Fiber, X, Ad Blocking and Tracking

It’s been about a month since my last update? Maybe I should post something.

Fiber has been a bit slow moving, partly because I’ve just been slow and hitting other projects, but mostly from toying around with CEF. One prominent issue is the fact that the current crop of CEF examples and samples are using a mix of GTK and X. Many outdated questions and forums on the web bring up Qt and CEF, but with the relatively limited time I have to work on the project it has made things feel slightly more arduous than it needs to be when there’s no answer to the problem. Part of this is the fact that Qt has WebEngine/WebView, so CEF integration is a niche topic. It’s nothing insurmountable, but I might need to accept a temporary dependency on X. This annoys me, but the project needs to move forward and I can’t be stuck spinning my wheels. At the lowest level of the application I will need platform-specific code anyway, I simply wanted to see how long I could avoid it.

“Did you ever solve for X?”

Even without the renderer in place, work has started on the basic extension framework which is aiming at getting a “hello world” message from a dummy extension to a simple debugger extension, in both threaded and out-of-process modes toggled on each. The core of this work is the message passing pipeline; since extensions may be threaded or broken out-of-process they need a reliable way of communicating. The diagram below shows the current rollout I’m aiming for;

fiber-processStructureEvery node in the pipeline is based off a generic class abstraction which can daisy-chain together. It is through these paths that the vast majority of Fiber will operate through, and even core services will build off the same message system.

The most interesting aspect of this structure is the “Queues”. Queues keep track of the endpoint status and may “hold” incoming signals for a variety of reasons. This should let us do things like modify extensions on the fly even while other extensions actively use them, letting us potentially update or outright replace them without interrupting service depending on the type of extension. For example, you may replace your entire history system without restarting the browser.

switchboard
“Fiber router – where can I place your call?”

If it looks like the router is going to be a bottleneck, you can fault my diagram; even though my current iteration of the message system involves direct connections to the router, the router will eventually serve as a connection manager broadcasting the various changes only when queues have out-of-date connections. This will let extensions talk semi-directly to each-other without involving the router.

Finally, the pipeline is a “daisy chain” style of operation; nodes can be added anywhere along the line. This is how I plan to add development faculties, where an extension developer can hook into pipelines and convert them to live debugging toolchains, able to do things such as simulate extension crashes, toggle services, flood messages, monitor performance, etc. All of these tools will also work for native components of the browser, as they too will use the message system.

Ad Blocking

Over the past weeks I’ve read about Epiphany and its recent decision to enable ad blocking by default. For those not in-the-know on Gnome stuff, Epiphany is the Gnome-based browser (equivalent to Rekonq and Konqueror), and for a while now the application has featured an integrated ad blocker. Ad blocking was disabled by default, but the setting has been enabled by default for their 3.8 version. This decision was made because the developers of the application feel the experience is “not as good” when websites can display ads, and they did not see users activating the ad-blocker “enough”.

Since I’m doing the browser thing I’ve been asked by a couple people what my thoughts are, and what I intend to do with Fiber as it eventually matures.

Ultimately I’m fine with ads, they’re a well-known method for site operators earning the sweat of their brow. Many websites don’t have the staff, time, or prominence to use alternative means of income such as sponsored articles or direct user funding.

My opinion on advertising sours greatly when it comes to the topic of tracking and targeting, which I believe is overstepping the line from advertising to stalking. I don’t like going onto Amazon and finding whatever I looked at spilled over to other sites I visit. I’m disturbed when I use a Google service to realise later I’ll be inundated and pressured into purchasing something  until my next pushable product becomes apparent. It’s like browsing physical store to find several random people have followed you back out, taking notes on everything you do and observing where else you’ll go – in the real world those people would be arrested for stalking, how is it acceptable online?

It’s a tough situation because I think it’s the right of a website to display the content they want, but it’s the right of the user to decide who they give their information to. This is compounded by the fact that it’s near impossible to keep track of what ad providers you are dealing with, as some sites can use several advertisers in tandem. On a very personal level this has affected what extensions I use day-to-day, and I personally use NoScript now.

