I might have differed with Brendan Eich on a few matters, but he was a good steward of Firefox in my book.
When Mitchell Baker took the reins, Mozilla became rather more heavy-handed towards us - the irony being that Waterfox was once proudly displayed on the Mozilla website under their "Powered By" banner.
I appreciate the constant existential wobble Firefox faces, but they've made some peculiar decisions as of late.
On one hand, they're finally implementing features users have been clamouring for ages (tab groups, vertical tabs and the likes) - on the other, rather odd policy choices.
I should point out, it seems daft to me when others suggest using forks with no well-established governance of their own, essentially shifting trust from an organisation at least answerable to certain regulations, to individuals with no proper framework or guidelines.
I've done my best with Waterfox over the years to have it represented by a proper legal entity with policies to follow; so if anyone is interested take a look.
Here's my question: in light of what Mozilla is doing, why don't other forks like Waterfox or Librewolf write a manifesto/contract saying they'll never sell your user data and won't turn "evil" (until they do, of course), and then decide to offer a paid version of their browser.
Two possible outcomes:
1. No one cares. No one pays for it. Nothing changes and nobody loses anything.
2. Enough people pay for it to keep the product healthy and the user-centric promise alive. The Internet is saved.
So why isn't anyone trying to replace Mozilla yet, with a more sane business model than living on the back of Google's fear of antitrust investigation? What's the worse that can happen?
Just sell a bonafide paid version alongside the free one, don't just rely on donations. There is a massive difference between offering a paid product and begging passers-by to spare some change.
The problem with paid versions, is that I don't really trust them either. MBA creep will happen and suddenly the TOS changes and my paid tier is going to have data collection and 'some' ads. I have to move to a high tier to avoid them. After a few cycles of that, one day all the tiers have data collection and ads.
> The problem with paid versions, is that I don't really trust them either.
Yes, Trust is at the foundation of the whole problem with the Tech Industry:
/1/ users (consumers) expect to be protected (not injured, not cheated, not surveilled) by the products that they use, and
/2/ the WWW is a monstrosity, the only software that we can in fact trust is never connected to the Internet (in other words, we don't trust any software)
Ergo...
Given /2/, we cannot trust any software, full stop. Even paying $CORP for its products is no guarantee of care, safety, and security.
and
Given /1/, which software do we accept? For OS, I prefer Linux by far. Even where usability is a little rough, I can exclude components that I do not want. When obliged to use Windows, I hold my nose and try as much as possible to foil all the bloat, anti-user patterns, and telemetry. I resent it all the way!
I prefer Firefox because I like the features and I insist on a small set of extensions: uBlock Origin, Multi-Account Containers, Privacy Badger. Google is a nasty surveillance ecosystem and Microsoft is a Spaghetti Western: by turns good, bad, and ugly.
If it will fund further development and maintain the current commitment to respect for privacy, I am willing to allow Mozilla to do some aggregate analysis of my browsing habits, just as I am willing to provide survey answers for products that I buy.
I don't love the aggregate analysis, but Mozilla needs to do browser business in the modern world.
Paid version have that problem somewhat less because they have a source of income that could dry up if they do. Paying someone means they are beholden to you as well, while free gives you nothing.
There is a reason I get my email via fastmail: they differentiate themselves on privacy features. I also have my own domain, so if fastmail does turn evil they know I can easially move away. I can run my own email server, but having done that I know it is harder than I want. There are other services I'd pay for if I could find someone I could trust to take a small amount of money. (small is key - plenty would do this for thousands, but I don't have that much free cash)
Don't get me wrong, the above is not very large, but it is still something.
Nothing is forever, but if you get a contract that prohibits their data play (collection, derivation, sale, all of it...) for a year or whatever, you're good for that long. That'd be enough for me.
You have to trust and/or monitor and apply active pressure to (something that virtually nobody does) the developers to some extent either way. The difference with a paid distribution is that there's at least some revenue that helps keep the project afloat, and with a free distribution there's not.
e.g. if you have a CEO/lead developer that's initially acting responsibly, but has a "bankruptcy threshold" beyond which they'll start selling your data, a revenue stream will stave that point off.
Yes, this. When Mozilla (or any other corporation) demonstrates positive cashflow, the odds of MBAs and other vulture capitalists descending on it increase massively. And I have never seen customer agreements like this survive a buy-out: the new owners are never constrained by the promises (or even contracts) of the previous company.
My comment is targeted to the developers of Waterfox and Librewolf - they're already making a browser, so the hard part is done.
I'm wondering why don't they try to step it up further by selling a paid version alongside their open source product. What is the worst that can happen? Nobody pays for it and they continue making $0 just like they are happily doing now.
https://buymeacoffee.com/waterfox wasn't hard to find that. (they also make money from search). Put your money where your mouth is and donate.
Librewolf doesn't want to deal with the administrative overhead of donations - which if they'd only get a few donations makes sense. It likely costs several hundred a month just to hire the accountants and lawyers needed to get the paper work right (you can do it yourself at cost of time doing other things. Often you can find accountants and lawyers who will donate their services, but it is still several hundred dollars worth)
A paid version needs to offer something on top of it, which is usually in one way or another proprietary (such as a proprietary service).
Something like this is regarded as the enshitification process, so what typically happens is they (e.g. VC) want to do such after they lured in their users. Which Firefox has (or arguably: had), but Waterfox and Librewolf have not.
Good thought experiment.
It ain't the first drama or controversy with regards to Mozilla, who have had a long tendency which didn't occur recently (and included the time Eich was there). Nostalgia just makes people forget the bad.
It does actually seem pretty difficult to sell a browser; I don’t really see how anybody in their right mind would trust a closed source browser. So, it will be hard to make any parts of it proprietary. It isn’t impossible to sell open source software of course, but it does seem to be pretty difficult.
Rather, I wish we would stop accepting web standards that don’t come with reference implementations. Then, we could have a reference browser, and just run that. I don’t expect it to be performant, but I also don’t think browser performance matters much at all. Web pages are not HPC applications.
Currently we’re accepting the anti-competitive behavior of Google, just DDoSing the community with new standards to implement. This is the root problem. The fact that Mozilla is being killed by funding problems is downstream of the fact that maintaining a web browser requires multiple full time engineers.
Tbh while I have been using Kagi as search and their AI assistant a lot lately, their browser lacks massively in functionality. uBlock Origin has never been working for me, neither on macOS nor on iOS, and for me it just doesn't deliver enough to convince me to switch.
What is a fair price? Developers are not cheap and you need to pay many of them every month (or get the equivalent in donated time). We can debate that number of course, so I'm going to start the discussion at $50/year. So your "lifetime sponser" is only worth 3 years (ignoring interest which isn't significant at this time scale).
Accounting for lifetime anything is hard (I don't know how to do the math, I'm sure people that do debate a lot of complex issues), but I'm again going to suggest that a lifetime subscription needs to be 20x the yearly fee to give a number to start the debate at.
And it crashes constantly. Lots of other bugs that you start noticing when doing deeper things. I tried it for about six months. Just not a reliable or serious browser although very fast when it actually works.
Kagi has several repos open for contributions [1] but Orion isn’t fully open source yet [2]:
> Is Orion open-source?
>
> We're working on it! We've started with some of our components and intend to open more in the future.
>
> Forking WebKit, porting hundreds of APIs, and writing a browser app from scratch has been challenging for our small team. Properly maintaining an open-source project takes time and resources that we are currently short on. If you would like to contribute, please consider becoming active on orionfeedback.org.
It’s not obvious to me which of their public repos are Orion components.
You can contribute translations [3], bugs [4], and docs [5]. Orion is based on WebKit, so you can contribute upstream there [6]. Oodles of open issues on their bugzilla [7]
please do tip a fork. Right now this money seems to go to one person, but if that person starts making significant money we can probably talk them into hiring others to work on the project.
also, slightly related, people should look into / take inspiration tor browser. they're really great at releasing regular updates with high quality and features, surely they know how to handle this kind of projects
This idea of having an moral alignment covenant I think is a great one. I'm fed up of being bait-and-switched by companies that get buy-in by being open and friendly, and then later they decide to kill the golden goose. If you're committed to FOSS then commit! Make it official so that people can trust that you're not going to enshittify later.
Most of the other "forks" (e.g. Librewolf) are just patches on top of vanilla Firefox sources, so it's really not a whole lot to scrutinize by hand. I've skimmed at least most of the patch files personally just out of curiosity. In my distro of choice, NixOS, the sources are built by Hydra or my local machine, so I'm not trusting that their binaries match the source either.
That makes it a bit easier to trust, but it does run into the issue that it stops working if Mozilla hits a certain level of untrustworthiness.
To put that number in perspective, drawing just 1% of that down each year and putting in a bank account earning interest would fund 100 engineers on $500k/year indefinitely.
I get what you're saying, but the reality is that it takes more than engineers to run a browser company. You'd have to find 100 engineers who can double as lawyers, designers, project managers, etc., and handle payroll, and HR, and after those 100 engineers end up doing the job of 300 other people, how much code are they writing? Your point about them appearing to waste money is taken, I'm just pointing out that it's not quite as bald-faced as that.
It's not that silly, because that's a huge amount of money. What do you think the gross expense of building software like this should be? Because this may be the end of the line.
so if I've worked for 20 years from age 20 with a 100k average salary that's 2m
A 2m lump sump at 20 would allow me to live a lifestyle of a 20k/year life, not good enough.
Had I lived that over the last 20 years and saved the rest of the 100k in an 8% return fund then I'd have 4m today and could drawdown a 40k/year life at 1%.
Had I been given a lump sum of 100 times my desired salary though, or 10m, then sure, no need to work.
And depending on where you live, 40k might be barely scraping by now, and certainly not enough another 20 or 40 years down the road when you get to the point where you need daily care and medical services.
> I should point out, it seems daft to me when others suggest using forks with no well-established governance of their own, essentially shifting trust from an organisation at least answerable to certain regulations, to individuals with no proper framework or guidelines
Individuals that care about these things have a far better track record than any business with employees, bills to pay, and investors.
Until that individual tires of the work, and then stops working on it completely or sells it to someone with less scruples or the project gets hijacked by malicious actor.
> I appreciate the constant existential wobble Firefox faces
The wobble seems to somewhat artificial. I'm having trouble believing Firefox could ever not be able to afford to continue browser development — there are way too many interests at stake. Google alone would have no choice but to bail Firefox out because Chrome can't be the only browser without being regulated to hell and back.
Google providing most of their funding is a fact, and that this provides a large amount of leverage over what Firefox can do is obvious. So how is the balancing act artificial?
For it to be self-imposed there needs to be an comparable amount of money ready to spring forth if Google ever pulled out that Mozilla is somehow keeping a lid on.
We are able to develop not just an open source kernel, multiple different distributions and a large suite of software. I would think that we could also develop a browser that doesn't need to spy on us.
>it seems daft to me when others suggest using forks with no well-established governance of their own
Yes, it may be that we are jumping from the frying pan into the fire. On the bright-side this opens up an opportunity for a company, or a suite of companies, to fund an alternative browser. Such an entity might have Signal at its lead, or similar, who's mission is solely to "tighten up" the software stack on which it runs.
I don't see how a regulated entity is better in any way than an individual.
We repeatedly see attacks on freedom and privacy by the people who are supposed to protect them, those so-called "regulators": chatcontrol, recent UK backdoor wishes, repeated French proposals to enforce DRM even on opensource. And I wouldn't even google Russia, China, or other less democratic states.
Regulated is probably worse than some anarchistic who-knows-by-whom software, but FOSS and auditable these days, tbh. Especially as everyone's audit capabilities grow day by day with AI. It's kind of good at grinding tons of code.
A heavily regulated entity with all licenses in the world might be more hostile toward users than some niche project.
> I don't see how regulated entity is better in any way than individual.
I feel you. Regulatory bodies have definitely fallen short in many cases, and we've seen concerning proposals from governments that threaten digital privacy and freedom. "Who watches the watchmen" seems incredibly apt nowadays.
However, I feel there's a fundamental difference between imperfect accountability and no accountability at all. With a legal entity governed by stated policies, users have:
1. Transparency about who makes decisions and how
2. Clear terms that create binding commitments
3. Legal mechanisms for recourse if those commitments are violated
4. A persistent entity that can't simply disappear overnight
Perfect? Not really. The ICO in the UK, for example, hasn't been amazing at enforcing data protection. But the existence of these frameworks means that accountability is at least possible - there are levers that can be pulled if someone can be bothered to.
In contrast, with software maintained by anonymous or loosely affiliated individuals, there's no structural accountability whatsoever. If privacy promises are broken, users have no recourse beyond abandoning the software.
FOSS and auditability are valuable safeguards, sure, but they primarily protect against unintentional privacy violations that might be discovered in code reviews. They don't address the human element of intentional policy changes or decisions about data collection.
> I feel you. Regulatory bodies have definitely fallen short in many cases, and we've seen concerning proposals from governments that threaten digital privacy and freedom. "Who watches the watchmen" seems incredibly apt nowadays.
Many regulatory bodies seem to constantly fall short of what they are supposed to do and then demand more money and powers to continue to fail at what they are supposed to do.
At what point would you accept that they maybe not fit for purpose and other solutions should be considered?
It maybe better to put resources into educating people on how to protect themselves from privacy breaches or minimise the impact.
The only thing I've ever seen from the ICO is a letter saying that if I have customer data I have to pay them a fee or pay a fine. Then I have to go through the inconvenience of telling them I don't have any, so I don't have to pay this fee.
The context to keep in mind here is that Mozilla purchased an ad company back in June. They spent money on it, and they will move to earn a return on investment.
Absent that context this could just be another tone deaf policy choice that gets rolled back when there's enough heat, but with that context in mind it's far more likely to be them laying the legal foundation to incorporate Anonym's targeted advertising into Firefox.
From the Register article about the acquisition:
> Arielle Garcia, director of intelligence for ad watchdog Check My Ads, told The Register in an email that she's generally skeptical of claims about privacy-preserving ad technology.
> "For example, how do Anonym’s audience capabilities, like their lookalike modeling, jibe with what Mozilla considers to be 'exploitative models of data extraction?' The data that is 'securely shared' by platforms and advertisers to enable ad targeting and measurement have to come from somewhere – and there’s more to privacy than not leaking user IDs."
1. Is github the best place to report bugs / issues for Waterfox?
2. When (not in your lifetime obviously) Waterfox is broken, what canaries do you have deployed that we can archive now, like Mozilla's tell here?
3. What keeps waterfox afloat? Where/how do you accept funds?
4. How do I find a sync alternative or provide my own? Such that, I'm not reliant on Mozilla sync/backend?
... If none exists, how much would it cost for you to embed one? Would you accept a serious bounty for it assuming the focus is self hosted / no Waterfox backend services?
> When (not in your lifetime obviously) Waterfox is broken, what canaries do you have deployed that we can archive now, like Mozilla's tell here?
This is so melodramatic. It’s a set of patch files applied to the Firefox source tree. If an evil maintainer hatches a maniacal plan to collect user statistics and deletes the patch that removes telemetry or whatever, you can just `git revert`.
do they still make ot worthwhile for developers? are any on the payroll still?
i think the community should mobilize to sign up for adopting A single fork* as the official fork and completely drop mozilla from existence.
* only criteria should be the fork that is most convenient for all the other forks to just point to instead of mozilla and continue to ship with their patches. and that one fork should have the minimum resources to respond to security disclosures in place of mozilla, nothing else as a requirement.
More importantly that fork should be what other forks base off of. Anyone can put a skin on a browser, but someone needs to do the engine. If every fork who wants an engine improvement goes to the one place there is some mass behind making the fork real, and the other forks can still to their skin if they think it useful. That one fork also means that when mozilla comes out with a new version there are enough hands to merge (at least until Mozilla diverges too far from the fork)
To Mozilla: if your intentions are indeed good as you claim in your post[1], then update the ToS accordingly.
Chrome is removing µBlock origin, I and probably a lot of other users saw this as a good moment to promote Firefox to our relatives, you are missing a chance and alienating your user base here.
Absolutely agree. The blog post is claiming the opposite to what their ToS is granting - but one is fluff (that will be forgotten soon) while the other is legally binding. I cannot imagine applications like browsers that would require such an unrestricted license for user input just to do its service. That clearly indicates some "other" future motive that is underlined by the notion to remove the FAQ entry and other past actions towards an advertising future at Mozilla.
Am looking forward to explore some of the alternatives. And no, I don't want a just a correcting/updating/informing follow-up blog post of how we the users got it all wrong.
In fact, the current UPDATE makes it worse:
"UPDATE: We’ve seen a little confusion about the language regarding licenses, so we want to clear that up. We need a license to allow us to make some of the basic functionality of Firefox possible. Without it, we couldn’t use information typed into Firefox, for example. It does NOT give us ownership of your data or a right to use it for anything other than what is described in the Privacy Notice."
vs. the ToS:
"You give Mozilla all rights necessary to operate Firefox, including processing data as we describe in the Firefox Privacy Notice, as well as acting on your behalf to help you navigate the internet. When you upload or input information through Firefox, you hereby grant us a nonexclusive, royalty-free, worldwide license to use that information to help you navigate, experience, and interact with online content as you indicate with your use of Firefox."
No - you don't need a license for my input. Just pass the butter, it's not your job to "use that information" in any way, form or shape. How did you survive 26 years without any license to our input? What did legally change that would require that license? No one asked you to: "We use data to make Firefox functional and sustainable, improve your experience, and keep you safe." (from the blog). What does that even mean? If you have specific use-cases in mind state them clearly, instead of this overreaching general license, that may or may not be misused now or in future. As of this ToS you may very sell my data to AI companies to "help me navigate the internet" which is not even part of the Privacy Notice protection.
Reinstatement your privacy guarantees in the ToS and be transparent about explicit use-cases.
The blog does come from company officials and so you can show it to a judge and state "this is how you should interpret their ToS". It will be harder than if the ToS was clear, but the judge on seeing the ToS and blog differ is likely to come down hard to Mozilla for creating this situation. But you also need a good (expensive) lawyer to pull this off.
> Finally, you are in control. We’ve set responsible defaults that you can review during onboarding or adjust in your settings at any time: These simple, yet powerful tools let you manage your data the way you want.
"simple yet powerful tools" (derogatory) is how i would describe the windows popup that gives you the choice between setting up a microsoft account now or being nagged about it later
Based on this, Firefox has a 2.54% market share of browsers worldwide, so if their goal here is to shoot themselves in the foot and get that number under 2%, mission accomplished.
Firefox is still the lesser of two evils when compared to Chrome with all of its telemetry turned on. And at least it supports a proper implementation of uBlock origin, which Google just broke in Chrome.
