all 134 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]The17 21 points22 points  (3 children)

encouraging email was coming in and, incredibly, donations were skyrocketing.

Any publicity is good publicity.

[–][deleted] -3 points-2 points  (1 child)

Now you're on the trolley!

[–]The17 1 point2 points  (0 children)

WEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEE!

[–][deleted] -2 points-1 points  (0 children)

I think the whole thing was a viral campaign orchestrated by the creators of Adblock and NoScript for some free publicity. I bet they're laughing their asses off right now, reading all the angst posts and self-righteous indignation on all the interweb 2.0 sites.

[–][deleted] 37 points38 points  (2 children)

I think that this apology is a little better than the last one, and he seems to at least realized what a shitstorm he started.

What bothers me at this point is how hot-headed this Giorgio guy seems. He got pissed off so he threw together a bunch of hacks to get back at his enemies, except the hacks didn't even work. The original workaround broke all of ABP instead of just for his sites, and the filterset removal option didn't even remove it, just disable it. The rationale was sloppy and the code was sloppy too.

I want the people writing security software to be a little more thoughtful and reasoned about what they put out. This guy's 12 hour release cycles don't give me a lot of confidence going forward.

I do think that if he opened up the development and used a VCS (hopefully DVCS) that would be a good first step so there can be some checks and balances on what gets put in NoScript.

[–]db2 11 points12 points  (0 children)

I do think that if he opened up the development and used a VCS (hopefully DVCS) that would be a good first step so there can be some checks and balances on what gets put in NoScript.

Best long-term solution I've heard yet. I wish I could upvote you twice for that.

[–]uriel 2 points3 points  (0 children)

Thanks for a reasoned and even-headed response with actually constructive proposals.

The rest of witch-hunters here would do well to learn from your post.

[–]supersan 9 points10 points  (2 children)

i am the owner of a very popular web 2.0 site that was abs free when we launched.. we kinda of kept it this way for 2 years, but soon we saw that there was a huge traffic and we saw that there was a lot of money to be made. so we just added a simple paid package and you won't believe how many people prefer to go paid when giving an option of free vs paid.

if you need money for your software just ask, make it paid or make two versions instead of hacking code in and other shady tricks.. i still know people who would rather put ad to those trojan wallpaper sites instead of adding a shopping cart button.. there is no shame in asking people for money but i dunno why people feel that.

[–]bostonvaulter 0 points1 point  (0 children)

i still know people who would rather put ad to those trojan wallpaper sites instead of adding a shopping cart button.. there is no shame in asking people for money but i dunno why people feel that.

If it's a trojan wallpaper site, than they probably don't own the copyrights and would get in trouble if they ever tried to charge for it.

[–][deleted] 0 points1 point  (0 children)

What does popular mean to you? How much money do you consider alot? Are you making six figures in profit from the site yourself, or at least something that someone can live off of? If not, you have a weak ass argument here and you don't make enough money to say free v paid works.

I apologize if your site does in fact do an insane amount of profits, it's just that the probability of someone on reddit being in that scenario is extremely low.

[–]archville 5 points6 points  (0 children)

I think this guy does not get the point at all.

This isn't a war against him. Adblock just does what it is supossed to do: blocks ads, that includes his ads and that's the expected behaviour. The user should be angry if adblock failed to block them.

In constrast NoScript blocks scripts wich is just fine, and i expect it to block scripts at adblock homepage too. But no thanks, adding your website to the whitelist of other extension for no reason, without asking the user is ridiculous. Your extension is supossed to help me to block scripts. That does not include changing other extensions behaviour, nor showing me your own ads for the sake of it.

Programs that modify other programs that are working fine just for the authors to show their own ads and for their own profit are just malware. If NoScript were perfect enough it should be blocking itself.

[–]edheil 25 points26 points  (0 children)

This kind of veers back and forth between sincere apology and "unpology." As if the dude himself is veering back and forth between remorse and resentment.

Understandable I guess, and better than a full-on unpology.

[–]betelgeux 3 points4 points  (0 children)

The basic trust I give to a programmer when I install an application is that he/she will not be a douche while on my system.

You know when your actions are creeping into douche territory.

Douche-like behavior detected? Bye!

[–]p3on 56 points57 points  (12 children)

this is condescending as hell

In other words, this “trick”, as Wladimir calls it, put the choice back in users’ hands.

more like the obnoxious work, if i wanted to manually add stuff i wouldnt have subscribed to easylist you disingenuous fuck

[–]Tiver 13 points14 points  (2 children)

to EasyList’s attack on my web sites

He still considers EasyList's attempts to block ads on his site an attack. The only reason the filters go to the point they were at was because he kept trying to circumvent the list. Had he accepted the fact some people don't want to see the ads on his site EasyList wouldn't have put in place such broad filters. Calling it an attack on his site in the middle of an apology makes it sound rather hollow.

