Firefox 57 gained a ton of good will from a lot of users, and they pull this crap right after. They absolutely should know better. They should have known better with Pocket; they should have learned from Pocket.
"Fork it" is not an acceptable answer. The problem is not with Firefox, it's with Mozilla. Mozilla is a good company at heart and they're an important pillar of the web. Losing them to stupid stuff like this sucks, we should fight for them. There's tons of Firefox forks, none of them get the point though, you might as well use Chromium. If Firefox disappears and the fork remains, the fork dies because maintaining a web browser is work that needs a corporation's backing behind it (or a government's).
Mozilla's role goes beyond the web browser as well. Its mission was to "keep the web open", "keep the web free". This goal was reflected in projects such as Firefox OS, Hello and Persona (and to some extent, Thunderbird)... but atrocious management made those projects a waste of time and money.
Shouldn't we consider it a giant, massive red flag that you need a corporation backing you to maintain one of the most critical pieces of web software?
That's how we ended up in this mess. You can't compete in the web browser battles unless you have hundreds of full time engineers behind you. That's a failure of the web.
None of this new decentralized technology is going to mean anything if we haven't learned that lesson. If you want free, open systems, competition needs to be easy. We need to be able to respond to a abusive platforms by making our own, and that means we need to live in an ecosystem where making our own platforms is easy enough that you can have 10-20 viable options simultaneously supported.
Linux distros are a fantastic example of this. It's easy enough to create a viable linux distro that there are 5+ popular ones, and if you don't like those there are 10+ less popular ones which are perfectly viable and reasonable choices for an OS.
There are two internets now -- the internet of documents and the internet of applications. For reading documents, including somewhat dynamic documents like HN, all I need is w3m. But for the internet of applications you need a thin client: a javascript VM and layout engine. I regard anything that runs javascript as inherently malicious, out to violate my privacy and drain my battery. Of these, shenanigans notwithstanding, Firefox is still the least bad of the bad actors. Like most of the community, I'm disgusted but not surprised by this stupid stunt.
Actually it would be great - in the best interest of users - to make this distinction more pronounced. The "document web" should be a relatively safe space that you can comfortably browse with JS disabled. The "app web" is a different beast, and the trust of the user to turn on the JS engine should be earned. We could have "web browsers" and "app browsers", with the former being much more safe and less resource-consuming.
The distinction isn't pronounced. Few sites are, distinctly, only "apps" or "documents." So how would one define an "app" in this case, in a way that wouldn't encompass most of the existing web as "apps?"
"Anything that uses Javascript" would include, as I said, almost the entire web, including sites which primarily serve text and act as documents, including Hacker News. View the source - it even uses AJAX.
Seems kind of silly to ignore that javascript enables much more robust user interfaces. It can and is used poorly or maliciously, but it's used for far more than cosmetic or financial reasons.
I would in fact be happy if we could just have a simple VM and a low level rendering engine, let's say something like a WASM based VM (or even JS if we really have to), and WebGL or similar for rendering. Define a standard way to provide (or refuse) access to local and remote resources and leave all the rest (HTML, CSS, Web Workers, Audio Playback, Video Playback etc) as software running on the VM. This way you would not need a few GB of memory if you need only to display a wall of text and it would be easier both to share code between implementations and contribute software (as libraries ? plugins?) to the platform.
Because then every site would need to include a CSS + HTML rendering library to be executed in this VM - it would be like every site needing to include their JS framework of choice except much heavier.
No they wouldn't need to. They'd just have to advertise CSS + HTML, and the app browser would just use their internal CSS + HTML engine (possibly written in WASM for better sandboxing). There are probably a whole spectrum between those two extremes (all the code in the server, or all the code in the client).
>Of these, shenanigans notwithstanding, Firefox is still the least bad of the bad actors.
I would say Brave is better here. By default Brave blocks 3rd party cookies and ads. Brave has browser fingerprint blocking as well, but that is not enabled by default, presumably because that would break a lot of web applications and give the users a bad first impression of Brave.
Brave also comes with built in cryptocurrency micropayments as an optional way to sustain websites without advertisements.
The least bad actor in my view currently, is Brave.
From my observations, a brief stint interacting with standards bodies, and a lot strong opinions about API designs and specs:
The problem starts with regulatory capture of standards and standards bodies. It is in the interests of large organizations to pack a standard with every bit of code they have created internally. It slows down the other members and it keeps small groups and independents out entirely.
You could in many cases have a standard that five people sharing an apartment could implement. Or you could have one that only half a dozen groups could, which is just enough competition to make it sportsmanlike.
For the most part, they can't, because a new standards body will spin up. The history of WHATWG [1] is illuminating; WHATWG being the community -- of largely browser-makers -- behind HTML5 and other specs that moved the web forward from 2004 to now; notwithstanding how you feel about W3C or WHATWG, it's impossible to deny that once a standards-setting group no longer meets the goals of its members, those same members are likely to go start something else.
One problem with standards organizations is that they have a bunch of people whose job is to make new versions of the standard. Look at the evolution of openGL, the web, C++, Unicode (love hotel? Poop emoji?) and so on. Even ASCII evolved to 8bit and the got ansi escape codes, but it's stable now. C is fairly stable now but that's because all the new stuff is in C++ (much like HTML replaced ASCII).
The emoji character set originated in Japan. When it was turned to Unicode, they weren't going to just remove characters because some of the world doesn't care for it.
We’re pretty bad about frog boiling. When we amend a spec we think about how much more we added, not how big it’s gotten.
It’s part of the disconnect between new and old employees. Everyone who has been there for three years learned the system one piece at a time. They don’t understand why the new people look at them like they’re crazy.
Emoji was clearly designed for a date when the Japanese phone and telcoms decided to set union all their icons as font glyphs. Why do you need both left and right magnifying glass, and so many variations of train?
Not only do they all rely on Torvalds and everyone else for the kernel (heavily funded by donations, companies, etc), but most Linux distributions are just cosmetic variations of the largest upstream distros.
If Debian died tomorrow, Ubuntu is on life support.
> most Linux distributions are just cosmetic variations of the largest upstream distros.
Plenty are not. I am impressed by how usable community-based (non-corporate) distros are (e.g. Gentoo, Arch). This is truly indigenous technology.
> they all rely on Torvalds and everyone else for the kernel (heavily funded by donations, companies, etc)
This is an interesting thought. I believe the Linux kernel would continue to be viable on a purely volunteer basis, without corporate subsidies; I can't prove it though.
Kernels aren't any more important than compilers, xorg, user space utilities and so on. That Linux managed to get its name on the whole stack doesn't mean much. You might as well be complaining that linux distributions are vulnerable to power outages.
If anything the major distributions are defined by their package managers, of which there is a large and healthy number - aptitude, dnf, pacman, protage, and a heap of weird and wonderful other ones with minuscule usage.
Except all Linux distros rely on the Linux kernel and repackage a vast number of GNU utilities which are maintained by... hundreds and hundreds of engineers.
If GNU/Linux were to die, so would all the distros, because it’s far too much work for any individual distro to maintain all that codebase. In much the same way, the intensive bit of maintenance work with Firefox is the rendering engine; there exist lots of “distros” (forks) of Firefox but they all rely on the same underlying codebase. It’s just not viable to have more than a small handful of rendering engines, much in the same way that there are only a very small handful of operating systems that can run on modern hardware.
But there is no such entity as GNU/Linux. It's hundreds and hundreds of independently working engineers who would all have to be hit by buses at the same time.