I'm also the 2.54% and have been since the phoenix days. I am beyond thankful every day for apple keeping both desktop safari and ios running to prevent the internet being even more monoculture than in the IE6 days
> I am beyond thankful every day for apple keeping both desktop safari and ios running to prevent the internet being even more monoculture than in the IE6 days
Don't worry, EU regulators (and other countries soon I suppose) are doing their best to fix that "bug".
Users sticking with Safari because it is the browser by default on iOS and macOS and they don’t know any better isn’t some sort of moral victory for privacy. (I notice that Apple has only recently been putting out TV ads praising their browser.) It’s almost like privacy through obscurity. And it’s like thanking Samsung for accidentally pushing against Chrome dominance on Android by forcing users to use Samsung Internet by default. Or thanking Microsoft for bundling Edge with Windows.
Users generally don’t know about Chrome’s privacy issues or what browser engines are. Apple simply hasn’t done enough to promote Safari and keep it a strong competitor against Chrome. Relying on their monopoly over their platform is them accidentally doing something good in the wrong way. You know why Chrome attracted so many customers when it first launched in 2008 or so? Because IE, and yes Firefox, were incredibly bloated and slow. Apple hasn’t presented a similar performance jump or another compelling reason for Safari over Chrome. And in open-source land, so many hotshot alt-browsers from Arc to Brave all use Blink. Orion uses WebKit, and it’s the only one. Apple clearly doesn’t care to promote it as a Blink alternative other than for their monopolistic mandate of WebKit on iOS.
Not to mention, they killed Safari for Windows. Apple apparently doesn’t care about privacy as much as HN thinks they do, see mini-thread: https://news.ycombinator.com/item?id=39975620
Finally, the EU change should in theory be liberating for Mozilla, who can now provide a proper mobile Firefox for iOS that uses Gecko. Instead, from what I hear that isn’t even on the roadmap, because this is the state of modern Mozilla. Here’s hoping that Zen will instead bring Gecko to iOS.
I’m arguing that Apple should strengthen Safari (and not just on iOS and macOS but to other operating systems owned by them) to make it more compelling to use for customers, and not rely on App Store guideline lock-in on iOS. But they clearly don’t care to, even when they could afford to. And they don’t care about promoting WebKit at all, because any alt-browsers running it would just provide competition for Safari anyway. As it stands it all seems very half-hearted and kind of lazy.
“The last temptation is the greatest treason:
To do the right deed for the wrong reason.”
The problem I have with these kinds of hot-takes is that they often don't tell the full story, and it's seemingly for the purpose of generating rage. For some inexplicable reason, this guy truncates the paragraph from the Terms of Use, repackaging the information without a key part of the final sentence: "....to help you navigate, experience, and interact with online content as you indicate with your use of Firefox."
I'm not saying that this definitely makes a material difference, but it certainly changes the framing of it. The way he has framed it makes it sound like Mozilla has given itself carte blanche to do what it wants -- but the little caveat at the end of the sentence really does change the narrative a little bit. So why cut off a sentence half-way through it -- is it maybe to make it sound worse? For that reason alone, I can't take this guy seriously.
I generally wait before jumping on the outrage-train for this reason, but two things stand out:
- Mozilla explicitly deleting "we don't sell your data" statements across their documentation
- Following up to criticism that the statement is vague, bullshitty and open to interpretation with statements that are even more vague, bullshitty and open to interpretation.
By now, they've had time to notice that something is not right and that they need to make a clear statement, and they haven't taken the opportunity.
They didn't delete it. Go to the github diff they reference and check. It's still there. They just removed it from one of the JSON files but people here aren't actually checking facts, they're just jumping on the hate train.
Yes and this phrasing is used in many other products, like credit cards. Additionally, the fact that the phrasing can be interpreted as such means that it will be interpreted as such and so makes Mozilla's new Terms unacceptable to anyone who values their privacy or data.
For me it sounds similar to Google‘s phrasing that they use to make people activate personalized ads:
„used to deliver better, more helpful experiences“
Im fully on board that people should try to include or link as much of a story they can so that I can form my own opinion. There are way too many times that I read a reasonable take, then you read the original source, only to find that the reasonable take is completely off base.
In this case I don't have the reaction, but I will agree that in general its a good idea to include more rather than less.
The redacted part here looks to be a GDPR boilerplate for consent. GDRP require consent to be specific. In order to do so the lawyers of Mozilla seems to have used industry standard phrasing to comply with the law, such as "to help you navigate, enhance experience, and interact with {INSERT SERVICE/PRODUCT}".
For those with some interest in legal history, there is similar stories in other boilerplate texts that consumer get exposed to. I always find the background to the WARRANTY DISCLAIMER text to have a fairly funny historical background that is a few centuries old legal case regarding a mill axle. The current form we see now was created as the first example in a list from US regulation guidelines (which reference the mill axle case). A company can use any other form given in that guideline, but as it happens, everyone just jumped on the first example, slapped it onto stuff and shipped it. Lawyers know it is valid for US trade regulation and that was apparently enough for the rest of the world.
> "....to help you navigate, experience, and interact with online content as you indicate with your use of Firefox."
We weren't born yesterday, and companies pull this shit all the time. This sentence is meaningless. You could use this sentence to justify literally any behaviour.
One _easy_ way to read this change:
> "... to help you interact with online content"
Selling your data to have more relevant ads could easily be justified as helping you interact with online content
> as you indicate with your use of Firefox.
Using firefox indicates that you want us to do this.
Or,
we made it an opt-out that is quietly rolled out in an update.
Correct, that quote is very typical corporate language that includes selling your data to advertising companies to ""help users discover new experiences which align with their interests"" or some other weasel speak. People acting like that language meaningfully changes the meaning are either painfully naive or think the rest of us are.
If it's simply a matter of principle, quoting the full section with no abridgements because we're larping like we're in a court room or something, whatever. But get real, that section doesn't make Mozilla look any better.
No. We are talking about legality. Quote the whole bloody thing. If you don’t get to say “I picked out the bit I like” in court, then you don’t get to do it here. If you’re so right, then it’s not worth taking out in the first place.
Yes exactly this -- thank you for getting my point, I'm a little tired of internet people misunderstanding things. I'm not even disputing that Mozilla is trying to pull a fast one on all of us, I'm purely questioning the framing by the "journalist" this post links to. To be taken seriously, quote the whole thing -- if it really is a case that the last part of the sentence is meaningless, then leave that in your quote, and address that in your wittering diatribe, explaining to all of us why it's meaningless. Without that, all I see is someone cherrypicking half-sentences and trying to mislead people.
While I'm by no means defending Mozilla here, one quick look at the linked twitter user's history shows that generating rage and taking text out of context is their modus operandi and very much intentional.
I'm bummed that out of all the posts on the topic, this is the one that gets to stay on the frontpage.
Quoting the whole bloody thing is meaningless when the added bit adds nothing to the context. Nothing about the "added context" says they won't sell the data. If anything it just improves the case that they are going to sell the data.
You know, I was just wondering why no one has yet shaped the Rust vs C/C++ in US culture war terms. One side is clearly progressive in the sense of wanting to make changes for the sake of a better (more memory safe) future. The other side is more conservative, seeing enormous benefit in keeping the status quo unchanged.
And that's before getting into the politics of the people working on the language, of which I won't say more.
Here was me thinking we had at least one discussion where the US culture war hadn't metastasised. But I guess in the long run twitter.com/lundukejournal and friends will eventually win. Can't say I'm looking forward to it.
But Mozilla said what they will do. They also had very expensive rebranding to support it! They are now activist AI company that wants to fight disinformation, censor people and sell ads.
> When you upload or input information through Firefox, you hereby grant us a nonexclusive, royalty-free, worldwide license to use that information,
Taken literally it means that when I use Firefox to upload a file to a customer's web site Mozilla is getting that file too, which does not seem likely. They could get a copy of the text I'm typing right now in Firefox or it means that the browser could do some local processing on those data. But if the results of that processing would stay local why would they ask the permission? It's not that emacs, vim, grep, sed, awk etc have to ask me the permission to use the information I'm inputting into them. So they are definitely sending information back home or they plan to do it.
The point becomes how to block any calls from Firefox to Mozilla. Note that don't have a Firefox account because I never trusted that the data in transit from them would stay private. I'm not logged in into Google as well. Maybe I have to finally install a Pi Hole and route all my traffic through it. Hopefully Blockada will take care of that for my Android devices.
I have seen discussions of this sort of wording so many times over the years. My understanding is as follows (and I could be wrong, but this is my understanding of why that wording is used). If you use Firefox to upload a file to a website then, legally speaking,the browser is acting as a "publisher"of that file. Because of Draconian laws in many countries, to publish a file you have to have a legal right to the file, therefore Mozilla have to establish that if you use them to upload a file that you are granting them the legal right to publish that file. It has to be worldwide because you may be uploading to anywhere in the world.
So why doesn't my backpack come with a mandatory TOS that I won't e.g. put illegal drugs in it and bring it across the border? Why is Firefox any more liable if I used it to publish illegal content on the web than the backpack manufacturer would be if I used it to smuggle illegal content across a border?
Because the legal system around backpacks are better understood. The more common something is the less legal paperwork there is. Judges understand backpacks and have for hundreds of years. Many judges don't understand technology. As a result when selling a backpack you can rely on the court's understanding and thus not have to account for every possibility. Meanwhile because the court might not understand technology you have to account for every possible trivial thing.
Perhaps the legal situation is different somewhere, but I would think the browser isn't acting at all. It has no agency; it's just software running on my computer, following instructions I give it. Mozilla has no agency in that situation either; the software is running on my computer, not theirs.
The new terms grant Mozilla, the corporation a license to do things with my data.
But the more important question then is: what else will the courts think this language allows? Probably Mozilla could argue they need to store those uploads and analyze them under those conditions.
> If you use Firefox to upload a file to a website then, legally speaking,the browser is acting as a "publisher"of that file.
If that's the way the law is interpreted, it's silly.
The "publisher" in this case would be the website the file is uploaded to. If the website doesn't make the file public, then they're not a "publisher".
The browser is merely acting as a tool to do the uploading. Firefox shouldn't be held liable for the contents of the file any more than any other web client. If it did, tools like cURL should be liable in the same way.
Somewhere along the way web browser authors forgot that they're merely building a web user _agent_. It's a tool that acts _on behalf of_ the user, in order to help them access the web in a friendly way. It should in no way be aware of the content the user sends and receives, have a say in matters regarding this content, and let alone share that information with 3rd parties. It's an outrageous invasion of privacy to do otherwise.
>If that's the way the law is interpreted, it's silly.
It's hard to tell from your comment who exactly is the target of your complaint. You're not wrong that this interpretation might be silly, but that's not out of the ordinary in carefully using terms of art to insulate from legal liability.
And the issue of peculiar terms of art is leagues different from the issue that everyone else seems to be raising that it represents an intent to abuse private data. Those are two completely different conversations, but you're talking about them here like they're the same thing.
That’s interesting, do you know of any cases that were decided on that basis? It seems downright ridiculous but then the legal system is pretty dumb, so…
> the browser is acting as a "publisher"of that file
If that's all is required to be a publisher then ftp, scp, rsync and hundreds of similar tools are also publishers of the files they transfer. However they don't have Terms of Service like the one Mozilla is giving to Firefox.
That's exactly what Firefox originally claimed was a stark difference compared to Chrome: "use us and you can finally be safe and not need to play cat and mouse anymore"
At this point my trust in Mozilla is so low that I could almost believe they intent to run the text I download and upload through an LLM nanny that can scold or ban me if anything offends its Californian sensibilities.
> Your use of Firefox must follow Mozilla’s Acceptable Use Policy, and you agree that you will not use Firefox to infringe anyone’s rights or violate any applicable laws or regulations.
Call it what you like, "San Francisco techy", ""woke"" if you like trendy pejoratives, whatever. I don't care what you want to call it but I won't play along if you intend to say that regional value system is actually uniformly embraced across this country, let alone across the same globe Firefox users are spread across.
In the social sphere Mozilla resides in, voting for a socially conservative political party makes you a fascist which puts you at odds with Mozilla's acceptable use policy if you talk about your politics using Firefox. If Firefox users are supposed to be bound by that document, as judged by Mozilla, that's a problem.
Not everything in the world is about political party your circle disagrees with. Given trends I'm sure Firefox will do something stupid like you're afraid of in short order. But this isnt that, so until then you should save your manufactured culture war fear mongering.
sigh, I feel bad for you... and us Californian techys... this us vs them toxicity is so demoralizing
I believed this for a time, but now I believe it is an urban legend. Granted a plausible one, and one that might be true in the future... but not true as of yet.
For the last 10 years or so I've pendulum swung between the positions "privacy at all cost!" and "what's the point, you can't win". Well, I'm tired now and the pendulum is stuck on the latter. All I care about now is blocking ads. Go ahead Mozilla, Google, Apple, whoever, if you can hoover up my worthless browsing data without me noticing, you can have it. I hope my reading HN and watching inane Youtube videos is worth something to you.
It's all so strange. I would happily buy Firefox, either as a one off, or as an annual license, and be done with all the weird license nonsense - presumably they want to sell data to pay the bills.
But instead the choice, realistically, seems to be between giving all my browsing data to Google and to Mozilla. And Chrome works marginally better... :/
I would wager most people that offer to buy software "one off" typically underestimate their lifetime worth earned through other means like ads and data sales.
Would you pay a one-time $10 for a lifetime Firefox license? $100? $1,000? $10,000?
Last time I checked, Mozilla's ARPU was less than $5 pa. I think many of us would pay a multiple of that per annum _iff_ it went towards Firefox and not whatever project/cause of the week that Mozilla has undertaken.
You're overestimating people's willingness to pay for software when free and arguably better alternatives are available. Preferring Firefox to free Chromium alternatives requires a level of nuance and tech literacy that most people will never have, and even with that tech literacy, people may still prefer Chromium.
You're basically talking about asking for donations from people that prefer to ad-block YouTube instead of paying for Premium.
You are forgetting that Firefox has been around until now with no profit except Google's bribe.
They could've at least tried to sell a paid version - what's the worst that could happen? Any sale would be on top of what they're currently earning per download, i.e. pure "profit" that could be reinvested in the product.
Pocket and the other Mozilla services fund Mozilla, not Firefox directly. My company uses Firefox professionally and we'd buy per-seat enterprise licences if they existed, iff they funded Firefox development.
We have no interest in funding Mozilla, whose manifesto barely mentions Firefox and who has now decided that AI is their focus.
Is Kagi making money? I know they exist, but are they paying their own bills or living off of investors. (I couldn't find a direct statement, but their timeline implies they could be)
Without thinking much about it, $60 / yr seems reasonable to me.
I never click on any ads, so while I'm sure I contribute to Firefox's revenue as another pair of eyeballs, I don't deliver any end value to their ad-biz end customers.
> I never click on any ads [snip] I don't deliver any end value to their ad-biz end customers
This is a complete misunderstanding of the value of ads. Clicks are of course the most valuable signal, but any ad seen is valuable. If clicks were all that mattered TV would never had ads, nor would newspapers.
Many ads are about awareness not buy now. Ford/Toyota... doesn't expect you to buy a car the day/week you see an ad, they just want you to think of them when you buy a car. They also want to slowly drive discomfort with whatever car you already drive so that eventually you do buy a new one despite having on that works. (or if you don't have a car they want to be sure you are reminded how much freedom to go places you are giving up - without concern for the costs of having a car)
This logic applies more to Google than Mozilla. Their mission is (or ought to be) to cover development and hosting costs associated with Firefox, not to milk users for all they are worth on the ad market.
That feels like a witty thing to say without much basis in reality. If the EU got their act together and gave Firefox funding, it would be more of a pain in the neck for them to stop doing that than it would for them to threaten Mozilla over e.g. anti privacy policies. Even Germany, a single nation with a lot less difficulty in passing laws, hasn't used their Sovereign Tech Fund (https://sovereign.tech) in such a manner.
And even if they did, it would have to be a world in which they've lost all funding from Google and becoming dependent only on the EU. Perhaps such a thing might happen, but it wouldn't happen overnight — in the meantime it would be more money, from more diversified sources.
1) The European Commission has proposed Chat Control, pressuring platforms like WhatsApp and Telegram to scan encrypted messages with AI, including client-side scanning, which critics say breaks encryption and enables mass surveillance.
2) The EU has adopted the eID (European Digital Identity), a centralized digital ID system via a “wallet” app, tied to biometric and personal data for service access.
3) The EU’s Data Retention Directive forced telecoms to store metadata until it was struck down in 2014; debates still persist.
4) The EU’s Digital Services Act mandates platforms share data with authorities to fight illegal content, raising profiling concerns.
5) The EU’s Data Act requires businesses to share data with governments, threatening personal info control.
6) The EU supports the UN Cybercrime Treaty, boosting global surveillance and data-sharing powers.
That’s just off the top of my head; I’m sure there are more examples of how the EU abuses its power and infringes on users’ privacy.
So yes, of all possible stewards for Firefox, the EU is maybe the third-worst, behind only China and Putin’s Russia.
Sigh. This is a fundamental misunderstanding of Mozilla's situation. The "weird license nonsense" you're vaguely gesturing at doesn't even make sense in context. Firefox is open source under MPL 2.0.
Your framing that "the choice is between giving all my browsing data to Google and to Mozilla" creates a false equivalence. Even with their recent privacy policy changes, Mozilla's approach is structurally different from Google's core business model.
And "Chrome works marginally better"? By what metric? Firefox has better memory usage, stronger privacy protections, and doesn't exist primarily as a data collection tool for the world's largest advertising company.
The idea that you'd "happily buy Firefox" misses the point of Mozilla's mission for an open web. This kind of uninformed take that ignores the nuances of browser economics is exactly why we can't have nice things on the open web.
Even with their recent privacy policy changes, Mozilla's approach is structurally different from Google's core business model.
>This wouldn't be so bad if it wasn't that the entire brand identity of Firefox is Privacy.
>It's like discovering there's ham in a vegetarian sandwich. When you ask them they look puzzled and say their focus group was clear it tastes a lot better that way, besides it's just a little bit and the bread is vegetarian and there's way more meat in a Big Mac.
> If only people cared as much about privacy as vegetarians do about not eating meat...
In Germany, a lot of people do (in particular in hacker and IT-affine circles), and I do claim privacy discussions there often do become as heated as discussions with vegans about meat.
This is the reason why in Germany Firefox has a significant market share (according to
Performance, compatibility, security. Chromium runs faster, it works with more websites, it's sandbox is better, particularly on Android. I don't care much about memory usage as I don't need a billion tabs open at once (does anyone). There's options available beyond Chrome that offer most of the same privacy benefits as Firefox does.