Epiphany_AdBlock_woGue
World of Gnome asks users to turn off ad-blocking software as a developer posts about enabling ad-blocking by default. I didn’t even specifically get out to get this shot, it just happened when I looked up Epiphany.

So, where does this leave Fiber?

I want Fiber to one day become a ‘legitimate’ browser, the kind which respects the general spirit of the web as a content medium. Part of this is making Fiber a good citizen, and for that reason I have no intention of bundling an ad-blocker, as advertising is part of the web and essential for many sites to function. This does not mean there will not be an ad-blocking solution, but it does mean users will need to consciously install one and there will not be an ‘official’ Fiber ad-blocker.

But tracking users is not legitimate, and its technical possibility along with the transparency of doing it does not make it acceptable. I do intend to eventually ship Fiber with a simplified NoScript or uMatrix-like extension which can be used to block “trackerware”. In my humble opinion the “Do Not Track” header is a bit of a joke as a method of protecting privacy, and it does nothing to stop bad actors from slurping up your data parfait. Some trackers will respect the DNT header, but in all irony those people are also the most likely to respect your data.

I doubt whatever tool I eventually come up with will be as powerful as contemporary solutions as I’ll be aiming to make it approachable for casual users to handle. It would also be initially tuned to its most conservative settings so the web does not appear ‘broken’ to Fiber users, which would give Fiber a bad reputation for unfamiliar users. Ultimately power-users would want a more robust solution, but I think every browser needs at least simple ways of putting users in real control of their data.

Long story short I will not seek to have Fiber specifically block advertisers on a vanilla installation, and I think bundling those tools with a browser is offensive to legitimate advertisers and online businesses. If those advertisers choose to stalk and track users then I will work to ensure privacy is maintained, and at that point it’s the choice of websites to decide who they work with and whether they respect user privacy.

Logo Update

On a final teeny but fun note, the Fiber logo has also been updated a bit.

iconsFor those who are wondering “what is it supposed to be?”, the icon is the cross-section of a Fiber-optic cable. You can find several varieties of them, and things like undersea cables can be made of several bundles in bundles which can make a jaw-droppingly pretty motif for such functional designs, and I think really lines up nicely with the mindset of Fiber.

Advertisements

21 thoughts on “Fiber, X, Ad Blocking and Tracking

  1. Some notes on preventing active tracking:

    First and foremost, I think it’d be great if you could build in not just a script-blocker, but a tracker blocker. Add-ons like Disconnect try to block major web tracking services from mining data. I don’t know if it’s a foolproof solution, but building in such a solution might help a lot to prevent ads from passively gathering data.

    As far as scripts go, the biggest vector of both malicious code injection and advertising data is XSS (cross-site scripting). Natively blocking scripts from all domains except the one you’re on would cut down a lot of vectors for attacks and require users to manually allow them. Some sites require scripts from partner domains to work, which I feel is sloppy web design anyways and ought to be discouraged.

    But I think one of the biggest concerns is the way a website can gather system data from you. Even with most ads and trackers disabled, it’s possible to fingerprint someone by their system configuration. Your exact browser version, your OS version, your IP range, etc can narrow you down to a select group of people. Combined with referral headers, it’s trivial to track a user. Worse, things like a list of installed fonts or other software, screen resolution, color settings, and so on can fingerprint a user very readily. I’d recommend testing against https://panopticlick.eff.org/ to see if it’s possible to prevent passing this data along without a user allowing it. The browser needs to know some stuff (like available fonts) and correlate it to a website, but the website itself doesn’t need to know what’s available. If you could make every Fiber user look almost identical, or very similar, you could possibly obscure tracking habits for everyone.

    Like

  2. Thanks alot, can’t wait for to have a great KDE browser. 🙂

    Your graphics and especially the fiber process structure diagram in this post look great, may I ask you what tool(s) you used to create the diagram? Tried to use inkscape and Latex in the past, but neither turned out that good.