This is such a lovely idea on paper, but how do you put that into practice? Is the problem the monolithic design of a web browser, which now is basically an operating system all its own? Is the solution to break that into its component parts, so that each part can be maintained by a smaller group, and composed together to produce the browser as a whole?
The problem is the complexity of all the specifications that make up the Web. These specifications are heavily influenced by whatever major browsers already are doing (i.e. influenced by a handful of huge tech companies). These companies have a vested interest in making it hard to make a new, competitive browser.
I think the Web is unredeemable at this point; there is so much entrenched complexity, ugly hacks, centralization, and misuse of various technologies that it can never be undone. The only solution is to refuse to contribute to the Web at all, which is hardly an option for most of us here.
I think we could build a simple standard that does the useful parts of layout / CSS and includes a sane scripting language in a reasonable timeframe. It would need to be accessible both for users and developers.
The hard part would be enforcing behavior so you don't end up with venders adding their own bits which destroy the entire point of the thing.
I think the Web is unredeemable at this point; there is so much entrenched complexity, ugly hacks, centralization, and misuse of various technologies that it can never be undone.
Simple. More than a few people here seem to believe, as the grandparent comment suggests, that the web is a lost cause, or irredeemable, and all those people seem to want to do is to constantly complain about it.
I'm simply suggesting that if people feel the web has nothing to offer them, that it would be more productive for them to kindly leave it for a network that better suits their needs. Otherwise, rather than wanting to "fork the web and start over" they could consider working to improve what we have.
viewing the web as a lost cause or irredeemable is not the same as saying it has nothing to offer. 'leaving the web' also doesn't seem very pragmatic, at least until something better is available.
>viewing the web as a lost cause or irredeemable is not the same as saying it has nothing to offer
I disagree - if it has something to offer then it's not a lost cause. A lost cause by definition isn't worth saving, or even engaging with.
> 'leaving the web' also doesn't seem very pragmatic, at least until something better is available.
The comment I replied to earlier suggested that the only reasonable solution to the web was to fork it or start over, with starting over being preferable. I'm merely suggesting that someone should actually get started on that.
Or maybe revive Gopher. I hear that's still around.
Design and create the equivalent of a web browser in a modular fashion.
Yes, that is a lofty goal. That does not make it unreasonable.
> Is the solution to break that into its component parts, so that each part can be maintained by a smaller group, and composed together to produce the browser as a whole?
Possibly, but currently, a "web" browser depends on its monolithic qualities. A web page is a DOM, defined by HTML, styled by CSS, and manipulated by JavaScript.
I think it may be time to start designing something less inherently monolithic.
One advantage to modularity is that we don't need to finish before we can use it.
I think this idea has some merit to it, but I don't have any experience in building that kind of software.
This is essentially how teams that build huge software systems work. Like for instance, operating systems like windows/linux. The various teams at Microsoft, or trusted comitters for Linux, organize their various modules, components, subsystems, etc. independently, and eventually compose them into a coherent functioning whole to ship the whole system.
The biggest difficulty is tying components together.
There are a few methods:
1. Libraries linked by binaries.
This is the usual method, but it generally demands modules share some things, which usually couples them too tightly to their implementation.
2. IPC (Inter-Process Communication)
There are a few ways to accomplish this. Some are OS specific (named pipes), others are fairly generic (sockets). This requires modules to share a language, and has some overhead, but at least they aren't coupled.
3. Microkernel
Essentially the best points of 1 and 2, but generally a design challenge itself.
The biggest advantage to modular design is that you don't need to create all the modules before you get something useful.
Seems like we should expect that in a competitive market, production values will keep rising until it's no longer easy to compete? So the mystery isn't why browsers are so competitive, it's why other niches don't attract strong competitors.
> you need a corporation backing you to maintain one of the most critical pieces of web software
My understanding is that Mozilla is supposed to be a nonprofit first and foremost: the Mozilla Foundation. The for-profit Mozilla Corporation is a subsidiary which is owned by the Foundation. I don't know whether this is still reflected in practice nowadays, but this is how it's supposed to be structured...
I think we should stop writing code, and start thinking about the future, and write draft specs for an open web, and build a platform to discuss those specs.
Mozilla is great because they have good management, not just because they have great coders. The rest of us should take an example if this. This means that we should stop scratching our itches, and do some real thinking and have discussions before engaging in our next side project.
One possible reason is that a truly open web would include things advocates for an open web don't want, such as advertising and commercial interests, or javascript.
Excellent point. I fear many attempts at the open web failed because they were a little too anti-capitalist or FOSS-purist and ignored basic economic realities.
The difference is that the web was originally designed to show documents, not build applications. The failings of the web are entirely a result of turning the browser into a VM for Javascript applivations.
I like the idea of having the web just being a static document format with hyperlinks and embeddable objects. No DOM just a tag for some narrowly defined supported formats (eg. .form, .game, .social, .store)
Size is not a requirement of a programming language: look at Lisp, Smalltalk, Lua, etc to see simple systems that can be fully comprehended and are quite powerful.
If anything, the monstrosities produced by committees are less powerful and less beautiful. (That we put up with them says more about us.)
Common Lisp is big because it's a bridge between MacLisp and InterLisp communities of the 80s. There are much smaller (and just as powerful) Lisps like Scheme or ISLISP.
The comparison with linux distros isn't quite fair, as they are not full reimplementations of the same standard. They are are better compared with chromium based browsers, which are easy to create and of which there are many.
What do you suggest to do to make competition easy? We could throw out most of features, but then the resulting standard won't be useful, and almost no one will use it.
What are you talking about? I've been gaming exclusively on Linux distros (Ubuntu, Fedora, SteamOS and Solus) for the last few years and it's been great. Site/community gamingonlinux.com is a testament to Linux gaming being a viable platform.
It's surprising that people are surprised by these things. Mozilla is not on a slippery slope. That was true years ago, but it proceeded unmitigated. By now, though, these things are the natural result of that decay.
There's a lot of power in branding, apparently. People keep saying things like, "Mozilla is a good company at heart", and I'm at a loss. Mozilla 2017 is nothing like the Mozilla that existed when the Foundation was established, or when the Mozilla Manifesto was adopted. Tons of key people left in a few different waves: first when Google pulled them off the project to go build Chrome, and then lots more who trickled out over the years during and after the Kovacs/FirefoxOS era. What remains is (a derivative of) the codebase + the name "Mozilla" + and, like, Mitchell. But that's it. Keep calling it the same thing, though, and somehow folks act like we're talking about the same thing.
Mozilla imploded—or rather, got Netscapified—years ago. To believe that Mozilla or Firefox is your old friend who's still helping you fight the good fight is incredibly naive and can only come from someone who hasn't actually been paying attention and is easily fooled by (trivially contradicted) surface-level details (like a name). I mean, it's not even like some philosophically tricky ship-of-Theseus problem. Mozilla is dead, people, and this isn't news.
Mozilla is still today doing incredible work. The work on Quantum was extremely forward-thinking in a way that most corporations cannot support; it brought us Rust, which is a fantastic contribution to the ecosystem.
Furthermore, Mozilla has always had troubles with judgement and mismanagement, this is not new. The problems that have been surfacing are old problems, they're just getting more severe.
If the yardstick for Mozilla's mission is how fast they can make a browser, why do we need Mozilla? There are arguably better equipped entities doing that.
Their whole mission is to have better judgement and management, advocating for the user instead of a corporation (or foundation). So it sounds like you're in agreement with the GP that Mozilla's decay is not news.