I think marginal is an understatement. As for Mozilla's business model, what business model? They're throwing everything at the wall to see if it sticks and virtually nothing has, all the while their browser has languished. Going full cynic, at this point the only reason it is allowed to exist is because Google deem it useful to have it around as a counterpoint to accusations that they have a monopoly.
Fewer than 100 will massively pig out memory, on Android, Linux, and MacOS, for Chrome, IME.
My main FF instance has ~1,500 tabs FWIW, though I'll often bypass those for a given session by running incognito only. Even then I'll easily hit 100+ tabs in only a few minutes.
Ive run chromium and firefox side by side for years to isolate personal from work. The only noticeable difference is Chromium crashes when it uses all the memory.
People's overwhelming fascination with Chrome escapes me. Some subtle detail seems to make it stick out. Everyone remembers that one time ff crashed on 2005, but gives berth to Chrome crashimg every few days and selling their personal data to google.
At the cost of a subpar cache; it's not like Chromium is leaking memory, & its memory pressure effects are both well-studied and well-understood. Yet, Firefox stans keep touting lack of comprehensive caching as some kind of advantage. I'm sorry, this is not 2005. It took Mozilla two years to implement some kind of JIT pipelining, and guess what, Chromium had V8 all along: an engine that can benefit from "open web" cooperation courtesy of Nodejs and the vast ecosystem around it. SpiderMonkey? Please. This is the crux of the issue.
> The idea that you'd "happily buy Firefox" misses the point of Mozilla's mission for an open web.
The idea that the web—chaperoned by the likes of Mozilla, can be "open"—is the crazy, unsustainable one. OP is being pragmatic, and considering their privacy carefully. Mozilla's track record is that of a gravely mismanaged, disoriented, and subservient (Google) organisation. Firefox codebase is arcane, was already showing age even ten years ago, & now there's a whole ecosystem of Chromium-based browsers that can benefit from "open web" cooperation.
Firefox has zero moral high-ground, & pretending like it possesses some kind of virtue is a crime against semantics.
Firefox is open source. You can take the source code and strip out all
of the malware, spying, telemetry and corporate harm leaving a safe
and private browser (to the extent any modern browser can be).
There are multiple forks that do that. Download one of them
instead. Mozilla Corporation has no control over those, so if you
don't like what Mozilla make, exercise your software freedom.
The problem with Mozilla, as far as I can see, is not the the
compromises they make for obtaining money (everyone suffers that), its
that they're deceptive and underhand about it. That makes them
unethical. I wrote plenty regarding that here [0]
The internet doesn’t actually need any more new features anyway, and most sites reflect this and just serve HTML.
Some sites will need new features. But I guess it is fine to have a data-collecting version of Firefox or even some moderately well behaved malware like Chrome, as long as most browsing doesn’t happen through it. So, I guess I’ll look at moving most of my browsing to a privacy respecting form and keeping the a browser around for faulty sites…
> Saying "switch to a privacy-first fork" is not a long-term solution.
You're 100% right while operating in an environment that is hostile to
privacy. In these conditions security/privacy remains mostly tactical,
not strategic. In fact, against a predominant tyranny it is
insurrectional. Free Software will have to learn to adapt with more
intelligence-sharing and opportunistic manoeuvres.
As an aside though, one might generalise to say there are no long
term solutions in tech, period. And therefore advocates of freedom and
privacy are at no particular disadvantage relative to any opponents.
Anyone can fork. However you need to keep your fork updated as firefox does new releases which means repeating that work often. Either that you are need to support all the security fixes yourself.
Rather than downloading random binaries from random forks (or clamour for governance at the sidelines), you can take back more control by building your own fork.
Librewolf and Waterfox are two fine choices to use for upstream sincr they have saner defaults and make the forking and building easier to wire up.
Ive been running my own FF fork for a few years like this now.
What's the purpose of gating "we don’t sell access to your data" by "if switch('firefox-tou')"?
{% if switch('firefox-tou') %}
<p>Firefox is independent and a part of the not-for-profit Mozilla, which fights for your online rights, keeps corporate powers in check and makes the internet accessible to everyone, everywhere. We believe the internet is for people, not profit. You’re in control over who sees your search and browsing history. All that and exceptional performance too.</p>
{% else %}
<p>Firefox is independent and a part of the not-for-profit Mozilla, which fights for your online rights, keeps corporate powers in check and makes the internet accessible to everyone, everywhere. We believe the internet is for people, not profit. Unlike other companies, we don’t sell access to your data. You’re in control over who sees your search and browsing history. All that and exceptional performance too.</p>
"No better place to leave for" seems an apt way to put it.
I think/fear that in the long run, there will be fewer and fewer ways to participate in activities and communities on the web on your own terms, as only a vetted, allowlisted set of client builds (that may be "open source" on the tin, but by that point it is effectively meaningless) will be able to pass CDN "anti-abuse" restrictions. It will not be a better web, but it sure will be more profitable for some.
This is an amazingly common psychological trap. You wouldn't believe
the number of people, men as well as women, who end up in the therapy
chair, at the police station or at the hospital A&E, because they are
"stuck" with a violent and abusive partner.
The modern tech landscape is all about abuse. People use fancy names
for it like "enshitification" or "rot economy" - but at the end of the
day it's about domination and abusive relations.
A very common position here is that the victim sees "no alternative".
And... surprise surprise, where they get that idea from is the partner,
friends, group/organisation that is also toxic and colludes in
gas-lighting and co-abusing the victim into a limited worldview.
Once the victim spends any amount of time outside that mental prison,
they regain perspective and say... "Oh, so I actually do have
choices!".
This is a poor analogy. There are thousands of people to meet and bond with, so you do have a choice. But there are less than a handful of fundamentally different browsers.
Derivative browsers don't really count here, as they depend on the upstream to not hurt them. For instance, if the parent project completely removes something essential for privacy, it it a lot of work to keep it in your code. The Manifest v2 removal is an example. Over time, when other changes are built on the removal, this creates an increasingly high burden. Eventually, the child project is starved. You simply do not want to be in this position.
> This is a poor analogy. There are thousands of people to meet and bond with, so you do have a choice. But there are less than a handful of fundamentally different browsers.
This is because users decided that they want a browser that spies on them.
At least in Germany in hacker and IT-affine circles, you will often be frowned upon if you voluntarily use Chrome or Edge (except if you have a really good reason).
> At least in Germany in hacker and IT-affine circles, you will often be frowned upon if you voluntarily use Chrome or Edge (except if you have a really good reason).
That's largely the same here, at least for anyone worth their salt. But how does that matter when Mozilla's pulling things like this?
For years now your only browser choices are "Google", and "funded by Google", and it shows.
I can't even give someone too hard of a time for using vanilla chromium or similar anymore; Not like it's any worse than literally every other browser offering nowadays, minus rare exceptions like librewolf or ungoogled chromium that also add a whole host of minor technical complications to use.
I don't think the analogy is weakened by bringing numbers/quantity
into it. The dynamics work for any number of principals. Take a 3
player game, where Alice trusts Bob but is better off with Bill,
however Bill is not visible to her because of chaff/disinfo/noise
broadcast by Bob or Bob's confederates.
It's not what Mozilla does, it's about what Mozilla says/claims.
You only need one better browser to switch to. I guess you're getting
at a Hobson's choice [0], that there really is only one browser and
all others are copies of the same harmful set of properties, so moving
isn't worth the overhead (switch cost is a factor in this that we
often ignore). To my mind, there must be at least one browser out
there that is "less undesirable" than that case. Just iterate your way
into your comfort zone.
So often arguments on this axis come down to how much convenience are
you going to give up for the trust relation you desire. We get stuck
if we mistake convenience for necessity thereby bringing absolutes
into a continuous trade-off problem.
Yes, I’ll be leaving. I used to prefer Firefox but have long since moved to Safari for browsing and <insert Chromium based browser> for web dev. Every year I give switching to FF a try. I’ve been using it for everything since mid-December but it’s honestly a pretty bad user experience. This is the move that’s gonna make me stop for this year’s trial run and all future ones. It’s simply not worth my time if their ideals don’t align with mine anymore. Safari and Chromium have their issues but I know what benefits I’m trading off for. Without ideals, FF has no standout features compared to the alternatives (for me).
I'll look for somewhere else. Web browsers aren't as special as they used to be, there's a lot more choice now. Funny thing was, I was paying for Firefox through some of their services (VPN) that I had no intent to use.
I'll keep using firefox simply because I keep it behind a proxy server with all pocket, mozilla, firefox and google domains blocked.
The larger impact I suspect this will have in my life, is that I'll increasingly turn to not using websites, opting instead to using tools like yt-dlp.
These changes didn't just happen because of a bunch of greedy ad pushers. This and many other changes over the last few decades came about by taking my tax money and pouring it into these companies to gain compliance to state agendas. This isn't something the 'community' will be able to stave off.
If the internet is just going to become another medium like TV, Radio and newspapers were for so many years, adding on top the ability of the producers to watch me watching them, then it's over. The tech community is full of intellectual dishonest sellouts. Game over. Let's push letsencrypt again in response to the state backdooring the certificate authorities, duuurrr. "AI", duurrrr.
I quit the original l"Firefox" a long time ago, I've been using librewolf since its release and now zen (also a firefox fork) and I keep ungoogled chromium in case a site is broken on firefox.
> To HN: Will you be quitting firefox over this change, or is there simply no better place to leave for?
Not to be overly whataboutistic, but we tolerate sooo much more from other players. It's annoying how we hold some to a higher standard, but ignore others doing worse. I get people are disappointed in Mozilla and wants them to do better, but it's a bit like the "we live in a society meme", where those doing good must be perfect or else..
I use Firefox, and advocate for people to use Firefox, because I believe it's the one browser that is not evil. It's the entire reason for the existence of Firefox.
Saying, well, why aren't you upset that Chrome is evil is such a confusion of ideas I barely know how to respond. Yes, I know Chrome is evil, I've been telling people that for many years, and I don't use it.
Those perceived to be doing good are often used to lessen the blow of those perceived to be doing bad. Like how it's not so bad if your train sinks of faeces if there's a bus you can take instead. Losing the safe alternative makes the original sin worse.
Yeah, I've been a Firefox user and Mozilla supporter for approaching two decades now, even used to donate monthly to the foundation. I'm furious over this. I installed LibreWolf on my personal machines last night and expect to uninstall Firefox after work today.
I'm a happy LibreWolf for years. The transition from FF to LibreWolf is seamless. And you won't be surprised anymore nor annoyed when Mozilla does moves like that.
Sometimes the more aggressive privacy settings stop some sites from rendering properly unless you add canvas exceptions, for example Openstreetmap and UK National Rail.
i don't think that matters. we are looking for firefox based alternatives to get away from stupid policy changes, not to find a browser that has a better chance of survival.
any alternatives will be good as long as firefox is alive. if firefox itself dies, then that's an entirely different matter.
When I was a contractor, I worked on a project with this well-intended guy who wanted to make an app for people to store a persistent map of their movement over time using the GPS. On day one, he made it very clear—and I believed him—that a user's private data was sacrosanct. As the project wore on, never finding traction, and costing more and more money, I remember one of the last meetings I attended with him. He was trying to find new sources of revenue to keep the company alive, and he uttered the inevitable phrase: "well, we've got all this user data we could sell." That was one of those moments when you get a little more cynical, and since then I access as an axiom that every company will sell my data eventually, regardless of their promises. It's just a question of limiting their access to it, and being willing to switch to an alternative every once in a while.
Debian feature request: A system-wide switch to disable all telemetry and "cloud integration" features that make any network connection to the developers' or developers' partners' servers, applied to all software distributed in the official repositories.
If Debian could just stick to free software that'd be grand. It is a good ideology and there is no need to change it. Introducing ideological confusion is one of the paths to organisational rot.
# apt install librewolf
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
E: Unable to locate package librewolf
If the thing that doesn't suck isn't the thing that comes with the OS, it's time to fix the OS.
Also, that feature should exist. The next time I see a story about MS training ChatGPT on your nude selfies, I want to be able to show people the big red switch that says "All Telemetry: OFF" as an example of something Microsoft will never give them.
But you first have to provide it in order to show to them that you provide it.
The suggestion is not for all distributions to support all applications, it's for Debian to support system-wide disabling of telemetry in the software it does support.
They could compile Firefox with telemetry disabled however i would not trust those settings since even with that Firefox does plenty of unsolicited phoning home and has a lot of bloat.
But I do agree, it's hard to find these alternatives, and have them be "just works". Librewolf still sometimes have weird issues (for good reasons!), but it means I don't recommend it to "normies". I just tell them to use firefox and most importantly adblock, giving up ads is a huge ROI both in terms of quality of life and data privacy. Everything else is almost marginal in comparison.
because I don't think a tiny browser fork that moves too far from the original is maintainable and secure long term. even someone of microsofts size seems to think so. librewolf is mostly config changes and couple small patches removing superficial anti-feature like pocket.
User explicitly requests connection to a specific server (e.g. navigates to debian.org), so browser makes a connection to debian.org: Not telemetry.
User explicitly requests a connection to a specific server (e.g. navigates debian.org), then browser makes a connection to mozilla.org to upload metadata: Telemetry.
In general telemetry is when the software connects to a server chosen by the developers and not telemetry is when the software connects to a server chosen by the user.
When I open Slack, to which servers am I explicitly requesting a connection?
I see your point, but my point is that implementing this is either impossible or would require changing how networks are used by programs at a fundamental level.
A middle ground might be to create a distro that uses something like SELinux to prevent all network access to non-system processes. Then each package would have to be audited to determine which addresses it can bind to, and/or which name lookups it can do, and how those capabilities are connected to actions performed by the user. Then there is still the question of what to do about software that accesses the network independent of the user, but maybe you can argue that shouldn't exist. How do updates work? Besides, if I allow Slack to connect to mychats.slack.com, nothing prevents the software from sending telemetry to that endpoint. You would need an army of manual enforcers, and that's not to mention non-free software.
> When I open Slack, to which servers am I explicitly requesting a connection?
Debian only supplies open source software. Proprietary apps that only support the vendor's service aren't included as it is. Open source apps using standard protocols like Matrix or similar do allow the user to choose the server.
> A middle ground might be to create a distro that uses something like SELinux to prevent all network access to non-system processes.
We're talking about open source software in the official repositories. You're not putting it in a jail to thwart it from defecting on you, you're modifying the code so that it doesn't even try.
> How do updates work?
When you install Debian it asks you which mirror you want to use for updates. Several of them are provided by universities etc. You can also make your own and some large organizations do that.
You're referring to requests from the same page as the one the user requested, rather than requests by the browser at the behest of the browser developer. Loading it is presumably what the user intended by navigating to the page and if it isn't then at that point it's in the bailiwick of uBlock etc.
This is pure speculation, but what are the chances this change is simply an attempt to provide legal cover what they might have started doing 50 versions ago?[1]
I have been wanting to love Mozilla for a while, but let's be honest: I use Firefox because Mozilla is the least shitty of those companies. I don't like Mozilla, I just hate them less than the alternatives.
That's almost exactly describing Librewolf, though it adds a ton of privacy 'hardening' features out-of-the-box, which can be a positive or negative depending on who you ask.
I personally use Librewolf with the Lepton (Photon style) UI[0], which replicates the previous UI style Firefox used a couple years ago, with small square tabs and condensed menus, before the current pseudo-tabletified abomination.
Of course, if you like the current UI—you'd literally be the first person I've met to like it—you can just use librewolf stock and it doesn't apply any changes to the standard Firefix UI.
Brave has a couple crypto features in the UI but that's about it. I'm big on crypto but I don't use any of the browser's crypto features. Just a browser that cuts most of the bullshit out.
People are acting like this is new. This is about:studies. With about:studies you agreed to upload usage data. Right now they are enabling credit card autofill support, a CRL alternative that doesn't give information about the sites you visit, etc. Actual corporate goes out of their way to say "we do whatever we want", Mozilla at least gives a condition.
So that there's plenty to send when they oops-accidentally forget that setting during an upgrade, and ask you to set it again.
They will of course assume opt-out rather than opt-in, and send what they've collected the moment the browser launches, then they're ready to give you the choice of opt-out once again.
Unfortunate, I suppose, but this is the kind of tradeoff that is to be expected when switching to something maintained by one guy in their bedroom instead of a megacorp.
Thanks didn't know, thought Waterfox etc. were just a new UI on top of Firefox rendering/HTTP/HTTPS/etc. engine and were depending on Firefox development. Didn't know they were forks like the Redis forks for example. Will take another look.
I mean I guess that depends on what you mean by fork? Most of the above projects follow upstream Firefox/Chromium (Pale Moon, for example, doesn't -- but that also means less support for recent web standards) but they are forks in the sense that they maintain the codebase/patchset themselves. How much they actually diverge from upstream varies by project.
So you're right that they are dependent on Mozilla for now. With Mozilla circling the drain lately, maybe that could change. But right now, for the purposes of removing privacy-unfriendly antifeatures, I find them sufficiently independent for my purposes. Most Firefox code isn't evil.
If you want something like Firefox but you're adamant that Mozilla can exercise no control over it, Pale Moon is probably the one you want to look at.
With fork I mean, taking the code, forking it, and developing it on your own.
If someone would take the Redis-C lib and the Redis CLI and change it, but keeping Redis unchanged, I would not call that a "Redis fork".
Valkey who is forking Redis and everything, does not depend on Redis (at most cross patching exploits). I would call that a fork.
"Most Firefox code isn't evil."
You are successful, they will change the license, and you're dead - most current fork will not keep up the work because it is too much compared to changing the UI.
"recent web standards" The only reason for these is the cartel of web browser vendors (Google,Apple,Microsoft,Mozilla) to keep out competition. Worked for 10+ years, until Ladybird showed the strategy is flawed.
You are successful, they will change the license, and you're dead
Yeah, but this assumes that Mozilla itself is successful enough to retain the leverage to pull back users towards Firefox.
With the kind of stuff they have been pulling lately it's possible to see a future where one of the above forks (or call-them-what-you-will) gain traction and take users and developers away from Firefox. If this happens, Mozilla deciding to close off the code would just be the last nail in their coffin.
If you don't want this to happen, then a company would need to:
1. Have the capital to build and maintain a browser
2. By selling copies of that browser
3. In sufficient funds to keep the business going and make the owners a profit.
Let's say you can do it with a small team -- if you're forking something like firefox, and pay for the salary of 21 people -- full time, 8 developers, a PM, a manager, Customer support (3 people), 3 sales folks, and 3 testers, and one owner.
If the average salary is $175,000, and the fully loaded cost of each employee (including office space, equipment, benefits) is $250,000, then just to break even -- and not even account for inflation or costs rising -- and not even accounting for capital expenditures, the product would have to sell 105,000 copies at $50 a pop.