    Like

  3. I can’t believe that people are so offended by not having “baked-in” blocking. Honestly I’d prefer that I would be able to install/uninstall an extension to having a browser shipped with cruft and ideological nonsense (ie IceCat, Firefox, Chrome). As mentioned, Fiber should be a web browser and not an anti-corporate megaphone. If a native implementation stops being developed in favor of an extension that is more robust (or whatever the case may be) then it becomes an exercise in reinventing the wheel as opposed to focusing on what is important: Web Browsing.

    It’s your project to shape kver, though I hope that you won’t be swayed by people who are interested in their own narrow lens of what a browser should do rather than what a browser is used for.

    The Gist?: I think uMatrix is better than any other implementation, and I don’t want some half-hearted attempt being lauded as a feature when it’s not going to be adequate. (My 2c)

    Like

    1. /me nods

      I’m beginning to experiment with several extensions to see what aspects I like from the various options; they all do certain things well individually, and they all have slightly different goals.

      One that I’ve been impressed with is uBlock in terms of simplicity of operation. It’s the one single extension I’ve tried which I haven’t had to actively mess with. It also makes working with blacklists pretty easy.

      My next extension to trial is PrivacyBadger, and I’m looking forward to it for a few reasons. Less important but well executed is the slider-driven design; letting you toggle between blocking trackers, just their ability to track, and allowing them through. It’s a very elegant concept, and one that’s quite digestible. I could imagine the little shield icon in the address bar with the safety and privacy popup including the list of trackers & sliders easily.

      …But the big reason I’m interested is the decentralised aspect of it. There’s no central blacklists which it reads from, meaning there isn’t a list which can be outdated, hijacked, corrupted, 404’d, etc. Using downloaded blacklists means the system users are trusting is also “dumb” in the way that it cannot react or recognise new threats as they appear – they only know the list. When I started experimenting with extensions and started looking at the blacklist options, even as an experienced and savvy individual my choices still ultimately came down to “I guess this list should work”. Users won’t touch that.

      Instead Privacy Badger ‘learns’ on its own with a smart technical solution that actually watches for tracking behaviour, and then intelligently adjusts an internal database on-the-fly. This to me seems insanely smart. It also offers a fair, incorruptible, and standardised method for getting unblocked. There’s no corruptible humans in the equation, no chance some jaded future me might decide to ‘pull an Adblock’ with the temptation for me to monetise Fiber. No wasted bandwidth downloading the lists.

      No matter what though I still need to thoroughly trial the extension to see if it’s a viable solution. Assuming the general design is promising it’s the route I’m most interested in, either as a port or a rewrite depending on compatibility.

      Like

  4. ” It’s a tough situation because I think it’s the right of a website to display the content they want, ”

    With that kind of logic, TV manufacturers should remove the MUTE button and create a mechanism to allow the commercials to control the volume of the TV.

    Ridiculous.

    Like

    1. I question if you read the article earnestly because you don’t even recognise the fact that I’ve repeatedly said I’m not forcing anything, unlike your implication where you latched onto the one phrase you could take out of context and twist into a frankly moronic analogy, even when it was a phrase where I was explaining the difficulty of balance. You could have given any number of insightful questions or comments, but you didn’t, and what you said was exceptionally short-sighted.

      When thinking about defaults you must consider wide-ranging implications. Part of this is because these early choices will set the “DNA” and general expectations of the browser values for years to come, and the genetics of Fiber will be a lean browser which the user can evolve into what they want; not something where we decide what values you should have, what content you should see, or even what blacklist you use to block ads. The baseline for Fiber will respect the content of pages so users can decide how they want that content treated. I don’t consider blocking parts of the web simply because we find them “annoying” or “corporate” to be good or legitimate values, and choosing “who gets to play” isn’t a good feature for a browser to trade on – not as a baseline, not as a default.

      On a side note, users should choose their blocking providers anyway for reliability and scale reasons. AdBlock has already proven a list can be corrupted as a source of income with their “relisting” scheme, and having Fiber bundle a blacklist means either feeding an already corrupt list, shotgun-shelling several lists and increasing the odds of false-positives, creating a new list which could also be pressured whitelisting ads, or using a smaller potentially less effective or reliable list. You can say “this list is good and reliable”, but it’s insane to assume a third-party will always have your best-intentions in mind, and it’s not like one static list can be made and forgotten.

