Even on reddit it annoys the heck out of me and I was very surprised they let this third party ruin the experience (when they don't even do it as first party). What if they all start doing it, facebook and github and the lot, you need to click away four banners? But maybe not enough people have privacy extensions installed and reddit can just track them forever and thus store a one-time dismissal. Anyone here in the know whether this doesn't show a measurable drop in returning users?
It's extremely intrusive, regardless of which site it shows up. It's a reminder that the likes of Google are collecting all the personal information they can get from you, and building up a personal profile that covers all aspects of your life, not only your online presence.
I recently added it to a SaaS web app I'm working on, and the number of new sign ups went up 8x overnight. You don't necessarily have to create an account to use the minimal functionalty of our app, but after signing up you do get some perks, and we get a way to communicate with the user through email. So I think it can be beneficial for both parties.
All the spam email is why I’m very picky where I choose to register.
I also use the fastmail.com masked email address for things, and that has not yet been an issue either.
There is absolutely no app or service that I would use thst forces me to sign in with Google and doesn’t give me a choice to Sign in with Apple and let me Hide My Email.
I've encountered one site that didn't accept a Fastmail address. I don't know what they expect me to do - I'm not making a Google or Microsoft account just to register on your dumbass website.
Maybe even call this button “Accept all”, like these cookie banners
also you must understand, most people are dumb as shit if you not showing it to the face, then prolly would not notice
that's why big tech not listening to HN user base because they know that its hard to fool nerd
P.S.: This is obvious irony, I don't support this DataGrab(TM), fyi.
Perplexity has a "sign in with Google" pop up that loads late, often when I've already started typing in my query, and thus blocks the rest of my typing, negatively affecting the UX of the service. So I looked up how to get the fuck rid of it and added that method to uBlock Origin, and now I'm a happy (freeloading) chappy.
Since shifting to firefox it's not a big deal as I have more control, vimium can stop focus being stolen and ublock can block the in web versions of the popups. Which if Googlers are reading, I made the swap after a decade of Chrome use because of your continued anti-user, anti-privacy stewardship of the product. Your trajectory is obvious. I hope the products leadership gets the message some day, but I suspect it's financially working out just fine.
Semi-related anecdote: I lost my Reddit account to a cryptocurrency spammer due to a weak password and had to create another, so I lost my preferred username. Annoying but not a huge deal. (Reddit did freeze the old account but wouldn't give it back.)
I still remember when you could create Reddit accounts without an email...
What's the number if you adjust for quality of signups? E.g. how many people convert and how many people stay on and convert later.
Ah yes, because who doesn’t want more emails from a sites they’ve visited one time
No. Because those who don't want to sign up do get bothered by that popup which also reminds them of the fact that Google just tracked that visit and wants you to use Google to sign up on that page.
The chuzpe it takes to do that, from part of the website owner and Google...
Don't call your spam "communication".
note: I'm not excusing the feature but come on! Have some common sense before visiting a site like that?
The place I hate the popup the most is mobile. It comes up moments (0.5 to 2 seconds) after the site loads (say tripadvisor) which means it's possible accept it by accident as it appears under your finger. Your info is immediately shared so there is no way to recover. You're effed.
I means sure, I hate it on desktop too, but on mobile it's directly on top of the content and so more likely to be accepted by accident. IIRC you can turn this off in your Google account (or maybe only Google Workspace?)
Note that I hate it for other reasons too. There's no reason Apple/Firefox/Microsoft/Meta and any other major id providers couldn't offer this too. But if they did, then you'd see 5 of these show up [Sign in with Google], [Sign in with Apple], [Sign in with Facebook], [Sign in with Microsoft], [Sign in with Firefox]. So in other words, this seems like a tragedy of the commons in progress.
To steelman the feature though, easily sign up and easy login would be super convenient if that's what I wanted. It might be nice for a Web API that made this more privacy focused (or maybe that already exists). But yes, I'd like to see Google's specific popup disappear - be banned.
But that's not relevant. The popup appears whether you're logged into a google account or not. It's just an extremely annoying popup that appears all over the web.
