described with AMP pages. | Generally, I find AMP pages to be among the best by news site | standards, which I agree are pretty low. | | I never understood why AMP gets so much hatred from end-users. | I understand why publisher hate it (it takes away control), and | I understand the monopoly concerns, but for me, as an end-user, | 99% of the times, the AMP version is better: faster, with less | of the annoyances you described. As for privacy, these 99% are | loaded with Google ads and analytics anyways, so not much of a | win there. I don't know what your configuration is, what kind | of ad-blockers you are using, but I never met the horrors | people make AMP to be. | | And sure enough, there are sites that are better than any AMP | sites, but these almost never have an AMP version. So for me, | AMP makes terrible sites a little less terrible, and good sites | unchanged. | encryptluks2 wrote: | Isn't it publishers deciding if they want to make an AMP page or | not? Also, there is no way to make sure publishers aren't | harvesting your data. So if a publisher cares about privacy, how | about they just don't make an AMP page? Seems like common sense | and most other people here are complaining over nothing. I don't | see people here complaining about Cloudflare proxying half the | Internet. | stakkur wrote: | This is great. I believe Firefox does this already, and you can | do it on Safari via extension/plugin (Amplosion, Overamped). | nicklaf wrote: | Not sure about Firefox cutting out AMP directly. I personally | use this extension to do it: https://www.daniel.priv.no/web- | extensions/amp2html.html | ocdtrekkie wrote: | I'm really impressed to see this, Mozilla should've led here on | implementing something like this years ago. This is a pretty big | nudge for me to consider Brave as a future browser. | webmobdev wrote: | Mozilla is a joke now. They've now converted Firefox into an | ad-ware / spyware ( | https://www.theverge.com/2021/10/7/22715179/firefox-suggest-... | ) because the current geniuses leading Mozilla have decided | that apart from the _5+ million users_ of uBlock Origin, every | other Firefox users loves ads and wants them! They 've earned | 100's of millions of dollars from Firefox, and still claim that | they don't have the resources to refactor the browser, | modularise it and innovate it. | | I have always suspected that the current Brave CEO Brendan Eich | was a victim of a malicious campaign intended to get him | removed from Mozilla (which he co-founded, and later become a | CEO of), because he would have been more vocal against Google | in Mozilla, and wouldn't have been happy to let the Firefox | codebase stagnate while everyone in Mozilla was content with | the millions of dollars they were getting from Google. (His | religious beliefs / political ideology was just an excuse and | just made him an easy target). | | _Edit_ : I am not endorsing Brave browser either, as there are | some questionable privacy issues with it. | coldpie wrote: | Unfortunately for Brave, I think Eich's conservatism is going | to be a real barrier to adoption. His views were very far | outside the tech mainstream even in the late-2000s, as shown | by his exit from Mozilla, and he's currently diving into | COVID conspiracy theories and anti-vax stuff[1]. If Brave | starts to get traction, his views are going to become a real | stumbling block once more people start paying attention. | | [1] https://twitter.com/BrendanEich | webmobdev wrote: | I can't comment on his personal ideology - I just respect | his technical skills and contributions. But if what you say | is true - that he has been leaning more and more to the | right - I can't help wonder if the vicious campaign against | him perhaps _pushed_ him more to the right and made him a | hardliner. The irrational beliefs of fundamentalists often | rest on a foundation of victimhood (real or perceived, they | are undoubtedly a painful personal experience). As we are | learning, the internet 's "cancel" culture ( | https://en.wikipedia.org/wiki/Cancel_culture ) and echo | chambers are making people's beliefs more rigid, and | creating an unhealthy us vs them mentality. Till the | scandal, Eich seemed to be quite professional in separating | his work from his personal life / belief. If that has | changed now, for the worse (like you seem to be hinting), | then I do feel sorry for his situation. | KennyBlanken wrote: | What's a joke is claiming that paid suggestion search results | "have converted Firefox into an ad-ware / spyware [sic]" | | I'm not a fan of them adding this and switching it on, but | it's easily disabled... | | > Click on the hamburger menu and then select Settings | | > Click on Privacy and Security in the sidebar and scroll to | Address Bar -- Firefox Suggest | | > Select or deselect the checkbox for contextual suggestions | to turn the feature on or off | | > Select or deselect the checkbox for "occasional sponsored | suggestions" | dogleash wrote: | >but it's easily disabled... | | No it's not. That's about as buried as it gets without | hiding it in about:config. | | "Easily disabled" would be a button right next to the ad | that said "never show me this dogshit again." | kreeben wrote: | >> I'm not a fan of them adding this | | Excuse me sir but you definitely sound