In this episode, I got to chat with Pete Snyder (Brave) about ad and content blockers, and their impact not just on user experience on the web but also the engineering decisions a privacy researcher working on a web browser might have to make daily.
Ad blockers are used to prevent the web browser from communicating with domains and URLs that have been flagged as harmful or malicious in various filter lists. This blocking makes the web browsing experience faster, more private, and more secure.
However, there are lost of questions around how ad blockers work. Some of the things we discuss in the interview include:
– Who decides what gets filtered out?
– Who is responsible if things break on the web?
– What is the future like for blocking technology?
From Pete’s words I got the impression that there’s still a lot of work to be done in this space. Not just technology-wise, but also in terms of the research that’s required to figure out the appropriate mix of compromise that browser engineering, specifically in the privacy space, seems to be.
We also talk about the Brave browser, as it has truly been a pioneer in privacy protections, with one of the most aggressive stances when it comes to protecting the browser user and being true to the browser’s mission as the user agent.
Listen to the episode using the player or find it in your favorite podcast service.
Topics
- 00:00:00 – Introduction
- 00:06:28 – Pete explains the basic functionality of ad and content blockers
- 00:08:20 – What are the main motivations for people to user blockers?
- 00:09:35 – The Brave browser’s history with ad blocking technology
- 00:10:20 – How Brave’s blocking mechanisms work
- 00:12:20 – Who owns and maintains the filter lists used by ad blockers?
- 00:14:40 – Standardization efforts for filter lists
- 00:16:35 – Addressing web breakage and compatibility issues
- 00:17:56 – Resource replacement, or stubbing the APIs used by blocked scripts
- 00:18:55 – Prevent scripts from e.g. accessing storage instead of blocking them outright
- 00:20:31 – New ideas for shipping site JavaScript to make it easier to determine potential privacy and security issues
- 00:23:30 – Algorithmic heuristic approach for preventing scripts from collecting potentially harmful information
- 00:26:54 – Brave’s small(er) size vs. market leaders and its ability to ship things faster and with less red tape
- 00:29:11 – Brave’s third-party cookie blocking
- 00:30:12 – Partitioned storage vs. preventing storage access altogether
- 00:33:02 – Brave stripping tracking parameters from URLs
- 00:34:15 – Bounce Tracking
- 00:36:28 – The future of browser privacy
- 00:38:32 – Legislation and browser (privacy) engineering
- 00:40:10 – If you could change any aspect of the internet or the web, what would you do and why?
- 00:42:54 – Outro
Notes and references
- Brave’s Adblock lists
- The Chromium projects
- Who Filters the Filters: Understanding the Growth, Usefulness and Efficiency of Crowdsourced Ad Blocking
- Adblock Plus
- EasyList
- EasyPrivacy
- Peter Lowe’s list
- Disconnect.me list
- uBlock Origin
- Brave’s resource replacements
- Firefox resource shims
- Cliqz browser
- SugarCoat: Programmatically Generating Privacy-Preserving, Web-Compatible Resource Replacements for Content Blocking
- Brave Search
- Cliqz anti-tracking logic
- WebKit / Safari Intelligent Tracking Prevention
- The Privacy Sandbox
- Brave’s fingerprint farbling
- Global Privacy Control
- Pete Snyder’s website
- Research at Brave
- Pete Snyder on Twitter (@pes10k)
- Brendan Eich (Brave CEO) on Twitter