[HN Gopher] Washington Post's Privacy Tip: Stop Using Chrome, De...
___________________________________________________________________
Washington Post's Privacy Tip: Stop Using Chrome, Delete Meta Apps
(and Yandex)
Author : miles
Score : 225 points
Date : 2025-06-07 16:33 UTC (6 hours ago)
(HTM) web link (tech.slashdot.org)
(TXT) w3m dump (tech.slashdot.org)
| dlachausse wrote:
| Safari reports that it blocked 16 trackers on WaPos home page. So
| it's probably best to avoid them for privacy too.
| leereeves wrote:
| I hope people can get a "Stop Using Chrome" movement going, like
| we did with Internet Explorer long ago.
| righthand wrote:
| Idk, isn't that how we got Chrome? Isn't this inviting someone
| else to be the new Internet abuse daddy?
| ljlolel wrote:
| Sounds like something written by a Google employee. Mozilla
| is a non-profit
| dc396 wrote:
| Might want to look at who provides most of the funds for
| Mozilla.
| 0x_rs wrote:
| No, that was Firefox. Chrome's spread was fueled by literal
| malware or spyware bundling it to get some of Google's sweet
| money and some of the most aggressive advertisement campaigns
| for any online product ever.
| righthand wrote:
| Was it Firefox? I remember Firefox existing at the time but
| I don't think it's ever really had dominant market share,
| perhaps when it was Netscape? I do remember the IE campaign
| went on quite a long time to where eventually Chrome showed
| up to the party and people shifted over as well as shifted
| their family and friends over. You don't see that kind of
| active effort for Firefox ever.
| ndriscoll wrote:
| According to Wikipedia, Firefox share peaked around 31%.
| It was very much taking over and gaining share from IE
| before chrome appeared.
|
| https://en.wikipedia.org/wiki/Usage_share_of_web_browsers
| #Ol...
| timewizard wrote:
| Chrome is fine.
|
| Letting an advertising company own it is not.
| duxup wrote:
| I feel like that's like saying "it's fine, except for the bad
| part that you can't avoid" ;)
| turtletontine wrote:
| The future of Google as Chrome's owner is genuinely in
| question now due to Google's antitrust losses, in case you
| weren't aware.
|
| There's a few different cases, one recent one Google has
| lost and is now in the "remedy" phase. Meaning the court
| has officially decided Google did bad, and is now
| considering what to make Google do about it. And splitting
| up Google into separate Chrome, search, etc companies is
| completely on the table.
|
| Some reading:
|
| https://www.theverge.com/23869483/us-v-google-search-
| antitru...
|
| https://www.thebignewsletter.com/p/google-found-guilty-of-
| mo...
| userbinator wrote:
| Maybe even a "start using Internet Explorer again" movement ;-)
|
| For all the hate it got, IE was nowhere near as privacy-
| invasive as any of the "modern" browsers now, even Firefox. If
| you configured it to open with a blank page, it would quietly
| do so and make _zero_ unsolicited network requests.
| SoftTalker wrote:
| Well IE (Edge) is Chrome now under the covers.
| xnx wrote:
| Source article:
| https://www.washingtonpost.com/technology/2025/06/06/meta-pr...
| HelloUsername wrote:
| > Source article
|
| Thx. Even the source in the slashdot article links to msn...
| bitpush wrote:
| Written by the same person who wrote Washington Post article.
|
| All very confusing.
| boomboomsubban wrote:
| MSN is all rehosted articles I believe. Several times I've
| searched major paper headlines to read the full story on
| MSN.
|
| No idea what kind of deal these places have with Microsoft.
| not_a_bot_4sho wrote:
| I like the MSN articles. My ad blocker cleans them up
| nicely, and they never ask me to subscribe.
| xnx wrote:
| Without the suggestion to install an adblocker, this is not
| credible advice.
| ninth_ant wrote:
| A media outlet which depends on ad revenue as a primary income
| source is unlikely to suggest this.
|
| Ditching these deeply invasive products remains a good idea,
| independent on any decision to use ad blockers or not.
|
| The Meta/Yandex incident in particular is straight-up malware
| and everyone should remove their apps.