> If the yardstick for Mozilla's mission is how fast they can make a browser, why do we need Mozilla? There are arguably better equipped entities doing that.
Are there? I see no evidence to support that assertion and a lot of evidence against it.
Market share matters. The last vote at the W3C about DRM video being the most recent example.
I mean, I probably qualify as reasonably savvy, and I have used exactly 4 browsers in the last 10 years: Firefox, Chrome, IE/Edge, and Safari.
Uh, looking glass was not supported or worked on by the vast majority of the fantastic engineers at mozilla. This was a marketing stunt probably thrown together by a single intern, and greenlighted by an out-of-touch marketing department.
Sorry, I don't care much about engineers. I care about people in charge. People high in decision making process. If intern and marketing department are able to do this it's really bad. No number of good engineers can change that.
> There's a lot of power in branding, apparently. People keep saying things like, "Mozilla is a good company at heart", and I'm at a loss. Mozilla 2017 is nothing like the Mozilla that existed when the Foundation was established, or when the Mozilla Manifesto was adopted.
I don't know, Rust and Servo seem to show that there's still the hacker spirit that was there at the beginning, it's just they accumulated a lot of 'business types' if you will over the years and they need to put that engineering face back at the top, instead of being too focused at running a multi-million dollar enterprise.
Servo? No. Firefox 57+, which is based on it? Yes. But that's completely besides the point here, because yeah, serving unwanted extensions - which aren't even remotely useful - is ... stupid. I allow experiments so Mozilla can test new things which will benefit others later. But I don't see any world where the Mr. Robot extension will benefit anyone.
Yes. It's my second browser (and was my main browser until I switched to FF Nightly in the summer). And no, it isn't faster - at least not for me. And it hogs memory as if there's no other software running on my PC. I'm really happy that I can use FF again instead.
it hogs my memory if there's no other software running
What exactly is wrong with that? Do you understand how RAM works on a computer?
Maybe your system is different, but for me, FF 57+ uses much more CPU than Chrome, and unlike RAM, that's a statistic that actually affects something in a meaningful way (increased power consumption).
If you're worried about Chrome using RAM when nothing else is, you might be fetishizing the concept of free RAM.
The ship exists but whether it remains the same ship is a matter of opinion; and yet Theseus sails onward.
I see Mozilla as suffering from a crisis of identity, internally; it's acting as though it is staffed by believers in the manifesto but is now steered by those enamoured with The Bay Area and its ways.
Rust, Firefox 57, and even FirefoxOS are/were noble efforts to succeed in delivering on the manifesto. Pocket and this latest advert update smack of an executive that is thirsty to exploit the Mozilla brand for profit.
Wait, just because the old guard is gone, implies that the people there no longer care at all about the original mission? I get where you're coming from, but throwing up ones hands and saying Mozilla is already fucked is not helpful—Mozilla is our best chance at maintaining an open web. If we just roll over and let Google have the web because things aren't perfect then we are well and truly fucked because there's really no question of the agenda there. No, we should be holding their feet to the fire, not giving up in impotent cynicism.
"Pournelle's Iron Law of Bureaucracy states that in any bureaucratic organization there will be two kinds of people:
First, there will be those who are devoted to the goals of the organization. Examples are dedicated classroom teachers in an educational bureaucracy, many of the engineers and launch technicians and scientists at NASA, even some agricultural scientists and advisors in the former Soviet Union collective farming administration.
Secondly, there will be those dedicated to the organization itself. Examples are many of the administrators in the education system, many professors of education, many teachers union officials, much of the NASA headquarters staff, etc.
The Iron Law states that in every case the second group will gain and keep control of the organization. It will write the rules, and control promotions within the organization." [0]
More generic form of this would be to state that in any system, those who are willing to go furthest in protecting their position will usually have the upper hand.
E.g. the company owner remains a company owner only as long as they are willing to go sufficient far to keep the company profitable; those who don't go bankrupt and lose their position.
The bureaucrat is not special in that respect - they are "just" the natural foot soldier of those who want to maintain an organisation for the sake of the organisation.
As such the backbone of any long-lasting organisation will be made up of those who are good at both maintaining their position in an organisation, and in protecting the organisation against inside and outside "threats".
Unfortunately such threats can include those who want to focus resources on the original goal of the organisation, at the risk of diminishing the role of the organisation.
Since Pournelle mentions the Soviets: to me this is one of the most dangerous parts of Leninist party theory: it involves rules meant to strengthen a party organisation against the threat of outside force, but it also made the Bolshevik party ideally suited for party bureaucrats and power mongers, whose prime goal quickly became the perpetuation of the party and the privileges of power.
A lesson should be to make any organization as weak as it can possibly be while retaining its ability to function. Unfortunately to function that needs an even playing field, or "as weak as it can possibly be" in the face of competing with multinational corporations quickly means something much bigger than we might hope.
I usually refer to Stross's summary- "The iron law of bureaucracy states that for all organizations, most of their activity will be devoted to the perpetuation of the organization, not to the pursuit of its ostensible objective."
Exactly. I'm totally fed up with this "Mozilla is a good company at heart" contrary to every evidence (letting FF slip b/c of all the side projects, Pocket, now this).
I strong disagree that Mozilla is a good company at heart.
They are horribly mismanaged on every level.
They have burned hundreds of millions of dollars to produce a second rate browser that has seen its market share collapse.
They took hundreds of millions from Google and in exchange unquestioningly supported Google's advertising and surveillance agenda.
They have consistently failed to introduce new features that would actually benefit new users.
They blame the "standards process" for their lack of innovation and features that benefit users when they know that the standards process is a b.s. game. For profit corporations break standards whenever it benefits them. Firefox is the only browser that follows standards written by Google, Microsoft, and Apple, while the other 3 break them, or force through their own changes whenever it benefits them.
Apple blocked 3rd party cookies and Microsoft defaulted to Do Not Track while Firefox kept doing Google's bidding to collect their checks. Just one example of many.
In the place of real innovation, being truly independent, and actually standing up for users Mozilla gives people dumb crusades like Net Neutrality.
Firefox could have used their market share to develop truly innovative features, like what Opera tried. For that matter they could have partnered with Opera to create standards for a true open web, but of course they never did that because the Google bucks were just to sweet for them.
Mozilla has been a failed organization for a long time. This is only the latest reminder.
> "Fork it" is not an acceptable answer. The problem is not with Firefox, it's with Mozilla. Mozilla is a good company at heart and they're an important pillar of the web. Losing them to stupid stuff like this sucks, we should fight for them.
Well, how do you suggest doing this when it appears that the relevant decision-making parts of Mozilla do not answer to anyone "on our side" in any meaningful way?
It seems to me that the only solution is to make an organisation with a fundamentally different system of governance. By virtue of institutional inertia, I figure it would be very hard to do this by actually raising a competing project from the ground up and hoping to capture any of Mozilla's market share or developer base (not to mention the amply made elsewhere in this thread point that Mozilla is big and expensive for a reason).
The far easier, and quite well-tried, solution is to put financial and social pressure on the current leadership to voluntarily open itself to downstream control. The former may be most easily achieved by having an Iceweasel-style "condom organisation" gain traction - that is, someone who tries their best to replicate all of Mozilla's user-facing I/O (releases, sync servers...) in a timely fashion, systematically acts as a QC layer to strip bad decisions like this or Cliqz and otherwise does not waste developer time on niche interests like classic UIs. For the latter, whatever you may think of the person of the tactic, the Brendan Eich story unfortunately shows that pitchfork mob tactics work on Mozilla. Even more cynically, it may be the case that they are the main way anything gets done these days. The (very significant, in my eyes) moral reservations aside, from a result-oriented perspective of what is most useful to reform Mozilla as an organisation, is there any good argument against the "identify a representative set of heads behind this latest measure and call for them" approach?
