How Chrome’s built-in ad blocker will work when it goes live tomorrow


Chrome’s built-in ad blocker will go live tomorrow. It’s the first time Google will automatically block some ads in Chrome, but while quite a few online publishers are fretting about this move, as a regular user, you may not even notice it.

The most important thing to know is that this is not an alternative to AdBlock Plus or uBlock Origin. Instead, it’s Google’s effort to ban the most annoying ads from your browser. So it won’t block all ads — just those that don’t conform to the Coalition for Better Ads guidelines. When Google decides that a site hosts ads that go against these guidelines, it’ll block all ads on a given site — not just those annoying prestitials with a countdown or autoplaying video ads with sound.

Here are the kinds of ads that will trigger the new ad blocker in Chrome:

If you end up on a site where Chrome is blocking ads, you’ll see a small pop-up in Chrome (yeah — Chrome will pop up a notification to alert you when it blocked a pop-up…) that gives you the option to sidestep the ad blocker and allow ads on that site.

Under the hood, Google is using the same patterns as the public and community-curated EasyList filter rules. It’s worth noting that while Google made some modifications to those rules, it doesn’t exempt its own ad networks  from this exercise. If a site is in violation, ads from AdSense and DoubleClick will also be blocked.

Chances are that you’ll see a bit of a performance boost on sites where ads are being blocked. That’s not the focus here, though, and Google says it’s at best a secondary effect. Some early ad blockers also had some issues with excessive memory usage that sometimes slowed down the browser. Google admits that there is some memory overhead here to hold the blocking list in memory, but even on mobile, that’s a negligible amount.

It’s worth noting that the recommendations of the Coalition for Better Ads focus on North America and Western Europe. Because of this, those are also the regions where the ad filtering will go live first. Google, however, is not classifying sites by where the individual Chrome user is coming from. Instead, it’s looking at where the majority of a site’s visitors come from. So if a user from India visits a site in Germany where ads are being blocked, that user won’t see ads even if the filtering isn’t live for Indian sites.As Google’s product manager for the Chrome Web Platform Ryan Schoen told me, 42 percent of publishers that were in violation have already moved to other ads. Of course, that means the majority of sites that Google warned about this issue did not take any action yet, but Schoen expects that many will do so once they see the impact of this. While ad blockers are often among the most popular extensions, they don’t come pre-installed, after all. This one does, and Google’s approach of blocking all ads on a site will surely sting.

Indeed, this decision to block all ads may seem rather harsh. Schoen, however, argues that it’s the only practical solution. In Google’s view, publishers have to take responsibility for the ads they show and take control of their ad inventory. “The publisher can decide which ad networks to do business with but ultimately for us, the users, by navigating to a specific site, they enter a relationship with that site,” he said. “We do think it’s the responsibility of the site owner to take ownership of that relationship.”

Still, so far, it looks like Chrome will only block just less than one percent of all ads — something that will make some publishers breathe a sigh of relief and scare others. For users, though, this can only be a good thing in the long run.

Featured Image: Getty Images

Chrome will soon mark all unencrypted pages as ‘not secure’


Google’s Chrome browser will soon flag every site that doesn’t use HTTPS encryption. Starting in July, with the launch of Chrome 68, Chrome will mark all HTTP sites as ‘not secure’ and prominently highlight this in its URL bar.

Over the course of the last few years, Google has strongly advocated for the use of HTTPS to help keep your browsing data safe from anybody who could be spying on your web traffic while it’s in transit between your browser and a server. With Chrome 62, Google already started marking all HTTP sites that had data entry fields as insecure and even back in 2016, it already started showing the same warning for all sites that asked for passwords and credit cards.

With this upcoming update, every HTTP site will be flagged as ‘not secure,’ no matter whether it includes input fields or not.

Developers have clearly heard the call. Google notes that 81 of the top 100 sites on the web now use HTTPS by default and that 80 percent of Chrome traffic on both Chrome OS and Mac and 70 percent of traffic from Chrome on Windows is now protected. For Chrome traffic on Android, that number is 68 percent.

Still, this means that there are (and probably always will be) plenty of sites that haven’t made the move yet. Thanks to projects like Let’s Encrypt and others, it’s now easier than ever to enable HTTPS for virtually any site. Still, the process of enabling HTTPS for existing sites isn’t always trivial and chances are that some webmasters and developers will simply opt to keep things running as they are, no matter the warnings that Chrome will soon show their visitors.

Chrome will soon make browsing sketchy sites less frustrating


When you’re browsing the web, there’s little that’s more annoying than clicking on what you think is a video and finding out that it was actually just an image with a link to a dubious site. Or what about those links that actually take you to your destination in a new window but then quickly navigate your original site to some ad for male enhancement pills? And then there’s still the garden variety site that just redirects you to a new page for no apparent reason.

With the arrival of Chrome 65 in its pre-release channels today, Google plans to fix these issues, which tend to pop up on sites that are often already a bit dubious to being with. Think torrent directories and tube sites.

“One of the things we love about the web is that it gives developers a really rich set of content. That’s what sets the platform apart,” Google director of product management Ben Galbraith told me when I asked him about the reasoning for these changes. “In general, that leads to a number of really great experiences — but some folks abuse this power.”

So in Chrome 65, when a page tries to redirect you by abusing the power of iframes, Chrome will pop up an infobar but won’t take you to the new site automatically. The Chrome team tells me that there are some legitimate use cases for making iframes redirect a page, including some payment flows. But Google will only block redirects from iframes that a user hasn’t interacted with, so this shouldn’t really be an issues for legitimate sites.

For links that do take you to your expected destination in a new window or tab but then quietly redirect the originating site to something else, Chrome will now also prevent the redirect and pop up an infobar.

The most interesting tech here, though, is Chrome’s upcoming ability to figure out that a play button, some transparent site control or some other item on a page is really just a link to a malicious site. This feature will only start rolling out in January, though. Chrome group product manager Alex Komoroske tells me that this works similar to how Google Safe Browsing protects users from malicious links already, though he didn’t want to delve into the technical details of how exactly this new feature will work.

As the Chrome team stressed, the general idea here is to look out of for users while working with the ecosystem to ensure that none of these changes break legitimate use cases.

The Chrome team argues that this is also why it took a while to bring these features to Chrome. None of these issues are all that new, after all, or exploit any features that weren’t already available for years. But to do this in the right way — and to get it right without breaking too many existing sites — simply took a while. Either way, these features are here now if you are brave enough to try a pre-release version of Chrome. Once installed, all you need to do is find a really sketchy site to give these new features a try. Best of luck.

Featured Image: Stephen Shankland/Flickr UNDER A CC BY-SA 2.0 LICENSE