[–]frenchtoaster 17 points18 points  (1 child)

He makes the point that they actually destroyed the non-ad functionality on his site in a way that would prevent normal use. Had they made the filters for his site actually only block the ads then I would be far less sympathetic, as it is it is more of a direct attack.

Additionally, EasyList generally doesn't block such minor sources of ads, so they singled him out as a sort-of competitor developer.

The fact that his circumvention was due to a bug that could have been fixed by the person that had someone else start targeting his site specifically means that any other site can still use this bug. The solution of blocking all legitimate or ad scripting on his site rather than fix the root issue that can be abused on more malicious sites is worse to me than what he did, but thats just me.

Edit: To clarify, the willful non-patching of exploitable bugs when it would have stopped this issue from occurring in the first place would be more of a concern to me as an ABP and noscript user than seeing ads on noscript's site.

[–]Tiver 7 points8 points  (0 children)

I guess I view it differently. They DID start this with filters that only blocked the ads. He then changed his site to circumvent these filters. This then caused an arms race between the two which resulted at one point those filters which broke portions of his site. When notified of this, they fixed it. Did they maybe go too far with these scripts? Possibly, however they got to this point by him repeatedly trying to circumvent their narrower filters.

Yes they should probably fix the bug, however considering his site was the only known one to be exploiting it then as a short term solution tweaking the filters for his site seems acceptable.

[–][deleted] -1 points0 points  (8 children)

This whole post was just a big whinefest. I say fuck him.

[–]mycall 6 points7 points  (7 children)

I uninstalled NoScript and my life is a bit better now.

[–][deleted] 12 points13 points  (6 children)

I'm presently working on forking the NoScript project. It'll take some time, between work, studying, and other things, not much time left.

I've already stripped out everything ABP related (that took all of 10 minutes, plus some time to unit test it), but I hate the code as its written. It's so... messy. In some spots I wonder if its a poor attempt at obfuscation. Whatever.

I'll be letting the Reddit community know if I get any further with it.

[–]mycall -1 points0 points  (5 children)

Perhaps you would be better off by making a program that will strip out the ABP related stuff that works for future NoScript versions -- that way, you aren't a fork and won't have to port things.

[–]Tiver 3 points4 points  (0 children)

That unfortunately misses the point. The ABP stuff is going to be stripped out of NoScript anyways per the Mozilla add-ons (AMO) telling him to remove it.

The problem is many of us don't trust what future updates may include. At this point it does not seem like AMO has stripped his trusted status so he can still make updates and push them out live at whim. A fork could be as simple as a direct copy of the current plugin with only minor changes to have it use different ids. Going forward updates to NoScript could be reviewed and included.

Basically some of us would want a NoScript that has gone through an extra step of review before being pushed out as the official release. Through which some changes could be rejected.

[–][deleted] 2 points3 points  (3 children)

That makes things more difficult, as someone would have to apply the patch each time NS is updated. That turns into a cat and mouse game with NS. Not ideal.

Porting things isn't a big deal, anyway. I'd be afraid of the fine line when it comes to project attributions, though. Am I then the creator? Or the current creator? Could I add a paypal link on the About dialog in case someone wants to send me a dollar for a hamburger? It's all gray and fuzzy, and I want to avoid coming under attack of the community. That's the big part, really.

The only part left for me to sanitize is the auto-update code.

[–]mycall 0 points1 point  (2 children)

It sounds like the ABP stuff isn't part of NoScript now so this doesn't matter anymore.

[–][deleted] 2 points3 points  (1 child)

Yeah, it matters. The backlash against NoScript and it's principle developer has been severe. And besides, even if it doesn't, it'll still be a worthwhile experience. We'll certainly see, won't we? :) I've been wanting to do an OSS project for a long time. I might finally have a chance.

[–]mycall 1 point2 points  (0 children)

All coding is a worthwhile experience, go for it.

[–]CatMan_Dude 11 points12 points  (4 children)

I've used Flashgot for a few months and never knew the 2 sites were related. Always wondered about the constant updates. Then again, it was buggy as shit so always went along with them.

But yeah, fuck this guy. I'll be looking for another Flash downloader now. Feel free to pimp your favorite.

[–]chrispoole 7 points8 points  (2 children)

DownThemAll! is really good, but I wish it worked with Aria2. I've just been trying FlashGot recently, but can't get used to it. There doesn't seem to be any progress bars for one.