like a fan. | | The really real joke is claiming that proclaiming that | Mozilla is a joke is some sort of a joke. | | Out-of-the-box I would definitely classify Firefox as ad- | ware/spy-ware. | smoldesu wrote: | Does that make Brave adware as well, since it ships with | a suite of features fundamentally designed to serve you | ads of their own creation? | kreeben wrote: | Isn't Brave's ads opt-in? I thought they were opt-in. | Aren't they opt-in? So what are you on about? | webmobdev wrote: | Technically you are right, ofcourse. An adware is unwanted | software designed to show you ads maliciously (no way to | remove or turn it off). But let's look at some common | features of adware / spyware: | | 1. Advertisements appear in places they shouldn't be. ( | _Yes in Firefox - ads in new tab and address bar_ ). | | 2. Your web browser's homepage has mysteriously changed | without your permission. ( _Yes in Firefox - default custom | home page_ ) | | 3. New toolbars, extensions, or plugins suddenly populate | your browser. ( _Yes in Firefox - bundles unwanted, | uninstallable extensions_ ) | | 4. Your computer starts automatically installing unwanted | software applications. ( _Yes in Firefox - studies can | install extensions without your knowledge_ ). | | 5. Collect personal data without your knowledge ( _Yes in | Firefox - ad partners and studies_ ). | | Again, technically you are right that there are options to | disable some of these things, (most of which are all | enabled by default that the majority of users won't be | aware of) ... But when a software imitates and behaves like | an adware / spyware, Mozilla would do best to listen to | their users criticism than call us ignorant. | speeder wrote: | Mozilla kicked one of its main creators years ago too, and that | guy is the one making Brave... so no surprise ;) | | Features that should come out on Mozilla will instead come out | of Brave... | KennyBlanken wrote: | mikem170 wrote: | Did his resigning have something to do with him personally | donating $1000 in 2008 in support of California's | Proposition 8 referendum? (opposing gay marriage) | | Just checking, you really didn't mention why he resigned. | RedComet wrote: | To be more clear, it was to do with media frenzy once | they found out about it. | smoldesu wrote: | KennyBlanken wrote: | I'm not sure why you would be impressed by something that has | been possible in Firefox and Chrome for many years with a de- | amp extension (though I would recommend a more general-purpose | URL-de-cruftifier, such as ClearURLs, which will also remove | most tracking bits from URLs.) | | Google removed ClearURLs from the chrome add-ons store because | (I wish I were making it up) _the extension 's description was | too detailed_: https://www.ghacks.net/2021/03/25/the-curious- | case-of-clearu... | | Brave implementing this, while nice, is basically a | nothingburger. | [deleted] | skaul wrote: | https://github.com/brave/brave-core/pull/11750 describes the | more technically-involved part of the feature - we had to | make sure that we detect an AMP page before it gets to the | Chromium renderer process, in order to prevent the page from | loading the AMP resources (and thus leaking the user's IP | address and browsing behaviour to Google). | jonathansampson wrote: | I think you demonstrated in your own post why this is such a | big deal. | | Extensions can certainly deliver this type of functionality | in large part, but you have to [run an extension]. You need | to ran an extension process (with its additional overhead). | You need to make sure Google doesn't swoop-in with breaking | changes between manifest versions. Then you have to make sure | the extension is permitted in the Web Store, and not removed | over something as silly as a detailed description. | | By delivering this functionality natively, Brave offers a | more reliable and efficient solution to the problem of AMP. | KennyBlanken wrote: | Or...and bear with me here...I just don't run Chrome. I | don't run Firefox, but a derivative. On rare occasion an | extension I use has been removed from the store over | "silly" reasons (this has happened once, maybe twice in | over half a decade) I've been able to re-install it from | the author's site. | | > By delivering this functionality natively, Brave offers a | more reliable and efficient solution to the problem of AMP. | | Just because it avoids a separate process doesn't mean it | is more reliable or efficient. Further, you offer a subset | of the functionality of the URL-cleaning extension I do | use, so it's moot. | | I don't care if your browser ever becomes a superior | product for me. I can't stand the community, who are easily | the most aggressive and zealot-y bunch of any open source | project I can think of. The comments section of any HN | article about Brave becomes a shit-show as Brave users with | the emotional maturity of teenagers dogpiling on shouting | about how Brandon was the victim of a conspiracy by 'The | SJWs', Firefox is "spyware", we're all stupid sheeple for | not using Brave, etc. | | And then at least one person from Brave shows up and starts | condescendingly responding to every comment that isn't | supportive of Brave. | | There's the history of crypto-bro-y nonsense. The donation- | scamming where