Good move, congrats on surviving the second armag-add-on finally BUT I won't be moving from chromium until Firefox (or Mozilla) explains:
- why am I opted-in to a Studies program in Firefox's default state? (With no explicit information about what it is)
- what does app.normandy.enabled switch do and why is its default value is True and doesn't change to false when I explicitly state I don't want to be in the Studies program?
- why can't we see any xpi's installed by studies program unless we explicitly go to about:studies?
I don't say chromium is better, but I think we deserve an explanation regarding these points.
While these deserve an explanation, you should not wait to move.
Chrome is spyware that does web browsing. It's parent company also shows ads, all the time.
Chrome's auto update not only allows them to silently update or change your browser, it allows them to silently install other software on your computer.
Firefox is a browser. It can auto-update in a way that may be questionable, but it also has a lot of cranky devs looking over their shoulder to call them out years later because Mr. Robot may have been able to show them an ad. FF deserves to be called out on their mistakes, and need offer an explanation. But perspective!
I want the ethics of Firefox and the speed / user experience (eg. select & move multiple tabs) of Chrome, so I moved to Brave. It's a Chromium fork that's a bit more Firefoxy -- made by Brendan Eich, former Mozilla CEO and inventor of JS, (eg has the "Switch to Open Tab" feature I love from FF), although there's some cryptocurrency stuff thrown in that I'm not a fan of, but so far it feels like a net positive over both FF and Chrome.
It's very privacy oriented, to such a degree that it actually breaks a lot of websites (but you can disable the shields easy).
If you haven't read this one yet, here's one data point on Brave doing something unethical (blocking ads and collecting payments on behalf of websites without consent/agreement). [1] Tangentially, I'm writing this comment using Brave.
Sadly, I'd also like more competition in the browser technology space; with Edge switching to Chromium, and Safari's years of neglect, it's not looking too good.
1. It uses Google DNS internally, bypassing system DNS.
2. First-run analytics to Google, new tab page analytics to Google.
3. Various built-in google services that phone home: Google Host Detector, Google URL Tracker, Google Cloud Messaging, Google Hotwording, Google Safe Browsing, WiveDine DRM, Google AutoFill, etc.
4. Update checks for all these components (the browser does not have update, but the rest does).
5. Countless accesses to Google, such as geo-location to find nearest Google server, ping probes for connectivity, etc. For a list of domains that are accessed by Chromium, see this regex used by the ungoogled-chromium project: https://github.com/Eloston/ungoogled-chromium/blob/30969fddf...
I see no problem with neither Chrome nor Firefox defaulting to Google search and suggestions, as that is easily configurable for normal users. All of the above, however, is not.
> and uses Google search suggestions (so sends all typed in text to Google)
This is not true. Firefox explicitly asks you the first time you start typing a search in the location bar whether to allow search suggestions. It is opt-in.
Firefox also allows you to keep the location/search bar separate so that you can have search suggestions without sending every URL you type to Google.
The Newtab adverts are not served by Google IIRC and they are only matched with you data locally in your browser, you get a lot of them from Mozilla and locally on your machine they get targeted so you aren't tracked online (If my memory of the article on it is correct)
I find it very disturbing that the very dangerous issue with Chrome and its family is not discussed here, which is the erosion of web standards.
tl;dr : Choosing anything based on Chromium is giving the death sentence to the Web "democracy"
Moving to a Chromium based browser is letting more and more market share to a browser engine whose roadmap is fully determined by Google. The issue trackers of Chromium or Android projects clearly shows how much Google values its users'feedback about their most wanted features : Not At All.
These days it seems they are starting to feel the same about open standards... At first with WHATWG getting in the yard of W3C they tried to get more influence on the redaction of standards, now they don't even bother since they can force anything they want in a "de facto standard" as they are doing with AMP.
The next step is to obliterate any standardized feature they don't like. It can seems to be a frivolous issue but they are doing this right now to SVG-in-OpenType, a standard that is currently implemented in all major browsers except Chromium family (yes even Edge see https://www.colorfonts.wtf/#section4 but the switch to Chromium will probably end it). Here is what Google responds to the numerous people aking them to implement it : https://bugs.chromium.org/p/chromium/issues/detail?id=306078...
Apparently a feature even the -probably small- team of Edge developers managed to implement is too complicated for Google chrome engineers ?!?
This will get more and more frequent as long they have more than 80% of browser marketshares.
So if you switch to ANY Chromium based browser, even if it's for privacy reasons, PLEASE keep in mind that you are working for the destruction of the web "democracy".
It is disheartening how we seem to learn so little from history, even recent one. It seems like yesterday that the web managed to come out from under the stranglehold of IE and now the wheel turns yet again. This time it may be even harder to break the monopoly since billions of ordinary web surfers have little to no idea of these issues and default to Chrome because it is pre-installed and has almost become synonymous for a browser.
Google still pay for Firefox; about $2 per user. So, Chrome and Firefox are funded by the same people. In fact Google upped the money they're paying despite FF's falling users share, what are they getting for their money - I doubt they're giving it out of charity.
It's like price differentiation, I feel. FF is for people who want to avoid Google, but Google are paying to get privacy-infringement lite. Who knows what else besides being default search provider, and getting every search you type in through search suggestions, they're getting for their money?
>cranky devs looking over their shoulder to call them out years later because Mr. Robot may have been able to show them an ad //
Way to underplay things. Do Chrome change their UI (ie chrome) to ad advertising? Do they force add-ons on people that are unremovable in order to advertise a product? And then update, re-placing the advert into users chrome who've removed it? Do they blank out users home-screen settings in order to add advertising? (I think they did do that one?)
Chrome may be spyware, but default so is FF. And Mozilla have shown they're more than happy to mess around with their users browsers for advertising/promotions.
Aside: how is Chromium worse? Waterfox is looking like a good option.
> why am I opted-in to a Studies program in Firefox's default state? (With no explicit information about what it is)
I came here to mention exactly this. I don't mind the certificate issue (as long as there is a post mortem and they learn something from it).
I was wondering how my addons came back automatically (without me having to upgrade to 66.0.4) and I found out about this studies thing, which I never consented to. I feel violated. And the problem is, what browser am I supposed to use from now on? Lynx? Sigh
ETA: I am (was) a proud Firefox user since it was called Firebird, and changing browsers never crossed my mind before (even if Chrome felt faster some times). At this exact moment, I have zero trust on Mozilla, just like I have zero trust on Google (Chrome). Extremely frustrated and disappointed.
There's actually quite a few. This Wikipedia list [0] might not be the best curation, but it carries my point, somewhat. For example, I've really enjoyed the power-user browsers, like surf, luakit or uzbl.
I know you were expressing the fact that we're stuck between Firefox and Chromium, because they're the only browsers able to keep up with the rapidly moving web stack and provide a fluid user experience at the same time. My point is if you're willing to compromise on that, you actually have other choices.
Oh I do hope to see the day when there's a variety of browsers, all equally compatible with the day's web. Doesn't seem like we're moving in that direction though.
Personally, I tolerate Firefox, because I want some of the extensions, namely Dark Reader and ublock. Dark Reader doesn't really have alternatives, as far as I know, and I find that network level blocking isn't effective or ergonomic enough to replace something like ublock origin. If I solved these two problems, I'd jump ship to surf immediately.
Just to finish my rant; the other day I was experimenting with text browsers for rendering simple sites like thefreedictionary or HN. Their ability to do that is quite abysmal. I think that says a bit about the state of web's accessibility.
Yeah, exactly. I mean, not even EdgeHTML could keep up!
> surf, luakit or uzbl.
Thanks for the suggestions. I had never heard of any of those three, but they look awesome! The only extension I need is Vixen (or any Vimperator-like addon), and they all seem to be keyboard-first. The only browsers I had used before were Lynx and w3m, which were way too hardcore for me. I'll give a shot with luakit. Seems to be an ideal middle ground between functionality and privacy.
They should have forseen the certificate issues and never implemented the system as it is, i.e. disabling addons that have been installed with a valid cert. At most there should be a warning. Addons are losing their configuration because of this and we have yet to see how they fix old FF versions. All of this indicates a total lack of foresight.