If you sold it for $30 a year, that's now 175,000 copies, every year. Realistically, to account for taxes and the fact that Developer salaries are no longer expensible (thanks Trump!), you'd have to sell around twice that number of copies, so around 350,000 copies of this browser, a year. Every year. Just to break even.
When's the last time 350,000 people said, "I want to buy a web browser?". When's the last time 350,000 people bought a web browser?
We've made our own bed in this one, the second folks saw that Internet Explorer was free; and that killed the original Mozilla browser -- that -- by the way -- I happily paid for.
If you want an internet where you're not the product, then that's an internet where the business models have to change, and the customer desire to pay for the software they use has to go up.
And that still -- still -- does not alleviate the problem of capital needing to get started, which is only exacerbated by the Section 174 changes in the TCJA of 2017.
Can someone elaborate on what this means? Has Mozilla completely abandoned the "privacy" focus? I.e. should I stop recommending the browser and find an alternative? Deleting sentences like "We never sell your data" is for a long-time fan of the browser very alarming. But frankly I'm confused by the PR/blogs and can't tell from the privacy policy if/how it now allows selling my data.
I honestly don't understand why Mozilla isn't succeeding with a "privacy subscription" where for $100/year (or $20/month or something) you get a full kit of digital sovereignty tools. Password manager, Mozilla, email with privacy features, secure file transfer, ephemeral cards...
I'm genuinely curious if people can comment why this isn't working -- because it seems like they've actually already tried versions of this!
I'm not using Firefox because it's functionally superior to Chrome. I use it because it's not a surveillance technology and Chrome is. Privacy is the only reason why I'm using Firefox.
The board governing Firefox development has got to be some of the worst. They don't understand the product nor their users.
Hmm it seems to me a viable solution (at least for the more tech inclined) is to just firewall it so it's unable to call home (although then there's an extension sourcing issue). Unless there's more of a philosophical stance. Or am I missing something else?
I've been a mostly happy Firefox user since v2, and have made it through - though will never forget - the extensions system "upgrade" debacle and more. As long as I have means to maintain reasonable control, I'll continue with it into the foreseeable future, because I consider the Chromium-based alternatives to be worse.
"At least for the more tech inclined" instantly eliminates 99% of users, probably even of Firefox for what you're talking about. I mean I'm tech inclined and I have no idea how you propose to firewall an internet browser from calling home. Maybe it's possible, I've never tried so I legitimately don't know. But if it is, it's an absolutely meaningless portion of users who'd even be able to do so much less go through the effort of actually doing it.
Okay, can anyone recommend a good, uBlock-Origin supporting browser that isn't controlled by underhanded corporate/for-profit lying-through-their-teeth pieces of shit?
Making these legal terms changes while "summarizing" them with the typical "we care about your privacy" bullshit is of the same nature as punching someone in the face and exclaiming you are caring about their health. It's just evil - misleading and abusive.
I feel like the internet needs a tracker of moral failings of companies/organizations like this, it's still too easy for something like this to slip through and not reach sufficient publicity to affect public opinion and therefore action. They need to be held to the highest account, openly, publicly, and brutally shamed, ostracized and sued if necessary. If they fail and exploit the rights of individuals, mishandle the "implicit consent"/trust of their users, at their scale, they fail and exploit collective humanity.
One may argue this is a non-issue due to the freedom of contract - and people can just choose to use whatever they want - but who among us has such a continuous legal awareness of all the software they use to be able to switch whenever needed due to some software enshittifying?
My only hope may still lie in software managed by legally codified (truly) non-profit organizations. Lichess and the Blender Foundation are led by people who have held to their word, and made the world better for it.
There's no such thing as a corporate promise. There are such things as legal contracts and lawsuits, neither of which likely apply to anything Mozilla says about their browser.
I've been using Mozilla since the browser was literally called Mozilla, and I remain loyal simply because I don't think we should fragment the ecosystem. One company focusing its development resources is a lot better than 3 open source projects.
But fact is that Mozilla is effing up big time. They remain in the bay area where developers are paid super high salaries when they should be a 100% remote company. They have bugs and issues decades old. They keep flirting with big business.
They are also our last big corporate hope against the enshittification of the web.
It's all just part of Mozilla's ebb and flow. Give it until 2027. They will have lost all community support and be trailing in many browser metrics. And then they'll do something that once again builds them a niche of devoted fans.
It has happened before. And before that, and before that.
It's missing containers and overall has less privacy features available than firefox.
This is exemplified compared to forks like librewolf that enable the majority of them.
Ungoogled Chromium and stock Firefox are pretty similar privacy-wise though.
The main advantage is all baked-in telemetry is stripped out, but it doesn't do much to protect you from privacy-invasive sites other than disabling WebRTC and blocking 3rd party cookies.
I used it for a number of years, but recently switched to Librewolf ~5 months ago and don't expect to switch back unless Firefox and all downstream forks completely implode.
Ungoogled chromium is a good alternative in terms of privacy because all google-related services are gutted and there are no other built-in telemetry things.
There are some downsides, too.
First, you have to do some research on learning to make this browser work conveniently, e.g. finding alternative services to sync and backup your settings, bookmarks, accounts and passwords, etc.
Second, changes pushed by Google like Manifest V3 is still hard to deal with.
The writing on the wall was there since a long time ago considering the actions of the foundations leadership. They burn money like crazy on some useless stuff, no direction or idea how to bring back FF into the spotlight where it belongs.
Now with the changes with Chrome (basically killing of adblockers) they have a big window to make a play but instead they make the most idiotic move possible. Typical Mozilla - a mix of great tech (e.g. Rust) and detached from reality leadership.
I've been using Firefox since decades, even when it was a slow and buggy piece of crap compared to Chrome but now I think it is time to move to something else. But what will guarantee me I won't get a rug pull when some MBA takes the reins?
Brave was never good: crypto-crap, based on Chromium, and was modifying web pages from the start without your consent. I never understood why people use it.
People use it because it is essentially Chrome with uBlock-Origin built in (I think the developer of uBlock Origin is employed by Brave) and it removes the stupid cookie modals that are on every website. Between running a pi-hole and Brave, I rarely see an advert on a website.
Turning off the "crypto-crap" can be done quite easily (you literally right click on the BAT icon and it is gone) and the new tab ads are removed again with a couple of clicks. I've found it also runs much better than Firefox on older hardware.
The first and last time I tried Brave, it was injecting links (with a pretty golden picture) in each post of reddit (and I'm not talking about changing the referrals). To turn that off I had to look deep into the settings.
Depends, but with this news you will probably not be downgrading too much.
Brave really does have a bunch of very nice features, I particularly enjoyed using them on my phone to download videos from youtube for online listening. Built-in adblocking is very enjoyable too.
Do note that there had been several smaller controversies, including one that 'Honey' got recently into hot water for, which was replacing affiliate links with their own. There is currently an on-going lawsuit with Honey for this.
In honesty, look at the controversies page on wikipedia and decide for yourself, I don't think there is a good or a bad choice here.
In my opinion, if you care about the open web, then you should not be using a Blink (Chromium) based browser like Brave. The less control Google has, the better for the web.
The internet used to be controlled in large by Microsoft. Then it wasn't. It does not have to continue to be controlled by Google in the future. Not using Chromium based browsers is a first step.
Brave is my favorite so far. You can run an HTTP monitor like Charles Proxy or Fiddler in your OS if you think your browser is snooping on you. I do Brave + Ghostery and works great.
These FF forks will all be nonviable within a few years of Mozilla going under. Google and Apple will keep moving the web (for better or worse), and these forks will be unable to keep up for lack of resources.
Whether they get relatively slower, or just can't support some new web tech, the writing will be on the wall.
They made too many decisions on their own to be a 1:1 replacement. I think there needs to be a new fork, which would just remove all of the spyware bits.
Like I need to watch DRM for my job, and it doesn't work at all. I also already ported most of their configs that I actually researched each and every line of myself + Waterfox + Arkenfox's configs into my generic Mozilla Firefox, and it works great.
I suppose the main target here is to sell firefox sync bookmark and history data?
It is possible to host your own firefox sync instance but it's too much work. I hope it gets easier with these announcements lighting a fire under people.
All talk of "Privacy", "Principles" and "Promises" from Mozilla was already empty as they were completely dependent on Google's money.
This should surprise absolutely no-one and Mozilla never cared about their claims of privacy or their users as long as Google was paying them.
So now we know that when it comes down to the wire as their biggest customer (Google) was under anti-trust scrutiny; indirectly threatening Mozilla's deal with Google, They once again chose to violate the privacy of their users to sell their data to other companies like Google.
For Mozilla, money has always crushed their so-called "principles".
The illusion of mozilla having any privacy principles collapsed for me on May 2019 when they required users to enable telemetry to allow using adblock and tracking blocking extensions.
Data of UK and EU users is protected. Why doesn't the USA have such sensible data protection laws; the only hostility I see is from surveillance capitalists spreading their FUD.
I might have differed with Brendan Eich on a few matters, but he was a good steward of Firefox in my book.
When Mitchell Baker took the reins, Mozilla became rather more heavy-handed towards us - the irony being that Waterfox was once proudly displayed on the Mozilla website under their "Powered By" banner.
I appreciate the constant existential wobble Firefox faces, but they've made some peculiar decisions as of late.
On one hand, they're finally implementing features users have been clamouring for ages (tab groups, vertical tabs and the likes) - on the other, rather odd policy choices.
I should point out, it seems daft to me when others suggest using forks with no well-established governance of their own, essentially shifting trust from an organisation at least answerable to certain regulations, to individuals with no proper framework or guidelines.
I've done my best with Waterfox over the years to have it represented by a proper legal entity with policies to follow; so if anyone is interested take a look.
Edit: FWIW I've written some more thoughts on it here: https://www.waterfox.net/blog/a-comment-on-mozilla-changes/
Here's my question: in light of what Mozilla is doing, why don't other forks like Waterfox or Librewolf write a manifesto/contract saying they'll never sell your user data and won't turn "evil" (until they do, of course), and then decide to offer a paid version of their browser.
Two possible outcomes:
1. No one cares. No one pays for it. Nothing changes and nobody loses anything.
2. Enough people pay for it to keep the product healthy and the user-centric promise alive. The Internet is saved.
So why isn't anyone trying to replace Mozilla yet, with a more sane business model than living on the back of Google's fear of antitrust investigation? What's the worse that can happen?
Just sell a bonafide paid version alongside the free one, don't just rely on donations. There is a massive difference between offering a paid product and begging passers-by to spare some change.
The problem with paid versions, is that I don't really trust them either. MBA creep will happen and suddenly the TOS changes and my paid tier is going to have data collection and 'some' ads. I have to move to a high tier to avoid them. After a few cycles of that, one day all the tiers have data collection and ads.
> The problem with paid versions, is that I don't really trust them either.
Yes, Trust is at the foundation of the whole problem with the Tech Industry:
/1/ users (consumers) expect to be protected (not injured, not cheated, not surveilled) by the products that they use, and
/2/ the WWW is a monstrosity, the only software that we can in fact trust is never connected to the Internet (in other words, we don't trust any software)
Ergo...
Given /2/, we cannot trust any software, full stop. Even paying $CORP for its products is no guarantee of care, safety, and security.
and
Given /1/, which software do we accept? For OS, I prefer Linux by far. Even where usability is a little rough, I can exclude components that I do not want. When obliged to use Windows, I hold my nose and try as much as possible to foil all the bloat, anti-user patterns, and telemetry. I resent it all the way!
I prefer Firefox because I like the features and I insist on a small set of extensions: uBlock Origin, Multi-Account Containers, Privacy Badger. Google is a nasty surveillance ecosystem and Microsoft is a Spaghetti Western: by turns good, bad, and ugly.
If it will fund further development and maintain the current commitment to respect for privacy, I am willing to allow Mozilla to do some aggregate analysis of my browsing habits, just as I am willing to provide survey answers for products that I buy.
I don't love the aggregate analysis, but Mozilla needs to do browser business in the modern world.
Paid version have that problem somewhat less because they have a source of income that could dry up if they do. Paying someone means they are beholden to you as well, while free gives you nothing.
There is a reason I get my email via fastmail: they differentiate themselves on privacy features. I also have my own domain, so if fastmail does turn evil they know I can easially move away. I can run my own email server, but having done that I know it is harder than I want. There are other services I'd pay for if I could find someone I could trust to take a small amount of money. (small is key - plenty would do this for thousands, but I don't have that much free cash)
Don't get me wrong, the above is not very large, but it is still something.
Nothing is forever, but if you get a contract that prohibits their data play (collection, derivation, sale, all of it...) for a year or whatever, you're good for that long. That'd be enough for me.
You have to trust and/or monitor and apply active pressure to (something that virtually nobody does) the developers to some extent either way. The difference with a paid distribution is that there's at least some revenue that helps keep the project afloat, and with a free distribution there's not.
e.g. if you have a CEO/lead developer that's initially acting responsibly, but has a "bankruptcy threshold" beyond which they'll start selling your data, a revenue stream will stave that point off.
Yes, this. When Mozilla (or any other corporation) demonstrates positive cashflow, the odds of MBAs and other vulture capitalists descending on it increase massively. And I have never seen customer agreements like this survive a buy-out: the new owners are never constrained by the promises (or even contracts) of the previous company.
>So why isn't anyone trying to replace Mozilla yet,
Because writing manifestos is easy and making a browser is proper hard work ?
My comment is targeted to the developers of Waterfox and Librewolf - they're already making a browser, so the hard part is done.
I'm wondering why don't they try to step it up further by selling a paid version alongside their open source product. What is the worst that can happen? Nobody pays for it and they continue making $0 just like they are happily doing now.
>the hard part is done
The hard part is the rendering engine and security. Both are done by the maintainer of the upstream source, i.e. Mozilla.
https://buymeacoffee.com/waterfox wasn't hard to find that. (they also make money from search). Put your money where your mouth is and donate.
Librewolf doesn't want to deal with the administrative overhead of donations - which if they'd only get a few donations makes sense. It likely costs several hundred a month just to hire the accountants and lawyers needed to get the paper work right (you can do it yourself at cost of time doing other things. Often you can find accountants and lawyers who will donate their services, but it is still several hundred dollars worth)
Donating is not the same as buying. When you donate you are subsidizing every freeloader who doesn't donate. No thanks.
A paid version needs to offer something on top of it, which is usually in one way or another proprietary (such as a proprietary service).
Something like this is regarded as the enshitification process, so what typically happens is they (e.g. VC) want to do such after they lured in their users. Which Firefox has (or arguably: had), but Waterfox and Librewolf have not.
Good thought experiment.
It ain't the first drama or controversy with regards to Mozilla, who have had a long tendency which didn't occur recently (and included the time Eich was there). Nostalgia just makes people forget the bad.
It doesn't need to be proprietary or have an advantage. It just need someone willing to pay for it and a mechanism for doing so.
However, the default assumption is that all open source software is free to download and use.
Of course, there's the matter of revenue. If you get 100 dollars or 1000 dollars a month, is that significant to do anything useful for the project?
It doesn't even need to be an extra service.
I'd donate to Firefox for no additional service if they would guarantee my money only goes to the browser and not crypto or AI initiatives.
Note donate. As in one time payments at a time of my choice. They also try to push towards subscriptions when you hit that donate button.
It does actually seem pretty difficult to sell a browser; I don’t really see how anybody in their right mind would trust a closed source browser. So, it will be hard to make any parts of it proprietary. It isn’t impossible to sell open source software of course, but it does seem to be pretty difficult.
Rather, I wish we would stop accepting web standards that don’t come with reference implementations. Then, we could have a reference browser, and just run that. I don’t expect it to be performant, but I also don’t think browser performance matters much at all. Web pages are not HPC applications.
Currently we’re accepting the anti-competitive behavior of Google, just DDoSing the community with new standards to implement. This is the root problem. The fact that Mozilla is being killed by funding problems is downstream of the fact that maintaining a web browser requires multiple full time engineers.
Exactly, so why not write them?
Kagi's Orion browser has a lifetime sponsor price of $150. That plus the Kagi subscription support its development.
It's currently macOS and iPad/iPhone only, but a Linux version is being worked on. I don't know their plans for a Windows version.
Tbh while I have been using Kagi as search and their AI assistant a lot lately, their browser lacks massively in functionality. uBlock Origin has never been working for me, neither on macOS nor on iOS, and for me it just doesn't deliver enough to convince me to switch.
Which is great, but I'm not going to buy it until it's fully open source: https://orionfeedback.org/d/3882-open-source-the-browser/34
On one hand I agree, on the other hand, their claim that they are too small to support a large community of developers is not wrong.
Also, they claim "zero telemetry", so I don't really know what's going on, I know it's not leaving my computer.
I find that currently even if it's far from perfection, Orion is the lesser evil in the browser scenario.
What is a fair price? Developers are not cheap and you need to pay many of them every month (or get the equivalent in donated time). We can debate that number of course, so I'm going to start the discussion at $50/year. So your "lifetime sponser" is only worth 3 years (ignoring interest which isn't significant at this time scale).
Accounting for lifetime anything is hard (I don't know how to do the math, I'm sure people that do debate a lot of complex issues), but I'm again going to suggest that a lifetime subscription needs to be 20x the yearly fee to give a number to start the debate at.
oh absolutely, I agree. I don't think $150 is adequate to fund development of a browser.
And it crashes constantly. Lots of other bugs that you start noticing when doing deeper things. I tried it for about six months. Just not a reliable or serious browser although very fast when it actually works.
Brave https://brave.com/ has been around for a while
Kagi is making the Orion browser, which you can pay for. I am a happy customer.
There's also Ladybird and several Webkit wrappers.
Ladybird is targeting a 2026 alpha release and last time I looked they lacked site isolation and other sandboxing measures: https://github.com/LadybirdBrowser/ladybird/issues/57
Orion works on Apple OSes only.
And is not open source
Kagi has started porting Orion to Linux [1]. They’ve stated that multiplatform support is just a question of resources [2].
You can contribute code [3] or money [4] to accelerate this process.
[1] per 2/25 subscriber newsletter: “What’s coming in 2025? … We started working on Orion for Linux!”
[2] https://orionfeedback.org/d/2321-orion-for-windows-android-l...
[3] https://help.kagi.com/orion/support-and-community/contribute...
[4] https://kagi.com/orion/orionplus.html
> You can contribute code [3]
How exactly? The link doesn't say. Orion appears to be closed source.
Hmm… Dug into it a bit deeper.
Kagi has several repos open for contributions [1] but Orion isn’t fully open source yet [2]:
> Is Orion open-source? > > We're working on it! We've started with some of our components and intend to open more in the future. > > Forking WebKit, porting hundreds of APIs, and writing a browser app from scratch has been challenging for our small team. Properly maintaining an open-source project takes time and resources that we are currently short on. If you would like to contribute, please consider becoming active on orionfeedback.org.
