Google: Difference between revisions
No edit summary |
Tags: Reverted Visual edit |
||
| Line 37: | Line 37: | ||
Manifest V3 disabled the <code>webRequestBlocking</code> permission in the <code>webRequest</code> API<ref>{{Cite web |date=2023-03-09 |title=Replace blocking web request listeners {{!}} Chrome Extensions {{!}} Chrome for Developers |url=https://developer.chrome.com/docs/extensions/develop/migrate/blocking-web-requests |url-status=live |archive-url=https://web.archive.org/web/20250614074559/https://developer.chrome.com/docs/extensions/develop/migrate/blocking-web-requests |archive-date=2025-06-14 |access-date=2025-08-12 |website=Chrome for Developers}}</ref>, preventing many ad content blockers from working.<ref>{{Cite web |date=2024-09-26 |title=Understanding Manifest V3 and the Future of uBlock Origin |url=https://ublockorigin.com/ |url-status=live |archive-url=https://web.archive.org/web/20250812114916/https://ublockorigin.com/ |archive-date=2025-08-12 |access-date=2025-08-12 |website=uBlock Origin - Free, open-source ad content blocker}}</ref> Google cites performance reasons <ref>{{Cite web |date=2023-03-09 |title=Replace blocking web request listeners {{!}} Chrome Extensions {{!}} Chrome for Developers |url=https://developer.chrome.com/docs/extensions/develop/migrate/blocking-web-requests |url-status=live |archive-url=https://web.archive.org/web/20250614074559/https://developer.chrome.com/docs/extensions/develop/migrate/blocking-web-requests |archive-date=2025-06-14 |access-date=2025-08-12 |website=Chrome for Developers |quote="In Manifest V2, blocking web requests could significantly degrade both the performance of extensions and the performance of pages they work with."}}</ref>, but the more likely reason is to restrict user conrol as content blockers impede their tracking and surveillance of users, decreasing their profits. | Manifest V3 disabled the <code>webRequestBlocking</code> permission in the <code>webRequest</code> API<ref>{{Cite web |date=2023-03-09 |title=Replace blocking web request listeners {{!}} Chrome Extensions {{!}} Chrome for Developers |url=https://developer.chrome.com/docs/extensions/develop/migrate/blocking-web-requests |url-status=live |archive-url=https://web.archive.org/web/20250614074559/https://developer.chrome.com/docs/extensions/develop/migrate/blocking-web-requests |archive-date=2025-06-14 |access-date=2025-08-12 |website=Chrome for Developers}}</ref>, preventing many ad content blockers from working.<ref>{{Cite web |date=2024-09-26 |title=Understanding Manifest V3 and the Future of uBlock Origin |url=https://ublockorigin.com/ |url-status=live |archive-url=https://web.archive.org/web/20250812114916/https://ublockorigin.com/ |archive-date=2025-08-12 |access-date=2025-08-12 |website=uBlock Origin - Free, open-source ad content blocker}}</ref> Google cites performance reasons <ref>{{Cite web |date=2023-03-09 |title=Replace blocking web request listeners {{!}} Chrome Extensions {{!}} Chrome for Developers |url=https://developer.chrome.com/docs/extensions/develop/migrate/blocking-web-requests |url-status=live |archive-url=https://web.archive.org/web/20250614074559/https://developer.chrome.com/docs/extensions/develop/migrate/blocking-web-requests |archive-date=2025-06-14 |access-date=2025-08-12 |website=Chrome for Developers |quote="In Manifest V2, blocking web requests could significantly degrade both the performance of extensions and the performance of pages they work with."}}</ref>, but the more likely reason is to restrict user conrol as content blockers impede their tracking and surveillance of users, decreasing their profits. | ||
=== Policy Changes === | |||
===== Google’s TLS/SSL Certificate Policy Updates: Implications for Consumers and Let’s Encrypt Users ===== | |||
Google (specifically the Chrome browser team) is changing the rules for website security certificates. [https://www.thesslstore.com/blog/chrome-ssl-certificate-client-authentication-ends-june-2026/ <nowiki>[34]</nowiki>] [https://www.chromium.org/Home/chromium-security/root-ca-policy/policy-archive/version-1-5/ <nowiki>[35]</nowiki>]These changes affect: | |||
* How certificates are issued | |||
* Who can issue them | |||
* How long they last | |||
* What you can use them for | |||
''What's a certificate anyway?'' | |||
Imagine you’re visiting a website, like your bank. You want to make sure you’re talking to the ''real'' site and not some scammer. A certificate is like an ID card for the site, it proves it is who it says it is. Web browsers (like Chrome, Firefox, Safari) trust certain certificate providers (called Certificate Authorities, or CAs) to vouch for websites. One of the most popular free CAs is '''Let’s Encrypt'''. It’s what many websites (especially small ones) use to get that security lock. | |||
''What's changing?'' | |||