However, I see the value in having studies enabled and being able to test features and fixes with certain hardware configurations. Almost every software does it, because it's very useful. Maybe Mozilla, being an advocate for privacy, should be more transparent about it though.
- I had never heard of "Studies" before; which leads to
- I never agreed to be a part of Studies in the first place.
The docs says it must be opted in, so supposedly I have to give consent to it. I don't remember doing so. For all my life, I've always rejected any survey, opt-in request and similar stuff. I do admit there is a small, unlikely chance that I did opt-in. Maybe I misclicked it? Maybe I thought I was rejecting when I was actually agreeing to? Maybe someone else was using my computer and opted-in?
If this is indeed opt-in, and this unlikely scenario did happen, then I apologize for the rant. But I can't remember the prompt at all, and I would never consciously opt-in, hence the feeling of betrayal.
For the record: I now know what Studies are. I acknowledge that companies need to run A/B experiments in order to enhance their products. I just don't want to be opted-in by default.
> If this is indeed opt-in, and this unlikely scenario did happen, then I apologize for the rant.
No need to apologize. It's not really an opt-in if you are certain you would never opt in if you were aware of it, and somehow you accidentally "opted in" anyway.
I'm in the same boat, I would never opt in to any of this stuff. Now I had my "studies" setting turned off, so that's good. But when I looked at about:studies, it seems as though it had been on at some point in time (because it lists a plugin that it used for a study, or something). So I suppose that I actually opted out of this studies thing at some point, meaning it had been turned on without my consent either.
That's not enough. Opt-out features are wrong because organizations/companies know that most people won't pay attention or not fully appreciate the dangers of it.
They can just flip the option or create a version of studies called "enquiries" or force a new addon that you can't remove in the next update .. 3 years ago you'd think Mozilla wouldn't ever imagine doing things like that.
I'm a privacy conscious person so I disabled all spyware that Firefox included. But I went to check, studies was enabled, probably because it was included and enabled by default in the last years and I didn't notice. So how long until Firefox adds something else to have remote code execution rights on my machine?
Studies do send telemetry which is not quite the same as being spyware.
You can actually check what is sent, though there's no option to more finely disable studies requiring, say, cursor, keyboard or tab name monitoring. I haven't seen any such studies though.
The "remote code execution" thing is already there, it is called JavaScript. Almost every browser has it. Add-ons use it all the time.
As for browser code itself, it is open, go read the changelog. If you're extra paranoid, you can build it yourself. Study code is also fully readable.
>Studies do send telemetry which is not quite the same as being spyware.
How is software whose sole purpose is to send my information to a third party not spyware?
>The "remote code execution" thing is already there, it is called JavaScript. Almost every browser has it. Add-ons use it all the time.
JS on any webpage can't do whatever it wants, since it's restrained to the webpage itself. otoh I'm sure this "studies" thing can change my browser configuration (including my certificates, making me vulnerable to MITM) and probably even execute any command with my current user privileges.
They cannot, the studies use JS available to the browser though with internal APIs available. It is potent, but not quite as much as to allow running arbitrary executables outside the browser or usually bypass file system level protection. It can read and write files the user can access.
(Which may or may not include /dev on *nix.) It can also exploit your OpenGL driver.
The difference between spyware and telemetry is intent - use of data - and anonymization measures.
If you don't trust the company making the browser with user studies (and their toggle), you probably shouldn't use their build - and you can disable study code completely on compile time.
If Mozilla decided to be evil like a certain Alphabet company, there is nothing to stop them but forking and writing another web browser.
Sounds like you're arguing against a very specific meaning of the term "spyware". One that I'm unfamiliar with. It's not even the historical meaning of the term. I remember when it used to mean any application that "phones home" for any reason whatsoever--when apps ran locally.
It's pretty clear what they are worried about. That's not really arguing in good faith. And "intent" has nothing to do with it--also there is no singular intent from an organisation, if it goes wrong it's just stuff that happened but nobody to point a finger at whose intent it was.
Also, anonymization measures are a joke. It just shows an "intent" to anonymize. But when it turns out that the data is in fact easily de-anonymized somewhere between the browser and the aggregation unit, or in combination with the newest "opt in" monitoring feature, again no fingers to point and your only recourse is better having been safe than sorry.
Sensitivity of data? I'd associate "spyware" with "collects personal information", whereas studies that do not require explicit opt-in are only allowed to collect things on a level of "how many tabs are open", "has the user enabled this feature", and things like web browsing history or data derived from the history are explicitly excluded. If you don't trust Mozilla to hold that standard, then yes, you probably shouldn't use their product.
(Which apparently played part in the Mr Robot idiocy: since it didn't collect any data, it was easy to get it through the process...)
I don't like lots of stuff Mozilla is doing, but I trust them more than the alternatives to actually do what they claim privacy-wise.
Chromium has a working exploit (AFAIK it still is not patched) that allows third-party code to masquerade as first-party code. Unless you run a special addon[1], you are vulnerable to this.
The fact that I still can't find that it's patched now tells me nothing good about the health of the ecosystem and who it is meant to serve. That should be all the reason you need to switch to Firefox, which admittedly also has huge warts but to my mind ones that aren't quite so egregious.
You make it sound like it's a third-party RCE; but it's a cookie bypass, so it's tracking -- that's serious still [and the implementation sounds illegal to me].
The companies Instart Manager (used by cnet, tomshardware, etc., see link) and Upmanager that are doing this workaround of ublock -- are they not able to attack other browsers, only Chromium? I guess one benefit of being the biggest advertising company is that people don't want to mess with Google's stuff in case they suffer financial repercussions.
This has nothing to do with ublock origin specifically, ublock origin's author just happens to have a band-aid for this exploit. Assuming I don't misunderstand what is happening, any other blocking plugin is vulnerable as well.
> people don't want to mess with Google's stuff
I don't understand what you're saying. Chromium is vulnerable and by extension, so is Chrome.
Edit:
> You make it sound like it's a third-party RCE
I don't think I am. I said third-party code looks like first-party code, that is precisely what is happening.
It's third-party cookies, look like first-party cookies, isn't it? Whilst they are "code", that's misleading because it's not being executed; which is what makes it sound like an RCE.
I believe so. To quote: "The purpose of Instart Logic technology is to disguise 3rd-party requests as 1st-party requests"
The net result of this is also that third-party javascript will get loaded as if it is first-party. Third-party content will look like first-party content in it's entirety. This subverts any potential security features that rely on being able to distinguish a first party from a third party.
Looking Glass is a collaboration between Mozilla and the makers of Mr. Robot to provide a shared world experience
Mozilla wants to know more about knowledge and opinions of news on the Web.
Etc.
There are also links to what seems to be internal documentation.
It shocked me the interest and the infrastructure they have just for collecting information. This is not just a couple of developers trying to figure out what feature is used and/or studying bugs.
"To provide this fix on short notice, we are using the Studies system. This system is enabled by default, and no action is needed unless Studies have been disabled. [..] It may take up to six hours for the Study to be applied to Firefox. To check if the fix has been applied, you can enter “about:studies” in the location bar... "
Consider running Icecat. It's most convenient to use it by installing a fully libre distribution such as Parabola or Guix System. Distributions which respect the FSDG don't just exclude proprietary software, but actually take software like Firefox which is 99% libre, and chucks out the last 1% of junk, improving many defaults. You're unlikely to have ethical qualms with such an Icecat.
I switched to FF a couple of months ago, and was not opted in to Studies automatically. I'm based in Norway though so maybe GDPR had something to say. I had to opt-in to Studies to fix the certificate issue.
No, it does not. David, this is just wrong. Existing add-ons do not become suddenly insecure.
What it does is allow you to install add-ons not signed by mozilla. Essentially the same thing as installing software not originating from the iOS and/or Mac AppStore, or the Ubuntu/Fedora/etc distro repositories, or the Windows Store, or the Play Store.
The signing stuff might protect some less tech-savvy users from installing "You need this codec to play this porn video" malware add-ons, same as the other walled gardens I listed do too (tho most I listed have still a door in the wall that you can unlock and open yourself, unlike Firefox Desktop).