creators had to "opt out" of Brave | pretending to collect donations "for them." And so on. | | I also don't want to support a company run by a person who | has spent vast amounts of his money supporting some of the | most bigoted politicians in our nation's modern history and | to causes working to strip people of human rights. I don't | want to support him, and I don't want to support people for | whom his political activities are not an issue. | richardwhiuk wrote: | You have to run Brave, which is a considerable overhead. | jonathansampson wrote: | Running a browser is better than running a browser in | addition to several extensions for functionality that | could be integrated natively, resulting in less overhead. | | But yes, you will need to use a browser to browse the Web | smoldesu wrote: | I don't trust Brave's implementation in the first place. | You have a direct conflict of interest with protecting | user privacy since you also make money off of the ads you | serve users (because of how you skim BAT revenue). | Furthermore, your scummy behavior of holding site | operators ad revenue hostage is pretty disgusting, and | doesn't provide much of a moral compass for us to base | your actions off of. I'd trust stock Chromium before I'd | install Brave on any of my machines. | jonathansampson wrote: | Brave's Ads are optional (off-by default in the case of | Ad Notifications), and matched-on device (so no user data | leaves the machine). There is no conflict of interest | here; Brave doesn't harvest user data. The Brave | Rewards/Ads model is centered around _attention_, not | data. | | Regards to the "holding site operators and ad revenue | hostage," I'm not sure to what you're referring. Perhaps | the UI/UX of Brave Rewards ("Payments" at the time) in | late 2018? If so, see | https://news.ycombinator.com/item?id=31086397 what, I | hope, will be a helpful answer. | ocdtrekkie wrote: | Extensions are a massive security vulnerability. Any time you | can accomplish something without opening yourself up to | browser extensions is a huge win. | DesiLurker wrote: | plus extensions see all website you visit in cleartext so | make damn sure you really trust the extension. it might be | something innocuous like history eraser but is harvesting | your info across banking & credit card sites. | richardwhiuk wrote: | So is Brave. | jonathansampson wrote: | No application is perfect, but running Brave is pretty | safe. The browser is based on aggressively-tested | components, hosted in the open, updated regularly, and | routinely hammered-on by reputable folks in the security | industry. Not to mention, we pay folks who find weak | spots. | ocdtrekkie wrote: | I am not a Brave user at present, but I'm curious what | you'd refer to here. | cphoover wrote: | I agree 100%. | | There are still things about brave that confuse me... like the | browser feature that allows giving crypto to content | providers... | | but as someone who loathes AMP... I support this feature. | DHPersonal wrote: | If you're in iOS then there's an extension available to redirect | to non-AMP versions of sites. | https://apps.apple.com/us/app/amplosion-redirect-amp-links/i... | rubyist5eva wrote: | Yes! I love it, easily worth the few bucks and works | seamlessly. | captn3m0 wrote: | Note that iOS Browser extensions only work for Safari, and not | other browsers such as Firefox or Chrome. | nerdjon wrote: | Another recommendation for Amplosion! | | When I found out about this a few months ago this was the | quickest purchase I have made on the App Store in a long time. | I despise AMP and how Google has infected the internet with it. | | Told all my friends about it, even offered to pay for it for | them if they wished. Anything to help AMP die. | karlzt wrote: | That's mentioned in the article. | tyingq wrote: | Everything you need to know about AMP is in one very specific | section of the spec: | | _" AMP HTML documents MUST...contain a <script async | src="https://cdn.ampproject.org/v0.js"></script> tag inside their | head tag"_ [1] | | Meaning, _" Your content must load and run some Google controlled | javascript, that does who-knows-what to your content and end | users"_. | | In the past, that's included injecting a big header that pushes | your content down, hijacking swipe events on your page, an [X] | button that looked like it would delete the AMP banner header, | but instead navigated away from your page back to google, etc. | | [1] https://amp.dev/documentation/guides-and- | tutorials/learn/spe... | bduerst wrote: | The Amp javascript can be self-hosted [1] away from Amp's | servers, there's even a framework demonstrating how to do it | [2]. | | The only difference is that it doesn't pass Amp validator, | which is necessary for the Bing search result icon. Developers | have requested the feature for the Amp validator to include | self hosting but it hasn't been added yet (or have any plans to | AFAIK). | | [1] | https://gist.github.com/mdmower/b56e94f0dc36beafb825b0c5e31f... | | [2] https://github.com/mdmower/amp-self-host-demo | tyingq wrote: | Interesting, though I am citing the AMP spec, and it does say | MUST. I'm curious if Google would put a self-hosted AMP page, | for example, in their carousel. I think it probably can't. | bduerst wrote: | It's been