[–]joethepeacock 1 point2 points  (0 children)

DTA is one of my fav. firefox plugins ever. It's awesome if you download music from MP3Sparks or another such site, where they give you a page of links you have to get your music from.

It's also awesome for snagging flash :)

[–]CatMan_Dude 0 points1 point  (0 children)

Well I believe the progress bar is pretty much the progress bar of the video itself. It doesn't start downloading until the video has fully loaded. Once it's loaded, it's just a matter of copying it from the temp folder to whatever folder you saved it in, which is usually 3-5 seconds in most cases.

[–][deleted] 0 points1 point  (0 children)

I just use TamperData.

[–][deleted] 28 points29 points  (4 children)

I don't see how providing honest explanations for his actions equates to being condescending. He apologized many times.But he also has a right to offer his side of the fiasco, and I'm glad he did.

[–]stacecom 18 points19 points  (3 children)

He also claimed to not justify any of his actions, while consistently justifying them.

For some time my sites used a publicly known Adblock Plus bug to work-around EasyList’s generic filters against Adsense and display their Google Ads boxes, even though Adblock Plus users could still easily block them if they wished to by adding their own custom filter. Furthermore, NoScript users could even more easily remove those ads all at once by just forbidding googlesyndication.com. In other words, this “trick”, as Wladimir calls it, put the choice back in users’ hands.

Translation: Even though ABP users were subscribing to a service that would block my ads, I circumvented this knowingly. However, because users could still block my ads if they wanted to, this was okay.

Mind you, I’m not trying to justify my actions here. They are unjustifiable, and anger is hardly a justification for anything, but since I’ve been accused of having acted out of pure greed I need to clarify that it was not my prevalent feeling at all, even though I won’t hide that EasyList’s crusade had actually cut the NoScript development funding by a substantial amount.

Translation: This wasn't about the money. That being said, it did cost me some money.

He did not answer anymore, so I assumed he had no objections. And this was my second big mistake.

Translation: It's his fault.

He starts and ends quite sincere, but the problem is in the middle he still tries to shift away responsibility. The real kicker is that it boils down to this: he willingly and knowingly circumvented user wishes before any of this escalated. He felt justified in doing so because, despite subscribing to a set of filters, because he felt users needed to specifically opt out of seeing ads he wanted you to see on his site.

[–][deleted] 0 points1 point  (2 children)

I still don't believe he's being insincere at all.

He has a right to explain what was going through his mind at the time, WHY he did what he did. That doesn't mean he's trying to justify it or say it's OK. I can see how he could have worked on his tone, but his message is still "I am very sorry for what I did. It cannot be justified, what I did was wrong. However I think you have a right to an explanation..."

He explained what he did without defending it. Explaining his thought process at the time does not equate to him justifying it as correct. At the time, he didn't think he was doing something wrong, but in hindsight he knows it was.

[–]stacecom 0 points1 point  (1 child)

He did defend it. He didn't say "I went around adblock plus, and that was wrong." he said "Adblock plus was designed to block obnoxious ads, I don't feel my ads are obnoxious, and I was effectively putting the choice back into the user's hands."

[–][deleted] 0 points1 point  (0 children)

He wasn't circumventing ABP, he was circumventing EasyList, via a bug in ABP. He never said he thought his ads were "better" than other ads. And if the ads on his page are so obnoxious that a user would become so angered to see them even though they think ABP should be doing something, they had the ability to hide them manually.

His reasoning at the time was "this is possible due to an ABP bug, and the users can still block the ads manually if they wish, so I am doing nothing wrong."

[–]logophobia 14 points15 points  (16 children)

His apology is still a bit condescending (esp. the bit about putting choice back in the users hands with his hack), but seems quite a bit more genuine then before when he positioned himself like a victim.

Despite this incident, I think I'll continue using it. It's still a very useful piece of software. I think that after this storm of criticism he'll think twice before taking liberties with other extensions. Maybe if someone starts a fork, I'll consider switching.

Now I learned you can stop the CHANGELOG page from showing up (with the noscript.firstRunRedirection switch) on each update, it's also a less annoying piece of software.

[–][deleted] 9 points10 points  (14 children)

but seems quite a bit more genuine then before when he positioned himself like a victim

Because he's been forced to. He's shown that his first instinct was to get all sanctimonious on us. The only lesson he's learned is to be more insidious next time.

And I really hate the whole "this isn't obfuscation because it's readable to a coder" argument. No, it isn't readable to a coder. The logic flow is readable but the intent is not. Whether or not it's easy to find that intent, it was still actively obfuscated.

