The worst thing I've seen recently is amp URLs for reddit threads. It's one bad thing (new reddit UI) wrapped in a worse thing (AMP), and getting back to classic reddit takes a lot of gymnastics. The stupid part is that the amp page is indistinguishable from the (new) reddit page (the AMP page comes complete with the "download our app" popup). So I don't see how it's providing any speed/experience benefit.
Exactly. For Reddit the AMP version and the mobile site look almost exactly the same... except the AMP site performs worse due to the AMP restrictions.
So none of the "nice" Reddit mobile site features actually work, and supposed "one-time" annoyances like the "Download the App" pop-up don't get cookied under AMP and continue to annoy on every google search. Insane!
I can never get the Open In Reddit app button to work. I’m on iOS and have the latest version of the official reddit app. Which btw is painfully filled with ads.
May I recommend using any 3rd party app for reddit instead of the official app. I use relay on Android and it is great. There are many other options, all of them are better than the official app.
Unfortunately no. But there's an "Open in Apollo" option from the share sheet which works for me. It's just an extra tap to open the share sheet from the AMP page.
It never works for me either, but there is a workaround. If you click on the 'x comments' link at the bottom of a post, it will open up in reddit is fun.
"The worst thing I've seen recently is amp URLs for reddit threads."
How can I see this very specific example ? I would like to understand exactly what this looks like ...
I am not a reddit user and I don't consume much web content on a phone, which is using Safari on an iPhone ...
Would I need to download google chrome onto my iphone, then do a google search for a reddit thread, then click on that search result ? Or would I see this result in Safari as well ?
Genuinely curious as I would like to recreate this specific result ...
This page is simultaneously encased by AMP, has multiple ways reddit is trying to get me to install an app that isn't going to help me right now as I am hopping between websites--I am going to glance at reddit for ten seconds and then a stackoverflow question and then a bugzilla issue and then a quora thread... the last thing I want right now is to end up in some app--but it also doesn't show me all the comments and is asking me to click through to get them... it used to be I clicked a search result and it showed me the reddit thread, with all the comments and without an app: I liked that :(.
The madenning part is you will see these links when using Firefox or Safari and you'll see them on a desktop. It is of course, not just Reddit thing. I've seen LinkedIn shares look like this.
I agree that AMP is a major attack on the internet, not to mention the fact that it makes it way slower [1] and hard to understand what you're browsing. The worst part is that my friends send me AMP links all the time even though I use DDG to avoid this stuff.
They can package the ads in band with the content, although DOM based blocking might still work—at some point we’re going to have to write an ad detection AI just to use the internet.
The long term solution is stigmatizing ads—you can never ad block someone in the ear of a newspaper editor.
It slows down doing anything that involves it. I end up landing on some jank AMP page, and have to then navigate to the top, and pop up the original link, click it, then wait for the real site to load. Total UX fail
If you want to mitm yourself, nobody takes it away from you. Create your own CA, add it to the trusted list, setup your proxy with the keys, and mitm all you want.
You do get the benefit of https even on static sites though. Do you want every network you join to be able to inject any JS they want into pages you're viewing? Https solves that.
I disagree. There's no reason to leak things to everyone on the planet, even if what's leaked isn't the most-damaging-to -leak-thing possible. As an example, it annoys me that the Texas Instruments site isn't encrypted, leaking my interest in parts to anybody listening.
Even if Texas Instruments implemented SSL the fact that you went there would not be a secret to anyone who can see your packets due to SNI[0]. HTTPS is really only useful when you want to hide the contents of a message, not the recipient.
I don't understand this point of view. You are either using a vpn or tor if you don't want the planet to leak your info to the world or you are leaking already.
If you are not then sure browsing in an internet cafe or an unsafe network will allow rogue entities to see your interest in parts.
Your browser is fingerprinting you on chrome with an id. You are being fingerprinted with your unique fonts on other browsers. If you have javascript on that opens the floodgates. Logged into facebook still? Browser extension gone rogue? Andriod OS?
I dont think they meant leaking into to TI, they meant leaking more into to ISPs than necessary. Http connections are like a post card, anyone in route can read it. At least with https they have to jump thru more hoops.
This gets trotted out a lot, but who is "everyone"? At worst it's a bunch of random people in the cafe whose WiFi you're using - but these people don't have the resources to track your activity once you leave the cafe. Otherwise it's just the same rogue's gallery of large corporations interested in adtech/surveillance money: ISPs, device makers, other online service providers. The thing is, none of them have the reach, data collection, and analytics capability of Google. And Google almost certainly gets all this information too, whether you use HTTPS or not (see reCaptcha, Google Analytics).
To me, this rationale looks an awful lot like a moat to stifle Google's competition. If collecting "the urls you're browsing" is wrong, why is it ok for Google to do it? And if it's not wrong, why is it somehow better that only Google gets to do it?
> At worst it's a bunch of random people in the cafe whose WiFi you're using - but these people don't have the resources to track your activity once you leave the cafe.
Depending on what you're doing, one-time collection may be enough.
Also, many captive portals are provided to businesses by companies whose own business interest is in tracking people, and they'll absolutely correlate the data.
Rather than having to worry about whether the service you're getting internet access from will track you, make it impossible for them to do so.
Especially when you can just sit behind cloudflare and gett for free with very little work on your part.
Granted, you then have to trust cloudflare; but it seems like they have been good actors so far considering their privileged position delivering tons of content across the web.
Wikipedia says that Amp first started appearing in search results in February of 2016. Some random websites tell me the average Google product death happens about 4 years after it launches (not counting anything that hasn't been killed at all and with some huge error bars). So we should expect AMP to be abandoned sometime between now and never.