Connect with us


Google Chrome ad-blocker overhaul plan still sucks – EFF • The Register

Voice Of EU



Analysis The Electronic Frontier Foundation on Tuesday renewed its campaign to convince Google to listen to criticism of the tech goliath’s plan to overhaul its browser extension platform and to make changes while there’s still time.

In the advocacy organization’s latest broadside against Google’s three-year-old extension renovation effort, EFF technologists Alexei Miagkov and Bennett Cyphers take the search biz to task for limiting innovation, crippling capabilities, and hindering performance by forcing Chrome extension developers to adopt a revised set of application programming interfaces (APIs) known as Manifest v3.

“According to Google, Manifest v3 will improve privacy, security and performance,” said Miagkov. “We fundamentally disagree. The changes in Manifest v3 won’t stop malicious extensions, but will hurt innovation, reduce extension capabilities, and harm real world performance.”

For those using Chrome browser extensions, Manifest v3 looks likely to either break popular extensions that rely on Manifest v2 APIs, such as content blocker uBlock Origin and the EFF’s own Privacy Badger, or force developers to rework their extension code to produce a Manifest v3 update that’s less powerful, less capable, and less effective.

The primary reason for this is that a powerful Manifest v2 API known as the blocking version of webRequest – which allows extensions to intercept incoming network data and process/filter it before it gets displayed in the browser – is being replaced by a more limited API known as declarativeNetRequest. And this has obvious implications for extensions that need to intercept data.

Google argued it needs to water down the capabilities of Chrome extensions so that their powers to observe and alter the contents of pages are not so easily abused by bad or hijacked extensions. Doing so limits the abilities of good, trusted extensions, though.

On top of this, there are many more technical changes in Manifest v3 that affect what extensions can do, like the replacement of background pages (processes that persist in the background) with “service workers,” which only run in the background for a limited period of time.

Google maintains that it needs to move from a persistent model to an event-based (where tasks start and stop) to allow Chromium or the host operating system to free up computing resources in order to prevent the end user’s device (particularly a resource-constrained mobile device) from slowing to a crawl due to poorly coded extension.

But Google’s performance claims have been challenged. A 2019 study by Ghostery found the overhead hit imposed by ad blocking extensions is in the sub-millisecond range. “Google’s Manifest V3 is trying to solve a performance issue that does not exist,” the company said last week.

It’s not just high profile extensions related to content blocking and privacy that are being affected. The Google Groups “Chromium Extensions” group is full of developers voicing frustration about functionality that they cannot (or, where alternative Manifest v3 APIs exist, don’t understand how to) replicate under Manifest v3.

For example, a school district administrator posted last month about trying to rewrite his extension under the new APIs and finding that his extension can no longer use geolocation to track lost or stolen devices or monitor battery percentage to know when a battery needs replacement.

More than a few extension developers have voiced their concern to the EFF, such as Krzysztof Modras, director of engineering and product at Ghostery: “Nearly all browser extensions as you know them today will be affected in some way: the more lucky ones will ‘only’ experience problems, some will get crippled, and some will literally cease to exist.”

Many of these issues are filed as bugs. According to Miagkov and Cyphers, observational webRequest, native messaging. background tasks, WebSockets, user script extensions, and WebAssembly are all broken under Manifest v3 presently.

The hope is that Google will fix the bugs and fill in the platform gaps in time, but time is running out. The Chrome Web Store will stop accepting Manifest v2 extensions come January 17, 2022, and plans to disable existing Manifest v2 extensions come January, 2023, though that date may slide: Google developer Devlin Cronin in 2019 said, “We will not remove support for Manifest v2 until we are confident in the platform.”

At the moment, there’s not much confidence in the platform outside of Google and the other major browser makers who like the idea, with some caveats – Apple, Microsoft, and Mozilla.

The EFF has been particularly emphatic about scolding Google over Manifest v3, having only a week ago issued a similar warning.

“Manifest V3, or Mv3 for short, is outright harmful to privacy efforts,” wrote EFF staff technologist Daly Barnett earlier this month. “It will restrict the capabilities of web extensions – especially those that are designed to monitor, modify, and compute alongside the conversation your browser has with the websites you visit. Under the new specifications, extensions like these – like some privacy-protective tracker blockers – will have greatly reduced capabilities.”