exactly a year since Google announced they are no | longer prioritizing AMP content in the carousel, or as SEO | in general: | | >Besides algorithm changes, there will be several user- | facing changes. For starters, the Top Stories carousel in | Search will no longer be limited to AMP content. The Google | News website and mobile apps will similarly surface more | non-AMP content. Lastly, the AMP lightning bolt icon will | no longer be used to badge eligible content: | | https://9to5google.com/2021/04/19/google-search-page- | experie... | skybrian wrote: | Isn't this going to make mobile performance worse? They should | publish performance numbers. | ocdtrekkie wrote: | Responsible engineers will prioritize privacy over absolute | performance. Nevertheless, investigations into Google's conduct | have already discovered internal admission that AMP would | actually slow down the web. | | "Google falsely told publishers that adopting AMP would enhance | load times, but Google employees knew that AMP only improves | the [redacted] and AMP pages can actually [redacted] [redacted] | [redacted]. In other words, the ostensible benefits of faster | load times for cached AMP version of webpages were not true for | publishers that designed their web pages for speed. Some | publishers did not adopt AMP because they knew their pages | actually loaded faster than AMP pages." | | "Google also [redacted] of non-AMP ads by giving them | artificial one second delays in order to give Google AMP a | [redacted] [redacted] slows down header bidding, which Google | uses to turn around and denigrate header bidding for being too | slow." | | And of course, the reason they did all this: | | "Google also designed AMP to force publishers to route rival | exchange bids through Google's ad server so that Google could | continue to peek at rivals' bids and trade on inside | information. Third, Google designed AMP so that users loading | AMP pages would make direct communication with Google servers, | rather than publishers' servers. This enabled Google's access | to publishers' inside and non-public user data. AMP pages also | limit the number of ads on a page, the types of ads publishers | can sell, as well as enriched content that publishers can have | on their pages." | | https://www.texasattorneygeneral.gov/sites/default/files/ima... | ec109685 wrote: | If Google's servers pre-cache the contents of the article, | the experience is instant when you click on a link, so the | idea that it's slower to read a Google Amp Link on a Google | Search Result compared to clicking out to a separate website | is false. | | If a publisher simply uses Google Amp on their own site to | display websites, then it can be slower. | | They slowed the non-AMP ads because they didn't want loading | them to interfere with the content the user was interested in | reading. | ocdtrekkie wrote: | > They slowed the non-AMP ads because they didn't want | loading them to interfere with the content the user was | interested in reading. | | This is what Google may have told the public, and obviously | would like you to believe. However, internal Google emails | demonstrate very differently: AMP was designed to increase | Google's ad revenue. | | Same source: | | "Google ad server employees met with AMP employees to | strategize about using AMP to impede header bidding, and | how much pressure publishers and advertisers would | tolerate." | jefftk wrote: | Link to the internal emails? I've read a lot of the | emails that came out in the lawsuit, and haven't seen any | demonstrating that. | ocdtrekkie wrote: | The link I'm referencing doesn't so much as unredact all | of the facts listed here, I'm not sure the public has | access to the emails described in this complaint at this | time. If you know of a publicly accessible cache of | internal Google emails sourced from legal discovery | processes, I'd love to know about it! | jefftk wrote: | The unredacted AMP lawsuit is: https://storage.courtliste | ner.com/recap/gov.uscourts.nysd.56... | | I'm not aware of other sources of internal emails on this | topic. What were you referring to when you wrote: | "internal Google emails demonstrate very differently: AMP | was designed to increase Google's ad revenue."? | ocdtrekkie wrote: | Ah, the unredacted version is quite a bit nicer to read, | thank you. | | I was referring to the text in the complaint: The | complaint is written off the legal discovery process, | presumably in the case of especially a tech company such | as Google, the statement that these teams met and | discussed this topic would presumably be found in the | form of either a meeting invite or the notes from a | meeting sent in an internal email. | | I think within some margin of interpretation, it's | reasonable to state that if the text in the complaint is | as such, it's backed by one or more internal emails I | personally don't have access to. As I think it's pretty | implausible that the Texas AG invented a meeting between | the ad team and the AMP team and a reason for it out of | thin air. | magicalist wrote: | > _I think within some margin of interpretation, it 's | reasonable to state that if the text in the complaint is | as such, it's backed by one or more internal emails I | personally don't have access to._ | | ec109685's