> the Brendan Eich story unfortunately shows that pitchfork mob tactics work on Mozilla.
Yes. If anyone wants to do a git bisect to find when the Mozilla Corporation lost its integrity, we can say it was definitely "bad" by the time they forced out Eich in April 2014.
The trouble is, it costs money (or a lot of time from talented people) to support a project the size of a browser. I would imagine getting some funding helps keep things afloat.
You even say, "maintaining a web browser is work that needs a corporation's backing behind it (or a government's)".
I suppose we should expect the goodwill of corporate sponsorship, but this relationship can quickly turn into the "sponsor" asking for things in exchange for donations.
This situation exposes a weakness and requires the recognition of the fragility of the open source model (at least for larger-scale projects). We've seen weird corporate-backed things in NPM projects before. It happens, but what is the better alternative? How do we prevent it? Most corporations only support open source projects out of self-interest: that is, they have a stake in seeing a particular project succeed because their stack may depend on the software.
There are plenty of open source companies. The company I founded is built on open source principles many of them inspired by Mozilla. It's a bigger challenge, because it restricts your freedoms as a company in favour of the user's freedoms. However Mozilla's mistakes are not due to the open source nature of the company at all, they are due to mismanagement.
They are due to poor understanding of your own userbase. Poor communication with users and employees. Complete lack of judgement.
These are sticks Mozilla puts in its own wheels. It's hard to make money, but it's easy to know what not to do. Simply asking your employees: "Is this a good idea?" would have yielded a clear "Fuck no". That they did not do that (or did, but chose to ignore it) is a terrible sign, open source or not.
>Simply asking your employees: "Is this a good idea?" would have yielded a clear "Fuck no". That they did not do that (or did, but chose to ignore it) is a terrible sign, open source or not.
Running a company by polling random employees is not an established successful management style. Its only you who is suggesting it, and then claiming that because they didn't do it, its a bad sign.
> Running a company by polling random employees is not an established successful management style. Its only you who is suggesting it,
He's suggesting that the most simple, stupid check one could think of (polling random employees) would already have shown this to be a terrible idea. They didn't even go that far. That is indeed a bad sign.
its not polling for running the company, its a disaster check. If most of your employees hate the idea, it should be a sign of something wrong because I would expect Mozillians to be also users of Firefox.
You inserted the word "random" into the OP's statement in order to support your position. Your employees will ALWAYS have a better understanding of the state of affairs of projects they are developing, simply because they are the ones developing them. You cannot fully understand the complexities without doing the work yourself. Not factoring opinions about a product from the employees who are making it is incredibly irresponsible, and makes those employees much more likely to find an employer who will value them as subject matter experts.
Most open-source software companies that are profitable rely on a consulting model. They develop and open-source the software, then work with clients to implement, customize and support it for them.
This clearly wouldn’t work for a consumer product like a web browser.
> The trouble is, it costs money [..] I would imagine getting some funding helps keep things afloat.
Mozilla has accrued a lot of money over the years. So much money that they could have funded--just on interest--a comfortable loft somewhere filled with hackers on a decent salary who are fanatical about the open web, and maybe a single guy with a tie to "call google", in perpetuity.
That should have been the base case for Mozilla: open web, modern browser, users first.
Unfortunately, brass doesn't vote itself out for the greater good. A modern browser is a delivery platform. The "open web" is a marketing tool. And users are not as important as advertisers.
The rationale is that without clout, they'll be unable to prevent worse things from happening, so they have to allow for these compromises on the open web to maintain that clout, and every setback is relegated to "not our hill to die on," with every next hill becoming "not our hill."
It seems like an unavoidable tragedy, but if we look at similar organisations, can we imagine the FSF or the EFF making compromises on their respective missions, even if they lose popularity or even run out of funding?
I feel they would rather cease to exist than allow for corruption of their stated mission.
I noticed a similar thing with Wikipedia and the ACLU. Too much money seems to in some ways be a curse. Organizations seem unable to Instead of just put a bunch of money away for a rainy day and then stop fundraising for a while when there's enough money to carry out the core mission. Instead they find more and more missions to expand into in order to spend whatever level of money is coming in.
The problem with this is that the people working on this peripheral expansion missions don't think of themselves as peripheral. When there's a money crunch or a values conflict they will fight hard for theirs even at the expense of what the organization was always supposed to be about.
Everyone keeps coming with the money problem. But... how about they maintain a browser, with browser functions only? No PDF-JS, no Pocket, no Hello, etc. Just core browser functions and features.
Yes, it might mean scaling back, which is one of the swear words in a growth-oriented belief, but that way, the money should be enough - it was enough for a decade, what changed?
With all due respect, rendering PDFs is something I consider core browser functionality.
Pocket, most certainly not, though it's nice I suppose. Hello was... I don't know what it was. Checking if the market is there at all? Not something I expected to be in a browser.
I never understood why anyone wanted their browser to render pdfs. PDF.js is slow, buggy, and can’t edit documents. Every major OS ships with a better PDF reader, and there are still better open source PDF readers available on all major platforms.
> PDF.js is slow, buggy, and can’t edit documents.
That is leagues ahead of native PDF plugins which are slow, buggy, full of vulnerabilities, closed source, require a deprecated plugin infrastructure and usually can't edit documents either.
PDF.js is one of the better things to come out of Mozilla.
Okay. But the solution is to not involve the browser at all. It's there to browse. Once you find and download the file have it open in a real application designed for reading pdf.
Ideally, yeah. But often PDFs are integrated with the web experience as another web page. Or atleast that's how I treat them. I have 2-5 research papers open in my tabs at all times, and I browse through them like I would with any other article.
Sure if it piques my interest I would download it, organize it but I wouldn't go through the pains of doing that for every pdf I lay my eyes upon.
I don't think you've spent any time with regular people. The vast majority of the world finds computers to be confusing. The less buttons they have to click the better. All they want really is another appliance that has fixed functionality.
Seems that's no different than opening with external program, or using a plugin, or using an extension. After all,those things can be updated, whereas the browser should have more core functionality that enable new document types to being opened.
Building a secure, fast, usable web browser is a near-impossible task on its own. Anything else they do involves a couple of orders of magnitude less effort. Mozilla would still need the vast majority of funding they currently get to do that.
The problem isn't that they're doing too much - it's that they have nearly no business model, and any attempt to create a business model appears to be selling out to users.
Are those things really taking up much employee time? Frankly, they don't seem like it. And some side projects are nice - like Rust and Servo. Persona too, even if it didn't caught on.
I think the trouble is that the "web" is an overcomplicated BS clusterf___ for exploiting the plebes.
Some guy posted here a week ago in wonderment over how Mozilla can maintain a browser for a mere $400M+ a year. $400M+ a year!!!
If it takes that much engineering to deliver something which is not substantially different than what we were using 17 years ago, I'd count that as an engineering failure.
> Firefox 57 gained a ton of good will from a lot of users
This was the new interface, right? I just saw this the other day and though it looked pretty good; was actually considering a trial switch back (after moving to chrome years ago, when a single bad tab would take down the entire browser).
That’s now put on hold - a compulsory extension is one thing, but having it be purely for advertising is a massive “No” flag to me.