But that's it. It is a "seal of approval" scheme saying that mozilla reviewers decided something is secure enough and has an OK quality (and wasn't forced to remove by US laws/authorities courts yet), implemented using DRM. It reduces the chances that users will install something malicious by accident/incompetence.
If users still run their add-ons from AMO, then there is no difference. Unless a bad actor can either MITM AMO connections or compromise the AMO servers. At which point the users has a lot more problems already than potentially malicious browser add-ons.
And what's the problem with not having that? Does it suddenly make my installed extensions insecure?
I (somewhat) get it for the standard windows user who gives admin rights to everything, but I think this crowd is a bit more aware of what they install.
Last I checked Firefox still gives at least a warning + confirmation dialog if you try to install an unsigned / improperly signed extension with xpinstall.signatures.required = false, no?
Disabling all add-ons doesn't help security either.
So far I have neither an update on ubuntu-desktop nor on android (with default package managers) so without this option I'm supposed to use the internet without adblock & umatrix? lol no thx
The only "security" it provided was to prevent people from installing add-ons that Mozilla didn't approve of, ostensibly ones it thinks are malicious, and I'd bet that on Android (which has its own app isolation features anyway) that's even less of a problem.
Not exactly. You can install add-ons from outside of Mozilla add-ons site.
The extra certificate is more of Mozilla's seal of approval.
This is why quite a few of my add-ons were not disabled - they were installed with trust from another site and this intermediate certificate was never in chain.
You could even manually sign these add-ons you trust with custom imported CA key for your personal or corporare vetting.
My add-ons are more important security features, that are needed right now, whereas the signing thing only protects when you install a new add-on from an unreliable source. (EDIT: it actually only applies for add-ons installed from the Mozilla add-on store website ... silly me for trusting that place)
Come to think of it, why did my add-ons get disabled, given that they already had been checked against the signing key when they got installed? Why is this (literally, it seems) being checked constantly instead of only when something about the add-ons changes?
I was already a bit mad at them for removing RSS support and claiming their proprietary service that's built in is an alternative, now their proprietary service keeps working (presumably, I didn't use it but it's not an addon so I doubt it's signed the same way) and I can't use the RSS addon.
I know this was a mistake, but I can't help but be mad that their proprietary built in stuff effectively gets a free pass and special treatment and meanwhile I can't use RSS and all my containers were deleted (those didn't come back after the study was pushed either).
Never hear Mozilla claiming anything about a prioprietary service being an alternative to add-ons. The reason for which built-in RSS support was removed is that it was much crappier than the add-ons available.
I can't find the link right now (I could swear I commented on the article here, but maybe I'm grepping for the wrong things in my comments), but in one of the blog posts where they announced removing RSS they advertised Pocket as the alternative that was still built in. Their RSS support was pretty terrible, but even so this sort of attitude was infuriating already, and now to see it have a leg up because they get to own the platform and the app just puts me over the edge. Not to mention that I have to dig through like three levels of settings to disable the damn thing and remove it from their stupid cluttered home screen every time something happens to my settings in the mobile version (which is alarmingly often).
I like Mozilla as a company, but I desperately wish there was an alternative sometimes. Anyways, sorry for the rant, I'm done (for now).
Huh? When was it promoted as a replacement, by whom? It’s not even in the same product category/
RSS aggregates updates to websites without needing to check them. Pocket takes an article you have open in your browser right now and saves a local offline copy on your phone. They’re apples and oranges. Apples and orangutangs, even.
How odd to construe an attention-grabbing headline for Mozilla's official party line. As another comment said, RSS isn't mentioned once — actually, it is, but it's an advertisement for the Verge's own RSS feed.
LiveMarks really is a fantastic addon to bring back Live Bookmarks functionality. That said, I've always been a fan of native browsers for their inherent advantages. Never felt the desire to use anything else, unless it has significant usability improvements. Phoenix/Firefox was always that browser for me. I usually suggest people use their native browser (Edge/Safari), and if they want an upgrade, to go to Firefox. With all of these recent debacles, it would be hard for me to not suggest the new Chromium-based Edge to Windows users and crossplatform.
I use containers too. I didn't loose any data after I enabled dev mode and added the extension back. Perhaps you removed the existing extension first and lost data that way?
It's odd - on my laptops, my multi-container settings were preserved, but I opened firefox on my desktop last night and they had vanished. I did not remove any add-ons myself.
Only difference is that I restarted the desktop Firefox and also enabled Shield studies to get the temporary fix. On the laptop I just upgraded to 66.0.4 and only then restarted it.
To the best of my understanding, here's what happens.
* containers.json is reset to default
* if you have any non-default containers, they are lost
* the underlying data is still in IndexDB (??) but isn't connected to the custom containers that were wiped out
* if you're clever and can read the IndexDB (or wherever the data is, it's moved a few times) then you could probably rebuild your containers.json file
About time. Embarrassing bug. The only reason i didn't permanently swap browser is because of the lack of alternatives since none has the functionality I apply through the addons.
I switched to the Dev build[1] with 'xpinstall.signatures.required = false', and now that it's fixed I don't know if I'll go back. There seems to be a bunch of new features in Dev that I assume will arrive in Firefox eventually, but everything else being equal, I think I'll stick with it.
I'll probably turn 'xpinstall.signatures.required' back to true though.
This is what I run and that fix worked. Are they planning on patching the dev build anytime soon? Doesn't look like there is an update for it. At least one can turn that stupid feature off until there is.
I haven't Switched yet but I fired up my Vivaldi install and have been impressed. A lot of little annoyances that I got used to with the new extension restrictions aren't there because the functionality is built in (like mouse gestures and tabs on left).
I first started using Firefox as my default when I unzipped a version of Phoenix off a CD which came with a computer magazine.
I installed Vivaldi, and moved shortly back to Firefox. The two things that did it:
1. I accidentally saved the wrong password to a site. When I went to fix it, it said I needed to login to my Google account to change my stored password.
Wait, wat?! You are sending my passwords to Google, unencrypted, without telling me?!
Thai is not acceptable, aside from - What else are you sending?
1b. I see that it saves non password fields without my asking me to save them, and sending that to Google as well. Hmmmmm.
2. It has twice crashed and lost all my open tabs (yes, I have a tendency to keep many open tabs).
Also, for all I know, they are selling my bank account login. Research into the history of Vivaldi (semi fork of Opera) and its dev team left me unsatisfied who they are and that I can trust them.
It probably sends less data to Google than Chrome (which gets every single page, its contents, how long it was open, etc. but is hardly a contender if you want a browser and not just spyware.
Vivaldi doesn't save passwords using Google. Did you perhaps click on a help link that sent you to a Google support page for Chrome?
I see that if you click the password icon the address bar and click the "Manage passwords" button it opens the default password settings page inherited from Chromium (vivaldi://settings/passwords) which includes a link to a support page for Google Chrome (https://support.google.com/chrome/?p=settings_password), but not all the information on that page is applicable to Vivaldi. In particular, Vivaldi doesn't use Google but rather its own account system for browser sync (which is optional, same as Firefox and Chrome).
That appears to be a bug, since that legacy Chromium password settings page isn't Vivaldi's normal password settings page (vivaldi://settings/privacy/). But it doesn't seem malicious.
Incidentally, the built-in password manager in Vivaldi (as well as in Chrome and other browsers based on Chromium) doesn't let you manually edit an existing password, whether or not you use an account to sync them. You can only update an entry by signing into a site with a new password and confirming the password change if the browser detects it, or deleting the old entry and saving a new one. A limitation compared to Firefox's password manager, though I do appreciate the native ability to generate random passwords in Chromium-based browsers. I hope Firefox and Chrome copy each other in those regards.
I haven't experienced any crashes with Vivaldi, though I don't use it as much as other browsers such as Firefox so perhaps I've just been luckier.
It was founded by Norwegian developers who left the original Opera (either due to switch from the old Opera browser to the new interface, or because the company was sold to Chinese investors). I do wish they were more open with the source code, but anyone who was comfortable with using the original Opera back in the day should be okay with Vivaldi. More so than the current Opera, I think, which I still see many people using due to brand recognition I assume.
You'll be several revisions' worth of security patches behind. For an application that is usually one's main means of accessing the rest of the internet, that would be a deal-breaker for me.