Manifest V3 is outright harmful to privacy efforts … Extensions like some privacy-protective tracker blockers will have greatly reduced capabilities

The issue is whether browser extensions will be able to do the same powerful (and potentially abusable) things that native platform code can do. Those opposed to Manifest v3 argue extensions should remain fully functional programming tools rather than being downgraded to toys. And this isn’t simply a technical disagreement of no consequence: the capabilities of Chrome’s web extension platform under Manifest v3 will determine what kinds of businesses can operate there.

“Under Manifest v2, extensions are treated like first-class applications with their own persistent execution environment,” said Miagkov and Cyphers. “But under v3, they are treated like accessories, given limited privileges and only allowed to execute reactively.”

Moreover, the EFF’s repeated harping on this point reflects a sense in the developer community that Google says it listens to community input but fails to translate that input into meaningful changes to its plans. And it also reflects the persistent dominance of Google’s Chrome browser – with close to two-thirds of the global browser market, other browser makers lack the clout to force Google to compromise or consider other points of view.

On top of that, makers of rival browsers like Brave and Microsoft Edge rely on Google’s open-source Chromium project for most of their browser foundation, which limits the extent to which they can push back. And competitors like Apple have shown little interest in competing with Google to shape the technical direction of the web – Apple with Safari and WebKit has focused more on saying no to Google web technology than making the web platform more powerful, for fear of cannibalizing its App Store business.

That leaves Mozilla, which, as the EFF sees it, has failed to resist Google’s plan.

“Instead of following Google into Manifest V3, Mozilla should be fighting tooth and nail against Google’s proposal,” said Miagkov and Cyphers. “It should be absolutely clear that Google acts alone despite overwhelmingly negative community feedback. A proposal cannot become a standard when everyone else stands in opposition. Mozilla’s behavior is obscuring Google’s betrayal of the extensions ecosystem. Moreover, it gives a false sense of competition and consensus when in reality this is one of the prime examples of Google’s market dominance and anti-competitive behavior.”

Mozilla’s position

Asked about this, Mozilla’s director of communications Ellen Canale expressed confusion when presented with the EFF’s criticism.

“We’ve been really clear about our positions on Mv3 and have communicated about those positions early and often,” said Canale. “As we stated then, we want to maintain a degree of compatibility to support easier cross-browser development, while preserving important use cases from Mv2 extensions.

“Since then, we have also proposed a solution to address a major concern with Mv3, which Safari has also adopted. While Google has not accepted this proposal, they did acknowledge the need to address the gaps that exist in their implementation of Mv3. From our actions, it should be clear that while we are implementing some parts of Mv3, we departed from others that are detrimental to our users. Moreover, we constructively collaborate with other browser vendors and the community to shape the design of Mv3 towards one that fulfills the needs of browser vendors, extensions and users.”

It should be clear that while we are implementing some parts of Mv3, we departed from others that are detrimental to our users

Canale said that while all browsers are implementing some form of Mv2, it’s not a standard, and discussion about Google’s choices remain ongoing. She noted that an EFF post published in November offers some suggestions for how to improve Manifest v3 and that the first two suggestions correspond to changes that Mozilla already supports or itself proposed.

Google has taken some steps to acknowledge other viewpoints, most notably joining the W3C’s WebExtensions Community Group (WECG) in June, along with Apple, Microsoft and Mozilla. But Google’s rivals have long complained that the company, due to its size and market power, doesn’t have to respond to input.

In a September post about the problems posed by Manifest v3, AdGuard CTO and co-founder Andrey Meshkov observed about the group, “At the very least it provides a feeling of being listened to and heard, but such things rarely work fast. It’s unclear when we’ll see any real positive changes.”

The Mountain View

For its part, Google – preferring to be paraphrased rather quoted directly – told The Register that the W3C group was formed in June and so it’s premature to judge the impact of discussions. At the same time, the internet giant suggests the group has shined a light on various developer concerns and has led to efforts to look more closely at use cases that require DOM API access in service workers and persistent background processes.

The company maintains that it continues to incorporate developer feedback in the ongoing design of Manifest v3, citing as an example how the declarativeNetRequest API has been adjusted from a limit of 30,000 filtering rules per extension to a minimum of 30,000 rules plus access to a global pool that’s shared across all extensions.

Other examples of APIs modified based on feedback include letting devs decide whether the method scripting.executeScript will inject a script in the extension’s isolated world or in a page’s main world and the introduction of an in-memory storage API called storage.session to preserve data that would otherwise be lost when a service worker shuts down.