I’m of the view that getting (most) people to consider switching browsers only comes every few years and requires a very large incentive; “We’ve fixed that one incremental problem” isn’t enough. A complete revamp would do it, but takes time to permeate into conciousness. And in the meantime they do this. “Squandered goodwill” seems to be spot-on.
> "That’s now put on hold - a compulsory extension is one thing, but having it be purely for advertising is a massive “No” flag to me."
so that's why you stick with chrome, a browser designed to send all your browsing habits straight to google, the largest online advertising company and commercial tracker in the world?
You actually don't have real control over Chrome. Only Chromium is open source, and then you won't have all the features you surely use. Like videos working.
Edit: (+) Sir_Cmpwn, At least not working for me when I try seeing the pages with H264 encoded ones, and when I search, this is what I find:
I use chromium on Linux as my main desktop browser. I assure you it plays videos. The only thing it doesn't do is play DRM'd video, which is a feature.
It's what I call "Android." Google services were never part of AOSP. Bundling all the Google services together and naming the bundle didn't change anything in that respect.
Is Mozilla strapped for cash or something? I’m happy to donate a bit if it keeps them independent.
Google’s behavior with Android/AOSP suggests they’re more than willing to make the open source version of Chrome useless in practice the second there is no viable competition.
I don’t see any organization other than Mozilla that can keep them honest.
Nope. According to their financial statement, the Mozilla Foundation had $69M in "cash and cash equivalents" at the end of last year, about $329M in investments, and literally gave away millions of dollars in grant funding. It's not entirely clear to me how the financial interaction works between them, but the privately-held Mozilla Corporation (i.e. the 1000+(!) employee company that actually makes Firefox, and which the Foundation owns as a subsidiary) had over $500M in revenue from their search engine deals...
The original reason behind them establishing Mozilla Corporation over Mozilla Foundation was that they can keep this practice going while being safe from taxmen reprimanding them for pocketing what is a charity income from tax standpoint.
Now, Mozilla Corporation bills Mozilla Foundation for "service offered at a market price" to do its "socially beneficial, free of charge and any expectation of remuneration" activity, which is selling ads.
> needs a corporation's backing behind it (or a government's)
You touch on an interesting point, maybe Firefox should be soliciting donations from governments who are concerned about the US surveillance state instead of relying so heavily on search ad revenue and being forced to turn to things like this to make a buck.
No offense, but "like, China?" I don't see how involving government(s) and therefore politicising the whole thing is going to make the situation any better. Even if it were support from a government you (but others not) would find acceptable.
Although they should probably not be in charge of the actual development, is it really crazy to think that Firefox could be funded by governments? At some point it is a public service.
This is such a terrible way to make an argument, present a case, or say anything that can't be said in a few dozen words. He has a blog, it's linked right there. I can't understand why people use twitter like this.
So, the first post in the thread was ~11:30am. The last one was about ~5pm. I basically appended to it during the day, as my thoughts and feelings evolved on an issue. It's not like I completely tossed out all these tweets at once.
That said, everyone uses Twitter differently. I tweet a lot. Some people don't. I personally blog when I have a long-form, well thought out thing to say. I tweet whatever is on my brain at a given moment. Twitter is more raw, more personal. This is a raw, personal issue for me.
Firefox 57 was so nice I started using it every day and was actively migrating things to it from Chrome. I could live with the Pocket thing even though I wasn't wild about it. I hadn't gone as far as setting up a Mozilla cloud account because privacy was a high priority and I didn't want to swap one cloud service for another.
Then this thing blew my machine up the other day, I lost days of work, and...hmm. I don't know why a company would ever do something like this, it's incredibly foolish.
Firefox 57 gained a ton of good will from a lot of users
Let's not overstate things. Firefox 57 gained good will from some users. It also seriously annoyed others, both because of the loss of many useful extensions, and because the new version is horribly buggy and crashes all the time.
The one thing Mozilla still had going for them compared to Google or Microsoft was the emphasis on privacy and respecting the user, and yet I've read about several different cases in recent weeks where that trust has been undermined, this being the latest.
Yes, sadly. I can't remember the last time Firefox crashed on me prior to 57. I've lost count of the number of crashes/hangs since the update, but it's well into double figures by now. Whether it's Firefox itself or the handful of extensions I have installed, I can't tell for sure, but it's much worse here on a Windows box with more extensions installed than a Linux box with just a few. In any case, if the new runtime model is supposed to make things more robust then unfortunately my experience has been quite the opposite.
Please don't quote things out of context in a way that changes the meaning. What I actually wrote contrasted some people's good experience with others' bad experience. It wasn't a blanket statement as it appears when selectively quoted.
I happen to be an existence proof for the bad experience group, but a few seconds with your favourite search engine will readily confirm that I am not alone. I don't know what the ratio of lucky to unlucky users is, nor did I claim to.
I feel really sorry for Steve and other real developers. Mozilla is not different from any other managers driven corporation. Very sad.
I almost wonder if that's an organized action aiming at removing competition. It's too bad to be unintentional.
The business model of the Internet is surveillance and advertising. It's incredibly hard to resist. It seems like there's an infinite amount of money available if you're willing to surveil and sell out your users.
> If Firefox disappears and the fork remains, the fork dies because maintaining a web browser is work that needs a corporation's backing behind it (or a government's).
Perhaps the problem is the fact that the Web is so complex that popular web browsers could only possibly be developed by corporations to begin with.
2. Even when "enabled" in the add-on manager, the add-on was completely inert unless a user also manually dove into about:config and specifically enabled a flag related to the add-on. Without taking that deliberate action, it didn't do anything but watch that flag. No headers, no word inversions, etc.
If you'd like to verify my claims, the source lives at https://github.com/mozilla/addon-wr, and initialization is controlled by addon/bootstrap.js.
This doesn't excuse our actions, but I hope it adds some context.
yahoo and google pay hundreds of millions, is this not sufficient? have any of these gimmicks actually helped gain users? it's likely that only Quantum - a purely technical improvement (plus marketing dollars) - made any dent in your user share. it's almost like mozilla keeps expanding into all the shady corners to use up its budget so it can have a bigger budget next year.
many users use firefox for ideological reasons, even when Chrome is/was technically superior. and these reasons are disintegrating at a ludicrous speed. you are throwing away the very users that helped you grow. we are telling you this here, directly and in plain language. much of the same group uses firefox because they can make it work exactly how they want with exactly 0 surprises. some of this died with the web extension addon transition, but it's at least justifiable from a technical & security perspective.
every time you force-feed what should be a visible and removable extension, i have less and less control over my browser and less incentive to to use or recommend it. it's heartbreaking, really. whoever is pushing forward on all this farcical marketing spin and bundling stunts needs to be shown the door, asap. call ads "ads", not "experience enhancements". it is not okay. you guys need to stop this before you lose your most dedicated users that have stuck with you through thick and thin. having been on firefox/nightly for over 10 years, deploying firefox on thousands of PCs, reporting many bugs, and making donations to mozilla, i am this close to saying "fuck it" and taking my friends, relatives and coworkers with me. i'm gonna be one user that costs you 2000 more.
please get this to whoever needs to hear it [and gives enough fucks to actually do something].
> The core idea (deploy an easter egg via an add-on) seems pretty reasonable. Looking Glass is a really cool idea for users who want it.
But who actually wants it? Who wants a fundamental part of their daily work suddenly manipulated by somebody else at a whim?
What if Ford decided it would force-push add a cool "Star Wars" tie in to its cars (no pun intended on "force push")? That's a mission-critical part of my life, I drive my kids in it. Don't mess with my car over-the-air without telling me, I don't care if it's all fun and games to you, to me it's my life.