It’s not obvious to me which of their public repos are Orion components.
You can contribute translations [3], bugs [4], and docs [5]. Orion is based on WebKit, so you can contribute upstream there [6]. Oodles of open issues on their bugzilla [7]
[1] https://github.com/kagisearch
[2] https://help.kagi.com/orion/faq/faq.html#oss
[3] https://help.kagi.com/orion/support-and-community/contribute...
[4] https://help.kagi.com/orion/support-and-community/troublesho...
[5] https://help.kagi.com/orion/support-and-community/contribute...
[6] https://webkit.org/contributing-code/
[7] https://bugs.webkit.org/buglist.cgi?bug_status=NEW&product=W...
I tip some projects that help me. It's been years since mozilla started to do evolve in ways that feel weird. I'd tip for a fork.
Question is: how many people would jump ship, and then how much money would that represent to pay devs.
https://buymeacoffee.com/waterfox
please do tip a fork. Right now this money seems to go to one person, but if that person starts making significant money we can probably talk them into hiring others to work on the project.
do you know if he has a paypal link ?
also, slightly related, people should look into / take inspiration tor browser. they're really great at releasing regular updates with high quality and features, surely they know how to handle this kind of projects
This idea of having an moral alignment covenant I think is a great one. I'm fed up of being bait-and-switched by companies that get buy-in by being open and friendly, and then later they decide to kill the golden goose. If you're committed to FOSS then commit! Make it official so that people can trust that you're not going to enshittify later.
Open AI is still technically a non-profit. The price of freedom is eternal vigilance.
Lol and they're as open as they're non profit.
I'd pay for this.
[dead]
Most of the other "forks" (e.g. Librewolf) are just patches on top of vanilla Firefox sources, so it's really not a whole lot to scrutinize by hand. I've skimmed at least most of the patch files personally just out of curiosity. In my distro of choice, NixOS, the sources are built by Hydra or my local machine, so I'm not trusting that their binaries match the source either.
That makes it a bit easier to trust, but it does run into the issue that it stops working if Mozilla hits a certain level of untrustworthiness.
They got more than $7B to build a browser.
"I appreciate the constant existential wobble Firefox faces"
I would also love to face $7B existential wobbles.
To put that number in perspective, drawing just 1% of that down each year and putting in a bank account earning interest would fund 100 engineers on $500k/year indefinitely.
I get what you're saying, but the reality is that it takes more than engineers to run a browser company. You'd have to find 100 engineers who can double as lawyers, designers, project managers, etc., and handle payroll, and HR, and after those 100 engineers end up doing the job of 300 other people, how much code are they writing? Your point about them appearing to waste money is taken, I'm just pointing out that it's not quite as bald-faced as that.
They got it over many years with ongoing expenses because they had a browser, so comparing it with 7B lump sum is silly.
With the same argument you could probably retire, after all you already earned (years you've been working) * (average salary).
>so comparing it with 7B lump sum is silly.
It's not that silly, because that's a huge amount of money. What do you think the gross expense of building software like this should be? Because this may be the end of the line.
How much has Google spent on Chrome.
Big numbers without context are not useful outside of taking advantage of people who don't think critically.
so if I've worked for 20 years from age 20 with a 100k average salary that's 2m
A 2m lump sump at 20 would allow me to live a lifestyle of a 20k/year life, not good enough.
Had I lived that over the last 20 years and saved the rest of the 100k in an 8% return fund then I'd have 4m today and could drawdown a 40k/year life at 1%.
Had I been given a lump sum of 100 times my desired salary though, or 10m, then sure, no need to work.
You may want to double check your math before you retire.
And depending on where you live, 40k might be barely scraping by now, and certainly not enough another 20 or 40 years down the road when you get to the point where you need daily care and medical services.
I don't know... do they even have 100 engineers? Or 20 and the rest is management and crypto and AI projects?
You are right, they got $400M+ a year.
I stand corrected, I would want to face the $400M+ per year existential wobble.
> I should point out, it seems daft to me when others suggest using forks with no well-established governance of their own, essentially shifting trust from an organisation at least answerable to certain regulations, to individuals with no proper framework or guidelines
Individuals that care about these things have a far better track record than any business with employees, bills to pay, and investors.
Until that individual tires of the work, and then stops working on it completely or sells it to someone with less scruples or the project gets hijacked by malicious actor.
Aren’t the latter two more or less what happened to Firefox?
I think it's pretty much what happens to every thing
> I appreciate the constant existential wobble Firefox faces
The wobble seems to somewhat artificial. I'm having trouble believing Firefox could ever not be able to afford to continue browser development — there are way too many interests at stake. Google alone would have no choice but to bail Firefox out because Chrome can't be the only browser without being regulated to hell and back.
Google providing most of their funding is a fact, and that this provides a large amount of leverage over what Firefox can do is obvious. So how is the balancing act artificial?
For it to be self-imposed there needs to be an comparable amount of money ready to spring forth if Google ever pulled out that Mozilla is somehow keeping a lid on.
We are able to develop not just an open source kernel, multiple different distributions and a large suite of software. I would think that we could also develop a browser that doesn't need to spy on us.
Hey, thank you for Waterfox! I'm using it a lot across all my machines. Well done!
>it seems daft to me when others suggest using forks with no well-established governance of their own
Yes, it may be that we are jumping from the frying pan into the fire. On the bright-side this opens up an opportunity for a company, or a suite of companies, to fund an alternative browser. Such an entity might have Signal at its lead, or similar, who's mission is solely to "tighten up" the software stack on which it runs.
That sounds very much like Ladybird's mission.
Truly independent
No code from other browsers. We're building a new engine, based on web standards.
Singular focus
We are focused on one thing: the web browser.
No monetization
No "default search deals", crypto tokens, or other forms of user monetization, ever.
https://ladybird.org/
I don't see how a regulated entity is better in any way than an individual.
We repeatedly see attacks on freedom and privacy by the people who are supposed to protect them, those so-called "regulators": chatcontrol, recent UK backdoor wishes, repeated French proposals to enforce DRM even on opensource. And I wouldn't even google Russia, China, or other less democratic states.
Regulated is probably worse than some anarchistic who-knows-by-whom software, but FOSS and auditable these days, tbh. Especially as everyone's audit capabilities grow day by day with AI. It's kind of good at grinding tons of code.
A heavily regulated entity with all licenses in the world might be more hostile toward users than some niche project.
> I don't see how regulated entity is better in any way than individual.
I feel you. Regulatory bodies have definitely fallen short in many cases, and we've seen concerning proposals from governments that threaten digital privacy and freedom. "Who watches the watchmen" seems incredibly apt nowadays.
However, I feel there's a fundamental difference between imperfect accountability and no accountability at all. With a legal entity governed by stated policies, users have:
1. Transparency about who makes decisions and how
2. Clear terms that create binding commitments
3. Legal mechanisms for recourse if those commitments are violated
4. A persistent entity that can't simply disappear overnight
Perfect? Not really. The ICO in the UK, for example, hasn't been amazing at enforcing data protection. But the existence of these frameworks means that accountability is at least possible - there are levers that can be pulled if someone can be bothered to.
In contrast, with software maintained by anonymous or loosely affiliated individuals, there's no structural accountability whatsoever. If privacy promises are broken, users have no recourse beyond abandoning the software.
FOSS and auditability are valuable safeguards, sure, but they primarily protect against unintentional privacy violations that might be discovered in code reviews. They don't address the human element of intentional policy changes or decisions about data collection.
I grow wearier by the day by the incessant calls to denounce and disown everything that isn't perfect.
> I feel you. Regulatory bodies have definitely fallen short in many cases, and we've seen concerning proposals from governments that threaten digital privacy and freedom. "Who watches the watchmen" seems incredibly apt nowadays.
Many regulatory bodies seem to constantly fall short of what they are supposed to do and then demand more money and powers to continue to fail at what they are supposed to do.
At what point would you accept that they maybe not fit for purpose and other solutions should be considered?
It maybe better to put resources into educating people on how to protect themselves from privacy breaches or minimise the impact.
The only thing I've ever seen from the ICO is a letter saying that if I have customer data I have to pay them a fee or pay a fine. Then I have to go through the inconvenience of telling them I don't have any, so I don't have to pay this fee.
Rather odd policy choices is an understatement.
The context to keep in mind here is that Mozilla purchased an ad company back in June. They spent money on it, and they will move to earn a return on investment.
Absent that context this could just be another tone deaf policy choice that gets rolled back when there's enough heat, but with that context in mind it's far more likely to be them laying the legal foundation to incorporate Anonym's targeted advertising into Firefox.
From the Register article about the acquisition:
> Arielle Garcia, director of intelligence for ad watchdog Check My Ads, told The Register in an email that she's generally skeptical of claims about privacy-preserving ad technology.
> "For example, how do Anonym’s audience capabilities, like their lookalike modeling, jibe with what Mozilla considers to be 'exploitative models of data extraction?' The data that is 'securely shared' by platforms and advertisers to enable ad targeting and measurement have to come from somewhere – and there’s more to privacy than not leaking user IDs."
https://www.theregister.com/2024/06/18/mozilla_buys_anonym_b...
1. Is github the best place to report bugs / issues for Waterfox?
2. When (not in your lifetime obviously) Waterfox is broken, what canaries do you have deployed that we can archive now, like Mozilla's tell here?
3. What keeps waterfox afloat? Where/how do you accept funds?
4. How do I find a sync alternative or provide my own? Such that, I'm not reliant on Mozilla sync/backend? ... If none exists, how much would it cost for you to embed one? Would you accept a serious bounty for it assuming the focus is self hosted / no Waterfox backend services?
> When (not in your lifetime obviously) Waterfox is broken, what canaries do you have deployed that we can archive now, like Mozilla's tell here?
This is so melodramatic. It’s a set of patch files applied to the Firefox source tree. If an evil maintainer hatches a maniacal plan to collect user statistics and deletes the patch that removes telemetry or whatever, you can just `git revert`.
we need to clean cut from mozilla.
do they still make ot worthwhile for developers? are any on the payroll still?
i think the community should mobilize to sign up for adopting A single fork* as the official fork and completely drop mozilla from existence.
* only criteria should be the fork that is most convenient for all the other forks to just point to instead of mozilla and continue to ship with their patches. and that one fork should have the minimum resources to respond to security disclosures in place of mozilla, nothing else as a requirement.
More importantly that fork should be what other forks base off of. Anyone can put a skin on a browser, but someone needs to do the engine. If every fork who wants an engine improvement goes to the one place there is some mass behind making the fork real, and the other forks can still to their skin if they think it useful. That one fork also means that when mozilla comes out with a new version there are enough hands to merge (at least until Mozilla diverges too far from the fork)
To Mozilla: if your intentions are indeed good as you claim in your post[1], then update the ToS accordingly.
Chrome is removing µBlock origin, I and probably a lot of other users saw this as a good moment to promote Firefox to our relatives, you are missing a chance and alienating your user base here.
[1] https://blog.mozilla.org/en/products/firefox/firefox-news/fi...
Absolutely agree. The blog post is claiming the opposite to what their ToS is granting - but one is fluff (that will be forgotten soon) while the other is legally binding. I cannot imagine applications like browsers that would require such an unrestricted license for user input just to do its service. That clearly indicates some "other" future motive that is underlined by the notion to remove the FAQ entry and other past actions towards an advertising future at Mozilla.
Am looking forward to explore some of the alternatives. And no, I don't want a just a correcting/updating/informing follow-up blog post of how we the users got it all wrong. In fact, the current UPDATE makes it worse:
"UPDATE: We’ve seen a little confusion about the language regarding licenses, so we want to clear that up. We need a license to allow us to make some of the basic functionality of Firefox possible. Without it, we couldn’t use information typed into Firefox, for example. It does NOT give us ownership of your data or a right to use it for anything other than what is described in the Privacy Notice."
vs. the ToS:
"You give Mozilla all rights necessary to operate Firefox, including processing data as we describe in the Firefox Privacy Notice, as well as acting on your behalf to help you navigate the internet. When you upload or input information through Firefox, you hereby grant us a nonexclusive, royalty-free, worldwide license to use that information to help you navigate, experience, and interact with online content as you indicate with your use of Firefox."
No - you don't need a license for my input. Just pass the butter, it's not your job to "use that information" in any way, form or shape. How did you survive 26 years without any license to our input? What did legally change that would require that license? No one asked you to: "We use data to make Firefox functional and sustainable, improve your experience, and keep you safe." (from the blog). What does that even mean? If you have specific use-cases in mind state them clearly, instead of this overreaching general license, that may or may not be misused now or in future. As of this ToS you may very sell my data to AI companies to "help me navigate the internet" which is not even part of the Privacy Notice protection.
Reinstatement your privacy guarantees in the ToS and be transparent about explicit use-cases.
Meanwhile, so long, and thanks for all the fish.
The blog does come from company officials and so you can show it to a judge and state "this is how you should interpret their ToS". It will be harder than if the ToS was clear, but the judge on seeing the ToS and blog differ is likely to come down hard to Mozilla for creating this situation. But you also need a good (expensive) lawyer to pull this off.
I haven't read the article. All I know is, Firefox changed their TOS.
> That clearly indicates some "other" future motive
It's training data, isn't it?
(It's always training data).
I was referring to Mozilla's past investment into advertising: https://blog.mozilla.org/en/mozilla/mozilla-anonym-raising-t...
To me that and the new ToS add up, why else would they remove the FAQ entry.
Totally fair, tbh. Stealing data for that purpose has already been normalized, so it's a much easier sell.
Or they are taking the gamble that being able to continue to use µBlock outweighs the sale of customer data.
> Finally, you are in control. We’ve set responsible defaults that you can review during onboarding or adjust in your settings at any time: These simple, yet powerful tools let you manage your data the way you want.
"simple yet powerful tools" (derogatory) is how i would describe the windows popup that gives you the choice between setting up a microsoft account now or being nagged about it later
‘“Simple yet powerful tools” (derogatory)’ is my new favorite phrase I think. It seems like it has wide applications outside tech as well.
Based on this, Firefox has a 2.54% market share of browsers worldwide, so if their goal here is to shoot themselves in the foot and get that number under 2%, mission accomplished.
Firefox is still the lesser of two evils when compared to Chrome with all of its telemetry turned on. And at least it supports a proper implementation of uBlock origin, which Google just broke in Chrome.
https://gs.statcounter.com/browser-market-share
previous discussion from mid 2023 on low firefox market share: https://news.ycombinator.com/item?id=36759162
This is such a bad way to look at Firefox browser share. Instead, look at desktop share worldwide, where it's more like 7%.
I'm one of them 2.54% and I cringe when some kiddie develops websites around some chrome bugs, just to let us and Apple folks down.
I'm also the 2.54% and have been since the phoenix days. I am beyond thankful every day for apple keeping both desktop safari and ios running to prevent the internet being even more monoculture than in the IE6 days
> I am beyond thankful every day for apple keeping both desktop safari and ios running to prevent the internet being even more monoculture than in the IE6 days
Don't worry, EU regulators (and other countries soon I suppose) are doing their best to fix that "bug".
Users sticking with Safari because it is the browser by default on iOS and macOS and they don’t know any better isn’t some sort of moral victory for privacy. (I notice that Apple has only recently been putting out TV ads praising their browser.) It’s almost like privacy through obscurity. And it’s like thanking Samsung for accidentally pushing against Chrome dominance on Android by forcing users to use Samsung Internet by default. Or thanking Microsoft for bundling Edge with Windows.
Users generally don’t know about Chrome’s privacy issues or what browser engines are. Apple simply hasn’t done enough to promote Safari and keep it a strong competitor against Chrome. Relying on their monopoly over their platform is them accidentally doing something good in the wrong way. You know why Chrome attracted so many customers when it first launched in 2008 or so? Because IE, and yes Firefox, were incredibly bloated and slow. Apple hasn’t presented a similar performance jump or another compelling reason for Safari over Chrome. And in open-source land, so many hotshot alt-browsers from Arc to Brave all use Blink. Orion uses WebKit, and it’s the only one. Apple clearly doesn’t care to promote it as a Blink alternative other than for their monopolistic mandate of WebKit on iOS.
Not to mention, they killed Safari for Windows. Apple apparently doesn’t care about privacy as much as HN thinks they do, see mini-thread: https://news.ycombinator.com/item?id=39975620
Finally, the EU change should in theory be liberating for Mozilla, who can now provide a proper mobile Firefox for iOS that uses Gecko. Instead, from what I hear that isn’t even on the roadmap, because this is the state of modern Mozilla. Here’s hoping that Zen will instead bring Gecko to iOS.
It's not a moral victory, it is a pragmatic one.
If it was 98% chrome and 2% firefox that's basically 100% chrome.
Instead safari on ios (and to a lesser extent desktop) means the web isn't 100% chrome (or chrome skins like brave)
I’m arguing that Apple should strengthen Safari (and not just on iOS and macOS but to other operating systems owned by them) to make it more compelling to use for customers, and not rely on App Store guideline lock-in on iOS. But they clearly don’t care to, even when they could afford to. And they don’t care about promoting WebKit at all, because any alt-browsers running it would just provide competition for Safari anyway. As it stands it all seems very half-hearted and kind of lazy.
“The last temptation is the greatest treason: To do the right deed for the wrong reason.”
- T.S Eliot, Murder in the Cathedral
The problem I have with these kinds of hot-takes is that they often don't tell the full story, and it's seemingly for the purpose of generating rage. For some inexplicable reason, this guy truncates the paragraph from the Terms of Use, repackaging the information without a key part of the final sentence: "....to help you navigate, experience, and interact with online content as you indicate with your use of Firefox."
I'm not saying that this definitely makes a material difference, but it certainly changes the framing of it. The way he has framed it makes it sound like Mozilla has given itself carte blanche to do what it wants -- but the little caveat at the end of the sentence really does change the narrative a little bit. So why cut off a sentence half-way through it -- is it maybe to make it sound worse? For that reason alone, I can't take this guy seriously.
I generally wait before jumping on the outrage-train for this reason, but two things stand out:
- Mozilla explicitly deleting "we don't sell your data" statements across their documentation
- Following up to criticism that the statement is vague, bullshitty and open to interpretation with statements that are even more vague, bullshitty and open to interpretation.
By now, they've had time to notice that something is not right and that they need to make a clear statement, and they haven't taken the opportunity.
They didn't delete it. Go to the github diff they reference and check. It's still there. They just removed it from one of the JSON files but people here aren't actually checking facts, they're just jumping on the hate train.
See: https://github.com/mozilla/bedrock/commit/d459addab846d8144b...
That bit pretty much sounds like "by using the software you're agreeing to whatever"
Yes and this phrasing is used in many other products, like credit cards. Additionally, the fact that the phrasing can be interpreted as such means that it will be interpreted as such and so makes Mozilla's new Terms unacceptable to anyone who values their privacy or data.