To counter the perception that Google has it in for ad blockers, the company pointed to a 2020 blog post containing an endorsement from Sofia Lindberg, tech lead for Eyeo, maker of Adblock Plus: “We’ve been very pleased with the close collaboration established between Google’s Chrome Extensions Team and our own engineering team to ensure that ad-blocking extensions will still be available after Manifest v3 takes effect.”

Eyeo’s Adblock Plus is not quite the same as the open-source uBlock Origin project. It’s made by an advertising company that brokers “acceptable ads.” ®

Source link


The trends you need to know about

Voice Of EU



Accenture’s Barry Heavey discusses how the life sciences industry has changed and the most in-demand roles and skills right now.

At the end of last year, data from pharma recruiter Cpl Life Sciences and data analytics company Vacancysoft revealed that there was record recruitment in Ireland’s life sciences sector in 2021.

This year has already seen expansion across a number of pharma, biotech and medtech companies in Ireland, including Boston Scientific, Medtronic, Janssen and Merck.

So for those looking to work in the sector, what are the most in-demand roles right now and what skills do they need to be successful in the industry?

Barry Heavey is the managing director of life sciences at Accenture in Ireland. He told that he is seeing a lot of demand for skills in digital technology right now.

“What we look for is people who can combine skills in digital technologies with an understanding of the actual problems and complexities that companies face in developing and supplying ever more complex products to ever-more focused patient populations,” he said.

“Across the wider industry in Ireland, I see a very large demand for people who are interested in working in manufacturing, quality, supply chain management, regulatory affairs, data analytics and process development.”

While some graduates with a science degree might not see a role in manufacturing or quality as an exciting long-term option compared to R&D, Heavey said it’s important not to discount these career paths.

“Most biopharma companies need their manufacturing and quality teams to orient themselves more towards development and research, so these roles will hold exciting development opportunities while giving new graduates a great first step on the career ladder where they can learn all about the challenges of producing highly complex products to save lives.”

While there are a wide range of technical skills that will be needed in life sciences such as mRNA synthesis and formulation, conjugation chemistry, multivariate analysis, and artificial intelligence, Heavey said “multi-disciplinarity is key”.

“We need manufacturing and quality people who can collaborate with R&D and regulatory affairs people and vice versa. We need people who combine scientific, engineering, IT and business skills as well as the wider skills of communication, storytelling, project management, etc.”

Heavey also said that the industry is moving so fast now that the old siloed ways of working are no longer viable. Even though deep expertise in specific areas is required, collaboration is vital.

“Digital tools can be a key enabler of better collaboration, and innovation like advanced data analytics and artificial intelligence can also help in surfacing insights and enabling better decision-making using technology and curating and sharing knowledge over time and between teams.”

Biggest trends in the industry

For those working in the sector, one of the biggest trends is around new ‘modalities’ – new modes of treatment such as conjugated proteins, mRNA and cell therapy.

“We had the explosion of the new modality of recombinant proteins over the past 20 years, but this modality is represented by some of the best-selling drugs in the world like Keytruda, Humira, etc. and Ireland is central to the supply of these products due to proactive targeting of investment by the IDA and training capabilities from organisations such as NIBRT,” said Heavey.

He added that while Ireland was able to capitalise on the growth of the recombinant protein modality the country needs to ensure “we catch the next waves of the next generation of modalities”.

“We are seeing progress in this with Pfizer making their mRNA vaccine for Covid in their Dublin facility, but we need to continue to watch for new opportunities and invest in training our workforce to be ready for these.”

Another big trend is the increased pace of innovation. The timeframe of 10-15 years to approve a newly discovered drug has been drastically compressed in recent years. Most recently, the world saw several Covid-19 vaccines approved in under one year.

Heavey said this increased pace is partly due to the new modalities but also due to the better collection and use of data.

“With the pace of innovation in digital and medical technology, we now have the data collection and analysis tools needed to understand disease in more depth, to develop and even design new drugs faster, to decide what patients might be most likely to benefit from a treatment and to determine whether the drug is effective and safe in patients with much higher fidelity,” he said.

For those entering the industry, Heavey advised them to “think about the white space between disciplines”.

