Building a new web browser is 'impossible'

The "modern web" is in a very sad state (for many reasons beyond the stupidity of DRM) and so is every modern web browser; they are all shit. This very short article touches upon some of the problems in the web browser scene.

The reckless, infinite scope of web browsers

I conclude that it is impossible to build a new web browser. The complexity of the web is obscene. The creation of a new web browser would be comparable in effort to the Apollo program or the Manhattan project.

It is impossible to:

Implement the web correctly
Implement the web securely
Implement the web at all

more...

The power of uBO filters

I've heard people complain about the lack of granularity of uBlock Origin filtering compared to the no longer developed uMatrix add-on, and i've been one of those people. I still think Raymond's decision to abandon uM in favor of the allegedly easier to use uBO was a mistake and i'm certainty not alone. The pop-up interface of uMatrix always seemed more intuitive to me.

Some folks are adamant that uMatrix is superior to uBlock and is an absolute must-have, like breathing, however i'm not sure there's anything that one can do with uM that cannot be accomplished with uBO's filters, available in the 'My Filters' section of its settings. Other than adding a custom rule or two like *$font,third-party, which allows 1st party fonts while blocking 3rd party fonts, i've not been utilizing this filtering capability until very recently. These filters offer very granular control, right down to individual resources like a specific JavaScript file for a specific domain.

YouTube videos are a valuable resource of information but the website is a f'n joke from a technical point of view, as well as an assault on ones privacy. Sure, you can make use of the many alternative front-ends to YouTube (and Twitter, Instagram, Reddit, etc.) with a browser add-on like LibRedirect, but these alternatives come at a cost. They may not be able to handle the load, or they may be off-line, or they may be run by malicious actors, etc.. Nevertheless i think they are beneficial overall, especially if JavaScript does not have to be enabled to use them, but i digress.

YouTube serves up piles of shit (JavaScript) every time you load the domain and so i wanted to see how much of it could be toileted while still retaining much of the functionality of the platform like, you know, being able to watch videos and read comments and stuff. uBlock's logger makes it really easy to create these granular rules. With the logger open one can create either a URL (dynamic) or a static rule. While URL rules are more efficient, you can't use wildcards (*) in the file paths and for technically retarded sites like YouTube, which appear to use dynamically generated path names for some resources (.../player/c4225c42/player_ias.vflset/...), URL rules aren't going to work for all of the stuff i wanted to block.

I ended up trimming a fair amount of lard from YouTube using static filters while still retaining the appearance and functionality i wanted. Here's the filters i'm currently using (if you're on mobile you may need to adjust):

||fonts.googleapis.com^$stylesheet,domain=www.youtube.com
||jnn-pa.googleapis.com^$xhr
||www.youtube.com/*/jsbin/custom-elements-es5-adapter.vflset/$script
||www.youtube.com/*/jsbin/intersection-observer.min.vflset/intersection-observer.min.js$script
||www.youtube.com/*/jsbin/scheduler.vflset/$script
||www.youtube.com/*/jsbin/serviceworker-notifications.vflset/$script
||www.youtube.com/*/jsbin/spf.vflset/spf.js$script
||www.youtube.com/*/jsbin/web-animations-next-lite.min.vflset/$script
||www.youtube.com/*/jsbin/www-tampering.vflset/www-tampering.js$script
||www.youtube.com/*/player_ias.vflset/en_US/annotations_module.js$script
||www.youtube.com/*/player_ias.vflset/en_US/embed.js$script
||www.youtube.com/*/player_ias.vflset/en_US/endscreen.js$script
||www.youtube.com/*/player_ias.vflset/en_US/miniplayer.js$script
||www.youtube.com/*/player_ias.vflset/en_US/offline.js$script
||www.youtube.com/*/player_ias.vflset/en_US/remote.js$script
||www.youtube.com/api/stats/*$xhr
||www.youtube.com/generate_204$xhr
||www.youtube.com/s/search/audio/*$media,domain=www.youtube.com
||www.youtube.com/sw.js$script
||www.youtube.com/youtubei/v1/att/get?key=*$xhr
||www.youtube.com/youtubei/v1/share/*$xhr

Firefox add-ons with over 1 million users and my comments on them

As much as i dislike Mozilla i'm still forced to recommend Firefox for those who care about their privacy, though a lot of tweaking is necessary to beat it into submission. I've also kind of boxed myself in since i depend on quite a few add-ons for Firefox. I often browse the Mozilla Add-ons website (AMO) to keep track of what's new, though the vast majority of add-ons are worthless or, worse, contain malware which i define as anything containing data harvesting functionality, ads, coupon related add-ons, or anything else that isn't required for the stated purpose of the add-on.

The M&M's (Morons at Mozilla) neutered the functionality of the AMO website by both removing the RSS feed functionality and limiting the sorting options, however one can still sort add-ons by the number of users and doing so reveals some interesting selections. Here's the list of add-ons with 1 millions users or greater and my comments on them:

  • uBlock Origin, 5,968,728 users: uBlock Origin (uBO) is literally the only one on the list that's actually worth installing. uBO is an excellent content blocker and though it can be installed on Chromium and it's derivatives, it only offers full functionality on Firefox.
  • Adblock Plus, 4,870,451 users: Now there's a great idea; let's get rich by making an "ad blocking" add-on which allows ads by default and then charge advertises to have their ads whitelisted!
  • Easy Screenshot, 3,659,589 users: This ding-dong developer uses the official sounding name 'Mozilla Online' but is located in China. See how easy it is to fool nearly 4 million gullible people by sticking 'Mozilla' in your user name?
  • Video DownloadHelper, 1,941,350 users: Let's nag users for money and not let them know about yt-dlp, a far better solution.
  • AdBlocker Ultimate, 1,872,164 users: Well, at least this one claims to black all ads, but it isn't uBlock.
  • DuckDuckGo Privacy Essentials,1,605,557 users: 'DuckDuckGo' (possibly the dumbest name for a search engine ever) and 'privacy' do not belong in the same sentence. DuckDuckGo, which is little more than a proxy for Bing, has been caught more than once violating user trust and they not only censor their own search results, but have convinced the idiots at Bing to do so also.
  • Cisco Webex Extension, 1,463,112 users: This privacy hating piece of garbage is for video meetings. Read their "privacy" policy and then run away.
  • Facebook Container, 1,227,098 users: What can i say. Facebook? Really? Disregarding the insidious assault on privacy that people using Facebook subject themselves to (as well as the rest of us non-Facebook users), containerized or not, Firefox already has the tools built-in. Open its preferences and set Enhanced Tracking Protection (ETP) to Strict and learn how to set exceptions.
  • Ghostery - Privacy Ad Blocker, 1,119,088 users: Enable privacy.resistFingerprinting (RFP) in about:config, set ETP to Strict as already mentioned, and forget about Ghostery. Better yet, use the 'arkenfox' user.js.
  • AdBlock for Firefox, 1,070,688 users: Again, pales in comparison to uBlock, however it is nice to see 4 ad/content blocking add-ons among the most popular. PS: remember that time when Mozilla forgot to renew its add-on signing certificate?
  • Privacy Badger,1,046,527 users: Unnecessary with ETP, RFP, uBlock and the 'arkenfox' user.js.