| timewizard wrote:
| > which depends on ad revenue
|
| They're more tightly bound than that. They're dependent on
| Google Display Ads. Which really makes their whole diatribe
| that much more pathetic.
|
| Any media company that decided to traffic the ads themselves,
| from their own servers, and inline with their own content,
| would effectively be immune from ad blocking.
|
| > Ditching these deeply invasive products remains a good idea
|
| While still allowing random third party javascript to run
| unchecked on a parent website.
| kulahan wrote:
| > While still allowing random third party javascript to run
| unchecked on a parent website.
|
| Lol, why are you commenting as if somehow allowing it to
| run negates the other good ideas in some way? Obviously
| some is better than none, and all is better than some, but
| each step takes more effort.
| jonhohle wrote:
| It's odd that orgs like NYT don't run their own ad
| services. I'm sure they have a dedicated department for ad
| sales for physical copies. They're large enough that
| companies would work directly with them. And they would
| have at least some editorial control on what is displayed
| on their site.
| alkonaut wrote:
| Getting privacy advice from an adtech funded outlet sounds
| like reading democracy advice from the Chinese ruling party
| or vegetarianism advice from lions to be honest.
|
| It might be correct-and-incomplete but they just have no
| credibility on the topic.
| jfengel wrote:
| Does the ad blocker prevent leaks of your information?
|
| I know it blocks a use of your information against you
| (targeted ads). And any external source is a potential leak
| (e.g. the kinds of things that CORS is supposed to reduce).
|
| But does an ad blocker specifically leak more, or just reduce
| the incentive to collect that information?
| antithesizer wrote:
| Yes they block tracking
| weaksauce wrote:
| they don't load up the ads at all so they can't know your
| information in the first place at least from the ads
| themselves. if the website is sharing information directly
| there's nothing you can do outside of some kind of vpn and
| never logging on to any services.
| demosthanos wrote:
| A full-featured ad blocker (uBlock Origin original, not the
| neutered Lite version that runs on Chrome now) will intercept
| requests at the network level and prevent your browser from
| requesting the advertisers' JavaScript code. Your browser not
| only won't show the ads, it won't run the code that was
| supposed to show them or even send a request to the
| advertisers' servers.
|
| This blocks most existing tracking methods. The only thing
| you're not protected from is first-party tracking by the site
| you're actually visiting, which is impossible to fully
| protect against.
| zahlman wrote:
| >prevent your browser from requesting the advertisers'
| JavaScript code. Your browser not only won't show the ads,
| it won't run the code that was supposed to show them or
| even send a request to the advertisers' servers.
|
| Incidentally, just blocking JavaScript with NoScript kills
| quite a lot of ads (obviously, not first-party ones if
| you've white-listed their JavaScript for site
| functionality; but I try to avoid that when there isn't
| real demonstrated value) without any need for an explicit
| ad blocker.
| kvdveer wrote:
| NoScript is indeed very effective at blocking tracking,
| but it also breaks a lot of websites.
|
| If that is an acceptable compromise, you could also try
| ditching the Internet altogether, as that not only blocks
| all online tracking, it also blocks a lot of fraud,
| misinformation and all kinds of harmful content.
| IgorPartola wrote:
| That's always my problem with NoScript being suggested.
| For some people who consume stuff off RSS feeds or static
| sites and Wikipedia that probably works. But for
| literally anything more than that you can't do that.
| voytec wrote:
| It's not about living like a caveman. You can enable 1st
| party JS without JS from 20 ad/tracking hosts.
| voytec wrote:
| > NoScript is indeed very effective at blocking tracking,
| but it also breaks a lot of websites.
|
| Sure, images may no be present without JS lazy-loading
| them. Accidentaly, NoScript also fixes a lot of websites.
| Publishers are often paywalling posts via JS and initial
| HTML is served with full articles.
| everdrive wrote:
| Except for non-negotiables (eg: bill paying, government
| websites, etc.) a website that fully breaks when blocking
| js is just a worthless site which is not worth my time.
| blacksmith_tb wrote:
| 1st-party would likely be prevented by disabling cookies?