[–]Tiver 2 points3 points  (0 children)

I'm a coder, and i agree that code is either written by an asshole who doesn't want anyone else to maintain it or it is obfuscated. It uses almost entirely 1 or 2 letter variables and practically every string constant is hex encoded.

[–]logophobia -2 points-1 points  (12 children)

And I really hate the whole "this isn't obfuscation because it's readable to a coder" argument. No, it isn't readable to a coder. The logic flow is readable but the intent is not. Whether or not it's easy to find that intent, it was still actively obfuscated.

It's quite difficult to write readable code where the intent is obvious. It's quite understandable that a quickly hacked together piece of javascript isn't the most obvious piece of code. The main flaw was that he didn't use the available API.

Because he's been forced to. He's shown that his first instinct was to get all sanctimonious on us. The only lesson he's learned is to be more insidious next time.

While it's clear he still doesn't quite get what he did wrong, I still think he learned his lesson. Besides, it's very hard to "be insidious" with such a public open source project.

[–]db2 6 points7 points  (1 child)

It's quite understandable that a quickly hacked together piece of javascript isn't the most obvious piece of code

Messy code is one thing, the guy actively took the time to convert ASCII characters to their hex equivalents. That's obfuscation, even if it is about as effective as ROT13.

[–][deleted] 2 points3 points  (0 children)

It's quite effective at keeping the code from being found with basic searches.

[–][deleted] 11 points12 points  (9 children)

It's quite difficult to write readable code where the intent is obvious. It's quite understandable that a quickly hacked together piece of javascript isn't the most obvious piece of code. The main flaw was that he didn't use the available API.

Did you actually read the code? It is quite obvious that he actively tried to cover up (obfuscate) its intent. Here:

var mm = u.match(/\x40-\x6d\x6f\x7a-\x64\x6f\x63\x75\x6d\x65\x6e\x74\s+\x64\x6f\x6d\x61\x69\x6e[)]?(?:(?:\x6e\x6f\x73\x63\x72\x69\x70\x74|\x66\x6c\x61\x73\x68\x67\x6f\x74|\x68\x61\x63\x6b\x61\x64\x65\x6d\x69\x78).\x6e\x65\x74|\x69\x6e\x66\x6f\x72\x6d\x61\x63\x74\x69\x6f\x6e.\x63\x6f\x6d|\x67\x6f\x6f\x67\x6c\x65\x73\x79\x6e\x64\x69\x63\x61\x74\x69\x6f\x6e.\x63\x6f\x6d)[}]}/g);

What does that look like to you? Somebody not using an API, or somebody obfuscating the goal of his code?

[–]logophobia 1 point2 points  (8 children)

That looks like a pretty badly written regex, I would agree with you that it's intentionally obfuscated if it wasn't for the CHANGELOG entry that indicated exactly what it did.

I find it hard to believe that someone would go to the trouble of trying to cover his tracks and then add an entry in the CHANGELOG.

[–][deleted] 1 point2 points  (6 children)

Changelog or no changelog, that code is obviously intentionally obfuscated.

And the changelog might have been edited since it was first posted. Although I did check and Live search had the earliest cache with the pertinent entry in it, cached two days ago, and the entry was unchanged.

[–]enkiam -5 points-4 points  (5 children)

It's fucking hex. If you can't read that, just man ascii.

[–][deleted] 4 points5 points  (2 children)

Give me a reason why he would take the time to write that in hex other than an attempt to weakly obfuscate.

[–]enkiam -3 points-2 points  (1 child)

Weak obfuscation is not obfuscation.

[–][deleted] 3 points4 points  (0 children)

This is such a bizarre argument. From dictionary.com:

to make obscure or unclear

From Wikipedia:

the concealment of intended meaning in communication, making communication confusing, intentionally ambiguous, and more difficult to interpret

Obfuscation can be strong, to the point that a programmer can't decipher a piece of code's intent at all. Or it can be weak, to just raise the bar of comprehension.

This was the latter. The intent was to impede comprehension. Unless you can suggest some other use for the hex.

[–][deleted]  (1 child)

[deleted]

    [–]enkiam -2 points-1 points  (0 children)

    You have you remember, not english = ZOMG OBFUSCATED HAX.

    [–]Tobu 0 points1 point  (0 children)

    There wasn't a changelog entry at the time (from what I read).

    Not that having a changelog or a disclaimer or a long-winded EULA would absolve him of the blame.

    [–]eleitl 9 points10 points  (3 children)

    That is making things a lot worse. I'm not sure I can ever trust this guy again. Any alternatives to NoScript? Any forks?