* No more double use certificates. Currently, one certificate could be used to verify ''who a website is,'' and to ''log users in to things securely.'' Now, Google says it can only be used for one or the other (websites or client authentication) | |||
* Some certificate providers are getting banned. Google is removing trust in a few providers. If you were using one of these providers, people using Chrome may see the "Deceptive Site" warnings when visiting your web application. | |||
* Certificates will expire much faster. Right now, many certificates last 90 days. Google plans on reducing that expiration to around 45 days, meaning websites will have to renew their certificates more often. | |||
''How does this affect users?'' | |||
If you run a website using something like LetsEncrypt, you're probably fine. Just make sure your server automatically renews it's certificate ~2 months. If you use certificates for more advanced stuff (like logging in, mTLS, APIs, etc), youll need to switch to a private/internal system before the changes go into place. | |||
Using TLS client authentication was a cheap and easy way to create a "poor-man's" VPN and skip adding an authentication layer between web apps/servers. This change will make it more difficult/expensive for people to self-host. | |||
==Controversies== | ==Controversies== | ||
| Line 72: | Line 98: | ||
Google's Web & App Activity setting had the ability to be paused. Reportedly, despite this setting being paused by consumers, Google would continue to collect consumer data regardless of consent.<ref>{{Cite web |title=Rodriguez v. Google LLC |url=https://www.googlewebappactivitylawsuit.com/Home/FAQ#faq1 |url-status=live |access-date=5 Apr 2025}}</ref> This case is currently ongoing and has yet to receive a judgment.<ref>[https://www.googlewebappactivitylawsuit.com/Home/Documents Important Documents]</ref> | Google's Web & App Activity setting had the ability to be paused. Reportedly, despite this setting being paused by consumers, Google would continue to collect consumer data regardless of consent.<ref>{{Cite web |title=Rodriguez v. Google LLC |url=https://www.googlewebappactivitylawsuit.com/Home/FAQ#faq1 |url-status=live |access-date=5 Apr 2025}}</ref> This case is currently ongoing and has yet to receive a judgment.<ref>[https://www.googlewebappactivitylawsuit.com/Home/Documents Important Documents]</ref> | ||
=== Epic Games, Inc. v. Google Inc. (8/13/20 - 5/31/25) === | ===Epic Games, Inc. v. Google Inc. (8/13/20 - 5/31/25)=== | ||
Google takes a 30% share of all revenue made through all sales made on the Play Store, which is a comparable figure to other digital storefronts such as the [[Apple App Store]] and [[Steam]].<ref>{{Cite web |last=Marks |first=Tom |date=7 Oct 2019 |title=Report: Steam's 30% Cut Is Actually the Industry Standard |url=https://www.ign.com/articles/2019/10/07/report-steams-30-cut-is-actually-the-industry-standard |url-status=live |website=ign.com}}</ref> On 13th August 2020, [[Epic Games]] CEO Tim Sweeney updated both iOS and Android versions of ''Fortnite'' to redirect users to Epic Games' storefront to purchase in-game currency ("V-Bucks") alongside the respective first-party storefront, with incentives including cheaper prices if buying from Epic Games directly. This violated the Terms of Service of both Apple and Google's storefronts, and ''Fortnite'' was removed from both app stores the same day. | Google takes a 30% share of all revenue made through all sales made on the Play Store, which is a comparable figure to other digital storefronts such as the [[Apple App Store]] and [[Steam]].<ref>{{Cite web |last=Marks |first=Tom |date=7 Oct 2019 |title=Report: Steam's 30% Cut Is Actually the Industry Standard |url=https://www.ign.com/articles/2019/10/07/report-steams-30-cut-is-actually-the-industry-standard |url-status=live |website=ign.com}}</ref> On 13th August 2020, [[Epic Games]] CEO Tim Sweeney updated both iOS and Android versions of ''Fortnite'' to redirect users to Epic Games' storefront to purchase in-game currency ("V-Bucks") alongside the respective first-party storefront, with incentives including cheaper prices if buying from Epic Games directly. This violated the Terms of Service of both Apple and Google's storefronts, and ''Fortnite'' was removed from both app stores the same day. | ||
Epic Games would use this motion to file federal lawsuits against both Google and Apple, citing that these practices meant that the companies were engaging in anti-competitive behaviour. | Epic Games would use this motion to file federal lawsuits against both Google and Apple, citing that these practices meant that the companies were engaging in anti-competitive behaviour. | ||
==See also == | ==See also== | ||
===Products and Services=== | ===Products and Services=== | ||