This also means that Google made it unblockable in Chrome. User scripts and extensions cannot block a browser UI feature... I guess thankfully you haven't logged in on the browser and it's clever enough not to spam it then
I first read this as directed at the person you're replying to (me) but then saw a second possible reading: the site should know better as to expect you are logged into google with like one click
Idk which it is so I'll answer both: people are logged into their OS these days, call it Chrome (the browser, but it's close enough to an OS nowadays) or Android but either way it's a big trackfest and nobody besides a few nerds like us here bats an eye. And I indeed don't visit those sites with cookie states of other sites ^^
For sure… but there’s a self-fulfilling element there. If no one with common sense would ever use the feature… why add the feature?
The common sense part is it's common sense, at least to the HN crowd, to not visit a site like pornhub using your main profile, or so I would have expected.
Porn sites are a testament that no amount of popups, ads, clickjacking, etc. can deter users from your site if your product is compelling enough.
accounts.google.com/gsi/client
Chrome now has a site setting that blocks this crap. For the browser-based popup at least. That's the one that pops up in the top-right and is not part of the DOM of the page.
You can go directly to chrome://settings/content/federatedIdentityApi to set "Block sign-in prompts from identity services" as the default behaviour for sites. You can also set exceptions for some sites if you want that.
If you need to go there manually, it is:
1. Settings 2. Privacy and security (in the menu on the left) 3. Site settings (at the bottom) 4. Expand Additional content settings (under Content) 5. Third-party sign-in
If you're on Android, give Firefox a try. It works well and it has full support for uBlock Origin.
And with uBO Lite I got nearly everything I used uBO for.
Why does anyone keep using Chrome if they care the slightest about privacy? You're using a browser owned by a company that sells online ads. What do you expect?
Explain in your own words why did you believe Firefox is terrible.
https://chromewebstore.google.com/detail/ublock-origin-lite/...
Works fine for me. It has a lot less options, truly "Lite", but most people will be fine. Whatever Google might do that will make this extension worthless, we will se, for now, it seems to be working. (It's funny that the Chrome Web Store lists this extension as "Featured".)
By the way, on Android, I replaced Firefox with Microsoft's Edge. It supports uBlock Origin (no "Lite" in the name, not sure what that means, I did not check the details of how much it supports since it just works as it is). It is significantly faster than Firefox (again, Android). It plays all videos, while Firefox just showed an "unsupported" placeholder for videos on some niche sex video site I happened to accidentally visit.
> or Firefox
This. People like to complain about problems, but I wonder why they don't invest half that energy in actually fixing the problems.
> Maybe you have a problem with Firefox (...)
I've started to notice there is a very vocal opposition of Firefox whose common trait is that they actually do not or cannot present any tangible argument against Firefox. They just shit talk about Firefox, and hand-wave their criticism with inane comments like "they lost the boat".
Sometimes I wonder where that absurdity comes from.
I like the idea of Firefox. Not the execution.
After ditching Firefox, I installed Vivaldi, and while it certainly isn't flawless, I can set up every aspect of it how I want, and in the four or so years I've used it - with a few minor exceptions I could revert with in-browser settings - it looks and works exactly how I set it up in 2021.
So in summary, for me it was very much a paper-cuts thing, rather than any single major Mozilla catastrophe.
I think you're trying to make up irrational excuses.
If you feel the need to criticise something and be vocal about it, the very least that's expected from you is that you present your basis that sparked your vocal criticism of something.
If you are very vocal to shit talk about something but cannot present any basis supporting your personal opinion or put together a coherent argument, that tells everything to know about what credit should be given to what you feel compelled to say.
> I used Firefox since before it was called Firefox up until v89 (I think) when I finally had enough. That's when they for the millionth time messed up the UI in new fanciful ways, and removed more features I relied upon daily.
Firefox's UI barely changed in over a decade.
The biggest change they rolled out in the last decade was introducing and removing Pocket, and the sidebar and vertical tab support introduced last year.
> It's a pattern going back decades,
Point out exactly what you single out as what you feel represents the best example.