In this case, I was more insecure being subjected to advertising networks (and the malware carried on them) because of Firefox's mistake which meant I wasn't able to load ublock origin. I'm also not sure how many of those "security patches" are intended to make my browsing experience safer, or simply meant to implement bizarre policies that might blow up in my face at any time (as this certificate issue has).
It's a trade off.
I assume (and hope) Firefox will eventually get their act together so I can go back to using it, but if not at least I don't have to jump ship to chrome.
It's a bad trade off. Every security related bug Firefox fixes is a how to guide for ruining waterfox users day for anywhere from weeks to years.
This will grow increasingly challenging if the code bases diverge in order to keep old school add-ons working given that waterfox has virtually no man power.
One solution would be to have a dedicated computer which is considered compromised from the start. Don't store importent stuff there, don't do money related activities etc. This way you have a convenient browser for 99% of the time - without stupid restrictions and Mozilla control.
This is a highly impractical way to live life just to make some stand. It's cutting one's nose to spite one's face.
There are other actively maintained browsers with plenty of eyes on them and manpower behind them, many with vibrant plugin ecosystems, just use one of those.
This "bizarre policy" was software signing, which is in fact a security feature.
I don't understand what "getting their act together" means here, when you're posting it on an announcement that the problem has already been fixed. Should Firefox proactively remove all security features that risk ever posing some modicum of inconvenience to users? Because that would be... all of them.
In this scenario, malware add-ons would be signed only for that particular Firefox installation.
Essentially, I am arguing that Firefox should let you create your own signing key pair (which would be valid only on that single Firefox installation) and sign any add-on using it.
It's a large enough hoop that most users would not jump over it, not least because they would not know what they're doing, but it would be there for those who need it and relinquish the central point of failure that is the AMO.
The current situation is basically the Secure Boot fiasco all over again.
I've been using Waterfox on Windows for awhile along with the new Firefox, but now I am going to replace the Firefox install with Brave. Best of both worlds.
I switched to Chrome before this after Firefox started randomly requiring me to close it out and re-open when switching wifi hotspots too often, and connecting/disconnecting from VPN too often and this was on multiple laptops and fairly recently.
Did this issue cause all add-on data to be wiped? After updating to 66.0.4, all of the containers I'd created with the multi-account containers add-on were gone and replaced with what appeared to be a default set of containers. I spent a lot of time setting that up—is there no way to get it all back if I don't have some sort of manual backup? And if not, what files do I need to manually back up to make sure I don't lose my data next time?
Edit: To be clear, at no point did I delete the add-ons I had installed.
> If add-ons that use Containers functionality (such as Multi-Account Containers and Facebook Container) were disabled as part of this problem, any lost site data or custom configurations for those add-ons will not be recovered by this release. Users may need to set them up and login again in about:addons (Bug 1549204).
> Themes may not be re-enabled. Users may need to re-enable them in about:addons (Bug 1549022).
> Home page or search settings customized by an add-on may be reset to defaults. Users may need to customize them again in about:preferences or about:addons
I don't know if there is a way to manually recover the settings you lost. It might be a good idea to check the related links in the release notes for more info.
I could never understand why they were not synced. Its so incredibly frustrating, and the official reason does not help.
I simply don't understand Mozilla anymore. The power users are also the unpaid evangelists/marketers. They seem determined to alienate this demographic while iOS'ifying Firefox for a general audience. Which is great and all until they realize they don't have a marketing budget to complete with Google and MSFT.
> I think it was issue 339 on GitHub. They basically explain they won't add it to sync data because there is no containers on mobile.
Makes you wonder how on earth their data sync is working with regards to mobile. Surely if it doesn't have the components to leverage the data it just wouldn't read it..?
I too lost my multi-containers and assignments. I was just reading this (2017) discussion: https://github.com/mozilla/multi-account-containers/issues/3...
and noticed mention of file 'containers.json', which I found in my current Firefox profile. It contains the descriptions of the containers I created since yesterday (for the 3rd time).
So it looks as though a manual backup of that (or the whole profile, knowing its in there) at least will end that chore.
But you still lose the Container -> websites associations. The same page recommends: "An effective way of exporting and importing containers safely is using ffcontainers."
I found that the changes I made to container names and colors were reset, but my hostname assignments remained. I guess those were two different datasets and only one was reset.
Is a more robust way around this to use a trusted timestamping service?
This is the way code-signing on Windows works, and allows you to prove that code was signed by a valid certificate while it was in its validity date - so even once the certificate expires, the code will still run as long as the cryptographic timestamping signature is valid.
Not sure why you don't have a scrollbar. On my version of Firefox (Firefox Developer Edition 67-0b16) the certificate list does have a scroll bar and can be navigated using the mousewheel. Can't speak for stable Firefox since I don't use that version.
No, not that I am aware of. In my own experience it actually took me longer to find alternative ways of bringing awareness to a bug I was having than it did to signup to Bugzilla and report it there.
I don't have any particular in mind, but also future versions when they are old: will every version of firefox have a certificate that expires at some point in it?
Note that these statistics would, presumably, exclude all users who disable telemetry in Firefox. Since many of those outraged at the interruption to addons seem to overlap frequently with those who object to and disable telemetry and studies on principle, their departure over this incident could well have no impact whatsoever on the metrics you linked above.
It must be a nightmare for the Firefox team to have a minority group of quick-to-anger users that refuse to allow themselves to be taken into account by usage metrics, refuse to allow their browser to participate in studies, and then object loudly when decisions are made that discount them.
Mozilla didn't have to structure their addon system in such a way that their (in)actions could disable the addons of every Firefox user on the planet.
Mozilla did not have to abuse the studies mechanism (also on by default) to ship a workaround.
Mozilla did not have to disable the option that would let me work around this problem by myself (which is going to cause me no end of fun when I get into work tomorrow). If the Firefox team thinks their development concessions are a pain in the ass, try being directly accountable for the repercussions, in the "I will be fired if I don't fix this", not the "I will be talked mean about on the internet if I don't fix this" senses.
Mozilla didn't have to bundle junk like Pocket and the now-scuppered Hello, both of which could have just as easily been addons suggested on first run.
Mozilla didn't have to push promotional addons (the Mr Robot thing) without my express prior consent.
I grow exceedingly weary of this narrative that Firefox is above all reproach and criticism because they produce a web browser.
How about this instead; if Mozilla wishes for its users to respect them, they can start by respecting their users. That means no opt-out telemetry period, no paternalism about what I can and cannot install, or what options I can change, and so forth.
I am beyond sick of this shit. I would love nothing more than a true third option for browsers right now. Firefox hates its users, Chrome sees them as cattle - what's left? I have to use one of the two and take ridiculous steps to cover my own interests, because neither of these companies have them in mind.
"Opt-out telemetry" creates precisely the scenario I describe, where the users who care most are least visible to Mozilla, at which point their needs would go unconsidered; no one knows they exist, how many of them there are, or why they're opting out. This remains true regardless of why, which negates your entire list of issues, replacing them with a simple question that is very difficult to answer:
How could Mozilla respect the needs of users who opt-out of Mozilla knowing they, and their needs, exist at all?
How could any creator of anything?
If you can't identify who your users are, you can't ask them questions, and you can't tell if they're "vocal 0.001%" or "vocal 40%" of your userbase — then what consideration could you give, as a software developer, for their needs?
You can refuse to change, and simply always offer the one thing you offer, and accept that you're the best option for a minority of users over time. You can continue developing to your own needs, and let them stay or go as they see fit. You can try to read the tea leaves of internet forum posts, but that comes with a huge penalty to significance. You can try new things and try to tell from the howls of outrage whether it's a wording error or a direction error or simply "change is bad, I hate you all".
Opting out is not free. Opting out comes at a price to you. Your needs will be less likely to be considered, and your solutions may change in ways that are not to your liking. You have every right to opt out, but is the price of that acceptable to you?
ps. If you can solve how to let users of something influence its creator in a fair and just manner, such that all users have equal influence, while opting out of being known to that creator to exist at all, you will be a billionaire within five years.
>If you can't identify who your users are, you can't ask them questions, and you can't tell if they're "vocal 0.001%" or "vocal 40%" of your userbase — then what consideration could you give, as a software developer, for their needs?