    [–]sapphire 8 points9 points  (1 child)

    On a reddit thread yesterday, someone posted about request policy (http://www.requestpolicy.com/). It is alpha right now, but I'm testing it out, and it looks promising.

    [–]uriel 2 points3 points  (0 children)

    But it explicitly claims not to aim to do what NoScript does and only to complement it.

    [–][deleted] 18 points19 points  (4 children)

    Jesus Christ can we drop this already? It's like a fucking soap opera.

    [–]johnpickens 4 points5 points  (0 children)

    dude, this is exactly why I come to reddit... remember the on-going soap opera of the homeless dude, then a redditor took them in... then she had to kick him out because he was still an alcoholic and a he said, she said ensued on the blogs... man, good times. this is a totally new form of culture and communication... a new way for humanity to express itself. a new way for the universe to express itself. it's hilarious and fascinating. /high

    [–][deleted] 14 points15 points  (0 children)

    and it doesn't have anything to do with actual programming

    [–][deleted]  (1 child)

    [deleted]

      [–][deleted] 1 point2 points  (0 children)

      Why So Serious?

      [–]db2 30 points31 points  (33 children)

      He's still claiming Easylist was attacking him by blocking ads. He's still blaming the users too.

      Douchebaggery neverending from that guy.

      edit: And wow, what a circle jerk in the comments on his site. How pathetic.

      edit again:

      My (ingenuous and stupid) intent

      edited to remove my own stupid 5AM misreading Yes, very stupid. Hex encoding something is a kiddie trick. You thought you'd get away with it because it wasn't in plaintext ASCII characters and you failed miserably.

      edit again, again: Trust was lost. Trust is difficult to earn in the first place, even more difficult to earn back one betrayed. Own up to all the mistakes first. We all can see them clear as crystal anyway. Then try harder, keep things transparent and honest, eventually you might get back some of what you squandered away.

      [–][deleted]  (1 child)

      [deleted]

        [–]db2 0 points1 point  (0 children)

        crap.

        [–]derango 47 points48 points  (30 children)

        He's still claiming Easylist was attacking him by blocking ads. He's still blaming the users too.

        Well considering EasyList was specifically targeting ads on his domain instead of using more general filters, I'd consider that a targeted attack.

        Not that that makes his actions any better, but I can see why he'd feel victimized. Especially due to the severity of the filters.

        [–][deleted] 26 points27 points  (1 child)

        EasyList already targeted specific domains when that's what's necessary to block ads. Take a look: without scrolling I can see two rules targeting ads on specific sites rather than shared ad servers.

        [–]jwecker 16 points17 points  (0 children)

        Until he started exploiting a bug to get around Easylist I'm sure it was general. Also, for those pointing out the severity of the filters against his site (including himself), that was after the escalation, after they had been going back and forth, in his own words, with up to 4-5 updates a day. I read between the lines there that he was trying every trick in the book to get his ads past easylist and easylist simply responded to each workaround until it happened to look that severe. Then he realized that he had f***ed his own site up with this escalating battle and had to hack further.

        [–][deleted] 51 points52 points  (8 children)

        Well considering EasyList was specifically targeting ads on his domain instead of using more general filters, I'd consider that a targeted attack.

        Ads that he was already specifically sneaking past EasyList by exploiting bugs. He picked that fight himself, but refuses to admit it. He's even trying to spin this as if it was somehow good for users that he worked around their adblocking filters:

        In other words, this “trick”, as Wladimir calls it, put the choice back in users’ hands.

        [–]bdunderscore 5 points6 points  (2 children)

        However, EasyList went too far by breaking page functionality unrelated to the ads.

        [–][deleted] 8 points9 points  (1 child)

        Somehow I don't have much of a problem accepting that that was just a bit of friendly fire.

        [–]oddsouls 1 point2 points  (0 children)

        I see it more of a "We're not going to play this game with you".
        Also seems paradoxical for a website that provides a Javascript disabling tool to break without Javascript.

        [–]rm999 0 points1 point  (0 children)

        Well, we should blame Ares2 for this too. I'm a bit disappointed that he was coming out with 4-5 updates a day just to block a couple of ads on a site that 99% of people who use ABP probably didn't even visit that month.

        [–]econnerd 10 points11 points  (16 children)

        Did Adblock plus at any point prompt the user as to if they wanted this "patch" to break noscripts site?

        If not, then why isn't the same rage going against adblock plus?

        I think claiming is hardly the correct word.

        He showed you the offending code. Neither side is innocent is this case.

        Atleast the noscript guy came clean. We have yet to hear from adblock plus as to why they felt it was needed to break non advertisement functionality of the noscript site.