Same for my browser. It's not a toy I use for fun. It's how I see my medical records, pay bills, transport extremely sensitive and confidential information... I don't want anyone to suddenly push "cool fun easter eggs" to it, under any circumstance.
I won't dispute that history; just trying to add context to this one and agree that it's disappointing.
As to your edit, I absolutely agree. That's what I meant when I said pushing the add-on was not good. I was only suggesting that an add-on is a reasonable place to implement an easter egg, since it's separate from the core browser code. Distributing that add-on is a different matter, and I personally disagree with what happened there.
I would also take issue with calling it an easter egg. It wasn't an easter egg. It was an advertisement. That they silently installed on people's computers without their notification or knowledge.
Why are we spending 500 replies and all this developer time on an issue that if done by, say google on their home page, would be considered at best a fun little doodle at worst business as usual?
Firefox isn't a website. This is contrary to user expectation.
There is some degree of deceit present here which bothers me. They pushed out this advertisement through user studies, a feature that ostensibly exists and is designed to improve Firefox. I take issue with it instead serving as a backdoor silently install an advertisement.
If I personally saw this in my add-on page without any knowledge of what it was, I would be alarmed. My first thought would be that my computer had been somehow compromised.
I'm also slightly sympathetic to the idea that these user studies / telemetry can be used to improve FF. By abusing the feature, they encourage people to disable it, which harms Firefox if you take the position that the data gained by telemetry is useful. I certainly no longer have it turned on.
I've seen people link to anecdotes about the user study feature being reenabled after an update was downloaded. All I'll say here is that this is not cool if true.
And really, at the end of the day, why should I put up with any form of advertisements in my actual browser software? Good alternatives exist that don't have advertisements. Advertisements embedded in the product is a huge part of the reason why I switched away from Windows 10 to Linux.
To me, it's a worrying trend between this, Cliqz, the initial integration of pocket, and the the advertisements on the default new tab page.
I'm not particularly sympathetic to the idea that Mozilla needs to pull these kind of anti-user stunts in order to function. We're talking about a foundation that saw revenue of 421 million US Dollars in 2015 and 520 million in 2016.[0]
I think it's about domains of control: I expect that Google controls which image appears on their home page; I expect that I control which add-ons are installed in my Firefox.
If this code had been in core-Firefox, we'd never have noticed it. Counter-intuitively, maybe it wouldn't have felt as invasive, because I know that Mozilla controls core-Firefox, not me. (And I choose to defer to their judgement, because my other options are to defer to Google or Apple.)
>If this code had been in core-Firefox, we'd never have noticed it. Counter-intuitively, maybe it wouldn't have felt as invasive, because I know that Mozilla controls core-Firefox, not me. (And I choose to defer to their judgement, because my other options are to defer to Google or Apple.)
The code is available. I'm pretty sure the tor project would have noticed it.
apart from the fact that mozilla has standards it (supposedly) holds itself to, firefox is a beloved tool. It's not a piece of content, it's a tool. My content can be messed with, for sure. My tools can not.
I feel like this is way overblown but I think the logic here is that Mozilla claims to be an ally of privacy and internet freedom. While Google obviously, does not.
Please note this comment isn't specifically to you, but, I guess more to any mozzarellian that comes across this comment
- - -
for other reasons I wanna comment on the "seems pretty reasonable" bit
"In this day and age" what with fear and stuff being a main chunk of news , perhaps using a webext (which can really only modify a page to do any tricky cool stuff) is a bad thing?
(especially when it plays off of the pre-existing FUD by referencing hacking n' stuff!, but not my point)
same for any unexpected icons appearing in the toolbars! People are being told to be weary when using their browsers: look out for signs the pages might be fake or messed with, look out for unexplained installation of programs and addons, being hammered in from every secure site!
Its worrying that, I know it would fuck with my parents pretty bad WHEN it would be enabled, because there isn't much point in developing something for it to not be enabled! Especially when money is probably on the table, when higher ups probably rammed this through normal steps designed to prevent this sort of stuff (again)
I need something to give my parents, something that is ethical, something that cares about them, and something that works: chrome still works better for them, and mozilla seems really really keen on blurring the lines for the other ones (I know I know, it requires users to opt into shield studies etc, but man, I had a talk with my ma, "do you wanna contribute back to mozilla in this way?", please don't punish us for asking other less-techy people that.)
If you guys need easter eggs, probably keep them off to the side, in the settings or about sections
I am not a Firefox user[1], but the thing I am finding it difficult to understand about this brewhaha is:
1. Aside from how it reaches the users machine, is the extension on or off when it gets installed invisibly?
2. If it's off, why push it at all? If the user is expected to give consent at some point down the line for it to be on, why not just have the user actually install the extension at the time of consent, rather than prefetching?
[1] work gives me a Chrome OS laptop, and I find the lock-in of sync-ing bookmarks and things pretty real.
> Is the extension on or off when it gets installed invisibly?
You could argue technicalities for either, but semantically, it's off by default.
The add-on is implemented as an "embedded webextension" which is wholly contained by an outer "bootstrapped add-on." The bootstrapped add-on controls whether or not the embedded webextension gets initialized, and that's all it does.
The outer shell is on by default. The embedded webextension is only initialized by the bootstrapped add-on if the user manually flips the "extensions.pug.lookingglass" preference in about:config. That preference is off by default.
> why not just have the user actually install the extension at the time of consent, rather than prefetching?
That's what we're moving to by pulling the add-on from Firefox and posting it on AMO.
Mozilla fucking up like this still feels like a friend fucking up. It's frustrating and disappointing precisely because I expect Mozilla to be better than this.
I feel a bit distanced about the whole situation. The issues I've seen are:
- getting money from secret extension
- potential security risk
- bad will from mozilla
the name shield studies feels a bit scary, a CIA paranoia tone but anyway.. I believe that's the era that is tense and what seems to be an easter egg as you say, ends up as a brutally negative thing.
This looks like an authoritative answer from a Mozilla coworker, and it's totally incompatible with the message and tone of the linked article "Firefox is on a slippery slope" which makes it sound like the extension was on by default.
So who is telling the truth?
The one thing I know is that I am writing from a Firefox right now and don't see headers, inversions etc. at all. The examples given in the article should have all been inverted, right?
I'm glad it doesn't do anything, but if I saw this in my extensions list, I would think it was malware. That does have an impact. I could have spent hours with my hair on fire trying to figure out how my system was compromised, and I wouldn't be surprised if others have. I'd expect better from an org that has to deal with security issues all the time.
It would be easier to forgive if this was the first time Mozilla pulled this sort of thing. Instead, we see Mozilla making this same kind of mistake -- i.e. trying to turn what is otherwise a great browser into some kind of "platform" for things that do not actually serve users -- over and over again.
It's great that it was pulled, but what about removing the ability to silently install add-ons? Give up the power to make this mistake in the future if you want forgiveness.
Absolutely. The whole ordeal reminds me awfully of Ajit Pai's tone as he kills net neutrality, sounding as if everything was fine until net neutrality came along.
Although different, this too brushes off this one instance as a mistake, and entirely disregards the rest of the article, not even trying to address or explain the rest of Mozilla's recent borderline malicious behavior.
A serious fork is long overdue, if only it didn't take a corporation as big as Mozilla to undo their bad deeds.
I'm just one DevRel engineer on a layover; I'm not the right person to answer those broader questions. Not trying to be dismissive, just trying to engage in the areas where I'm most able.