| Obviously they could fingerprint every visitor on every
| request, but most just set an ID cookie and check it on
| subsequent pages I think, since that's good enough for
| tracking most people (who aren't actively trying not to be
| tracked). Of course, that breaks things that need a session
| (like a cart), but depending on what you want from a site,
| it could be fine.
| demosthanos wrote:
| Those things help, yes. I say that it's impossible to
| fully block first party tracking because you must
| interact with the server in order to accomplish anything
| and those interactions can be tracked. But a third party
| can be cut entirely out of the loop.
| SoftTalker wrote:
| There are ways to maintain a session without a cookie,
| but cookie is very convenient so that is mostly what is
| used.
| eastbound wrote:
| I think there was a Defcon where they showed that some ad
| networks let the advertiser themselves provide the
| image/video. By targeting only people who first visited a
| given website, they know who you are. And by adding selectors
| on the ad, they extract your characteristics, including
| location.
|
| It looks very stretched, but the real magic happens when this
| data is sold in bulk. It allows recouping who is where. Your
| target person may or may not be in each dataset, their
| location isn't known like clockwork, but that allows
| determining where they work, where they sleep and who they're
| with. One ad is useless as a datapoint, but recouping shows
| reliable patterns. And remember most people on iPhone still
| don't have an adblocker.
| mingus88 wrote:
| They will not bite the hand that feeds them.
|
| But I am glad they are pushing people toward other browsers
| because that is the biggest step. Once you have taken that
| step, installing the most popular extensions is trivial.
|
| Guess what the highest rated extensions are?
| userbinator wrote:
| The FBI recommends using an adblocker:
| https://news.ycombinator.com/item?id=41483581
| ryandrake wrote:
| I would bet money that the techie they asked to put the list
| together included "use an adblocker." And then the higher-up
| who approves articles like this said "shit! wait... no, no, no,
| delete that one!!" These corporations are deeply deceptive.
| godelski wrote:
| The advice is fine, just incomplete.
|
| It is better than nothing and definitely for the more "normies"
| advice. Let's start there and then we can get them onto adblock
| and other stuff.
|
| Btw, the ArsTechnica article they link offers more advice[0]
|
| [0] https://arstechnica.com/security/2025/06/meta-and-yandex-
| are...
| bn-l wrote:
| What is the alternative to chrome that doesn't crash or is not
| noticeably slower?
| wyattblue wrote:
| Brave Browser: https://brave.com/
| GolfPopper wrote:
| Brave has some controversies: https://en.wikipedia.org/wiki/B
| rave_(web_browser)#Controvers...
| guywithahat wrote:
| I mean those aren't real controversies though, it's more
| like "we added a VPN feature and included the VPN, but have
| now removed it". A real controversy would be like Mozilla
| who was pushing for censorship and silencing "bad actors"
| in the years after the first Trump election.
| slaw wrote:
| Firefox + uBlock Origin
| azinman2 wrote:
| I feel like people sleep on safari, especially on Macs.
| hk1337 wrote:
| JavaScript Chrome developers did a good job of convincing
| people that Safari is the new IE.
|
| I love Safari on macOS. I love the pinch/zoom with the tabs.
| I love that private browsing mode, at least seems to, keep
| things contained to the tab they started with. e.g. if I open
| facebook in a private tab then open new tab and go to
| facebook, it's going to make me login.
| giraffe_lady wrote:
| Significantly better battery life too. Like hours.
| bitpush wrote:
| You're drinking Apple kool-aid if you think Safari isn't
| holding web back.
|
| Lots of anti-google people dislike Safari. Safari isn't the
| only non-google option you know.
| hk1337 wrote:
| Apple is slow to adopt new features, sure but Google
| bulldozes features to be first to market so it can
| implemented the way they want it implemented.
| gcau wrote:
| >Google bulldozes features to be first to market so it
| can implemented the way they want it implemented
|
| Can you give an example of this?
| kstrauser wrote:
| Safari is far from perfect, but I'm _glad_ they don't
| implement everything Chrome does. Many of the complaints
| come down to "Safari doesn't even support
| RunBitcoinMinerInBackground.js. It sucks!"