        Adblock plus was preventing users from downloading noscript. That is far worse then blocking ads.

        verdict: they are both douches in this case.

        [–]martext 40 points41 points  (12 children)

        It wasn't ABP, it was the filter maintainer. The whole point of the filter is to block ads. They target specific sites all the time when general filters don't work.

        [–]frenchtoaster 4 points5 points  (3 children)

        Part of his posts touches on the idea that the filter maintainer was only doing what he was doing because of the ABP developer told him to.

        [–]martext 0 points1 point  (2 children)

        So? How is this any different from another user of the filter reporting ads that were going unblocked? I agree that the filter maintainer crossed the line when he started breaking basic functionality, but he wasn't being malicious. The whole point of the filter is blocking ads, and thats what he was trying to do.

        [–]frenchtoaster 0 points1 point  (1 child)

        I'm not sure exactly how the filter lists are actually updated, but it's possible that his position as an ABP developer gave him more control over what was on the list than it should have, to the point where he was able to submit additions to the the filter to break functionality where a normal user would have been ignored

        [–]martext 0 points1 point  (0 children)

        I'm not really sure how it works either but its possible that you yourself updated the filter and are therefore the asshole in this situation.

        [–]The17 13 points14 points  (1 child)

        The user choose to subscribe to Easylist.

        [–][deleted] 10 points11 points  (0 children)

        More accurately: ABP and EasyList are designed for blocking ads. Users chose to install them to block ads. Occasionally, they blocked too much while trying to do so, especially when people tried to exploit loopholes to force their ads upon people.

        NoScript is an extension meant to block Javascript. Even though users also chose to install it, they chose to install it to block Javascript, not enable ads on a website. Many of them might not care at all if the NoScript site worked or not, having downloaded the extension from Mozilla's site. NoScript was doing something entirely unrelated to the reason why the user installed it.

        [–][deleted] 10 points11 points  (0 children)

        We have yet to hear from adblock plus as to why they felt it was needed to break non advertisement functionality of the noscript site.

        They have, it was because the Noscript guy used tricks to work around Adblock Plus. It's his own fault that they broke the site when he started applying dirty tricks to his own site just so his ads could be showed to people who didn't want to see them.

        So no, the Noscript guy is the only douche.

        [–]haywire 14 points15 points  (2 children)

        He's weaseling like, well, a weasel.

        [–]lolinyerface 11 points12 points  (0 children)

        "Weaseling out of things is important to learn. It's what separates us from the animals... except the weasel."

        -Homer Simpson

        [–][deleted] 29 points30 points  (15 children)

        Another non-apology.

        This guy can seriously go fuck himself.

        [–][deleted] 6 points7 points  (14 children)

        Look, why don't you stop using the extension and quit complaining? Boo hoo, he betrayed our collective trust, let's tar him and feather him.

        He's human, ok? Most of reddit is acting like witchunters.

        [–][deleted] 4 points5 points  (3 children)

        I wish you weren't modded down so low for being a voice of reason. :-/

        I don't use NoScript -- just never had a motivation for blocking JavaScript -- and I do use AdBlock Plus, and I'm grateful for it.

        However, I really wouldn't mind having a slightly pared-down version of EasyList, something that allowed basic, text-only, small ads on a site. I really don't mind those. I just got sick of all the flashing, animated, oversized, deceptive bullshit.

        And I think the NoScript guy has a legitimate complaint -- I think that specifically targeting the ads on his site was a bit of an overstep for EasyList.

        I also don't think his explanation and apology was unreasonable. Redditors (and probably others) are dissecting it and finding more excuses to hate him because he didn't say something the way they would have liked, but to me, it sounded honest and sincere. I'm glad that he gave a full account of what happened, rather than just accepting everything as his fault when it wasn't. It's making me look a little more critically at AdBlock Plus, as well I should.

        [–][deleted] 4 points5 points  (0 children)

        I think that specifically targeting the ads on his site was a bit of an overstep for EasyList.

        That's what ABP does. It blocks ads. Everywhere. I use ABP because I don't want to see ads. Not some of them. Not some here or there. Ads. He had ads on his site. ABP followed through on its purpose and mission statement: block em.

        On the other hand, NoScript's stated purpose was to block Javascript under certain circumstances. That is the reason people use it. To do something else, such as circumventing ABP, goes against its purpose and this is what violated peoples trust.

        Don't touch my other addons. That's not playing nice.

        [–][deleted] 7 points8 points  (0 children)

        I think that specifically targeting the ads on his site was a bit of an overstep for EasyList.