So far you wrote a wall of text and mentioned absolutely nothing that supported such a visceral opinion.
> So in summary, for me it was very much a paper-cuts thing (...)
You mentioned no paper cut. You just wrote a wall of text about nothing. No wonder you shielded yourself behind "browser holy wars" nonsense.
Yes I did, you didn't read a word of my post.
>Firefox's UI barely changed in over a decade.
Blatantly false. Many such cases. https://blog.mozilla.org/en/firefox/fresh-new-look-for-firef...
>irrational excuses
You seem irrationally hostile because I offended your favorite browser.
>best example
The best example is probably their design philosophy which seems to mirror that of Gnome which is, we know what's best for you and you will use our software how we envision because we know better. I didn't keep a list of every Firefox annoyance in preparation of having another pointless internet argument one day, but I mentioned the straw that broke the camels back, and I pointed out how Vivaldi gets UI right.
> Many such cases. https://blog.mozilla.org/en/firefox/fresh-new-look-for-firef...
Also, you can, and always have been able to right click the toolbar and click "customize toolbar" if you really want the home button back. They do keep your settings and it will sync across browser accounts.
I mean you can have preferences and that's all cool, but these don't really seem to be reasons to have such passionate dislike. They're fine for indifference and a different preference, but hate?
But I do envy you. I wish I had such a life that the difference between viewing an image in the same tab and a new tab was the biggest problem I had to worry about.
[0] https://blog.mozilla.org/en/firefox/new-firefox-coming-june-...
> And often it's tiny stupid things like removing "show image" from the context menu
I mean... come on... that is... petty.
There's two easy workarounds if you are really adamant about not having that new tab. 1) copy the link and just paste it in. Ctrl (or cmd)+L to the browser bar and then just paste. Pretty quick thing. I do something similar when pages prevent the opening image and I just pull it from the inspector instead. 2) You can just drag the image onto the tab.
I mean.. I get it. I'm a vim user so who wants to lift your hand and reach for the mouse. But I'm not sure that kind of thing is even a paper cut. Paper cuts draw blood. Making you view an image in a new tab instead of the current one is more like they don't have your favorite color toy. Annoying, but it's not like anything meaningful changed.
So they renamed a menu entry to "Open image in new tab" from "View image".
Is this what you qualify as a problem that... Forces you to switch to an entirely different application?
And that is your best example.
Have you seen that Mozilla has basically become an ad agency?
Even taking these comments at face value, this blend of arguments is pretty stupid given that you're making this sort of claims about Firefox when discussing not using Chrome.
The argument of Firefox vs Chrome is not siloed and inherently includes the argument of what their respective developers do and don't do. If we didn't need to include them in the face of such an argument, there would be little reason to switch away Chrome.
1) Google, an ad company
2) Firefox, a company who Google gives money to
I'm honestly having a difficult time following this logic
My choice at that point comes down to which is the better browser rather than some moral support for one company over the other. It also rubs me the wrong way that Mozilla is pretending to be the good guy underdog.
In an ideal world, and hopefully soon, there would be a real third choice but for now they're the same picture.
Okay, let's go with that premise, I'll rephrase.
So when options are
1) Google, a $2.3T ad company
2) Firefox, an ad company that Google pays $300m/yr for Google to be the default search engine
3) Safari, a $3T ad company that Google pays $20bn/yr for Google to be the default search engine
4) Opera, an ad company that Google pays ??/yr for Google to be the default search engine AND is Chromium based
5) <other> browser, an ad company that Google pays ??/yr for Google to be the default search engine (and is likely Chromium based)
I am still failing to see the logic here. If anything, I'm more confused. What do you use? Ladybird? What about before that? Seriously, I'm so fucking lost here.
Mozilla is from all appearances a pretty terrible organisation, but their browser is good.
follow these instructions https://youtu.be/q7dnkGdndNo?t=220
then load extension in developer mode
I clicked the link and got the Sign in with Google prompt... on Firefox.
Why would I ever need to sign in to that website?!
Amnesiac mode, if you will.