|
| And on the plus side, it's vastly better at power
| efficiency, meaning I can use my laptop longer without
| being plugged in.
| arccy wrote:
| sure if you want to live a life stuck in the App Store
| and Play Store walled gardens... having a decent web
| browser is the way towards a truly open web
| hungryhobbit wrote:
| Developers don't convince anyone of anything! They just
| build stuff according to standards (which are inevitably
| set not by standards orgs, but by the most popular
| browsers), and then they expect all browsers to follow
| those standards and "just work".
|
| When a browser like Safari fails to adhere to those
| standards, sites will break ... but you can't expect
| developers (of most sites; I'm not talking about the top
| 100 or anything) to test in every possible browser ... and
| then change their code to accommodate them. Certainly not
| in ones with single-digit percentages of market share, that
| require their own OS to test (like Safari).
| kstrauser wrote:
| Wikipedia says Safari's their #2 browser, with 17%
| traffic share:
| https://en.wikipedia.org/wiki/Usage_share_of_web_browsers
|
| Web devs ignore Safari at their own risk, lest 100% of
| iPhone users be unable to use their site.
| someNameIG wrote:
| If Apple wanted more web devs to support Safari they
| should port it to Linux and Windows. The web is supposed
| to be an open standard, you shouldn't need a devices and
| software from a specific manufacturer to develop for it
| (I say that posting from a Mac).
| Uehreka wrote:
| Chrome's developers didn't have to say anything. Anyone
| who's been trying to build on the latest web features (for
| me, particularly WebGL, WebRTC, WebGPU and IndexedDB) over
| the past decade has been bitten by Safari over and over
| again. They usually come around after being raked over the
| coals by the web dev community, but they're still usually
| years behind.
|
| When "Safari is the new IE" was first published, they
| absolutely were. They've gotten a bit better since then,
| but all the same it was hilarious to see people who used to
| rail against IE for flaunting web standards ( _cough_ John
| Gruber _cough_ ) suddenly start saying that web standards
| were a bogus racket once Apple decided to stop keeping up
| with them.
| hxtk wrote:
| I tend to use Safari on my mac, but I will say that it
| evaluates CORS slightly differently than other browsers so
| that sometimes I have to disable CORS protection to get a
| site to work that works fine in Chrome or Firefox, and it's
| the only browser I've used where I expect to have it crash
| hard with a SEGFAULT or something every once in a while.
| Aurornis wrote:
| I continually try, but Safari is the only browser where I
| routinely experience crashes once or twice a month. There are
| also some random incompatibilities with certain websites
| (related to the CORS issue as mentioned in another comment)
| that force me back into another browser anyway.
| haiku2077 wrote:
| Doesn't crash? Firefox/Mullvad Browser is fine.
|
| Not slower? Safari or Orion.
| ramon156 wrote:
| What's wrong with FireFox?
|
| And if you're not a fan of FireFox, Ladybird is becoming a
| thing in 2026
| wussboy wrote:
| Full time Firefox user. I run hundreds of tabs for days on end
| and need to restart it every week or so. Well worth it to not
| use Chrome. Need to open a site in Chrome about once a month
| abhinavk wrote:
| The upcoming version has "Unload tabs" built in to the
| context menu. That should result in restarts limited to
| updates.
| HelloMcFly wrote:
| I use the Auto Discard Tabs plug-in, just lets tabs time-
| out after a set amount of time
| SoftTalker wrote:
| I've used Firefox for years and it very rarely crashes.
| Individual tabs will crash occasionally, but rarely the
| entire browser.
| brazzy wrote:
| Firefox.
| NexRebular wrote:
| I use Vivaldi[1]. Also has built-in ad-blocker although I'm not
| sure how good it is compared to Ublock or others.
|
| [1] https://vivaldi.com/
| dijksterhuis wrote:
| seconded. been loving vivaldi since i switched.
| secondcoming wrote:
| Firefox. It's been my default browser for years but now I'm
| noticing sites that don't work properly with it. I'm not sure
| why.
|
| It also has a really annoying 'feature' that its update process
| will sometimes force you to restart the browser.