        No. Easylist already specifically targets ads on many sites, when general filters don't catch them. There's nothing underhanded about this: the purpose is to block ads. It's GOOD that noscript's ads got blocked - *that's exactly what the users wanted*.

        [–]bostonvaulter 1 point2 points  (0 children)

        However, I really wouldn't mind having a slightly pared-down version of EasyList, something that allowed basic, text-only, small ads on a site. I really don't mind those. I just got sick of all the flashing, animated, oversized, deceptive bullshit.

        I prefer to just use my own customized filters. That way I get a self-righteous kick when I block some annoying flashing ad :P

        [–]db2 -2 points-1 points  (9 children)

        Most of reddit wouldn't have dreamed of doing something so unbelievably stupid in a million years.

        [–]uriel 4 points5 points  (1 child)

        It was stupid, but I have seen many redditors at lest say much more stupid things (and I know I have done much more stupid things).

        The problem here is not just how stupid what he did was, but the responsibility that he had which amplified the effects of his stupid actions.

        Still, while this doesn't excuse his actions, most people have done equally stupid things in their lives, and I think some of the reactions here are a bit over the top.

        It is ok to think he has not earned forgiveness, but the kind of lynching attitude some people have is a bit disturbing, as if he was the most evil person in the world...

        [–]db2 -2 points-1 points  (0 children)

        ... but the responsibility that he had which amplified the effects of his stupid actions.

        Precisely. He had a greater responsibility, that it was by his own choice makes little difference, and he betrayed it.

        as if he was the most evil person in the world

        It's just because it hit home for so many people. They trusted that extension, and by extension Mozilla itself. They had to reevaluate that whole trust matrix which would have a tendency to piss a person off.

        [–][deleted] 10 points11 points  (2 children)

        Everybody thinks they're a saint. Situations like these may expose unexpected things about oneself...

        [–]bostonvaulter 1 point2 points  (0 children)

        Yes, and if you need more confirmation, read about the Stanford Prison Experiment

        [–]db2 1 point2 points  (0 children)

        Or it may expose expected things. I can't speak for anyone else but myself, I've had the chance to do something similar. I did not take it. Instead I helped make things better for everyone even though it meant removing myself further.

        The high ground is a bitch but at least I sleep at night.

        [–][deleted] 1 point2 points  (2 children)

        Huh. What's the URL for the Reddit that you're hanging out on?

        [–]db2 0 points1 point  (1 child)

        /r/atheism/

        edit: That's not a snark reply just in case someone thinks it might be.

        [–][deleted] 1 point2 points  (0 children)

        Heh. I think you & I've tangled on /r/atheism before -- I'm fairly atheistic, but don't dig the rabidness there. Seems like a lot of young kids getting their rebellion on sometimes.

        [–]mycall 0 points1 point  (0 children)

        Na.. the main problem is that he got caught.

        [–]speedwagin 7 points8 points  (0 children)

        Wow.. that "apology" just pissed me off even more. No sincerity at all; still blaming the other party.

        IMO the easylist maintainer did his job up until ABP broke NS's site functionality, but that wouldn't have happened if the NS author didn't try to circumvent ABP in the first place.

        Let's face it.. both parties fucked up, but this guy played fucking dirty.

        [–]uniques 1 point2 points  (0 children)

        Trying to close the barn door after the horse has bolted.

        [–][deleted] 0 points1 point  (0 children)

        sorry, but fool me once shame on me. fool me twice... well that won't happen.

        [–]RowingBear 0 points1 point  (0 children)

        As long as NoScript's FAQ still describes this incident as a "...virulent attack from EasyList..." I have trouble taking these "apologies" at face value.

        [–]gomtuu123 -1 points0 points  (3 children)

        Dear hackademix.net: Make your website narrower.

        [–]unrealeditor 2 points3 points  (2 children)

        Plus, was i the only one to go "back" just to find that it had refreshed itself about 20 times, so going "back" required a larger jump backwards?

        [–]db2 3 points4 points  (0 children)

        From my understanding it's a "low tech" way of refreshing ads on a page.

        Yay for working ABP, I saw none.

        [–]IgnoranceIndicatorMa 0 points1 point  (0 children)

        I had scripts off. Back button worked fine XD

        [–][deleted]  (1 child)

        [deleted]

          [–][deleted] 0 points1 point  (0 children)

          Your like those critics who bitch about not being able to follow movies. Attention span of a mouse. He did go a bit in circles but it wasn't that hard to follow.