You can try using a different device but even then, I occasionally get recommending things that are definitely influenced by my roommates (i.e. on the same WiFi)
Using something that prevents fingerprinting helps, but only if you don’t use that browser all the time — otherwise it’s just another fingerprint — and still on the same network.
Some browsers, like the one you should be using, have anti-fingerprinting tech in them.
Apparently tracking data of Europeans has a much higher market price.
Anti-fingerprinting tech just produces a different fingerprint. Google knows e.g. when things are scrambled but certain other things stay the same.
You can see a similar thought-process behind Tor bridges so it is tried-and-tested. Noted that it is a much more difficult feat to accomplish in a full blown browser rather than network layer.
Deeply paranoid people can have occasional good arguments mixed in with their sociopathic traits. The fact that Brave didn't fork Firefox, or build their own like Ladybird implies to me that they are not really trying to improve the system. It's like Windows users extolling the virtues of the LTSC version.
I haven't used chrome in a long time but as far as I was aware they do the same thing: wipe session data on close.
But yes, I chuckled the first two time but it quickly got boring.
And BTW this clearly indicates what the people who are responsible for this behaviour not only don't bother with this 'use case' but also never use the 'porn mode' themselves.
My fear is that this is the real "AI" endgame. Flood the world with bots then become the defacto authority of "real" users.
Actual Identity companies have almost no presence outside of banking/finance/gov from what I see.
> nearly-fullscreen popup on their site upon every visit
||accounts.google.com/gsi/iframe/select?client_id=*
Fuck all these cookie popups...
I just want to browse
Seriously, how the fuck do people raw dog the web? It's unbearable. When are people going to move away from Chrome(ium)?
I agree, I got it to “work for me” by only using the sites I like, but there are times where I stray from my beaten path because I’m searching for something and it’s awful. I don’t think I would have fallen in love with computers if I was raised with the web being what it currently is.
I wonder if this is a driver of ChatGPT as a search engine, everything else is so bafflingly bad and all people really want is information.
Because it exposes how much websites know about us. It’s like Facebook showing face recognition in 2015. It’s creepy but it reminds you constantly how creepy it is.
Of course, one day AI will probably automatically do realtime editing of porn videos so they will be customized for your name/location/job/background/interests.
But if I cared, I on Firefox can make a separate container for that stuff and login that way. I get a burner account and Google (at least from PH) can't see anything other than other adult sites I put in that container.
As far as I can tell, I’m more sensitive to this stuff than normal people, but I’m less likely to return to a site that annoys me like this. I’m also less likely to use Google as a result of them being behind this. While it’s not the only reason I use Kagi, it’s certainly an item in the pro/con list.
The same goes for all of Google’s pop-ups and nudges to switch to Chrome. It’s infuriating. Everyone not using Chrome knows Chrome exists and are choosing not to use it. They really need to stop with the heavy handed push and respect user defaults.
"PornHub lets you share videos on Google+. That's disgusting! I don't want people to know I use Google+!"
That said, it is quite invasive.
(obligatory comment just in case the wife is watching ...)
The idea is to create a browser mediated login experience that gives the identity provider and web app what they need without being able to correlate requests across the Internet.
I am working on an article on this topic. If you are interested in learning more, here's a video from a recent auth focused conference (full disclosure: my company put it on and I emceed): https://m.youtube.com/watch?v=FBAD4x7MWdI
They are actively working on the standard and Firefox has committed to it. Edge already supports it. They are looking for identity provider feedback.
More here: https://github.com/w3c-fedid/FedCM (we meet weekly on Tuesdays).
Mozilla standards position says neutral:
https://mozilla.github.io/standards-positions/#fedcm
Their issue tracker on the subject shows they are interested but have a lot of reservations about the details:
> However, some of our reservations on the initial positive position have not been addressed and some new issues have arisen.
— https://github.com/mozilla/standards-positions/issues/618
Apple had a vague “interested” position over three years ago, with no further detail:
https://github.com/WebKit/standards-positions/issues/309
Have these positions changed?