“If you are strong in digital technologies, think about upskilling in areas like biotechnology or medical device technology, so you can speak the language of people who need your IT skills.  If you are strong in R&D, think about how you can collaborate more effectively with people in manufacturing who will be trying to put new modalities on the shelves.

“If you are strong in quality control, think about what is coming next from R&D (new modalities or new analytical methods) and how you can prepare for these and expedite their introduction through enhanced collaboration,” he said.

“Bottom line is never stop learning! It is such an exciting industry to be in and I, for one, feel privileged to be involved in it.”

10 things you need to know direct to your inbox every weekday. Sign up for the Daily Brief, Silicon Republic’s digest of essential sci-tech news.

Source link

Continue Reading


Best podcasts of the week: The hunt for an art dealer’s riches hidden in the mountains | Podcasts

Voice Of EU



Picks of the week

Widely available, episodes weekly
This podcast is equivalent to stepping into the studio with a musician. A specially recorded track by artists such as Björk, Katie Crutchfield of Waxahatchee and Neko Case is followed by an interview in which they explain how they made it. From Björk elucidating how she used the noise of frozen lakes to create soaring, glockenspiel-strafed choral pop, to Crutchfield enthusing about her love of white noise, it is hugely illuminating. Alexi Duggins

The Dangerous Art of the Documentary
Widely available, episodes weekly

What is it like to get involved in a twisty murder case and personally meet the participants? This new series hears director Tiller Russell interview the creators of shows such as Wild Wild Country and Don’t F**k With Cats. It might be heavy on industry detail, but it’s a comprehensive look at the film-making process. AD

Vibe Check
Widely available, episodes weekly
Fabulous trio Sam Sanders, Saeed Jones and Zach Stafford offer a weekly kiki “from a decidedly Black and queer perspective” in their new podcast. Just like in their group chat, the idea is to check in on each other. Plus the latest news and culture, with spot-on chemistry and disses delivered with love. Hannah Verdier

Missed Fortune
Apple Podcasts, episodes weekly
“I’m in a car with some guys I don’t know on our way to somewhere we’re not supposed to be … ” The stakes are high in this nine-part series, in which host Peter Frick-Wright joins the perilous treasure hunt for $1m that retired art dealer Forrest Fenn hid in the Rocky Mountains. Hollie Richardson

Night Fever
WOW Podcast Network and Spotify, episodes weekly

The most gossipy music podcast returns, with James St James, Fenton Bailey and Randy Barbato spilling all the tea from 1970s clubland to today. Nightlife favourites including Moby and Michelle Visage bring hilarious stories to help the hosts celebrate the glorious era before social media when New York clubbers could bump into RuPaul, Andy Warhol and Madonna. HV

There’s a podcast for that

Black Fashion History charts the course of Black designers, labels and models such as Naomi Campbell.
Black Fashion History charts the course of Black designers, labels and models such as Naomi Campbell. Photograph: Ken Towner/Associated Newspa/REX

This week, Fleur Britten chooses five of the best podcasts for fashion fans, from an intimate interview show with fashion journalism’s grand dame to a (cat)walk through the history of Black style

Creative Conversations with Suzy Menkes
For years, the veteran fashion critic Suzy Menkes and her unfeasibly large quiff were always first out of the blocks at the end of a fashion show, in order to secure those backstage interviews. As the former fashion editor of the International Herald Tribune, and then editor of Vogue International, Menkes is widely regarded as the grande dame of fashion journalism, with enviable access to the industry’s biggest names. Her independent podcast, launched during the first lockdown of 2020, capitalises on those connections, taking listeners behind the scenes on in-depth conversations with the likes of Demna Gvasalia, Dries van Noten and Manolo Blahnik.

The Business of Fashion Podcast
If you like being in the know on fashion industry developments, the Business of Fashion’s weekly podcast is required listening. The globally respected fashion news website launched its audio arm in 2017, and has since brought its journalistic rigour to the podcast via topical features and insightful interviews with, for example, Net-a-Porter founder Natalie Massenet, Anna Wintour’s biographer Amy Odell, and Skims CEO Jens Grede. The features – on topics including the rise of vacation clothing, and Shein’s $100bn valuation – are always ahead of the curve.