No it doesn't. Most businesses finish that sentence with "...for any purpose" not "... to help you navigate the web"
It will still be interpreted to mean "...for any purpose" by Mozilla somehow.
For me it sounds similar to Google‘s phrasing that they use to make people activate personalized ads: „used to deliver better, more helpful experiences“
"...interact with online content" is pretty much all encompassing.
How does them selling my data help me navigate the web?
In their holier than thou attitude (shared by some here) you have to pay to do anything. And that's how you pay to use the web with their browser.
Im fully on board that people should try to include or link as much of a story they can so that I can form my own opinion. There are way too many times that I read a reasonable take, then you read the original source, only to find that the reasonable take is completely off base.
In this case I don't have the reaction, but I will agree that in general its a good idea to include more rather than less.
The redacted part here looks to be a GDPR boilerplate for consent. GDRP require consent to be specific. In order to do so the lawyers of Mozilla seems to have used industry standard phrasing to comply with the law, such as "to help you navigate, enhance experience, and interact with {INSERT SERVICE/PRODUCT}".
For those with some interest in legal history, there is similar stories in other boilerplate texts that consumer get exposed to. I always find the background to the WARRANTY DISCLAIMER text to have a fairly funny historical background that is a few centuries old legal case regarding a mill axle. The current form we see now was created as the first example in a list from US regulation guidelines (which reference the mill axle case). A company can use any other form given in that guideline, but as it happens, everyone just jumped on the first example, slapped it onto stuff and shipped it. Lawyers know it is valid for US trade regulation and that was apparently enough for the rest of the world.
I can’t take people seriously who think the little frilly PR bandaids that companies slap on these types of statements mean much of anything at all.
For example, “we promise”.
> "....to help you navigate, experience, and interact with online content as you indicate with your use of Firefox."
We weren't born yesterday, and companies pull this shit all the time. This sentence is meaningless. You could use this sentence to justify literally any behaviour.
One _easy_ way to read this change:
> "... to help you interact with online content"
Selling your data to have more relevant ads could easily be justified as helping you interact with online content
> as you indicate with your use of Firefox.
Using firefox indicates that you want us to do this.
Or,
we made it an opt-out that is quietly rolled out in an update.
Correct, that quote is very typical corporate language that includes selling your data to advertising companies to ""help users discover new experiences which align with their interests"" or some other weasel speak. People acting like that language meaningfully changes the meaning are either painfully naive or think the rest of us are.
If it's simply a matter of principle, quoting the full section with no abridgements because we're larping like we're in a court room or something, whatever. But get real, that section doesn't make Mozilla look any better.
No. We are talking about legality. Quote the whole bloody thing. If you don’t get to say “I picked out the bit I like” in court, then you don’t get to do it here. If you’re so right, then it’s not worth taking out in the first place.
Yes exactly this -- thank you for getting my point, I'm a little tired of internet people misunderstanding things. I'm not even disputing that Mozilla is trying to pull a fast one on all of us, I'm purely questioning the framing by the "journalist" this post links to. To be taken seriously, quote the whole thing -- if it really is a case that the last part of the sentence is meaningless, then leave that in your quote, and address that in your wittering diatribe, explaining to all of us why it's meaningless. Without that, all I see is someone cherrypicking half-sentences and trying to mislead people.
While I'm by no means defending Mozilla here, one quick look at the linked twitter user's history shows that generating rage and taking text out of context is their modus operandi and very much intentional.
I'm bummed that out of all the posts on the topic, this is the one that gets to stay on the frontpage.
Quoting the whole bloody thing is meaningless when the added bit adds nothing to the context. Nothing about the "added context" says they won't sell the data. If anything it just improves the case that they are going to sell the data.
[flagged]
You know, I was just wondering why no one has yet shaped the Rust vs C/C++ in US culture war terms. One side is clearly progressive in the sense of wanting to make changes for the sake of a better (more memory safe) future. The other side is more conservative, seeing enormous benefit in keeping the status quo unchanged.
And that's before getting into the politics of the people working on the language, of which I won't say more.
Here was me thinking we had at least one discussion where the US culture war hadn't metastasised. But I guess in the long run twitter.com/lundukejournal and friends will eventually win. Can't say I'm looking forward to it.
But Mozilla said what they will do. They also had very expensive rebranding to support it! They are now activist AI company that wants to fight disinformation, censor people and sell ads.
You are kind of answering your own question here...
> When you upload or input information through Firefox, you hereby grant us a nonexclusive, royalty-free, worldwide license to use that information,
Taken literally it means that when I use Firefox to upload a file to a customer's web site Mozilla is getting that file too, which does not seem likely. They could get a copy of the text I'm typing right now in Firefox or it means that the browser could do some local processing on those data. But if the results of that processing would stay local why would they ask the permission? It's not that emacs, vim, grep, sed, awk etc have to ask me the permission to use the information I'm inputting into them. So they are definitely sending information back home or they plan to do it.
The point becomes how to block any calls from Firefox to Mozilla. Note that don't have a Firefox account because I never trusted that the data in transit from them would stay private. I'm not logged in into Google as well. Maybe I have to finally install a Pi Hole and route all my traffic through it. Hopefully Blockada will take care of that for my Android devices.
I have seen discussions of this sort of wording so many times over the years. My understanding is as follows (and I could be wrong, but this is my understanding of why that wording is used). If you use Firefox to upload a file to a website then, legally speaking,the browser is acting as a "publisher"of that file. Because of Draconian laws in many countries, to publish a file you have to have a legal right to the file, therefore Mozilla have to establish that if you use them to upload a file that you are granting them the legal right to publish that file. It has to be worldwide because you may be uploading to anywhere in the world.
So why doesn't my backpack come with a mandatory TOS that I won't e.g. put illegal drugs in it and bring it across the border? Why is Firefox any more liable if I used it to publish illegal content on the web than the backpack manufacturer would be if I used it to smuggle illegal content across a border?
Because the legal system around backpacks are better understood. The more common something is the less legal paperwork there is. Judges understand backpacks and have for hundreds of years. Many judges don't understand technology. As a result when selling a backpack you can rely on the court's understanding and thus not have to account for every possibility. Meanwhile because the court might not understand technology you have to account for every possible trivial thing.
for example - app that downloaded entered urls, something even simpler than a browser, hit with copyright takedown in 2023: https://torrentfreak.com/google-bans-downloader-app-tv-outfi...
I don't think a TOS would have helped you with Google's shoot first, ask questions later takedown policy.
Perhaps the legal situation is different somewhere, but I would think the browser isn't acting at all. It has no agency; it's just software running on my computer, following instructions I give it. Mozilla has no agency in that situation either; the software is running on my computer, not theirs.
The new terms grant Mozilla, the corporation a license to do things with my data.
The question isn't what you (who presumably understands technology) would think. The question is what every court in the world would think.
But the more important question then is: what else will the courts think this language allows? Probably Mozilla could argue they need to store those uploads and analyze them under those conditions.
> If you use Firefox to upload a file to a website then, legally speaking,the browser is acting as a "publisher"of that file.
If that's the way the law is interpreted, it's silly.
The "publisher" in this case would be the website the file is uploaded to. If the website doesn't make the file public, then they're not a "publisher".
The browser is merely acting as a tool to do the uploading. Firefox shouldn't be held liable for the contents of the file any more than any other web client. If it did, tools like cURL should be liable in the same way.
Somewhere along the way web browser authors forgot that they're merely building a web user _agent_. It's a tool that acts _on behalf of_ the user, in order to help them access the web in a friendly way. It should in no way be aware of the content the user sends and receives, have a say in matters regarding this content, and let alone share that information with 3rd parties. It's an outrageous invasion of privacy to do otherwise.
>If that's the way the law is interpreted, it's silly.
It's hard to tell from your comment who exactly is the target of your complaint. You're not wrong that this interpretation might be silly, but that's not out of the ordinary in carefully using terms of art to insulate from legal liability.
And the issue of peculiar terms of art is leagues different from the issue that everyone else seems to be raising that it represents an intent to abuse private data. Those are two completely different conversations, but you're talking about them here like they're the same thing.
By such logic, operating systems would need a disclaimer like this, as would keyboards, screens, etc.
That’s interesting, do you know of any cases that were decided on that basis? It seems downright ridiculous but then the legal system is pretty dumb, so…
> the browser is acting as a "publisher"of that file
If that's all is required to be a publisher then ftp, scp, rsync and hundreds of similar tools are also publishers of the files they transfer. However they don't have Terms of Service like the one Mozilla is giving to Firefox.
They could restrict the language to that specific legal situation, couldn't they?
As the browser runs locally on our machine, surely its possible to just block firefox phoning home by DNS black holes or even hosts file or something?
That's exactly what Firefox originally claimed was a stark difference compared to Chrome: "use us and you can finally be safe and not need to play cat and mouse anymore"
At this point my trust in Mozilla is so low that I could almost believe they intent to run the text I download and upload through an LLM nanny that can scold or ban me if anything offends its Californian sensibilities.
> Your use of Firefox must follow Mozilla’s Acceptable Use Policy, and you agree that you will not use Firefox to infringe anyone’s rights or violate any applicable laws or regulations.
> You may not use any of Mozilla’s services to [...] https://www.mozilla.org/en-US/about/legal/acceptable-use/
“Californian”??...
Call it what you like, "San Francisco techy", ""woke"" if you like trendy pejoratives, whatever. I don't care what you want to call it but I won't play along if you intend to say that regional value system is actually uniformly embraced across this country, let alone across the same globe Firefox users are spread across.
In the social sphere Mozilla resides in, voting for a socially conservative political party makes you a fascist which puts you at odds with Mozilla's acceptable use policy if you talk about your politics using Firefox. If Firefox users are supposed to be bound by that document, as judged by Mozilla, that's a problem.
Not everything in the world is about political party your circle disagrees with. Given trends I'm sure Firefox will do something stupid like you're afraid of in short order. But this isnt that, so until then you should save your manufactured culture war fear mongering.
sigh, I feel bad for you... and us Californian techys... this us vs them toxicity is so demoralizing
[flagged]
> is easy to block network access (never plug ethernet)
Some TVs secretly include a modem and SIM card, to make sure they get your personal data back to their masters.
Every company in the world is coming after your privacy. How far are you willing to defend it?
> Some TVs secretly include a modem and SIM card, to make sure they get your personal data back to their masters.
That’s a pretty wild accusation to make without naming even a single brand or model…
> Every company in the world is coming after your privacy.
This is clearly true though.
>Some TVs secretly include a modem and SIM card
Which TVs? This is a major expense for a product with rapidly depreciating costs and intense competition, all to do something illegal/immoral?
I believed this for a time, but now I believe it is an urban legend. Granted a plausible one, and one that might be true in the future... but not true as of yet.
Give us a single make/model that does this.
To test my privacy I us a decoy! I play porn from Hunters laptop in a loop overnight. There are so many reasons it should be reported!
So far no problems.
Really? Which ones?
For the last 10 years or so I've pendulum swung between the positions "privacy at all cost!" and "what's the point, you can't win". Well, I'm tired now and the pendulum is stuck on the latter. All I care about now is blocking ads. Go ahead Mozilla, Google, Apple, whoever, if you can hoover up my worthless browsing data without me noticing, you can have it. I hope my reading HN and watching inane Youtube videos is worth something to you.
> I hope my reading HN and watching inane Youtube videos is worth something to you.
Oh it is. It definitely is
Only if they can use it for ads which was blocked in this discussion.
Of course in the real world odds are they can't block ads perfectly and thus the data has value.
It's all so strange. I would happily buy Firefox, either as a one off, or as an annual license, and be done with all the weird license nonsense - presumably they want to sell data to pay the bills.
But instead the choice, realistically, seems to be between giving all my browsing data to Google and to Mozilla. And Chrome works marginally better... :/
I would wager most people that offer to buy software "one off" typically underestimate their lifetime worth earned through other means like ads and data sales.
Would you pay a one-time $10 for a lifetime Firefox license? $100? $1,000? $10,000?
Last time I checked, Mozilla's ARPU was less than $5 pa. I think many of us would pay a multiple of that per annum _iff_ it went towards Firefox and not whatever project/cause of the week that Mozilla has undertaken.
You're overestimating people's willingness to pay for software when free and arguably better alternatives are available. Preferring Firefox to free Chromium alternatives requires a level of nuance and tech literacy that most people will never have, and even with that tech literacy, people may still prefer Chromium.
You're basically talking about asking for donations from people that prefer to ad-block YouTube instead of paying for Premium.
You are forgetting that Firefox has been around until now with no profit except Google's bribe.
They could've at least tried to sell a paid version - what's the worst that could happen? Any sale would be on top of what they're currently earning per download, i.e. pure "profit" that could be reinvested in the product.
It never was an "either/or" proposition.
They did try some extra services, such as VPN or Pocket. I think at this point a Pocket subscription is how one can fund Firefox.
But indeed, even if they ensure that donations go towards Firefox development, instead of other crap, that would be a step forward.
Pocket and the other Mozilla services fund Mozilla, not Firefox directly. My company uses Firefox professionally and we'd buy per-seat enterprise licences if they existed, iff they funded Firefox development.
We have no interest in funding Mozilla, whose manifesto barely mentions Firefox and who has now decided that AI is their focus.
https://www.mozilla.org/en-GB/about/manifesto/details/
Kagi, a search engine with countless free alternatives, starts at $5/month.
The people who care are willing to pay.
Is Kagi making money? I know they exist, but are they paying their own bills or living off of investors. (I couldn't find a direct statement, but their timeline implies they could be)
Today, who knows. However they were profitable in May 2024: https://blog.kagi.com/what-is-next-for-kagi#:~:text=We%20are...
Without thinking much about it, $60 / yr seems reasonable to me.
I never click on any ads, so while I'm sure I contribute to Firefox's revenue as another pair of eyeballs, I don't deliver any end value to their ad-biz end customers.
> I never click on any ads [snip] I don't deliver any end value to their ad-biz end customers
This is a complete misunderstanding of the value of ads. Clicks are of course the most valuable signal, but any ad seen is valuable. If clicks were all that mattered TV would never had ads, nor would newspapers.
Many ads are about awareness not buy now. Ford/Toyota... doesn't expect you to buy a car the day/week you see an ad, they just want you to think of them when you buy a car. They also want to slowly drive discomfort with whatever car you already drive so that eventually you do buy a new one despite having on that works. (or if you don't have a car they want to be sure you are reminded how much freedom to go places you are giving up - without concern for the costs of having a car)
This logic applies more to Google than Mozilla. Their mission is (or ought to be) to cover development and hosting costs associated with Firefox, not to milk users for all they are worth on the ad market.
> presumably they want to sell data to pay the bills.
Can't the EU just sponsor Firefox?
That's the surest way to kill it, and that is before taking their recent anti-privacy policies into consideration.
That feels like a witty thing to say without much basis in reality. If the EU got their act together and gave Firefox funding, it would be more of a pain in the neck for them to stop doing that than it would for them to threaten Mozilla over e.g. anti privacy policies. Even Germany, a single nation with a lot less difficulty in passing laws, hasn't used their Sovereign Tech Fund (https://sovereign.tech) in such a manner.
And even if they did, it would have to be a world in which they've lost all funding from Google and becoming dependent only on the EU. Perhaps such a thing might happen, but it wouldn't happen overnight — in the meantime it would be more money, from more diversified sources.
Ok, let’s dive into the details:
1) The European Commission has proposed Chat Control, pressuring platforms like WhatsApp and Telegram to scan encrypted messages with AI, including client-side scanning, which critics say breaks encryption and enables mass surveillance.
2) The EU has adopted the eID (European Digital Identity), a centralized digital ID system via a “wallet” app, tied to biometric and personal data for service access.
3) The EU’s Data Retention Directive forced telecoms to store metadata until it was struck down in 2014; debates still persist.
4) The EU’s Digital Services Act mandates platforms share data with authorities to fight illegal content, raising profiling concerns.
5) The EU’s Data Act requires businesses to share data with governments, threatening personal info control.
6) The EU supports the UN Cybercrime Treaty, boosting global surveillance and data-sharing powers.
That’s just off the top of my head; I’m sure there are more examples of how the EU abuses its power and infringes on users’ privacy.
So yes, of all possible stewards for Firefox, the EU is maybe the third-worst, behind only China and Putin’s Russia.
Sigh. This is a fundamental misunderstanding of Mozilla's situation. The "weird license nonsense" you're vaguely gesturing at doesn't even make sense in context. Firefox is open source under MPL 2.0.
Your framing that "the choice is between giving all my browsing data to Google and to Mozilla" creates a false equivalence. Even with their recent privacy policy changes, Mozilla's approach is structurally different from Google's core business model.
And "Chrome works marginally better"? By what metric? Firefox has better memory usage, stronger privacy protections, and doesn't exist primarily as a data collection tool for the world's largest advertising company.
The idea that you'd "happily buy Firefox" misses the point of Mozilla's mission for an open web. This kind of uninformed take that ignores the nuances of browser economics is exactly why we can't have nice things on the open web.
Even with their recent privacy policy changes, Mozilla's approach is structurally different from Google's core business model.
>This wouldn't be so bad if it wasn't that the entire brand identity of Firefox is Privacy.
>It's like discovering there's ham in a vegetarian sandwich. When you ask them they look puzzled and say their focus group was clear it tastes a lot better that way, besides it's just a little bit and the bread is vegetarian and there's way more meat in a Big Mac.
https://news.ycombinator.com/item?id=30715947
If only people cared as much about privacy as vegetarians do about not eating meat...
> If only people cared as much about privacy as vegetarians do about not eating meat...
In Germany, a lot of people do (in particular in hacker and IT-affine circles), and I do claim privacy discussions there often do become as heated as discussions with vegans about meat.
This is the reason why in Germany Firefox has a significant market share (according to
> https://www.statista.com/statistics/462158/browsers-most-use...
13.65%).
> "Chrome works marginally better"
Performance, compatibility, security. Chromium runs faster, it works with more websites, it's sandbox is better, particularly on Android. I don't care much about memory usage as I don't need a billion tabs open at once (does anyone). There's options available beyond Chrome that offer most of the same privacy benefits as Firefox does.
I think marginal is an understatement. As for Mozilla's business model, what business model? They're throwing everything at the wall to see if it sticks and virtually nothing has, all the while their browser has languished. Going full cynic, at this point the only reason it is allowed to exist is because Google deem it useful to have it around as a counterpoint to accusations that they have a monopoly.
> (does anyone)
Oh yes. And you don't even need that many tabs open for Chrome to eat half of your RAM.
Fewer than 100 will massively pig out memory, on Android, Linux, and MacOS, for Chrome, IME.