I do see a Mozilla employee engaging regularly. You can see some of the issues he has filed here: https://github.com/w3c-fedid/FedCM/issues?q=is%3Aissue%20sta...
Here's the tracking bug for FedCM support: https://bugzilla.mozilla.org/show_bug.cgi?id=1959702
I know there's a later draft but can't find it right now. Will share when I do.
As mentioned in sibling comments I have seen are least on Firefox contributor and they are actively seeking input from identity providers.
It's pretty much why I don't use it: The SPAM.
Almost every site actually does unsubscribe, and those that don't get marked as junk.
It gets some typical low effort spam that the spam filters easily screen out, other than that it's pretty quite.
I live in Canada, and it's not always obvious if an American company ships here or not. If the answer isn't trivial to find, I'll do this:
1. Add something to the cart
2. Start the checkout process as a guest
3. Fill in the boxes that pop up during the checkout process
4. Close the tab when I see that the country dropdown only has USA available
Stores built with Shopify do this so consistently that I have to assume it's an out-of-the-box feature you need to opt out of.
And after giving it some thought, I guess that I'm also in the wrong to believe that I have to press submit somewhere to agree to their policies.
This is a "nice" reminder that just entering my email in a text input is enough to send it to any website.
This includes "privacy first" companies like Apple and their Apple Pay system where I went to a restaurant in SF. The bill was a QR code that took me to Toast with the option to pay via Apple Pay. The apple prompts told me my email address would be shared and there was no option to say "no" so I bailed out and paid the waiter directly.
Sometimes I need my real name and address for shipping. In those cases that can't be helped. I also have to give my CC card for a purchase. But there are sites I want to sign up for for which I don't need to give that info. A "one click to sign up" option would be useful if I knew it was giving random data. An example might be medium.com or substack.com. They don't need my real name nor do they need my "real" email. If I was sure this "one click sign up" didn't share a common one I'd consider using it.
Maybe even better, if it was managed similar to subscriptions in iOS where I could trivial revoke any membership at will from a central location, with the understanding that there'd be no recovery since signing up again would get random new data and so no way to associate the new with the old.
I mean, that doesn't sound privacy-preserving at all?
The first goal is to prevent data brokers from correlating data about users across the Internet using cookies and redirects. You can read more about the privacy focus here:
It's fine to be pseudonymous on the Internet if you are in control of your pseudonyms, which Google accounts actually does allow with some extra work (don't mix your chrome profiles and Google accounts, etc.)
Or, like me, you can roll the dice on real names on the Internet (for professional things mostly)
Google made a big push in that direction starting in the Google+ era. IIRC at some point my fake names were rejected by Google and I had to change to more plausible fake names.
You can't fault regular people for falling into Big Tech's traps.
Seems like either way, they’re in control of a massive amount of tracking data…
Fixed it for you.
Google One Tap works via a script tag from Google servers: https://developers.google.com/identity/gsi/web/guides/displa...
||accounts.google.com/gsi/iframe
##iframe[src^="http://accounts.google.com/gsi/iframe"]
##iframe[src^="https://accounts.google.com/gsi/iframe"]
##iframe[src^="//accounts.google.com/gsi/iframe"]
###credential_picker_container
In the Brave community the only solution offered was an adblock filter: brave://adblock (custom filter) ||accounts.google.com/gsi/client$script,third-party
https://community.brave.com/t/annoying-login-with-google-pop...
Any workarounds would be massively appreciated.
Scroll down to "#credential_picker_container" here: https://pxlnv.com/blog/user-stylesheets-are-still-pretty-gre...
It works with providers other than Google, just no one else has implemented it yet. Google's One Tap library tries to use the new api, and falls back to the classic One Tap popup when using a browser that doesn't yet implement FedCM (notice how the chrome built-in one says "sign in with google.com" rather than "sign in with Google" like One Tap normally shows)
Mozilla are working on implementing it, but it's a pretty complex system so it'll take time. I presume Safari will as well if it gets popular enough
[1]: https://developer.mozilla.org/en-US/docs/Web/API/FedCM_API
Edge supports it, and it should be relatively easy for the other Chromium based browsers.