I'd ask for feedback, and when that feedback is given freely, even when unsolicited, I'd take it on board and act accordingly. I would ask if people want to participate in "telemetry" and "studies", not assume they do without affirmative prior consent.
Mozilla is breathtakingly bad at this. They're about as responsive to feedback as GNOME/Freedesktop.
I most certainly would not put spyware in the product and turn it on without asking first. I'd most certainly never get myself into a situation where an oversight can simultaneously break every copy of my software ever deployed.
This idea that you require all copies of your software to phone home to make effective development decisions is bunk. We got along just fine without that garbage for decades.
> How could Mozilla respect the needs of users who opt-out of Mozilla knowing they, and their needs, exist at all?
How about surveys or well, common sense?
I'm a tech oriented person who cares about privacy. I want software that is lightweight, configurable, with sensible defaults. For any features besides the basic functionality (in this case: browsing the web), I don't want to opt-out, I want to opt-in.
Privacy oriented means for me that the software I use doesn't send one bit of data that isn't necessary for its basic functionality. I use a "dumb phone" because of this. I never understood how anybody can think telemetry and privacy can co-exist.
I want a Firefox without Pocket, Send, Screenshot Tools, Sync, Clickz, any cloud based service. I only want a fast, lightweight browser that doesn't send any unnecessary data anywhere without me explicitly configuring it. That's a sensible default for me, really. Software used to be like that.
I'd also like to configure when my software looks for updates. My Linux distro let's me do that.
And it would be awesome if all other functionality (like Send/Sync/Pocket, etc.) is available via optional plugins, or in another "full-featured" version of Firefox. The deluxe edition or whatever.
I believe I'm not alone with these ideas about software. In discussions about Firefox these things always come up. There are github projects [1,2] with 1600 and 1200 stars about hardening Firefox. People care about privacy. It's not hard to find this part of the userbase.
The idea that you can't create software for your users without telemetry, is what leads Mozilla to disregard their privacy oriented users in the first place. It's depressing.
And even if I allowed telemetry on my system Mozilla wouldn't learn anything about what I wrote here. It's useless.
A brief search of "site:blog.mozilla.org inurl:2019 survey" shows a bunch of results, and even more for inurl:2018. Have you signed up to receive unsolicited email from Mozilla in any venue? If you've opted-out, then you may be experiencing observer bias.
In the old days, and today in every other industry but tech, if you want to understand your customers you survey them, do focus groups and listen to unsolicited feedback.
> "Opt-out telemetry" creates precisely the scenario I describe, where ... no one knows ... why they're opting out.
Telemetry doesn't tell you why users do anything. They would have to ask, which doesn't require telemetry. There used to be a form for submitting feedback.
> How could Mozilla respect the needs of users who opt-out of Mozilla knowing they, and their needs, exist at all?
Because of the values and principles that Mozilla used to share with its users, the principles that underpinned the first implemenation of Firefox Sync and were completely abandoned in the current implementation.
I trusted Mozilla because they didn't require our trust. They understood this principle and designed their systems in accordance with it.
>no one knows they exist, how many of them there are, or why they're opting out //
They're burning half-a-billion a year of Google's money, they can afford to have an intern run filters to capture stories on HN, reddit, slashdot, ... amalgamate the main points and make them available as part of the user feedback.
Presumably many of the devs at Mozilla have been using it for the last 15 years too and also value a privacy-centric advertising-lite web.
So you're going to complain about the software breaking and also complain about them pushing a hotfix for it?
This whole situation isn't ideal but it's absurd to me that people are upset about hotfixes for a bug that they found extremely inconvenient. Do you like the bug or not? The option to turn off the system they used for hotfixes is right there in the privacy settings and they even show you what it's currently being used for (and what it was used for in the past). Like it or not, as far as I know every major browser (maybe not Safari?) is doing the exact same thing except they're less transparent about it.
I have literally no idea how to identify what experiments and rollout flags are quietly turned on for my install of Chrome and not for other people because it's not documented anywhere. At least in Firefox the option is right there and so is info on what the option does.
"No opt-out telemetry" is a great idea that doesn't function in the real world. If you ship online-connected software with 1m+ users that doesn't have a way to deploy hotfixes or a killswitch for dangerous features or basic telemetry, that is incredible negligence because all it takes is a single bug or a single unanticipated act by a third party and you're DDoSing someone or causing other kinds of mayhem. I'm quite serious. This is why most vendors operating at Mozilla's scale have the same set of tools at their disposal, even if they don't tell you about it. You cannot deploy large-scale connected software in the real world without doing this. It's one thing to go 'Word shouldn't have any telemetry' (okay, sure) and another to go 'this app that connects to thousands of servers, is left open all the time, and runs remote code should not have any telemetry or automatic update mechanism'. The latter is naive on the level of 'just don't write any bugs and your software won't need updates'.
So you're going to complain about the software breaking and also complain about them pushing a hotfix for it?
The right way to do this is to push a new release, which they've done. The absolutely wrong way to do this is to silently push a fix through a back door that's open by default and rightly shouldn't exist in the first place.
Yes, you can do things more efficiently when you ignore the rules and subvert reasonable expectations. Generally though, society takes a dim view of this.
>If you ship online-connected software with 1m+ users that doesn't have a way to deploy hotfixes ..
That way is checking for updates, and then asking me if I want to install them. Most software does this and it works fine. There are no privacy implications for hitting an API for a number and checking locally if it's higher than a number I have. All clean, all above-board.
That way is emphatically NOT playing like a sneak and making changes silently and remotely without asking me about it first. I don't care what you think your good reason is, you don't have the ethical/moral right to make changes on my property without that affirmative consent.
If Mozilla has you that angry, I can't imagine what you must go through every time you interact with any other company. Your points are not completely invalid (most of them anyway) but you might want to rethink where you spend your time ranting in some fury, encouraging people to move away from the only open browser with any sort of market share in favor of our new monopolist. Firefox is not beyond criticism but I think they get plenty of it already for all the good they do compared to everyone else, and a mad fury like this might be better spent contributing to the project.
Mozilla does not "hate" its users. This comment is way too emotional and dogmatic. Firefox is not above reproach but the presentation of your message leaves a lot to be desired.
What if what you see as “anti-user moves” turned out to be directly beneficial to a thousand times as many people as a few that agree with you?
If you see all instances of someone disagreeing with your ethical and logical judgements as naked contempt, then you will never be able to perceive anyone’s true motivations, in order to argue your case more persuasively and find out whether they understand your views.
Outrage has jumped the shark. Everyone disagrees about everything, which is hard enough to address without declaring “naked contempt” any time a choice is made that isn’t in your favor.
“How dare Firefox check for updates from a remote server” is a real thing that’s been said in support of many “privacy” guides that disable all Firefox and addons autoupdates, so I wouldn’t bet the farm either way.
Yea but there is valid reasons for controlling random network access with an iron fist. It's not usual user behaviour but it's one of Firefoxes many niche audiences. Alienating them will just fragment the base. Also remember these vocal niches bring in a lot of family and friends as well.
I was on the reddit thread when it happened - was super confused as I just updated my firefox and it happened at a very similar time frame so I assumed it was from the update
I personally found the issue trivial, my main addon is ublock origin. There was a workaround using about:debugging and installing UBO on there which worked so it's not like the fix was a long process.
Being committed to a single browser, if anyone was using firefox for as long as me, I can't fathom someone leaving their main browser over something like this. I haven't been using it for THAT long but what if Chrome did something like this too? Then they'd move to another browser that's not FF/Chrome?
I too use only two extensions, uBlock Origin and HTTPS Everywhere and the hotfix pushed by Mozilla re-enabled them within half an hour of disabling. I do sympathise with those who apparently lost the settings of certain addons, notably Container based ones. Fortunately I always found the UX of Containers so clunky that I never bothered.
Sticking with Firefox as an open competition to the browser monopoly is critical now more than ever before.
> Sticking with Firefox as an open competition to the browser monopoly is critical now more than ever before.
I think this fact cannot be emphasized enough. Or we'll have the 90s monopolized web again: "Optimized for Chrome" - not that there'd be a lack of websites already doing that as of now.