My main FF instance has ~1,500 tabs FWIW, though I'll often bypass those for a given session by running incognito only. Even then I'll easily hit 100+ tabs in only a few minutes.
There's a cool feature web browsers have called "bookmarks"
RAM is supposed to be used. "Saving" it doesn't bring any value, it's actually just waste.
That's true, until another program needs ram and crashes because chrome is hoarding it all
Ive run chromium and firefox side by side for years to isolate personal from work. The only noticeable difference is Chromium crashes when it uses all the memory.
People's overwhelming fascination with Chrome escapes me. Some subtle detail seems to make it stick out. Everyone remembers that one time ff crashed on 2005, but gives berth to Chrome crashimg every few days and selling their personal data to google.
I dont care if ddg and ff sell aggregate data.
> Firefox has better memory usage
At the cost of a subpar cache; it's not like Chromium is leaking memory, & its memory pressure effects are both well-studied and well-understood. Yet, Firefox stans keep touting lack of comprehensive caching as some kind of advantage. I'm sorry, this is not 2005. It took Mozilla two years to implement some kind of JIT pipelining, and guess what, Chromium had V8 all along: an engine that can benefit from "open web" cooperation courtesy of Nodejs and the vast ecosystem around it. SpiderMonkey? Please. This is the crux of the issue.
> The idea that you'd "happily buy Firefox" misses the point of Mozilla's mission for an open web.
The idea that the web—chaperoned by the likes of Mozilla, can be "open"—is the crazy, unsustainable one. OP is being pragmatic, and considering their privacy carefully. Mozilla's track record is that of a gravely mismanaged, disoriented, and subservient (Google) organisation. Firefox codebase is arcane, was already showing age even ten years ago, & now there's a whole ecosystem of Chromium-based browsers that can benefit from "open web" cooperation.
Firefox has zero moral high-ground, & pretending like it possesses some kind of virtue is a crime against semantics.
I think it's just as well not to have a monoculture (i.e. chomium-based-browsers).
Just being different and capable of rendering websites makes the web a place where standards matter. It doesn't have to be noble to make this happen.
Firefox is just standing in there like a marker - as long as there's AN alternative, there's a chance for ANOTHER alternative.
Everything is a monoculture if you squint hard enough.
Firefox is open source. You can take the source code and strip out all of the malware, spying, telemetry and corporate harm leaving a safe and private browser (to the extent any modern browser can be).
There are multiple forks that do that. Download one of them instead. Mozilla Corporation has no control over those, so if you don't like what Mozilla make, exercise your software freedom.
The problem with Mozilla, as far as I can see, is not the the compromises they make for obtaining money (everyone suffers that), its that they're deceptive and underhand about it. That makes them unethical. I wrote plenty regarding that here [0]
[0] https://cybershow.uk/blog/posts/you-are-too-dumb-for-tech/
The problem with these privacy-first Firefox forks is none have the resources to match FF.
If Firefox dies, eventually so will they, as the code stagnates relative to better-funded browsers.
Saying "switch to a privacy-first fork" is not a long-term solution.
The internet doesn’t actually need any more new features anyway, and most sites reflect this and just serve HTML.
Some sites will need new features. But I guess it is fine to have a data-collecting version of Firefox or even some moderately well behaved malware like Chrome, as long as most browsing doesn’t happen through it. So, I guess I’ll look at moving most of my browsing to a privacy respecting form and keeping the a browser around for faulty sites…
[dead]
> Saying "switch to a privacy-first fork" is not a long-term solution.
You're 100% right while operating in an environment that is hostile to privacy. In these conditions security/privacy remains mostly tactical, not strategic. In fact, against a predominant tyranny it is insurrectional. Free Software will have to learn to adapt with more intelligence-sharing and opportunistic manoeuvres.
As an aside though, one might generalise to say there are no long term solutions in tech, period. And therefore advocates of freedom and privacy are at no particular disadvantage relative to any opponents.
Anyone can fork. However you need to keep your fork updated as firefox does new releases which means repeating that work often. Either that you are need to support all the security fixes yourself.
Rather than downloading random binaries from random forks (or clamour for governance at the sidelines), you can take back more control by building your own fork.
Librewolf and Waterfox are two fine choices to use for upstream sincr they have saner defaults and make the forking and building easier to wire up.
Ive been running my own FF fork for a few years like this now.
Link directly to the Github commit: https://github.com/mozilla/bedrock/commit/d459addab846d8144b..., which links to the following issue: https://github.com/mozilla/bedrock/issues/16016
There are a bunch of locked Google docs linked in the issue, probably internal privacy guidelines.
I can't say that this surprises me, perhaps they are looking for alternate revenue streams in case Google cuts them out?
To HN: Will you be quitting firefox over this change, or is there simply no better place to leave for?
What's the purpose of gating "we don’t sell access to your data" by "if switch('firefox-tou')"?
They said in the commit comment that the new TOU will "roll out" to different people at different times.
Does that in multiple places. Maybe they wanted a way to quickly revert it? Or enable on countries where they think they can get away with it?
"No better place to leave for" seems an apt way to put it.
I think/fear that in the long run, there will be fewer and fewer ways to participate in activities and communities on the web on your own terms, as only a vetted, allowlisted set of client builds (that may be "open source" on the tin, but by that point it is effectively meaningless) will be able to pass CDN "anti-abuse" restrictions. It will not be a better web, but it sure will be more profitable for some.
> No better place to leave for
This is an amazingly common psychological trap. You wouldn't believe the number of people, men as well as women, who end up in the therapy chair, at the police station or at the hospital A&E, because they are "stuck" with a violent and abusive partner.
The modern tech landscape is all about abuse. People use fancy names for it like "enshitification" or "rot economy" - but at the end of the day it's about domination and abusive relations.
A very common position here is that the victim sees "no alternative".
And... surprise surprise, where they get that idea from is the partner, friends, group/organisation that is also toxic and colludes in gas-lighting and co-abusing the victim into a limited worldview.
Once the victim spends any amount of time outside that mental prison, they regain perspective and say... "Oh, so I actually do have choices!".
This is a poor analogy. There are thousands of people to meet and bond with, so you do have a choice. But there are less than a handful of fundamentally different browsers.
Derivative browsers don't really count here, as they depend on the upstream to not hurt them. For instance, if the parent project completely removes something essential for privacy, it it a lot of work to keep it in your code. The Manifest v2 removal is an example. Over time, when other changes are built on the removal, this creates an increasingly high burden. Eventually, the child project is starved. You simply do not want to be in this position.
> This is a poor analogy. There are thousands of people to meet and bond with, so you do have a choice. But there are less than a handful of fundamentally different browsers.
This is because users decided that they want a browser that spies on them.
At least in Germany in hacker and IT-affine circles, you will often be frowned upon if you voluntarily use Chrome or Edge (except if you have a really good reason).
> At least in Germany in hacker and IT-affine circles, you will often be frowned upon if you voluntarily use Chrome or Edge (except if you have a really good reason).
That's largely the same here, at least for anyone worth their salt. But how does that matter when Mozilla's pulling things like this?
For years now your only browser choices are "Google", and "funded by Google", and it shows.
I can't even give someone too hard of a time for using vanilla chromium or similar anymore; Not like it's any worse than literally every other browser offering nowadays, minus rare exceptions like librewolf or ungoogled chromium that also add a whole host of minor technical complications to use.
I don't think the analogy is weakened by bringing numbers/quantity into it. The dynamics work for any number of principals. Take a 3 player game, where Alice trusts Bob but is better off with Bill, however Bill is not visible to her because of chaff/disinfo/noise broadcast by Bob or Bob's confederates.
It's not what Mozilla does, it's about what Mozilla says/claims.
Mozilla is a deceptive/defective entity here.
The numbers matter because they affect whether there actually is a better option.
What happens when Alice is with Bill, but Bill is also abusive to a lesser extent? And "don't have a browser" is not an option.
You only need one better browser to switch to. I guess you're getting at a Hobson's choice [0], that there really is only one browser and all others are copies of the same harmful set of properties, so moving isn't worth the overhead (switch cost is a factor in this that we often ignore). To my mind, there must be at least one browser out there that is "less undesirable" than that case. Just iterate your way into your comfort zone.
So often arguments on this axis come down to how much convenience are you going to give up for the trust relation you desire. We get stuck if we mistake convenience for necessity thereby bringing absolutes into a continuous trade-off problem.
So, where is the better Bill of browsers that Mozilla is preventing me learning about?
Yes, I’ll be leaving. I used to prefer Firefox but have long since moved to Safari for browsing and <insert Chromium based browser> for web dev. Every year I give switching to FF a try. I’ve been using it for everything since mid-December but it’s honestly a pretty bad user experience. This is the move that’s gonna make me stop for this year’s trial run and all future ones. It’s simply not worth my time if their ideals don’t align with mine anymore. Safari and Chromium have their issues but I know what benefits I’m trading off for. Without ideals, FF has no standout features compared to the alternatives (for me).
I'll look for somewhere else. Web browsers aren't as special as they used to be, there's a lot more choice now. Funny thing was, I was paying for Firefox through some of their services (VPN) that I had no intent to use.
I'll keep using firefox simply because I keep it behind a proxy server with all pocket, mozilla, firefox and google domains blocked.
The larger impact I suspect this will have in my life, is that I'll increasingly turn to not using websites, opting instead to using tools like yt-dlp.
These changes didn't just happen because of a bunch of greedy ad pushers. This and many other changes over the last few decades came about by taking my tax money and pouring it into these companies to gain compliance to state agendas. This isn't something the 'community' will be able to stave off.
If the internet is just going to become another medium like TV, Radio and newspapers were for so many years, adding on top the ability of the producers to watch me watching them, then it's over. The tech community is full of intellectual dishonest sellouts. Game over. Let's push letsencrypt again in response to the state backdooring the certificate authorities, duuurrr. "AI", duurrrr.
What other tools are you using instead of Firefox and/or a browser?
How does discovery work with tools like yt-dlp?
I quit the original l"Firefox" a long time ago, I've been using librewolf since its release and now zen (also a firefox fork) and I keep ungoogled chromium in case a site is broken on firefox.
I'll stay for the time being because there is no better alternative.
> To HN: Will you be quitting firefox over this change, or is there simply no better place to leave for?
Not to be overly whataboutistic, but we tolerate sooo much more from other players. It's annoying how we hold some to a higher standard, but ignore others doing worse. I get people are disappointed in Mozilla and wants them to do better, but it's a bit like the "we live in a society meme", where those doing good must be perfect or else..
I use Firefox, and advocate for people to use Firefox, because I believe it's the one browser that is not evil. It's the entire reason for the existence of Firefox.
Saying, well, why aren't you upset that Chrome is evil is such a confusion of ideas I barely know how to respond. Yes, I know Chrome is evil, I've been telling people that for many years, and I don't use it.
> It's annoying how we hold some to a higher standard, but ignore others doing worse.
People use FF, _because_ they can hold it to a higher standard. That's the entire point.
Those perceived to be doing good are often used to lessen the blow of those perceived to be doing bad. Like how it's not so bad if your train sinks of faeces if there's a bus you can take instead. Losing the safe alternative makes the original sin worse.
Yeah, I've been a Firefox user and Mozilla supporter for approaching two decades now, even used to donate monthly to the foundation. I'm furious over this. I installed LibreWolf on my personal machines last night and expect to uninstall Firefox after work today.
I'm a happy LibreWolf for years. The transition from FF to LibreWolf is seamless. And you won't be surprised anymore nor annoyed when Mozilla does moves like that.
It's seamless-ish.
Sometimes the more aggressive privacy settings stop some sites from rendering properly unless you add canvas exceptions, for example Openstreetmap and UK National Rail.
I'm happy to make the effort.
/Librewolf on desktop, Waterfox on mobile.
I probably will, actually. It was good to have an ally with their stature and history.
I have long left the sinking ship and switched to enshitified and actually private https://librewolf.net/
Which will go under within a few years of FF dying. (Yes, the current code may still work, but the web will move on without it.)
i don't think that matters. we are looking for firefox based alternatives to get away from stupid policy changes, not to find a browser that has a better chance of survival.
any alternatives will be good as long as firefox is alive. if firefox itself dies, then that's an entirely different matter.
I am very aware but that does not change that currently its a superior alternative.
When I was a contractor, I worked on a project with this well-intended guy who wanted to make an app for people to store a persistent map of their movement over time using the GPS. On day one, he made it very clear—and I believed him—that a user's private data was sacrosanct. As the project wore on, never finding traction, and costing more and more money, I remember one of the last meetings I attended with him. He was trying to find new sources of revenue to keep the company alive, and he uttered the inevitable phrase: "well, we've got all this user data we could sell." That was one of those moments when you get a little more cynical, and since then I access as an axiom that every company will sell my data eventually, regardless of their promises. It's just a question of limiting their access to it, and being willing to switch to an alternative every once in a while.
Debian feature request: A system-wide switch to disable all telemetry and "cloud integration" features that make any network connection to the developers' or developers' partners' servers, applied to all software distributed in the official repositories.
It's time for distributions to only include browsers developed by non-profits
If Debian could just stick to free software that'd be grand. It is a good ideology and there is no need to change it. Introducing ideological confusion is one of the paths to organisational rot.
Just use https://librewolf.net
So:
If the thing that doesn't suck isn't the thing that comes with the OS, it's time to fix the OS.Also, that feature should exist. The next time I see a story about MS training ChatGPT on your nude selfies, I want to be able to show people the big red switch that says "All Telemetry: OFF" as an example of something Microsoft will never give them.
But you first have to provide it in order to show to them that you provide it.
That is a distro problem not a software problem. Librewolf is available as a flatpak meaning on every Linux desktop distro.
https://flathub.org/apps/io.gitlab.librewolf-community
If you want to be pendantic again:
apt -y install flatpak && flatpak install io.gitlab.librewolf-community
It is possible to improve the distribution and that is the thing being requested.
If you want to improve the distro go ahead. But it's fantasy that every distro will support every software => flatpak
The suggestion is not for all distributions to support all applications, it's for Debian to support system-wide disabling of telemetry in the software it does support.
They could compile Firefox with telemetry disabled however i would not trust those settings since even with that Firefox does plenty of unsolicited phoning home and has a lot of bloat.
Apt is basically just a bad package manager:
But I do agree, it's hard to find these alternatives, and have them be "just works". Librewolf still sometimes have weird issues (for good reasons!), but it means I don't recommend it to "normies". I just tell them to use firefox and most importantly adblock, giving up ads is a huge ROI both in terms of quality of life and data privacy. Everything else is almost marginal in comparison.Apt being a bad package manager is not related to the selection of packages that Debian ships or doesn't.
Why Librewolf and not Waterfox or any other open source fork?
because I don't think a tiny browser fork that moves too far from the original is maintainable and secure long term. even someone of microsofts size seems to think so. librewolf is mostly config changes and couple small patches removing superficial anti-feature like pocket.
Which network access is telemetry?
User explicitly requests connection to a specific server (e.g. navigates to debian.org), so browser makes a connection to debian.org: Not telemetry.
User explicitly requests a connection to a specific server (e.g. navigates debian.org), then browser makes a connection to mozilla.org to upload metadata: Telemetry.
In general telemetry is when the software connects to a server chosen by the developers and not telemetry is when the software connects to a server chosen by the user.
When I open Slack, to which servers am I explicitly requesting a connection?
I see your point, but my point is that implementing this is either impossible or would require changing how networks are used by programs at a fundamental level.
A middle ground might be to create a distro that uses something like SELinux to prevent all network access to non-system processes. Then each package would have to be audited to determine which addresses it can bind to, and/or which name lookups it can do, and how those capabilities are connected to actions performed by the user. Then there is still the question of what to do about software that accesses the network independent of the user, but maybe you can argue that shouldn't exist. How do updates work? Besides, if I allow Slack to connect to mychats.slack.com, nothing prevents the software from sending telemetry to that endpoint. You would need an army of manual enforcers, and that's not to mention non-free software.
> When I open Slack, to which servers am I explicitly requesting a connection?
Debian only supplies open source software. Proprietary apps that only support the vendor's service aren't included as it is. Open source apps using standard protocols like Matrix or similar do allow the user to choose the server.
> A middle ground might be to create a distro that uses something like SELinux to prevent all network access to non-system processes.
We're talking about open source software in the official repositories. You're not putting it in a jail to thwart it from defecting on you, you're modifying the code so that it doesn't even try.
> How do updates work?
When you install Debian it asks you which mirror you want to use for updates. Several of them are provided by universities etc. You can also make your own and some large organizations do that.
Would cdn-debian.org be allowed? Its on a different domain, but I've noticed a lot of websites use a different domain to host their CDN.
You're referring to requests from the same page as the one the user requested, rather than requests by the browser at the behest of the browser developer. Loading it is presumably what the user intended by navigating to the page and if it isn't then at that point it's in the bailiwick of uBlock etc.
This is pure speculation, but what are the chances this change is simply an attempt to provide legal cover what they might have started doing 50 versions ago?[1]
[1]: https://news.ycombinator.com/item?id=29082856
According to the tweet, Mozilla claimed
> “Does Firefox sell your personal data?”
> “Nope. Never have, never will.”
I do believe that never is a very, very clear statement (concerning every possible future) that needs no legal cover.
Been using Firefox as main browser since it was called Mozilla.
It's the only desktop application I've consistently installed on every desktop for that long. This is the end of that era and ends the streak.
It's as frustrating as it's sad.
What are you replacing it with?
This is getting niche enough that I'd doxx myself :^)
Check out everything recommended elsewhere in this thread though! And strive to compile your own fork based on whatever.
As Far as I can understand, Firefox is paid by Google just to justify chrome is not the only choice, and avoid anti-trust lawsuit.
I read the Google money are the true income, and it is a pity, because this technology merits more now than in the past.
Like they say, die early or live long enough to become a villain.
I never thought I would live to see the day when Mozilla's ethics would shift away so much from the "ethical" alignment.
Does anyone have any idea of what has changed inside Mozilla to prompt this?
Maybe business necessity finally caught up with them
The Vivaldi browser takes donations FYI. https://login.vivaldi.net/profile/donations
I have been wanting to love Mozilla for a while, but let's be honest: I use Firefox because Mozilla is the least shitty of those companies. I don't like Mozilla, I just hate them less than the alternatives.
I note LibreWolf is built from FF sources.
Zen also.
Are they specifically removing the telemetry stuff Moz are going to use to collect user data?
https://spyware.neocities.org/articles/
Librewolf has less spyware than waterfox.
They just use Gecko, right? Is telemetry actually built into the rendering engine
Mozilla became an ads company after acquiring ads tech startup Anonym. These changes follow that direction.
So... for the most practical question:
Anyone have a favourite Firefox fork that removes this and doesn't add other spyware or reinvent the UI too much?