      Control of bundled blacklists could even be used as a reason to block more trustworthy extensions from the Extension Centre, especially if the blacklist is kept in-house; I might not be prone to doing so, but if I get hit by a bus the next maintainer may abuse that power. Additionally, if there are multiple blacklists it takes away from their ability to effectively extort more sites onto their whitelists. The only sane option is to foster an extension centre where ad-blocking extensions need to compete on quality, and you’d be crazy to demand someone makes your ad-blocking decisions for you; it’s a crack open for abuse, and groups with dump-trucks of money can easily turn cracks into canyons.

      Like

  5. Like Jens, I will also never spend a minute with a browser without ad-blocking.

    The real beneficiaries are not the companies that put ads on their webpages. The real winners in this game are the ad-distributing-companies. These are the same guys that have shown time after time that they do not care about privacy and have shown close-to-criminal intend to circumvent regulations and technical barriers necessary to get as much data as possible. It’s these heavy-weight companies that need to get the message. Unfortunately they are only able to learn via the money. Therefore place a full stop to all ads. No exceptions. Null. Stop the supply of funds at the source. They’ve made billions while giving alms to their own customers.

    The webpage owners – as sad as it is – are just collateral damage. For them the message is: move on or die. This is not as bad as it sounds. Think a moment about it: Instead of placing an ad *for another company* where you just get a fraction of their revenue, place an ad *for your own name sake* and get 100% of it. Simple. Isn’t it? The same principle has already worked in a number of other areas: nobody writes a letter and puts it in a letter anymore – or when was the last time that you sent a fax?

    Liked by 1 person

    1. To me at least, this sounds more like you want to bring down corporations than work to improve the web. Instead of trying to ‘bring down the man’, by simply reinforcing privacy and not specifically targeting ads we encourage ad-providers to respect privacy – benefiting not just the people who use ad blocking software – but everyone. In many ways, this is similar to the way browsers began restricting pop-ups; it wasn’t ads that were the problem, it was the pop-ups that were and nowadays opening a page no longer results in the spawning of several windows.

      That being said I don’t think the job of a browser is to serve as a political platform where we decide who the ‘winners’ and ‘losers’ will be. A browser should simply display the naked web as it is while providing the user with safety, security, and privacy; anything beyond that should be up to the user to decide, just like an operating system should behave. It should be unbiased and fair to any user or company bringing something to the web.

      Ads are a tool, and while they may not be everybodys favourite means of support they are neither ‘good’ or ‘bad’, regardless of them being provided by a multibillion dollar technology firm or a websites own t-shirt store. It’s simply the implementation which needs to be considered, and when abuses present themselves we simply set our boundaries so the toolmakers can see the lines that determine good behaviour.

      Like

  6. Someone has already said it better than me here:
    http://framablog.org/2015/09/15/ne-plus-supporter-la-pub-sur-le-web/

    But briefly:
    I will not spend even a minute on a browser without ad-blocking functionality.
    Sarah, Jenny or Gulnar are in their good right to make anything they please available on their webserver, or not to.
    And I am in my good right to request anything or nothing from their respective servers.
    The task of a browser is to serve my interests and do as I bid.
    THAT is the spirit of the web.

    If I want to see only the plain text, in my own font, I can do that.
    If I want to have it read aloud from a screen reader, I can do that.
    If I want to retrieve only a specific image, I can do that.
    And if I want to see what Jenny has to say without being pestered by Limmy and Dave, I can do that too.
    My attention is not a commodity for others to peddle.

    It may be a norm that websites decide what they want me to see, rather than what my browser was asking them for, but that does not make it good behaviour.

    Like

    1. Fiber will simply not include a default ad-blocker; much like Firefox or Chrome/Chromium I’m 99.99% certain there will be such a tool available when people start making extensions. I believe in respecting content creators, but I’m not against restricting freedoms; if an ad is what enables someone to write an article, draw a comic, make a video, or run a service I’ll respect reasonable advertising. Should others believe content creators aren’t entitled to display advertising on their sites – an ad-blocker will be a single extension away.