explanation seems plausible and could easily | be misexplained in this way if your goal was to get | quotes on twitter. | | > _As I think it 's pretty implausible that the Texas AG | invented a meeting between the ad team and the AMP team | and a reason for it out of thin air._ | | It doesn't have to be out of thin air to be exaggerated | or misconstrued. And I definitely wouldn't rely on | indicted Attorney General Ken Paxton for ethical behavior | or an even handed application of the law. | svachalek wrote: | Wow. I always knew AMP was scammy but I didn't realize they | actually forced a 1 second delay on other pages. How | enraging. "Don't be evil" is so long lost I can barely | remember those days. | skybrian wrote: | We don't need to rely on internal emails, which may be out of | date anyway, and we don't need to figure out anyone's intent. | Brave (or someone) could do performance measurements to see | what the impact is now. | [deleted] | rafaelturk wrote: | Kudos! While reading this announcement I've learned upcoming AMP | 2.x. Impressive that Google still pusing for AMP and as mentioned | is even worse. | sharken wrote: | Main reason to use AMP links is access to content that is | otherwise restricted. But I dislike AMP to the extent that I hope | more browsers will implement this De-AMP feature. | | Brave is also fighting another fight with Google, this time with | the Brave for Android browser, where Google has decided that all | users want to have Tab Groups. The latest status is that users of | the Brave browser for Android still can't get the old Cascade | Layout back yet. | | More on https://community.brave.com/t/add-tab-cascade-layout- | back-to... | londons_explore wrote: | Braves business is built on Google Chromes source code... | | Google has 500+ staff working on that codebase. When they finally | annoy Google and they decide to rewrite the license for future | versions, will Brave be able to keep up? | classified wrote: | Yep, biting the hand that feeds will only work for so long. | tomrod wrote: | Aye, the DOJ won't look favorably on anti-competitive | practices. | inglor wrote: | Google has open sourced only as much as they had too for using | Webkit's GPL codebase and have been notorious in close-sourcing | bits when they are able (like the DevTools WebAssembly | debugging tools and a ton of other stuff). | | So the fact Chromium is (mostly) open source (Chrome is most | certainly not) is certainly not charity or the goodness of | their hearts. It is the work of idealistic individuals like | Lars Knoll who gave us this among other things like Qt. | | This is also true for a lot of other Google projects like | Android. | londons_explore wrote: | Having spent a lot of time working on the codebase... Far | more is opensource than Google needed to make open, and the | development model is far more open than androids. In the | chromium codebase, there are even some modules where the key | technical decision-makers aren't Google employees. | magicalist wrote: | > _Google has open sourced only as much as they had too for | using Webkit 's GPL codebase_ | | This isn't remotely true. Most of Chromium code is | BSD-3-Clause. | | > _have been notorious in close-sourcing bits when they are | able (like the DevTools WebAssembly debugging tools_ | | I'm not a fan of that either, but to be fair it's a Chrome | extension[1], not part of Chrome. | | > _and a ton of other stuff)._ | | Like what? The trend has generally been the other way. Flash | was removed, PDFium was released. Video codecs? But they've | always been that way. | | [1] https://chrome.google.com/webstore/detail/cc%20%20-devtoo | ls-... | freedomben wrote: | People won't want to hear your comment (myself included) but | it's a fair and important point. I've been on the other side so | it does resonate with me. I worked for Red Hat at the time when | CentOS changed their model and it was amazing how many people | were like f*k Red Hat and their greedy money grab[1], I'm | switching to <replacement>. Without realizing that the distros | that do very little except rebuild Red Hat are only possible | _because_ Red Hat makes it possible. They could absolutely kill | the clone if they wanted to[2]. To be clear I have nothing | against the clones (in fact I use them), I mainly get bothered | by people thinking a quality linux distro happens by accident. | | [1]: It was a little more complicated than just "money grab": | https://freedomben.medium.com/centos-is-not-dead-please-stop... | | [2]: Pre-empting the inevitable "but the GPL", Red Hat goes | above and beyond the requirements of the GPL and could make it | way harder to build. Also a huge important chunk of the distro | is BSD/MIT/Apache/etc. Without that the GPL'ed only stuff would | never be a feasible distro anyway | passivate wrote: | The open-source (also high-profile) nature of the project | probably helps Google themselves keep their own team in check | with outside accountability. | rubyist5eva wrote: | Switched to Brave a few weeks ago after getting fed up with | Mozilla, not sure how I feel about using yet-another-chromium | browser but it's fine so far. Posts like this help ease my mind a | bit at least. ___________________________________________________________________ (page generated 2022-04-19 23:00 UTC)