I have been on the tipping edge of switching from FF to another browser for a long time now.
Short-lived bugs such as this one do not annoy me as much as the terrible performance of FF. It is not rare that FF uses 2 cores at full utilization all the time.
I always end up installing a new browser out of anger, but I _always_ come back to FF for its great features that I have become addicted to.
I took the opportunity to check out Vivaldi again. Wow. It's so polished compared to Firefox. The downside is I'm now supporting the Chromium monoculture.
I really like brave, but right now FF is still my main. Brave is still needs some features. The whole syncing bookmarks and wallets thing is really annoying. I'm glad the way they devised is secure, and privacy sensitive, but it's still a pain in the ass.
I've switched to Vivaldi on my desktop and Brave on my smartphone. For now. It's been three days and I'm still waiting for an official release with the add-on fix, can't wait forever.
I have to say I was very pleased that the Debian-ESR package a) disables telemetry in the build and b) ESR still allows you to override the extension signing for now...
Lost my containers yet again, I am now on the last straws with Firefox, this whole Normandy thing is not helping the case. Firefox never asked me to opt in!
Surprising no one. The real question is whether the apk is available somewhere so people don't have to wait for our favorite walled garden to mercifully pass the update.
I'm really worried about the average users not knowing what happened here. At least an email should be sent informing about the issue. But I guess many of those average users don't have a single extension installed, no problems for them.
The average user doesn't really need to know. The problem was fixed, there is no action on their part needed and there is no future risk like a data leak.
The fix doesn't seem to work if you've been using Firefox Beta (67.0b16), or if you then install Stable (66.0.4) and sign in to sync - all addons are still marked as "legacy" and not enabled.
However, if you find each one in the store and (re-)install them - they work again and their data is back intact as expected.
I've always been a fan of native browsers, and have been using Chromium-based Edge[0] as my daily driver at work. While I wasn't one who was impacted by the extensions change, The removal of Live Bookmarks really stung for me, as I've used that feature since 2002.
Container support (with Containerise), a dedicated search bar to use with DDG bangs, and easy 'send tab to device' is what has me holding on today.
But I have to admit that Microsoft's eventual offering is pretty appealing, a Chromium-based browser with the advantages of Chrome's compatibility and Edge's conservative battery sipping. I'm one who has always liked and even preferred Microsoft's products and their integration on as objective of a basis as a human can muster. Even if it's in different aspects, I think they're going to probably have Edge become a package equally appealing to the things I love about Firefox. Edge/Safari are definitely where I'll go if Firefox really starts circling the drain, but having been on FF since it was Phoenix, it'll take more than this debacle.
Our extension sets https://www.givero.com as the default search engine. After the extension got disabled and re-enabled, searches now default to Google.
So this fix is not complete.
Our efforts in getting Firefox users to install our extension has been in vain. "Luckily" we didn't have many users yet but imagine the amount of money this will cost bigger search engines like DDG, Qwant, etc.
> but imagine the amount of money this will cost bigger search engines like DDG, Qwant, etc.
People use extensions to change the default search engine in their browsers? I honestly thought only malware does that; regular people use the Settings menu.
Mozilla pushed a hotfix yesterday but it only worked on certain builds of Firefox, and only for users which had the user studies setting activated. Today's update should be a more permanent fix.
Please don't lower the value of run_interval_seconds like suggested there. If many people do that it will cause those of us on the ops team for Firefox's backend services some headaches.
I understand the sentiment, but "Please turn on studies and wait for an undefined amount of hours to get the fix" is also causing quite a bit of headache, so especially without a good (publicly given) reason to not tell people to download the studies XPI directly and fix it immediately you might want to overthink the impression that leaves on users.
That is not a complete statement of the changes shown. In addition to the unexpired certificate, it takes step to reenable any addons that were disabled by the expiration of the prior certificate.
This is the Mozilla release. It will take a bit for the Linux distros to get it packaged and into the repos. Even the Firefox install on my windows machine here doesn't see it as an automatic update yet.
>They [the original Phoenix devs] believed the commercial requirements of Netscape's sponsorship and developer-driven feature creep compromised the utility of the Mozilla browser.
Probably less important given the type (and number) of users who are on Firefox Nightly, but it's still at "68.0a1 (2019-05-03)" without an update available yet.
I've been waiting to see this. Just updated from 65.0 to 66.0.3. My addons are still disabled. Tried to install ublock origin, and it's not letting me. I'm getting a "Download failed. Please check your connection."
This is crazy, and I'm really disappointed with Mozilla. I'd leave firefox right now, but I don't want to contribute to the destruction of one of the last good pieces of software not owned by Google.
I noticed that after posting. :o
EDIT: "gorhill"... I was seriously just on your GitHub account, like 15 minutes ago. I knew I've seen that username before. Thanks for making uBlock Origin!
opera is now just the chrome engine. I don't think there's any alternative to chrome but firefox now-a-days, as even microsoft gave in and started using chrome's blink engine.
studies, normandy, looking glass, forced signing of addons... Mozilla is giving away a lot of good-will lately. Still my favorite browser, but I don't like the general direction. Privacy should always default to true.
I hope for Mozilla to find a source of income that isn't Google, because they did a lot for the web. Let us just hope they don't need to make too many compromises.
Why on earth are you running such a massively outdated browser? You should at least switch to pale moon, basilisk, or another maintained browser. God knows how many vulnerabilities in the wild there are in 56.
I don't think I or anyone else need to justify why they still use the 56 ESR instead of pale moon nor does that have anything to do with the question of whether there will be a fix for this version from Mozilla.
Clearly a few feathers have been ruffled by even broaching the fact that many people still use the 56 version because crtical extensions still have no equivalent under quantum. Snark is not allowed even when asking a relevant question of whether there will be an update. Sad.
Win7 gets security updates until somewhere in 2020. After that point, anyone still using 7 will be better off upgrading to 8/8.1/10.
Firefox 56 is not an ESR. It does not get security patches. From a quick look, there are public CVEs[0] that allow for ROP code execution almost effortlessly.
Security was always one of the big reasons behind keeping browsers up to date (the other reason being propagating new standard faster).
Besides, I wasn’t suggesting updating to latest firefox. I specifically mentioned pale moon and basilisk because they support old style extensions, while hopefully keeping up with the security fixes and other improvements to the engine going in mainline.
Windows 7 gets security updates. But I do agree with your general point, fear of vulns pushing you to broken versions feels wrong. I've been on 55 myself (since 56 already broke some stuff) until a month ago, upgraded for security reasons, giving up convenient tab switching with the mouse, mouse gestures in view-source tabs, stable vertical tabs (tree style tabs is not super stable), quick toggles for javascript/css/proxy, etc. :/
Considering that firefox gets upwards 70% of the users onto the latest version within 4 weeks or so of a new release, I don't see the point, doubt chrome is an issue for this as well, only reason I can see to support ancient browsers is if you have intranet web apps that only function is IE6-IE10 and you need to be able to run it there as well
Ever consider that some users cannot afford to upgrade? There's a lot of homeless people around here who only have phones (no laptops), and they are very old. Many run android 2 still. You must support established standards, even old ones, to remain good to all users and avoid prioritizing services for the wealthy.
Why is it so hard for moz://a to provide something similar as an official workaround? Here is the cert, import it and you are good to go. Instead we have the opt-in to studies and update your browser nonsense and no fix for days.
What about updating also the beta channel, I am using 67.0b16 and I still think I am affected because, not updates since and all the addons are shown as "ALLOWED IN PRIVATE WINDOWS"
> A good outcome of this certificate fiasco is that many firefox users learned about the "studies" and "Normandy" brain-damage and promptly disabled them.
I'm actually curious about how the common user reacted to this. There isn't a clue about this on (1) the add-on page, (2) Mozilla's home page, (3) no emails sent out (I get plenty of other emails from Mozilla).
Currently, when you try and (re)install an "unsupported" add-on, you get a cryptic message stating: "Download failed. Please check your connection."
So the only communication from Mozilla is that it's my fault and I need to "check" my connection.
Honestly... there's so much fail here - even at the communication level.