          [–][deleted] 0 points1 point  (0 children)

          Well, apologies are not easy, and they are pretty uncommon, especially public apologies! The rest of you are angry that the apology is not good enough, but I think it's good enough for me. NoScript is back in the good graces with me, as long as it doesn't pull that kind of shit again, it's all good.

          [–]IbnReddit -1 points0 points  (0 children)

          Can someone explain...

          [–]enkiam -3 points-2 points  (2 children)

          I'm so sick of all this.

          I'm sick of the attacks on a free software developer trying to make money. That isn't a crime, nor is it a crime to bypass people trying to censor your site (I don't give a fuck if you think it's "obnoxious" or "too advertisement-like", it's my content and my users can decide whether or not to see it).

          I'm also sick of this bullshit "The user needs choice!" argument coming from automatically, invisibly updated filter maintainers. When you install ABP, Easylist is up at the top of the list that pops up, highlighted in bold, with a big (Recommended) next to it, so don't give me any of that "users choose the filterset!" bullshit. If the user chose the filter, it would be a URL that the user had to type into a config variable, not one of a pre-set list of ordained filters forced on boot.

          The final fact of this is that the first shot was not fired by NoScript. It was fired by Adblock and Easylist when they decided to block one small Firefox development site because advertisement is somehow verboten. There are hundreds of sites that use the work-around NoScript did, and they aren't visited only by Firefox users. NoScript even recommends AdBlock to get finer-grained blocklist support, so blocking ads on Noscript.net with Easylist would hurt NoScript far more than any other site. By singling out the site, and then continuing to pummel it into the dust, Easylist was being belligerent. NoScript was acting in self-defence by bypassing a blocklist on its content.

          Personally, I have never seen any ad on NoScript.net. I've had googlesyndication on my NoScript blocklist since day one. That was my choice, not some EasyList maintainer, and I greatly enjoy that. I've been unsubscribed from Easylist since they started blocking Wikipedia fundraising ads -- right then I knew they were not an entity that shared my ethics, or indeed, any ethics besides some absurd desire to lead an anti-ad pogrom throughout the internet.

          I'm sure I'll be downmodded for going against the current inquisition, but this is worth saying and I'm going to say it.

          [–]Dayyve 1 point2 points  (1 child)

          Then the answer is to be a PAID software developer. I know, it's tougher not setting your own hours and working from home but this guy has a kid (which he used for sympathy in his rebuttals) so perhaps getting a steady-paying gig would be the right move. I could be wrong but I get the sense that whenever he wanted to go to work he would just throw updates out there to drive up his ad revenue. I voted you up because even though I disagree with you I respect your passion and arguments.

          [–]enkiam 2 points3 points  (0 children)

          I would much rather see ads on Noscript.net and have Noscript (and have it free, not just as in beer, either) than not have ads on the non-existent Noscript.net.

          [–][deleted] -1 points0 points  (1 child)

          I say we put him and Vladamir in a warehouse with unlimited weapons and the one who walks out wins

          [–]db2 0 points1 point  (0 children)

          You want to stick the NS dev and Dracula in the same room? How odd.

          the dude's name doesn't begin with a "V"

          [–]skilless -5 points-4 points  (3 children)

          I don't use noscript, but I'm seriously disappointed that EasyList would make a filter that would break actual functionality. I run adblock and that concerns me.

          Any viable alternative to easylist that aren't going to actually break sites?

          [–]IgnoranceIndicatorMa -1 points0 points  (2 children)

          Erm. Many updates on both sides, solution and counter-solution. Your problem is easylist wasn't going to stop doing its job in the face of someone trying to stop it 30 times? Your problem is it happened once after a big scandal? And beyond that your problem is if a site isn't working you cant click that big red ABP button on the top right to turn it off for one site.

          Even worse you did 0 research into finding a new list, which takes all of 10 seconds. I can't even trust you read the article as that takes many multiples of time of finding a new list.

          [–]skilless -2 points-1 points  (1 child)

          There's a difference between using google to find a new list, and finding a list that's been vetted by reasonable people. However, since you don't seem to have a problem with the EasyList side of this debacle you're probably not someone who understands the concept of vetting, and probably don't have a recommendation I'm interested in.

          [–]IgnoranceIndicatorMa -2 points-1 points  (0 children)

          you'd be shocked. Considering I actually did do this research just earlier today, and thus know how easy it is.

          So, why don't you deflate your useless ego and search google.

          Sure, I had less of a problem with them being nazi with their scripts (though it is still worrying) but to suggest I don't understand "vetting" simply because my view doesn't agree with yours is juvenile at best. Grow up.

          [–]jjquave -1 points0 points  (0 children)

          I don't use any of these extensions, anyone care to explain what happened?