I left chrome and switched to Brave 6mo ago because I couldn't get these "Sign in with Google" popups to stop. I tried both the chrome://settings/content/federatedIdentityApi option and the option under https://myaccount.google.com/ and neither one worked, I just kept getting them.
According to other commenters in here [0], it's an open standard and other identity providers are allowed, not just google
The vast majority of users will chose the default for identity. On Chrome this is Google. On Android this is Google. Even on iOS this may be Google because identity is often tied to email and Apple does not have a strong email story. Identity is huge. It gives you moat that outlives platforms.
And all the while, Google gets to claim this standard is open, while in practice this is clearly intended as a monopolistic move to increase their share of identity on the web.
If they were forced to show a randomized list of identity providers a user needs to choose from (similar to search engines on iOS), I bet you they would reconsider this whole approach. But by the time regulators figure out what's going on, they will have already cemented their lead.
That's partly because Apple sees it their job to migrate people away from OIDC-style signups, for privacy reasons if nothing else, and towards Passkeys, so their UX team is doing a remarkable job trying to reduce friction.
What's Google's interests here? Are there intentional reasons the Android and Chrome Passkey flows don't "simplify" the account creation process enough? It's easy to be cynical here, and seeing them as orthogonal concerns also feels like muddying waters that shouldn't be muddied right now.
||accounts.google.com/gsi/*$xhr,script,3p
The Noscript extension becomes redundant with the uBlock Origin extension
https://github.com/arkenfox/user.js/wiki/4.1-Extensions#-don...
Edit: To elaborate, you need to turn on “hard mode”[0] for UBO to replace noscript. Then you need to manage it through UBO interface which I don’t like[1]
[0] https://github.com/gorhill/uBlock/wiki/Blocking-mode:-hard-m...
[1] https://github.com/gorhill/uBlock/wiki/Dynamic-filtering:-qu...
Also I don't understand who registers Google Accounts these days because every time I try to do this, they show a QR code and require to scan it with a mobile device, and I don't have time now to set up a virtual machine and research what it does to a mobile device and how one can bypass the check.
Also if you buy a Google Account it eventually requires linking a phone number, and doesn't accept most of the Russian numbers I buy.
So I don't understand how do other people sign up when there are so many obstacles. It is easier just to register email account elsewhere.
They either already have a gmail, or sign up for one my scanning the QR code you mention. I don't recall if a phone number is mandatory, but the average user probably has one, doesn't mind giving it to Google (to not lose access to their account if they forget their password is a perfectly valid reason for most people). And they'll probably not provide one from a sanctioned terrorist state with a reputation of nefarious cyber activities. Like buying Google Accounts, but much worse too.
Maybe I'm missing some security detail here
I expect that by sometime next year I'll hit 10 accounts with them.
I started adding them to my password manager as a quick reference, but the irony is that this makes the SSO slower than a typical standard login. I almost never use these SSO options anymore as a result.
In other words, they could definitely highlight or otherwise hint to you which of the Google accounts you've already approved/used via one or more of your authenticated Google accounts.
So, yes, they could do more to highlight _potential_ accounts but it's not the case that they have any visibility into the actual state of accounts.
I don't need to know for certain the account on the receiving side exists, just that I have signed in before with it. Facebook does this at least!
Like "has an account" isn't possible without leakage, but "has logged in through this flow before" (hell, stick timestamps in there too!) does.
One thought though: your SSO provider has that account list, but often prompts a re-login. So it could be that your SSO provider account picker _doesn't have access to your account information fully either_.
It’s as if someone at Google saw the whole cookie banner -> accept cookies fiasco and said wow this seems like a good idea let’s add our own
But only if you log in to Google and set a preference for your Google account.
No more nagging popups! Sounds great, right?
Except Google can now track you, with a confirmed ID and session cookie across all these sites.
It’s blackmail, plain and simple.
Does anyone know how to switch this off on Safari please, especially Mobile Safari. I’ve noticed these sign-in popups on iOS 18.