>I'm actually curious about how the common user reacted to this. There isn't a clue about this on (1) the add-on page, (2) Mozilla's home page, (3) no emails sent out (I get plenty of other emails from Mozilla).
That's a good question. Of course we have to assume we're talking about the common add-on user, since some users don't have addons.
An incredible 3.2 million users (out of 10 million daily active) attempted to download Adblock Plus on Saturday, after it was disabled. Some of these might be duplicates of course, but I think this suggests:
(1) most users who use addons noticed when they were disabled
(2) most of them were confused (at least initially) about the reason this happened, since there was no direct communication from Mozilla about the problem in the browser itself
(3) many of these attempted to redownload their extensions as a solution to the problem
It's just the usual tug of war between developers and users for control of the computer.
A completely careful open source project would normally leave such controversial things off by default, and moz which leans corporate will go part of the way towards enabling such features. I don't mind their compromise, they do good.
Because functionality like that can be used to enable/disable features outside of tests as well. For example gating new things which could become a stability issue. Sometimes it's a choice between control or no control. Sometimes it's between your browser crashing or not. The power users will care about control, but the general population of users not really.
> For example gating new things which could become a stability issue.
And yet we were somehow able to ship stable software to millions of people in the days before telemetry/studies. What telemetry/studies truly provides is offloading QA costs to users.
Sure we were. I have video games that were pressed to CDs with no possibility of updates and they still run to this day. On a complete play through of many of them you wouldn't notice a single bug.
Using users for QA has made us lazy and borderline incompetent.
I think you're thinking of extreme cases here like games which are released with bugs these days for holiday rush, because the patching is easy / built-in. That's not the case for everything and not the case for Firefox.
And the stable software in the past may be due to nostalgia. They had bugs. Even before dialup was common, games were patched: Diablo 1 had a number of patches for example, Quake 3 went up to 1.32, Dune 2 (1992) got 1.07. We just accepted bugs, because... what can you do?
Yes, running experiments on unknowning and unconsenting users is unethical, especially when the metrics being optimized for usually aren't in the users' best interests. The widespread acceptance for this behaviour could definitely be classified as brain damage.
> the metrics being optimized for usually aren't in the users' best interests
Do you have any source for that? If you truly believe that Firefox is optimizing metrics that aren't in the users' best interest in general, why are you even using said software in the first place?
>What other browser can you use if you are interested in some sort of privacy?
Waterfox, Safari. Some others too but they're a pain to use (ungoogled-chromium for example). Chrome itself has a bunch of binary blobs so I would stay away from that.
I think this can be compared to McDonald's slightly altering the recipe of something for part of the country. I don't find that unethical at all, and frankly the things we put in our body are a lot more personal than which web browser we use.
That is dismissive of how much value people place on their selves and digital aspects thereof. My identity, private conversations, and sexuality are infinitely more personal than the food I consume.
I agree that it’s appropriate to A/B test changes, within reasonable bounds. I wish the debate would focus more on what the reasonable bounds are to each objector.
Yes, but it isn't (well should not be if they want to stay within the law) adding completely random drugs an garbage to the food. It may be seeking cheaper recipes with no sales losses, better recipes to improve sales, or something else, but it all has to be within the context of proper regulation, i.e.,, FDA. (we can argue elsewhere about the effectiveness of that system).
This unlimited testing can easily be seeking to better maximize psychological exploits with no regulation.
So, yes, I'm happy to see someone putting in a bit of control.
> especially when the metrics being optimized for usually aren't in the users' best interests
I don't think so. Mozilla is not google, and apart from the mr. Robot error, that they apologized for, I am sure Mozilla is using it for making the browser better, and not to use you for targeted ads like the other browser maker does.
Google Chrome uses the RLZ tracking identifier for some installations.
"RLZ gives us the ability to accurately measure the success of marketing promotions and distribution partnerships in order to meet our contractual and financial obligations."
Yes. The testing should be done on users that opt in (likely less than 0.1% but that should be OK if it's done properly) and it should be rolled out by releasing an update to everyone.
By relying on opt-in you won't test whether a feature actually works for the average user, so if you don't test it, you might roll something useless/confusing/actively harmful out to all of them instead of just a few.
Exactly. The recent Windows 10 update fiascos demonstrate this perfectly: they are opt-in (Insider program) and there were too few users experiencing the bugs to overcome the noise of those who weren't. You need a truly random sample.
So instead of having enough voluntary or paid testers to detect catastrophic, file deleting bugs in a new version, your solution is to just roll out the new changes to random users expecting a stable system?
Something went terrible wrong somewhere, that we got to this.
I think they updated too many parts of Windows at once, not too many computers at once. And I'm not certain that a delayed rollout would have fixed it. Is it fair that a random sampling of people are given the problem?
And that's OK. Being honest to your users is much more important that having the most efficient deploy system.
I, for one, as a matter of principle, opt-in to all user tracking systems that are disabled by default, and try to opt-out whenever they are enabled by default. In the case of firefox, it was never clear to me that the tracking/remote install capability was enabled by default.
It isn't A/B testing that is bad, it is running and/or modifying stuff in the user's computer without their knowledge that is bad. If a site modifies some part of their layout or whatever isn't bad, but a browser installing addons or changing settings to see if it will crash is bad.
that's what the stable/experimental channels are for - a user who don't want to be tested on (such as a business user) can easily be sure that they are getting a stable release and their settings won't update under them.
Experimental/beta channels can have these changes pushed to it, since that's implied by the name, and those people who like living on the edge of new features do so knowingly.
Let the users control their destiny, let the users decide when. That's the hallmark of a trustworthy company.
Users who intentionally run beta / nightly are not normal users. How many of them run on cheap "desktop" computers they bought on sale at Target, do you think?
Wait, so running and modifying stuff on all users' computers is good, but a random sample isn't? That's what A/B testing deals with.
The discussion isn't "modify stuff" vs. "don't modify stuff". The discussion is "some users" vs. "all users".
And obviously if you have an auto-update mechanism you're modifying stuff on the user's computer. Chrome updates are near invisible on modern machines. That's a good thing. It keeps the browser evergreen and protects users. If everything were opt-in because "Google shouldn't modify stuff on my computer" that would be an absolute disaster for everyone. No way.
This is a technicality, users do not care about technicalities, they have their own expectations and if you are on -say- a stable branch with autoupdates enabled your expectation is that you'll get the latest version that everyone else is using.
A/B testing through that branch breaks that expectation (and no, mentioning it somewhere hidden in some EULA or equally obfuscated place does not mean people will not have the expectation - hell, even mentioning it right below the download wont make a difference).
Having a backdoor on by default while you’re pretending to be ‘the good guy’ is brain damage. It’s taking an age to build trust and then throwing it away in a second.
It certainly is not brain-damage, but it is however very user-hostile.
Are you the unlucky one that ended up with the broken A/B testing change? Well, sucks for you and nobody will be able to help you. Do you want to try a specific testing change because you like it/something is broken on your end and that will fix it? Sucks to be you again, you get no choice on this. Do you want to analyze the change to see if they have something bad in it? Nope, not possible unless if you end up being one of the lucky ones. In addition if Mozilla were to get compromised (either as an organization or in software side) could use it as a backdoor on unsuspecting users or even do targeted attacks.
None of that would not be an issue if they depended on nightly/beta for changes and error detection, nor would it be if they had a list of possible tests somewhere that the user could manually enable and possibly ask some users explicitly if they want to enable one on the browser startup.
I enabled it for the bugfix and it made some additional changes to the config that weren't related to the bug fix and not mentioned on about:studies. Changed the behavior of the browser.
HN has strong open-source and free-software constituencies. Many of those people feel strongly about Mozilla and Firefox. There's no need to assume bad faith (also in the site guidelines!)
If you see unfairly downvoted comments, give them a corrective upvote. That corrects most cases. If the problem persists, emailing us at hn@ycombinator.com so we can take a look, and possibly intervene, would be a helpful thing to do.
Calling people shills without proof is not an honest argument. Sometimes people just have different views. I downvote those comments because they're unsubstantiated and needlessly pessimistic. Mozilla is still one of the better organizations out there.
As author of the original "pessimistic" comment, I want to say that I agree 100% with you. Mozilla is indeed the most important free software project today. Thus, I am very sad and pessimistic when they exhibit subpar behavior such as this.