> The one thing I know is that I am writing from a Firefox right now and don't see headers, inversions etc. at all. The examples given in the article should have all been inverted, right?
"It involved sideloading a sketchy browser extension which will invert text that matches a list of Mr. Robot-related keywords like “fsociety”, “robot”, “undo”, and “fuck”, and does a number of other things like adding an HTTP header to certain sites you visit."
Only if HN is on the list of "certain sites". It's also irrelevant because the extension offers me no value so Mozilla was not acting in my best interest.
But still, the fact that the extension was not active unless you mess around in about:config is a crucial fact, which should not have been omitted in an highly critical article, specially if they use words like "Mozilla, you fucked up bad, and you still haven’t apologised. The study is still active and ongoing".
I feel misinformed by that article, to say the less.
If that is the case (I'm not saying it's not, just that I don't know)... why did the extension even need to exist? Presumably "certain sites" are partner sites participating in the promotion. If they are participating and (I assume) they control their own content, why didn't they just invert those words or whatever else they wanted to do with the content when they served it?
I'm very confused about why this needed to roll out as a browser extension at all.
Thank you for your response but I don't trust you. I don't believe your characterization of how this extension works is correct. That is a huge problem, it means I do not trust Mozilla.
What's being done to make sure this never happens again? How could something like this happen after the Pocket fiasco?
You don't have to trust me, that's why I linked to the source. Check out L21-24 in bootstrap.js.
You can verify that this is the same code as your own local copy of the add-on by visiting about:debugging, clicking "enable add-on debugging," and hitting "Debug" under the Looking Glass add-on.
I'm an engineer in Developer Relations. I'm not in management, I wasn't in the decision chain for this. I'm not here to defend that decision. I'm just here to try to explain, factually, the technical aspects of what happened, and to then reflect your sentiments internally.
When someone says "I don't trust you", "I don't believe you", spews a series of questions, and then responds by reiterating their statements without reference to your answers, that person is not so much listening to your perspective, as they are fantasizing about stepping on your face.
I actually appreciate your thoughts, but maybe it would be better to let Mozilla, the company, respond in a full blogpost.
One man does not stand well against an internet mob out for blood.
I appreciate you taking the time and the work you do.
Let me state the obvious for your management: violating user trust is unacceptable. I expect Mozilla to be user-centric but I can no longer take that for granted.
This is a very dangerous action because it's not something that can be taken back. The addon can be removed but it shows very poor judgement on the part of Mozilla leadership and now I have to doubt all future motives.
It's just our internal jargon, nothing nefarious intended. Things shipped over Shield are called "studies," A/B tests in the installer are called "funnelcakes," etc.
Are you saying that you're communicating the word "studies" in place of "advertisement" when the Shield option is presented to users during installation of Firefox?
> Even when "enabled" in the add-on manager, the add-on was completely inert unless a user also manually dove into about:config and specifically enabled a flag related to the add-on. Without taking that deliberate action, it didn't do anything but watch that flag. No headers, no word inversions, etc.
Wow. So is Drew DeVault lying, or confused? Was there a bug that turned it on for him? This is odd.
And the article doesn’t even mention the Cliqz controversy [1]. How can you try to promote your browser as the privacy-oriented, user-first alternative and at the same time run into shitstorms like this all the time? Shouldn’t there be someone who can properly judge the effect of decisions like this?
They're ruining their brand image. It's hard to be considered trustworthy when it appears like you compromise your values due to financial hardship. It reminds me of the Ubuntu Amazon integration thing as well. One of the Cardinal rules of free software seems to be don't sell your users by forcing 3rd party integration nobody asked for.
It's always interesting how this happens. Is it new executives how come to power and they never realize what the brand meant to users but see a short term stunt to get some extra profit and go for it.
It happened to Lenovo and other laptops when they started installing spyware (Superfish) on their machines. They basically ruined the brand image that took years to build up.
Yeah I get impatient with the "they need to make money" apologist argument. Oh, I get it, you're saying I should trust them because they're in it for the money like everybody else. Makes sense thanx.
No, they're not in it for money. In the end (the foundation owns the corporation), Mozilla is a non-profit.
They need money to achieve their mission though: maintaining a browser (in a landscape of evolving security challenges, performance & web standards) and research (e.g. projects like Rust, Servo & pdf.js originated that way) is not cheap. And currently it mostly comes from search engine deals. If they cannot get a similar one, it all collapses.
I can see why they try to diversify their income. That said, I don't agree with the way they do it here.
If they want to diversify they can work on other projects making money instead of fucking up their current userbase.
IMO coding missile software to pay for those projects would be a lot more ethical than what they're doing. Yeah I consider the ad industry and its privacy crushing consequences worse than weapons almost never fired.
Especially as a company with over $440M in assets, $330M of which is invested, with less than $60M/year in accounts payable and liabilities, that received $500M in royalties last year.
I think the real issue is mozilla essentially gets an infinite supply of money from parties like Google, no matter how shockingly incompetent they are.
Im not certain I buy the arguement that the decline of mozilla is purely a bad management situation. In threads about this, or pocket or cliqz or any of the other mozilla diasaters of the last while, you have a huge amount of what appear to be line level engineer employees defending this crap voraciously.
Something has gone very wrong with the culture of mozilla in general, I think its a copout to suggest that its merely some evil pointy haired boss.
The accountability is at the top. In this case, I would be very surprised if that was not greenlighted by Mozilla's CMO. Whether others down the chain complained or not doesn't matter much, since not everyone can vote with their feet.
But this is happening way to often lately, and the typical "I stay at Moz because we are still doing good stuff and no one else would step in" you hear from employees is exactly the card that the management plays. It's sad, because the mission from Mozilla's manifesto is more important than ever, but MoCo is not the place where this important things will happen.
Switching from Firefox to Chrome is jumping from pan to flame. Google are at least as bad, and in all probability much worse. The Safari saga. In fact, the amount of protestations one here are deeply suspicious.
Their behavior here with regards to handling the bug tracker is exactly the same as with Cliqz. So this isn't a one off thing. It's the start of a pattern and a dark one at that.
And speaking of which, I made a post prior to FF57 asking where the Cliqz situation went and got no responses. Any idea as to what happened with it? I haven't seen any updates on the situation since and feel like it's just been swept under the rug.
By it not actually being a privacy-concern and the "shitstorms" frankly being tiny. These are completely isolated to HN, Reddit, Slashdot and the like. No serious journalist is going to report on it, because doing even the tiniest bit of research shows you that there's nothing to report on. As such, the shitstorm is never going to reach roundabout 99% of their users.
I am deeply disappointed in so much software lately, especially by the folks who once championed software freedom, privacy, and quality.
A lot of people thought the Mr. Robot stunt meant that they had been hacked. Well, you know what? They were hacked. Someone installed software on their systems without their knowledge or explicit consent.
(Side note: I also discovered last night that Firefox Quantum does not use or support userContent.css - maybe this is a Stylo thing but it really annoyed me.)
(EDIT: per the below, my experience with userContent.css doesn't seem to be shared. I may have messed it up on my end. Will report back when I get a chance.)
This is nothing new. There has always been "sell offs" in the Open/Free Software sphere. An old-ish example that comes to mind is SourceForge. When it started, it was the place to host and search for Open Source or Free Software. It was amasing. Little by little, the service started to rot, became full of ads and just felt sketchy.
Then GitHub arrived, and a fresh platforfm for hosting open source software was born.
