March 27, 2023
Slideshows
March 27, 2023
For a while now I've been working on the WordPress plugin that does the slideshows. I had re-written the php back-end from NivoSlider, and then I decided to rewrite the front-end. The front-end is driven by jquery, so it was a good opportunity to get familiar with that. It's actually pretty simple.
Over a few months of tinkering, I added several hundred slide transitions, grouped in families to make things manageable. Eventually, I pretty much exhausted all the things you can do by animating css with jquery. So I turned to inline svg image masks. You can do much more with real graphics than just css, but there is one hitch - svg is poorly supported in Chrome and all its derivatives, including Opera, Edge, and Brave. But if you load this page in Firefox or Safari, it will demonstrate what you can do with svg.
Hopefully Chrome and the rest will catch up soon. For now, I just use browser detection and 'gracefully degrade.' If you're using a Chromium-based browser, or God-forbid, Chrome itself, you'll get a simple 'fade' in place of every transition that Chrome is unable to handle because Google is too lazy to support standards.
On the subject of web browsers, you really shouldn't use Chrome. This article lays out all the reasons:
https://ieeexplore.ieee.org/document/9374407
I will summarize: Every time you use it, Chrome sends a unique identifier to Google, along with all the details of everything you do. While this doesn't include your actual name, in a short time Google will collect enough data to figure it out. Do you like being watched like that? Chrome is the ultimate spyware. I stopped using it a long time ago. Other browsers also 'phone home' like this as well, but for legitimate reasons like checking for updates. Only Chrome actually spies on you.
Why does Google do this? Chrome is really nothing more than a Trojan Horse for Google's advertising system, which is the primary source of their revenue. Coincidentally, Chrome is the only modern browser that does not include built-in ad-blocking. Chrome is also the only browser that still allows cross-site scripting. Cross-site scripting is a common attack method that has long-since been banned by WWW standards. Look it up. Cross-site scripting is also the base mechanism of Google's ad service.
While a VPN could block Chrome's ultra-intrusive 'phone-homes', I've never heard of one that actually does. This would be a major selling point for any VPN, but apart from the article above, I've never seen it discussed anywhere.
So now you know why Google made their own web browser, and it's not from the goodness of their hearts. And if you think you are safely anonymous behind a firewall, think again. Chrome's id code will punch right through any firewall, and make it transparent to Google. Not only do they know it's you, they know you're using a firewall, and which one. Good thing they're not evil.
I mainly use Opera. While it has the same underlying 'engine' as Chrome, it does not have the layer of spyware that Chrome has. ( The engine is open-source, so it would be difficult to hide spyware in it. But every browser also uses a lot of proprietary code. That is where Google does their snooping. ) A while back, Opera was bought by the communist Chinese, but they don't seem to have done anything bad with it. Yet.
Edge also uses the Chromium engine, and phones home to Microsoft, but not in the exhaustively detailed and specific way that Chrome reports everything to Google. And Safari phones home to Apple, but again not as bad as Chrome. Edge actually works pretty well. Recently I installed a new browser called Brave, which is focused on privacy. I like it a lot. So there are lots of alternatives to Chrome, and I strongly suggest you pick one of them.
I just had a funny thought: Google was once hailed for saving us all from the awful Microsoft Internet Explorer * with Chrome. Today, Chrome has become the new Internet Explorer. Chrome ignores or deliberately violates standards, and spies on you. Don't use it.
* Internet Exploiter, Internet Exploder … there were lots of them back in the day.
Here is the conclusion of that article. Actually, no web browser seems very good for privacy, but Google Chrome is by far the worst.
Conclusion
We present measurements for five browsers: Google Chrome, Mozilla Firefox, Apple Safari, Brave Browser and Microsoft Edge, during normal web browsing on desktop and mobile devices. To the best of our knowledge this is the first public measurement study of the connections made by browsers to their backend servers.
All of the browsers make use of a safe browsing service to mitigate phishing attacks and our measurements indicate that this raises few privacy concerns, similarly with regard to the Chrome extension update service accessed by Chromium-base browsers (Chrome, Brave, Edge).
For the Brave browser with its default settings we did not find any transmission of identifiers allowing tracking of IP address over time, and no sharing of the details of web pages visited with backend servers.
Chrome, Firefox, Safari and Edge all share details of web pages visited with backend servers via the search autocomplete feature. In Chrome a persistent identifier is sent alongside these web addresses, allowing them to be linked together. On iOS Chrome also sends telemetry to backend servers (presumably on Android this function is carried out by Google Play Services rather than Chrome itself), but not on desktop devices.
Firefox sends telemetry which includes identifiers that can potentially be used to link these over time. This telemetry can be disabled, but is silently enabled by default. Firefox also maintains an open websocket for push notifications that is linked to a unique identifier and so potentially can also be used for tracking and which cannot be easily disabled. On mobile devices Firefox sends a long-lived device identifier to backend servers, but not on desktop devices.
Safari defaults to a choice of start page that potentially leaks information to multiple third parties and allows them to preload pages containing identifiers to the browser cache. On mobile devices Chrome and Edge similarly prefetch pages (but not on desktop devices). Safari otherwise made no extraneous network connections and transmitted no persistent identifiers, but allied iCloud processes did make connections containing identifiers.
On desktop devices Microsoft Edge sends the hardware UUID of the device to Microsoft while on mobile devices it sends long-lived device identifiers. It also collects telemetry tagged with identifiers that can be used to link the telemetry messages over time.
Even worse than Google is Facebook. They recently demanded that I send them a police mugshot-style selfie, complete with nameboard and serial number. Unbelieveable. Go to hell, Zuck! Facebook is dying anyway. I look forward to seeing Mark Zuckerberg eating out of a dumpster on Instagram. Oh wait, that's dying too. Good riddance.