Given the HN guidelines on this, I’ll lay off on the specific type of comment I made. (Although it’s quite a normal thing to notice and point out in other communities).
However, precisely because of the importance projects like Mozilla and browser technology in general, I think it is perfectly reasonable to expect the highest standard of behavior. I personally have concerns about certain aspects of their activities (not related to downvoting) in recent years and am well within my rights to express them.
For all the people that had their browser completely broken for the whole day, without any reason, however…
And your one-day fix, how much time do you think it will take to be deployed on people’s linux system? Probably a few days or more. Probably enough for them to realize that they can just switch to Chrome to have a working browser.
That's a pretty uncharitable characterization of their experiments framework. Have you ever worked on large-scale software with tens of millions of users or end-points? Then no doubt you'll know the tremendous value incremental deployments and test/control groups have.
Oh well, I do use chromium as a last resort, every few months. If this the alternative, I prefer to suffer Firefox shenanigans every now and then.
I was seriously annoyed by the move to the new add-ons framework, and stayed way too long on unsupported, unpatched old version, until everything I needed was available, to some degree at least, in the new framework. I tried but didn't stick to Chromium as my main tool.
As it is, Firefox is ugly on some days, but for me at least, it still the best tool available, and it still feel pretty much like mine.
If you’re on a Mac, you have Safari installed as well which is better than Chrome (or most Chromium flavors) on the privacy and security front, not to mention battery life and performance.
However, I’m sure Mozilla would like a bug report, because I’ve never seen performance issues with Firefox on a Mac. Edit: I should note that the couple of MacBook Airs I had it installed on were pre-Retina so that might explain why I hadn’t seen this particular issue.
Safari occasionally crashes for me on OS X with a massive stacktrace. One time it was because it couldn't create a directory locally in my Preferences.
Never had that trouble with Chrome. Flawless browser.
I gave it a spin about 4 months ago and stuck with it for about 2 months and was still having the issue. A Mozilla employee pointed me here to watch for updates on the issue:
I still have severe performance issues with Firefox on my Mac also. When I mentioned it a couple of weeks ago in a post here I was downvoted and basically accused on making it up.
Yeah, I gave Firefox a second chance with the quantum updates but, I ran into all the same performance issues I’ve associated with Firefox since version 3
If you used addons in all tests, and/or have ever opened about:config, consider creating a fresh profile without any addons and leaving the settings at the defaults. If you still see problems after a week, that would confirm it’s Firefox rather than whatever third-party modifications you and/or your addons are making to the browser.
For example, one of the popular cargo-cult ‘fixes’ for the addons issue instructs Firefox via about:config changes to make 86,400 extra network requests per day, because the instructions are extremely badly written by people who don’t know/care about that impact on your battery life.
Expert user footguns are responsible for far more performance issues than expert users realize, both in Firefox and in all other software they operate. It’s so reliably a problem that I’ve been using “are you an expert” as the most important triage question for the past two decades of IT support.
I recommend to at least enable uBlock Origin as it will save you a lot of resources whilst browsing the web. There's a whole bunch of other privacy and resource related addons I also like, but it goes a bit too far to mention those.
uBlock Origin, AdBlock Plus, and other random flavor-of-the-year ad blockers are IIRC the #1 contributor to Firefox slowness, resource usage, and crashes for some years now. They are key examples of “expert user footguns” and I shudder to think how many users are incapable of repairing their browser when damaged by one or more of these addons. Yes, they can reduce bytes over the wire, but they do often come at the cost of reliability and efficiency that disabling them is often sufficient to diagnose browser problems with no other steps taken. “This site doesn’t show any ads, how could it possibly be uBlock?” is the most depressing question an expert has ever asked me about Firefox.
I have only my memories, which is what IIRC means: “if I remember correctly”. A few seconds of searching offers no better answer, so you’ll simply have to downvote me and move on.
(For those who want to investigate further, I believe it was about a year ago and would have been on planet.mozilla.org at the time. No, I didn’t post it to HN because I don’t usually consider anti-adblock positions to be safe to discuss here.)
After I made my previous post you added a source about _ABP_ being a memory hog. Show me a source that uBlock Origin is a memory hog compared to vanilla and ABP.
This article [1] shows how ABP is, indeed, a resource hog, compared to uBlock Origin. It also shows that pages load quicker with uBlock Origin than vanilla. Its an article from 2 years ago though.
This article [2] talks about how in december 2018 uBlock Origin uses WASM for better performance. It includes a link to benchmark the software.
This article [3] from begin 2019 compares the performance of different adblockers (the article is by the authors of Ghostery though therefore I link to the Reddit discussion).
I found Quantum gave noticeable performance improvements. Not enough to justify crippling the extensions I use constantly and insultingly taking away the ability to make the UI look the way I want it to look, but improvements nonetheless.
Edge's switch to Chromium was a bit surprising, even if it makes complete sense to do so on both the browser and OS level. At this point, I'm not sure if Mozilla's involvement with the Chromium project would be such a bad thing. In regards to web standards and freedom, having Google, Microsoft and Mozilla having their hand in that pot doesn't seem a lot different from each maintaining their own.
It would be a terrible loss to us all if Mozilla made Firefox chromium based, since it would mean Google basically controls the internet via Chromium
EDIT: also Mozilla putting more and more rust code into Firefox is great for memory safety which is something that is a cause of many security issues these days
Is that a fact, that Google controls the Chromium project with such an iron grip? I don't know, but don't know if I agree that it's a foregone conclusion. I find it hard to swallow if Microsoft is now involved with Chromium. My guess is that Mozilla joining would take even more power from Google.
My second thought is that they already control the internet either way with Chromium. I'm not sure my (beloved) Firefox has any meaningful sway, or often even gets tested. A lot of web developers who probably don't frequent HN, want to have a single IE6-style monoculture to make their job that much more straightforward.
For sure, I can't say I disagree about Firefox adopting Rust. Definitely a nice technical perk to being a Firefox user. I've been here since 2002 and never left. Can't say I've ever had all the issues that everyone else insists existed. I think a FF reset would have resolved most issues, for most people. I certainly never came across any deal breakers. If there have been any, they were all very recent. The removal of Live Bookmarks, adoption of Pocket and the ousting of Brendan Eich was not a good look in my view.
Let's hope for the best. With Firefox 57, most Firefox add-ons and all Firefox themes must be Chrome-compatible already. The steps are smaller these days.
XP doesn't have any official support from Microsoft, and you'll find most vendors are reaching as stage of deprecating XP support. The OS itself is 5 years out of extended support from Microsoft, and it makes up barely 1% of the market place. You'll be hard pressed to get anyone to care if they've broken their software on it.
It certainly is, but you should consider upgrading to something else. Sooner or later modern browsers won't work on it, and certainly you'll have to upgrade your hardware and newer hardware won't run XP anyway.
Why would anyone want to upgrade from XP? New versions of Windows have no improvements (the only improvement is search in Start Menu), but they cost money, they work slower and require new expensive hardware. They have spyware and updates that cannot be disabled. You pay for the product and then you are used as a free tester of new versions of Windows. Microsoft wants everyone to upgrade to earn more money and to upsell to users new "cloud" features they don't really need. But for me it would be better if MS would drop newer Windows versions and returned to improving XP without increasing resources comsumption, without HTML apps, telemetry and "cloud" features.
This is an example when the interests of users and the manufacturer are opposite. If the user uses an OS for many years and everything works, why upgrade? Looks like a waste of time and money.
Imagine if you bought a car and several years later you are told that you need to upgrade it, because, you know, car factory workers need higher salaries and if you don't buy the new one, then there is no way to pay them.
This explains why MS and independent developers (that drop XP support to help MS) forces users to upgrade. Because it is MS who wants an upgrade, not the user.
- why am I opted-in to a Studies program in Firefox's default state? (With no explicit information about what it is)
- what does app.normandy.enabled switch do and why is its default value is True and doesn't change to false when I explicitly state I don't want to be in the Studies program?
- why can't we see any xpi's installed by studies program unless we explicitly go to about:studies?
I don't say chromium is better, but I think we deserve an explanation regarding these points.