Dressed: The History of Fashion
Many of us view clothes simply as packages of colour, shape and texture. Fashion historians, however, see layers and layers of meaning and nuance within those elements. They see the implicit cultural significance of clothing choices, and understand what our clothes are really communicating. British fashion historians Rebecca Arnold from the Courtauld Institute and Beatrice Behlen of the Museum of London have been enlightening listeners on all matters fashion history since 2018 with their highbrow yet approachable weekly podcast, Bande A Part – all with a remarkably modern outlook.

Wardrobe Crisis
While many of us would like to shop more sustainably, learning the finer details of how to do that tends to get shunted down our list of priorities when there are so many more fun distractions on offer. The Sydney-based British fashion journalist and author Clare Press, who was Vogue’s first sustainability editor, makes the task an enjoyable one, with her engaging, hard-working podcast Wardrobe Crisis, launched in 2017. Press’s tone is always upbeat and solutions-focused, and guest hosts help to keep the subject matter fresh and appealing.

Black Fashion History
When the American content creator Taniqua Russ asked people to name their favourite Black designers and brands, most drew a blank. So in 2019, she started doing her own research, sharing her findings in a podcast as a resource for people to fill in the gaps in their knowledge. Chronicling the contribution of Black people around the world to the fashion industry, this no-frills podcast has introduced its audience to the work of model Carol Collins-Miles, the milliner Lisa McFadden and the designer Therez Fleetwood, among others.

Why not try …

  • A glut of intimate, sideways stories in hit podcast Love + Radio, whose whole archive is now available to binge.

  • A guided yoga practice (yes, really) with a little singer called Dua Lipa in the new series of At Your Service.

  • The true story of Putin’s “number one enemy”, shot and killed in 2015, in Another Russia.

If you want to read the complete version of the newsletter please subscribe to receive Hear Here in your inbox every Thursday

Source link

Continue Reading


Most IPv6 DNS queries sent to Chinese resolvers fail • The Register

Voice Of EU



China’s DNS resolvers fail two thirds of the time when handling queries for IPv6 addresses, and botch one in eight queries for IPv4, according to a group of Chinese academics.

As explained in a paper titled “A deep dive into DNS behavior and query failures” and summarized in a blog post at APNIC (the Asia Pacific’s regional internet address registry), the authors worked with log files describing 2.8 billion anonymized DNS queries processed at Chinese ISPs.

Among the paper’s findings:

  • 86.2 percent of queries were for A records – the record for a resource with an IPv4 address;
  • 10.4 percent were for AAAA records that point to resources with an IPv6 address;
  • 93.1 percent of queries for A records succeeded;
  • 35.8 percent of requests for AAAA records succeeded.

The researchers – led by professor Zhenyu Li and Donghui Yang, both from the Institute of Computing Technology at the Chinese Academy of Sciences – suggest the reason for the low success rate of AAAA record queries is poor performance by some Chinese players.

One outfit, 114DNS, succeeded with just 14.5 percent of AAAA queries. Alibaba Group’s AliDNS succeeded 54.3 percent of the time – more than Google or Cisco’s OpenDNS, which were found to resolve 43.4 percent and 49.2 percent of AAAA queries respectively.

A fifth of DNS resolvers never succeed at handling IPv6 AAAA queries.

“Overall, A and MX queries are successfully resolved most frequently, while AAAA and PTR manifest lower success rates,” the summary reads. “Specifically, the failure rate of AAAA queries is surprisingly over 64.2 percent — two out of three AAAA queries failed.”

“We also found the success rates for new generic Top-Level Domains (gTLDs) and Internationalized Domain Names (IDNs) were lower than that of well-established domains, primarily because of the prevalence of malicious domains,” wrote professor Li.

However the researchers did not identity why DNS resolution rates are so low, especially for AAAA queries. Nor do they mention what the poor IPv6 resolution rates mean for China’s plans for mass adoption of IPv6 by 2030.

The blog post recommends users adopt “a larger negative caching time-to-live for AAAA records associated with domains that only map to IPv4 addresses reliably.” Checking DNS resolvers’ success rates is also suggested ahead of making a choice of DNS provider. ®

OpenDNS mess

In other DNS-related news, Cisco’s OpenDNS service today wobbled for a few hours in North America.

WeWork offices, wherein some of our vultures toil, experienced network problems, as did at least one university. We’ve also heard reports that the incident impacted email security guardian Spamhaus.

The issue was resolved without Cisco offering any explanation for the incident.

Source link

Continue Reading


Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates 
directly on your inbox.

You have Successfully Subscribed!