alt Hacker NewsManifest v3 changes are pretty reasonable. Declarative filtering that prevents untrustworthy software from getting access to data is objectively a good thing.
It's just that uBlock Origin is so important and trusted it should have access to everything. Truth be told it should be literally built into the browser itself and deeply integrated with it. Only conflicts of interest prevent that. Can't trust an ad company to maintain ad blockers after all.
Replies
There was already an established solution for running untrusted code - the WebAssembly engine sandbox. Data can't be exfiltrated if imported functions are forbidden, which would be very easy to verify via static analysis of the WASM module. All of this hullabaloo about Manifest v3 could have been avoided if the Chrome team did the sane thing and exposed an API for using a WebAssembly module for filtering.
The problem isn't the declarative filtering per se. The problem is the draconian limit on the number of filters. Given that we can compile regular expressions to DFAs and evaluate them in O(len(url)) time no matter how many patterns we have, there's little reason to place an arbitrary cap on the sophistication of an extension's filtering.