| JumpCrisscross wrote:
| I'm using Firefox and Kagi's Orion browser [1] on my Mac and
| Safari on iOS.
|
| [1] https://kagi.com/orion/
| m-localhost wrote:
| Is it easier to build a browser for MacOS? Arc was Mac only
| for the longest time, until they released a crippled Windows
| version. DuckDuckGo browser started Mac only.
| JumpCrisscross wrote:
| > _Is it easier to build a browser for MacOS?_
|
| Financially, probably. Apple customers represent a
| disproportionate share of global consumer disposable
| income.
|
| Technically, I guess Unix-like, BrowserEngineKit and WebKit
| (Orion uses this) help. Good question, hope someone
| knowledgeable chimes in!
| dismalaf wrote:
| I like Vivaldi myself.
| mrweasel wrote:
| Firefox? Weird question. I haven't even installed Chrome in the
| past 7 years. Firefox is fast (but I obviously don't know if
| Chrome is faster) and it never crashes.
| duxup wrote:
| I use firefox full time, it works great for me.
| 0134340 wrote:
| Well, for the past twenty years, Firefox has been a good
| alternative browser to Chrome, IE, etc.
| guywithahat wrote:
| I really like Brave, blocks youtube ads and generally just
| works where other chrome alternatives don't
| https://brave.com/download/
| ronnier wrote:
| I'm pretty worried about the security of Brave and stopped
| using it. I'd like to be wrong. But years old patches missing
| in Chromium not ported over until recently makes me nervous
| (referring to a recently addressed long time websocket bug in
| Brave). What else is missing? It just seems to risky to use
| for me.
| voytec wrote:
| Zen Browser works well for me. It's a Firefox fork but privacy-
| focused whereas Mozilla recently became an ad company and
| published hostile TOS changes. No issues I had when I was
| evaluating LibreWolf.
| cosmicgadget wrote:
| Any browser that lets you block javascript? It is weird how we
| now call browsers fast because they can quickly render the most
| cancerous content.
| p0w3n3d wrote:
| I've noticed that recent Chrome version does not allow me to
| download the pdf I'm viewing. I had to open it in Firefox. The
| Chrome browser only allowed me to save it to drive (cloud)
| charcircuit wrote:
| Did you try finding a print button?
| Henchman21 wrote:
| To... save? I get that you can print to a file and it'll save
| it that way of course, but damn that strikes me as really
| confusing for non-techies
| thrill wrote:
| right-click save-as?
| kulahan wrote:
| This is how I get around that same issue, but it truly is a
| hacky workaround.
| cosmicgadget wrote:
| Save or export would make more sense but printing to pdf
| has been the way to do it forever.
| Legend2440 wrote:
| Seems weird. I'm in Chrome right now and I can right-click on
| PDFs and click save as.
| Aurornis wrote:
| I downloaded a PDF within updated Chrome earlier this morning
| without problems. I would be looking at your setup to see what
| makes it unique.
| Grazester wrote:
| You can absolutely download PDFs on the all Chrome versions
| including the most recent. You need to do is set chrome to
| download them instead of open them.
|
| I am a developer but have to deal with questions on this
| regularly from people's at my company due to the IT
| department being small.
| NHQ wrote:
| Web browsers should become outmoded soon. It was fine for
| bootstrapping the web, but now to keep up a browser must emulate
| the operating system and more in a single app. This pressure is
| the centralizing factor in browser dominance. Ditch the features,
| drop the spy protocol (http), just get the files.
| thethimble wrote:
| What will the alternative to web browsers be after they become
| "outmoded"?
| consumer451 wrote:
| I can't speak for the user who you are responding to, but an
| AI maxi might believe that an AI powered interface will take
| over all information retrieval.
| zahlman wrote:
| > the spy protocol (http)
|
| I'm afraid I can't guess your reasoning.
| NHQ wrote:
| How do i turn it off?
| ck2 wrote:
| supermium --ungoogled-supermium
|
| https://win32subsystem.live/supermium/
|
| https://github.com/win32ss/supermium
| TiredOfLife wrote:
| Washington Post also called Ukraines attack on russian bombers
| "dirty"
| cosmicgadget wrote:
| Can you elaborate?