      When it comes to the safety, security, and privacy points I personally find those to be poor arguments on why ads specifically must be removed; many websites are dangerous, malicious, and track users – removing ads does not make the web a safe place. When it comes to that, browsers need to block or warn against the entire gamut of malicious entities; this can include websites, tainted downloads, infected websites, scams, and of course – unscrupulous ad networks. On this level it simply goes back to content creators choosing who they work with; if a website uses a dangerous ad provider, it should be the expectation that safety tools would block that malicious content.

      On speed, you will always improve site performance and/or save bandwidth by removing things. But that’s essentially saying you don’t believe someone’s effort is worth an additional second of load time; 20 years ago you could not learn anything without wandering a library – have we become so impatient? Additionally, I’ve found that ads aren’t even the worst offender in this area; I find some websites unusable because of social media widgets, but those aren’t touched by ad-blockers. No matter what though, the web is evolving and it’s going to get heavier and more demanding, with or without ads.

      Finally, on saving journalism and intellectual integrity; if a journalist may curate their content for advertising, how reliable were those people in the first place? Integrity isn’t bought or sold, it’s something people have – and if they never had it to begin with losing a banner ad would not bring it back. If anything, not allowing clear advertising means that more subtle means are required, and I’d rather know when I’m being pitched. I honestly don’t think there’s a lot of people who really believe blocking ads will bring back honesty in journalism (if it ever existed).

      You are probably the only person on this planet I actually believe when you make those points – but most people are just shovelling BS, and when you cut through it the real reason is because people just don’t like ads. And that’s fine, especially since some ads are astoundingly moronic, but I don’t think that’s a reason to pick apart the web.

      Fiber will have everything an ad-blocker needs to function, there will be an extension centre at fiberbrowser.org where they can easily be found, a built-in tool for locating extensions, and distributions could bundle a blocker if they felt like it… But Fiber will trade on doing the internet well, and I won’t put my stamp on something that can harm content creators.

      Like

  7. I think you might want to consider extensions like the existing Firefox addon Ghostery, which learns about tracking sites and block them. It doesn’t block ads per-se, it just blocks domains which it finds are attempting to track the user. Having something like that on-by-default would be interesting as it would leave users safe by default as well as give a strong hint to advertisers of “if you want to be able to show your ads you better not track people”.

    Liked by 1 person

  8. I think you are taking the wrong approach when it comes to ad-block. Time and time again adds have been used as vectors for malware and exploits, they are a threat to the user and as such ad blocking should be baked into the browser. I understand your reservations, the Okular team had similar “legitimacy” concerns when it came to obeying the pdf DRM. The Okular project opted to have the code to ignore the DRM in the software and have it turned off by default but was there with a simple setting check box. A similar option can be done where ad-blocking / tracking protection is baked into the browser and the ad blocking can be turned off but later turned on if needed. Rekonq had a list of domains it blocks which can be downloaded from within the settings a similar thing can be done. A default list can be there for domains of ad servers that don’t obey the DNT. That way there is an incentive for advertisers to obey the DNT.

    PS.

    The logo designs look great, it also kind of reminds me of the Krita pallet UI that pops up. I wonder if that UI element could be useful in a web browser.

    Like

    1. I certainly agree that ads can be used to peddle some pretty questionable content, but the same goes for the remainder of the web. Bots will post spam of forums and comments, downloading websites will bundle adware, and unrenewed domains will cause hundreds of links to route to advertising pages.

      I don’t think specifically singling out ads is the way to go; for safety and security blacklists should focus, well… Safety and security. If an ad provider is spawning ads which attempt to open malware, then that ad provider should be blocked, just like any website or service posing a risk should be blocked – not because it’s an ad, but because it’s dangerous. And if people click on ads that link to a questionable website, Fiber will aim to throw a big fat warning at the user letting them know the site is bad ju-ju.

      Either way, Fiber won’t need compile-time switches to enable ad-blocking, it will simply be a case of getting an ad-blocker when one is written or ported to Fiber, just like it’s done with Firefox and Chrome today. 😉

      Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s