We can fork Firefox, but I agree with many other commenters that a fork isn't sufficient.
It is the underlying concept I am trying to shine a light on: software should serve the user. When Mozilla becomes user-hostile, we can establish new guards for our future security. But if we, the software writers, become user-hostile, then there will be no one left.
Stallman puts himself forward as an authority on the best way to use the internet, even though doesn't actually use the internet in any recognizable way.[1] He comes off like an internal combustion engine designer who has never been in a car, declaring himself a traffic flow expert.
[1] "I generally do not connect to web sites from my own machine, aside from a few sites I have some special relationship with. I usually fetch web pages from other sites by sending mail to a program (see https://git.savannah.gnu.org/git/womb/hacks.git) that fetches them, much like wget, and then mails them back to me. Then I look at them using a web browser, unless it is easy to see the text in the HTML page directly. I usually try lynx first, then a graphical browser if the page needs it (using konqueror, which won't fetch from other sites in such a situation)." (https://stallman.org/stallman-computing.html)
Stallman's issue is that he comes across as a fundamentalist extremist, and most of his suggestions require making huge sacrifices to one's quality of life.
Take Stallman's own website[1]. It is mostly text. While this makes it fast, it doesn't make it readable at all. And finding specific stuff is nearly impossible. Yeah, there is a search feature, but is extremely rudimentary and very user-hostile.
If it were up to Stallman, the entire Internet would look and work like this. This was OK in 1990. It no longer is. Sorry.
HN has a coherent layout, nice spacing, a sensical grouping of content and functionality per component and view or page. stallman.org is a pile of unstyled textual content which was clearly assembled without actually being designed. Regardless of the validity of his site as an example of what he thinks everybody else on the internet needs to do, the two examples are not not in the same ballpark for readability. Between the two, the ratio of structural elements to textual elements isn't even close.
I think Stallman's website says more about Stallman's design sensibilities than it does about the ability of plain text to be readable or for search to be effective.
Wut? That's his website and he makes it however he likes. I haven't ever heard him telling people to make websites with default HTML layouts or not use interactivity or better search tools etc. WRT websites his opinions regard the tracking they force upon the users and the closed-source-ness of them. Maybe you should read things before you link them, eh?
I think the website is a bad example, but the above characterization of Stallman being a fanatic who is blind to other's needs is not incorrect. There have been multiple cases with him recommending people forgo having working software and hardware if it isn't 100% free. That might be the ideologically pure stance, but it's also massively impractical. As a true believer he just does not understand that the vast majority of the users just want to do work with their equipment, and that choosing to forgo working drivers for some abstract right to modify that 99.9999% of users will never exercise is just utter nonsense.
Also, Stallman is a grade A asshole. I've met him, and he is a deeply unpleasant man to be around.
WRT your first point, well, he's an eat-your-own-dogfood philosopher, and he sets an example to what is possible with his own behaviour. And he just does not make trade-offs in his views. What we should collect from them is what's useful to us. It would be kind of hypocritical if he was telling non-free software is evil, but recommended some such software.
WRT your second point, that is subjective and ad hominem. I live in Emacs and without GNU I was stuck with Windows. Without GNU none of the good things we have today would've existed, Linux wouldn't have existed, we were all programming in ASP.NET or C# or what not. So even if he is an asshole, he's a very, very, very important one.
The fundamental problem is that the software that serves the user needs to be paid for. If every FF user would chip in a small sum, that might work, but people would rather switch to chrome.
> Someone installed software on their systems without their knowledge or explicit consent.
this is what was wrong about the whole thing. What Jascha Kaykas-Wolff heard from the community, that "the experience [we] created caused confusion" is NOT the point.
Auto-update doesn't carry the implicit moral right to install anything company behind it wants.
Auto-update is a consensual agreement with the user. If you use auto-update to deploy something that a vast majority of your users do not want and did not expect, and intentionally so (refusing to roll back a 'mistake'), then you have broken that agreement or moral code.
You cannot use the excuse of "oh well if they don't like it they can uninstall it and use another product" to condone this bait-and-switch behavior. Just because the behavior is legal does not make it moral.
This behavior is absolutely immoral and must be condemned.
Except this wasn’t an auto update - it’s a completely different infrastructure pushing stuff into the browser without affirmative consent or even knowledge. And in true malvertising fashion, this system is both opt-out and turns itself back on sometimes.
Maybe that worked in the past, but these days, time and time again we see companies offering paid software and services with an extra layer of advertising on top. Old adages like "you're either a paying customer, or the one being sold" no longer apply, you can be a paying customer and sold for extra profit. Companies, by their nature, will try to maximize profits, and that translates to them using any means they can get away with.
I don't agree. This is entirely the choice of the team.
The idea that 'you are being sold' is not fair either.
You choose what to use, for how much, and the resulting product.
So if you want to pay $ a month AND have ads. Well, then do that. If not - don't.
If Mozilla wants to have an 'add free non-profit' they can do that.
But they can't because for whatever reasons - people won't pay.
Some people won't pay because they simply don't want to - and are willing to live with the alternative choice of 'having a sideload now and then'.
Other people use insufferable intellectualizations about all of it.
But mostly it's kind of greedy and irrational.
We get immense value out of web browsers. A $1 a month fee would enable Mozilla to forge ahead being the best browser, free for those who can't afford it - and ad free.
But we can't have that because we are not as intelligently organized as we need to be.
I'm still not really sure what would lead you to believe that they would even consider ceasing their advertising schemes if they had this additional income. You seem to be admonishing people for not taking nonexistent steps that would probably never exist to begin with.
"I'm still not really sure what would lead you to believe that "they would even consider ceasing their advertising schemes if they had this additional income. "
For the same reason Mozilla exists today as 'kind of a non-profit' in the first place without tons of ads.
For the same reason that Wikipedia has no ads.
I'm not 'admonishing' anyone so much as pointing out we can't seem to grasp that nothing is going to happen for free.
The only path to 'ad free' is for someone to pay for it - and that's going to have to be users - or in the very rare case -a 'Big Corp' who sees the strategic value in it.
And yes - I do agree that 'most corps' would try to stick in ads.
Heck - even 'non-profits' like Mozilla - are sticking in ads!
But given what Mozilla is today, if they had the resources necessary, I suggest they would not be pushing ads. It's the last thing they want to do.
Finally - there are tons of services that people pay for that are not full of ads.
I don't get ads when I buy MP3s, and none of my paid apps have ads.
Do you think there are ads for t-shirts in my Salesforce app? Or SAP? Of course not.
Likely because the 'profit maximizing' option for Salesforce is to not put ads there in the first place.
So 'big corp' incentives can definitely align with user needs if things are right.
Firefox 57 gained a ton of good will from a lot of users, and they pull this crap right after. They absolutely should know better. They should have known better with Pocket; they should have learned from Pocket.
"Fork it" is not an acceptable answer. The problem is not with Firefox, it's with Mozilla. Mozilla is a good company at heart and they're an important pillar of the web. Losing them to stupid stuff like this sucks, we should fight for them. There's tons of Firefox forks, none of them get the point though, you might as well use Chromium. If Firefox disappears and the fork remains, the fork dies because maintaining a web browser is work that needs a corporation's backing behind it (or a government's).
Mozilla's role goes beyond the web browser as well. Its mission was to "keep the web open", "keep the web free". This goal was reflected in projects such as Firefox OS, Hello and Persona (and to some extent, Thunderbird)... but atrocious management made those projects a waste of time and money.
It's not Firefox you need to fork, it's Mozilla.
reply