| extra88 wrote:
| That's one opinion from one columnist. Also, the full phase was
| "dirty war," by which they seem to mean one dominated by covert
| operations by intelligence services rather than conventional
| forces, on both sides.
| jeffbee wrote:
| It's sort of interesting that Brave was not affected by this
| because they already blocked the technique used by the Yandex
| app. I wonder if Brave devs were aware of that specific abuse, or
| if they just thought that localhost traffic was distasteful
| categorically.
| meroes wrote:
| Hmm how can I use being forced to use Chrome for work, for me tax
| wise...
|
| If I'm a contractor forced to use Chrome and mobile devices, can
| I deduct a separate work phone?
|
| I really hate having it my iPhone, at least maybe I can claw
| something back this way?
| 0_____0 wrote:
| I believe it is good form to keep work and personal machines
| completely separate, including phones. If you ever have to hand
| over your devices for discovery in a law suit I think you will
| come to the same conclusion.
| Xorakios wrote:
| I very much agree. Retired now but I used to have a separate
| phone for each major client for HIPAA compliance but it's
| good advice everywhere (and $50 year-old android phones and
| $15/month Tracfone accounts aren't just for criminals!)
| jhbadger wrote:
| And stop using Alexa (of course Bezos' paper wouldn't say that!)
| m-localhost wrote:
| Zen Browser (FF) on Win and Firefox on iOS (for sync) works well
| for me. Edge for all M365 related stuff. Still use Chrome for web
| dev. Not sure what to move on in that regard...
| t-writescode wrote:
| I'm a relatively new web dev and I've been quite happy with
| Firefox's Web Dev tools. What does Chrome's dev tools give
| someone that Firefox's doesn't? I can edit css on the fly, see
| where a css rule is being overwritten, debug javascript, etc.
| arealaccount wrote:
| FF dev tools just don't work sometimes, notably with iframes,
| sometimes with source maps, and other edge case types things.
|
| I use FF for 99% of dev, open Chrome maybe once a quarter.
| It's a better browser.
| nine_k wrote:
| One an develop in FF, but has to test in Chrome. (Same with
| developing in Chrome and also testing in FF.)
| ajsnigrutin wrote:
| For most people in the west, using yandex and chinese
| alternatives would be better than local ones, because neither
| china nor russia has any auhority over you, while your local
| agencies do.
| thadk wrote:
| Anyone have tips on how to avoid having the WhatsApp app on your
| phone?
| tdiff wrote:
| Use telegram
| baobun wrote:
| Give your WA contacts alternative contact method. Uninstall.
| Stop using WhatsApp.
| ChrisArchitect wrote:
| Source:
| https://www.washingtonpost.com/technology/2025/06/06/meta-pr...
|
| Related discussion: https://news.ycombinator.com/item?id=44169115
| ThinkBeat wrote:
| I dont yet understand this attack.
|
| The WP article says:
|
| "" Millions of websites contain a string of computer code from
| Meta that compiles your web activity. It might capture the income
| you report to the government, your application for a student loan
| and your online shopping. ""
|
| If I read that correctly then they are capturing all https web
| content you access in clear text and uploads it all to Meta? Then
| Meta
|
| I thought the exploit was used to track where you visited, not
| the full data of each webpage.
| bink wrote:
| It does sound fantastical. A piece of code that can violate the
| same origin policy would be a huge vulnerability. Meta could be
| working with other sites to share data on users via code
| running on both sites, but snooping on tax data without the IRS
| helping? Unlikely.
|
| I can only assume they're suggesting that companies like Intuit
| and H&R Block are sharing this data with Meta, but that seems
| like a huge violation of privacy and with tax data it might
| even be illegal.
| helph67 wrote:
| Thirty months old but I'm guessing they haven't improved!
| https://www.techradar.com/news/nearly-half-of-all-online-tra...
| keernan wrote:
| If we truly lived in a democracy which 'obeyed' the overwhelming
| will of the people, there would be laws with 'horrific' penalties
| for any effort to track devices or people online.
___________________________________________________________________
(page generated 2025-06-07 23:00 UTC)