* I think search still works without an account, but I don’t think anything else works that way these days. The last I know was YouTube and I get a “sign in to confirm your age” on YouTube on most videos I try to watch without being logged in.
1. https://myaccount.google.com/connections/settings for mobile
2. same link, sidebar help, for Chrome on Desktop settings.
The idea of identity managed by one’s browser is a pretty decent one, but the implementation which ties it to other information such as email address and which makes it so easy to accidentally use is user-hostile.
If someone's found a setting page that does what he describes please reply here. This makes me crazy and seems incredibly risky.
But there's a bigger issue with the modern web. Here's my message to any web developer, company, organization, anyone who has control over content on the public web: if I visit your page and I have to click away something in order to do what I came to do, you have failed miserably.
Another advantage is that Google cannot cut my access to all of my accounts on the internet.
Most of are fully capable of using a password manager, some even self-hosted that we expose via Tailscale, but for a lot of users, they are using a service to get things done and authentication is a necessary hurdle.
Sign in with Google/Apple/Github solves that.
My local city utilities switched to some kind of google based auth from their previous separate user/password account login. Had to create a new login/account tied to my billing account.
This sounds awesome. I like the author's classification of this and other anti-user website behaviors as "madness". Are there any similar add-ons for Firefox?
For removing tracking query parameters from the URL I've used ClearURLs https://addons.mozilla.org/en-US/firefox/addon/clearurls/ for a few years.
uBlock Origin is still fully functional in Firefox as well so I guess I could find a way to block the "Sign in with Google" prompts somehow with a custom rule.
Ah, so that's why so many websites are OK with it - they probably just don't realise that it's there.
> If the courts and antitrust regulators are reading—they probably won’t read my blog, but one can dream—this is yet another example of Google advantaging its own browser Chrome over other web browsers.
And vice versa: how Google is advantaging its own SSO/data collection platform over others, through Chrome.
this is demonstrably false, I can share dozens of screenshots of this popup appearing in Chrome despite all the options checked that are supposed to disable it.
But yes, I'm glad my browser doesn't add them, and that I can block them in uBO.
We discovered this one the hard way at work. I keep learning this the hard way myself because I've been working on browser extension dev lately. I don't understand how this could possibly be an intended feature.
Nobody cares.
because that's not what happening. The average Chrome user finds that feature useful, and personally I have to agree because having a sign-in option through the browser chrome (the non-content portion of the application, bad name in this case) is significantly more sane from a security standpoint than trusting the webpage operator.
why are these threads always full of performative indignation by people who know perfectly well that 99% of people aren't going to be upset
Yep, that logic makes total sense. /s
||accounts.google.com/gsi/*$xhr,script,3p
You can mimic the component and then redirect the button anywhere, and the user is primed to comply with whatever they see.
Like a fake "Actually it seems like your Google account is compromised. Please verify that it's you by doing X."
This kind of shit-tier feature should at the very least appear inside the browser chrome, not inset in/over the website. I'm so tired of amateur slop from megacorps that should know better.
Every other sign in solution seems to involve multiple clicks and loads of redirects and loading time. It seems to even beat a password manager because there is no need to wait for a login form to load and be prefilled.
Googles solution frequently has you signed in within 1 second and 1 click.
> Just one more extension, just one more chrome://flags tweak... He loves me, he respects me, he just has a ... unique way of showing it... I'll just tell my friends I fell and that's why my eye is black... Chrome, I'm sorry I'm not good enough, I probably deserve this...
Way to bury the lead.
Anyway, what's the advantage? Please elaborate.
1) The annoying Sign in with Google banners appear in Firefox and Safari with no toggle to disable them, even if you aren't logged in with Google, even if you don't have a Google account.
2) Those banners do not appear at all in Chrome.
3) There is a Chrome-specific sign-in UI, but it appears only if you're already signed in to your Google account in Chrome.
4) You can disable the Chrome-specific sign-in UI in Chrome settings.
So Chrome users have control, whereas Firefox and Safari users are inundated with annoyance.
img { max-width: 100%;}
To this site’s css will fix the layout on mobile.