That's almost exactly describing Librewolf, though it adds a ton of privacy 'hardening' features out-of-the-box, which can be a positive or negative depending on who you ask.
I personally use Librewolf with the Lepton (Photon style) UI[0], which replicates the previous UI style Firefox used a couple years ago, with small square tabs and condensed menus, before the current pseudo-tabletified abomination.
Of course, if you like the current UI—you'd literally be the first person I've met to like it—you can just use librewolf stock and it doesn't apply any changes to the standard Firefix UI.
[0] https://github.com/black7375/Firefox-UI-Fix
Librewolf seems to be the best. https://spyware.neocities.org/articles/
I see a lot of people suggesting Brave, but is it still full of crypto nonsense?
The coin is still baked into the browser, but it's disabled by default and doesn't really nag you about it.
At least, that's how it was when I used Brave around 2021-2022.
I've long-since moved to Librewolf, but it's my 'plan C' browser if SHTF with firefox and its downstream forks ('plan B' being Ungoogled Chromium)
Brave has a couple crypto features in the UI but that's about it. I'm big on crypto but I don't use any of the browser's crypto features. Just a browser that cuts most of the bullshit out.
Only if you enable it?
The problem with the other mainstream browsers is they're embedded with ad-tech nonsense which you can't get rid of.
Yes.
Shout-out to Vivaldi. If you're looking for alternatives, give it a chance.
The engine monoculture is not great, but they're a small team and doing a great job to create a useful browser.
People are acting like this is new. This is about:studies. With about:studies you agreed to upload usage data. Right now they are enabling credit card autofill support, a CRL alternative that doesn't give information about the sites you visit, etc. Actual corporate goes out of their way to say "we do whatever we want", Mozilla at least gives a condition.
What I ask myself is why is Firefox collecting months of telemetry data if sending telemetry is disabled.
If I disable telemetry, I would also expect it to not get collected.
So that there's plenty to send when they oops-accidentally forget that setting during an upgrade, and ask you to set it again.
They will of course assume opt-out rather than opt-in, and send what they've collected the moment the browser launches, then they're ready to give you the choice of opt-out once again.
Windows user, 32 years FF user (Mosaic, Netscape, Firefox), what to do now?
Anyone forking? (I don't want a derivate which Mozilla controls)
[edit] Switched to Waterfox (Macos, Windows, Linux, Android), no fork but better than FF for now
Firefox forks:
* Waterfox
* Librewolf
* GNU IceCat
* Pale Moon
* Seamonkey
Chromium forks:
* Ungoogled-Chromium
* Thorium
* Iridium
You'll have to do your own due diligence as far as how trustworthy or suitable these are, but nominally privacy-respecting alternatives do exist.
Thorium is regularly 3 months behind on updates
Iridium brings me to a 404 when I try to download it for MacOS
Sadly, neither seem like good options.
Thorium is regularly 3 months behind on updates
Unfortunate, I suppose, but this is the kind of tradeoff that is to be expected when switching to something maintained by one guy in their bedroom instead of a megacorp.
Thanks didn't know, thought Waterfox etc. were just a new UI on top of Firefox rendering/HTTP/HTTPS/etc. engine and were depending on Firefox development. Didn't know they were forks like the Redis forks for example. Will take another look.
"Ungoogled-Chromium"
Can't be a fork? Don't they just patch Chromium?
I mean I guess that depends on what you mean by fork? Most of the above projects follow upstream Firefox/Chromium (Pale Moon, for example, doesn't -- but that also means less support for recent web standards) but they are forks in the sense that they maintain the codebase/patchset themselves. How much they actually diverge from upstream varies by project.
So you're right that they are dependent on Mozilla for now. With Mozilla circling the drain lately, maybe that could change. But right now, for the purposes of removing privacy-unfriendly antifeatures, I find them sufficiently independent for my purposes. Most Firefox code isn't evil.
If you want something like Firefox but you're adamant that Mozilla can exercise no control over it, Pale Moon is probably the one you want to look at.
This is of course very subjective.
With fork I mean, taking the code, forking it, and developing it on your own.
If someone would take the Redis-C lib and the Redis CLI and change it, but keeping Redis unchanged, I would not call that a "Redis fork".
Valkey who is forking Redis and everything, does not depend on Redis (at most cross patching exploits). I would call that a fork.
"Most Firefox code isn't evil."
You are successful, they will change the license, and you're dead - most current fork will not keep up the work because it is too much compared to changing the UI.
"recent web standards" The only reason for these is the cartel of web browser vendors (Google,Apple,Microsoft,Mozilla) to keep out competition. Worked for 10+ years, until Ladybird showed the strategy is flawed.
You are successful, they will change the license, and you're dead
Yeah, but this assumes that Mozilla itself is successful enough to retain the leverage to pull back users towards Firefox.
With the kind of stuff they have been pulling lately it's possible to see a future where one of the above forks (or call-them-what-you-will) gain traction and take users and developers away from Firefox. If this happens, Mozilla deciding to close off the code would just be the last nail in their coffin.
If you don't want this to happen, then a company would need to:
1. Have the capital to build and maintain a browser 2. By selling copies of that browser 3. In sufficient funds to keep the business going and make the owners a profit.
Let's say you can do it with a small team -- if you're forking something like firefox, and pay for the salary of 21 people -- full time, 8 developers, a PM, a manager, Customer support (3 people), 3 sales folks, and 3 testers, and one owner.
If the average salary is $175,000, and the fully loaded cost of each employee (including office space, equipment, benefits) is $250,000, then just to break even -- and not even account for inflation or costs rising -- and not even accounting for capital expenditures, the product would have to sell 105,000 copies at $50 a pop.
If you sold it for $30 a year, that's now 175,000 copies, every year. Realistically, to account for taxes and the fact that Developer salaries are no longer expensible (thanks Trump!), you'd have to sell around twice that number of copies, so around 350,000 copies of this browser, a year. Every year. Just to break even.
When's the last time 350,000 people said, "I want to buy a web browser?". When's the last time 350,000 people bought a web browser?
We've made our own bed in this one, the second folks saw that Internet Explorer was free; and that killed the original Mozilla browser -- that -- by the way -- I happily paid for.
If you want an internet where you're not the product, then that's an internet where the business models have to change, and the customer desire to pay for the software they use has to go up.
And that still -- still -- does not alleviate the problem of capital needing to get started, which is only exacerbated by the Section 174 changes in the TCJA of 2017.
Can someone elaborate on what this means? Has Mozilla completely abandoned the "privacy" focus? I.e. should I stop recommending the browser and find an alternative? Deleting sentences like "We never sell your data" is for a long-time fan of the browser very alarming. But frankly I'm confused by the PR/blogs and can't tell from the privacy policy if/how it now allows selling my data.
Relevant discussion: https://connect.mozilla.org/t5/discussions/information-about...
Just installed Librewolf last night and will gladly support the end of Mozilla.
I honestly don't understand why Mozilla isn't succeeding with a "privacy subscription" where for $100/year (or $20/month or something) you get a full kit of digital sovereignty tools. Password manager, Mozilla, email with privacy features, secure file transfer, ephemeral cards...
I'm genuinely curious if people can comment why this isn't working -- because it seems like they've actually already tried versions of this!
Google pays them south of a $billion/year. Your money means nothing.
I'm not using Firefox because it's functionally superior to Chrome. I use it because it's not a surveillance technology and Chrome is. Privacy is the only reason why I'm using Firefox.
The board governing Firefox development has got to be some of the worst. They don't understand the product nor their users.
Related on 27-feb-2025:
Mozilla owns "information you input through Firefox" https://news.ycombinator.com/item?id=43200065 271 comments
Mozilla's new terms of use are out of step with Firefox's direct competition https://news.ycombinator.com/item?id=43194536 139 comments
Mozilla Introducing 'Terms of Use' to Firefox https://news.ycombinator.com/item?id=43187423 40 comments
Welcome to Ladybird, a truly independent web browser https://news.ycombinator.com/item?id=43200806 211 comments
Hmm it seems to me a viable solution (at least for the more tech inclined) is to just firewall it so it's unable to call home (although then there's an extension sourcing issue). Unless there's more of a philosophical stance. Or am I missing something else?
I've been a mostly happy Firefox user since v2, and have made it through - though will never forget - the extensions system "upgrade" debacle and more. As long as I have means to maintain reasonable control, I'll continue with it into the foreseeable future, because I consider the Chromium-based alternatives to be worse.
"At least for the more tech inclined" instantly eliminates 99% of users, probably even of Firefox for what you're talking about. I mean I'm tech inclined and I have no idea how you propose to firewall an internet browser from calling home. Maybe it's possible, I've never tried so I legitimately don't know. But if it is, it's an absolutely meaningless portion of users who'd even be able to do so much less go through the effort of actually doing it.
Okay, can anyone recommend a good, uBlock-Origin supporting browser that isn't controlled by underhanded corporate/for-profit lying-through-their-teeth pieces of shit?
Making these legal terms changes while "summarizing" them with the typical "we care about your privacy" bullshit is of the same nature as punching someone in the face and exclaiming you are caring about their health. It's just evil - misleading and abusive.
I feel like the internet needs a tracker of moral failings of companies/organizations like this, it's still too easy for something like this to slip through and not reach sufficient publicity to affect public opinion and therefore action. They need to be held to the highest account, openly, publicly, and brutally shamed, ostracized and sued if necessary. If they fail and exploit the rights of individuals, mishandle the "implicit consent"/trust of their users, at their scale, they fail and exploit collective humanity.
One may argue this is a non-issue due to the freedom of contract - and people can just choose to use whatever they want - but who among us has such a continuous legal awareness of all the software they use to be able to switch whenever needed due to some software enshittifying?
My only hope may still lie in software managed by legally codified (truly) non-profit organizations. Lichess and the Blender Foundation are led by people who have held to their word, and made the world better for it.
https://librewolf.net/
What does that mean for the Tor browser [0] which is based on Firefox?
[0] https://www.torproject.org/
Nothing. The ToS is not part of the license to the code.
It means that the state got a two-for-one deal.
How does this matter? If it said "never" it cannot be changed by deleting it, because never means for eternity. Otherwise it wasn't a promise.
How does corporate promises work? Like, I used Firefox when they promised never to sell my data. So I should be grandfathered, right?
There's no such thing as a corporate promise. There are such things as legal contracts and lawsuits, neither of which likely apply to anything Mozilla says about their browser.
The only surprise here is that people are surprised by this. Mozilla is an advertising company, since almost a year ago.
Fully agree, here is a context for those who missed it https://www.adexchanger.com/privacy/mozilla-acquires-anonym-...
I've been using Mozilla since the browser was literally called Mozilla, and I remain loyal simply because I don't think we should fragment the ecosystem. One company focusing its development resources is a lot better than 3 open source projects.
But fact is that Mozilla is effing up big time. They remain in the bay area where developers are paid super high salaries when they should be a 100% remote company. They have bugs and issues decades old. They keep flirting with big business.
They are also our last big corporate hope against the enshittification of the web.
It's all just part of Mozilla's ebb and flow. Give it until 2027. They will have lost all community support and be trailing in many browser metrics. And then they'll do something that once again builds them a niche of devoted fans.
It has happened before. And before that, and before that.
Ask HN: Is ungoogled chromium a good alternative ?
It's missing containers and overall has less privacy features available than firefox.
This is exemplified compared to forks like librewolf that enable the majority of them.
Ungoogled Chromium and stock Firefox are pretty similar privacy-wise though.
The main advantage is all baked-in telemetry is stripped out, but it doesn't do much to protect you from privacy-invasive sites other than disabling WebRTC and blocking 3rd party cookies.
I used it for a number of years, but recently switched to Librewolf ~5 months ago and don't expect to switch back unless Firefox and all downstream forks completely implode.
The main question for me is can ungoogled Chromium run uBlock Origin?
Yes, it's just a downstream fork of chromium. It can run any extension that runs on the equivalent upstream build of chromium.
For the same reasons you can install it on Librewolf too, and it actually comes with ublock origin pre-installed.
> Yes, it's just a downstream fork of chromium. It can run any extension that runs on the equivalent upstream build of chromium.
Therefore, no, it cannot run uBlock Origin, or soon will be unable to run it.
Ungoogled chromium is a good alternative in terms of privacy because all google-related services are gutted and there are no other built-in telemetry things.
There are some downsides, too.
First, you have to do some research on learning to make this browser work conveniently, e.g. finding alternative services to sync and backup your settings, bookmarks, accounts and passwords, etc.
Second, changes pushed by Google like Manifest V3 is still hard to deal with.
The writing on the wall was there since a long time ago considering the actions of the foundations leadership. They burn money like crazy on some useless stuff, no direction or idea how to bring back FF into the spotlight where it belongs.
Now with the changes with Chrome (basically killing of adblockers) they have a big window to make a play but instead they make the most idiotic move possible. Typical Mozilla - a mix of great tech (e.g. Rust) and detached from reality leadership.
I've been using Firefox since decades, even when it was a slow and buggy piece of crap compared to Chrome but now I think it is time to move to something else. But what will guarantee me I won't get a rug pull when some MBA takes the reins?
Ask HN: Is Brave an ok alternative?
Brave was never good: crypto-crap, based on Chromium, and was modifying web pages from the start without your consent. I never understood why people use it.
People use it because it is essentially Chrome with uBlock-Origin built in (I think the developer of uBlock Origin is employed by Brave) and it removes the stupid cookie modals that are on every website. Between running a pi-hole and Brave, I rarely see an advert on a website.
Turning off the "crypto-crap" can be done quite easily (you literally right click on the BAT icon and it is gone) and the new tab ads are removed again with a couple of clicks. I've found it also runs much better than Firefox on older hardware.
> can be done quite easily
The first and last time I tried Brave, it was injecting links (with a pretty golden picture) in each post of reddit (and I'm not talking about changing the referrals). To turn that off I had to look deep into the settings.
I've not seen it do that personally and I've been using Brave for a number of years now. Not saying that it hasn't happened either.
The Youtube adblock always works
Depends, but with this news you will probably not be downgrading too much.
Brave really does have a bunch of very nice features, I particularly enjoyed using them on my phone to download videos from youtube for online listening. Built-in adblocking is very enjoyable too.
Do note that there had been several smaller controversies, including one that 'Honey' got recently into hot water for, which was replacing affiliate links with their own. There is currently an on-going lawsuit with Honey for this.
In honesty, look at the controversies page on wikipedia and decide for yourself, I don't think there is a good or a bad choice here.
https://en.wikipedia.org/wiki/Brave_(web_browser)#Controvers...
In my opinion, if you care about the open web, then you should not be using a Blink (Chromium) based browser like Brave. The less control Google has, the better for the web.
Well that ship has sailed.
The internet used to be controlled in large by Microsoft. Then it wasn't. It does not have to continue to be controlled by Google in the future. Not using Chromium based browsers is a first step.
I use it. Turning off the ads and annoyances can be done in literally 20 seconds. It has uBlock Origin built in and removes the cookie modal popups.
It has a nice sync feature so my bookmarks / extensions are sync'd. The developer tools are exactly the same as Chromes.
It has some controversies in the past, but generally it has been ok IMO.
Brave is my favorite so far. You can run an HTTP monitor like Charles Proxy or Fiddler in your OS if you think your browser is snooping on you. I do Brave + Ghostery and works great.
Mozilla lost its missing a long time ago. The previous CEO was a disaster, and it looks like this one is too.
I think it's safe now to call Mozila's management as criminals. They are using old Mozilla's reputation to profit off people's data.
I promise, I will never die.
We need an EU alternative to Firefox.
Just sponsor Servo[1], it will be much safer than Chrome or Firefox once ready.
[1] https://opencollective.com/servo
Is it EU based though?
Overseed[1] by Linux Foundation Europe.
[1] https://servo.org/about/
Sell out
https://xcancel.com/LundukeJournal/status/189524980533888659...
Adieu Mozilla!
Mozilla too?
That's all! Thanks for watching folks.
Time to switch: https://librewolf.net/
These FF forks will all be nonviable within a few years of Mozilla going under. Google and Apple will keep moving the web (for better or worse), and these forks will be unable to keep up for lack of resources.
Whether they get relatively slower, or just can't support some new web tech, the writing will be on the wall.
"A few years" is at least 10 years, though. That's a lot of time to pivot or get morally sounder funding sources (users for example).
They made too many decisions on their own to be a 1:1 replacement. I think there needs to be a new fork, which would just remove all of the spyware bits.
If you think Librewolf is too opinionated, try Waterfox [1]
[1] https://github.com/BrowserWorks/Waterfox
Waterfox seemed a bit too opinionated as well, especially in terms of extra code, weird versioning, patch delays.
Which decisions? LibreWolf ist exactly that + hardening used in tor browser maybe you mean those but all of them you can change in setting.
Like I need to watch DRM for my job, and it doesn't work at all. I also already ported most of their configs that I actually researched each and every line of myself + Waterfox + Arkenfox's configs into my generic Mozilla Firefox, and it works great.
"Never" always means "Until we decide otherwise".
I suppose the main target here is to sell firefox sync bookmark and history data?
It is possible to host your own firefox sync instance but it's too much work. I hope it gets easier with these announcements lighting a fire under people.
Guess they have to pay the CEO's seven million dollar salary somehow ¯ \ _ ( ツ ) _ / ¯
All talk of "Privacy", "Principles" and "Promises" from Mozilla was already empty as they were completely dependent on Google's money.
This should surprise absolutely no-one and Mozilla never cared about their claims of privacy or their users as long as Google was paying them.
So now we know that when it comes down to the wire as their biggest customer (Google) was under anti-trust scrutiny; indirectly threatening Mozilla's deal with Google, They once again chose to violate the privacy of their users to sell their data to other companies like Google.
For Mozilla, money has always crushed their so-called "principles".
I bet there are still some software developers there who genuinely care about the mission.
Other than that, I've had to backspace and abort comments so much tonight, because I was angry beyond decorum, at the repeated betrayals.
Cool down friend.
There will always be great people building alternatives.
The illusion of mozilla having any privacy principles collapsed for me on May 2019 when they required users to enable telemetry to allow using adblock and tracking blocking extensions.
i switched to Firefox because of Google's Chrome's nonsense on ublock origin. turn out Mozilla's firefox also have its own nonsense.
Obligatory GDPR post.
Data of UK and EU users is protected. Why doesn't the USA have such sensible data protection laws; the only hostility I see is from surveillance capitalists spreading their FUD.
Did you not see all the surveillance capitalists at the inauguration?
Haven't you heard? Protecting liberty is against freedom. Ask Mr. Vance about it. /s
[flagged]
Apple removed encryption for iCloud users in UK. I don't see the outrage on HN why?
Because you're looking at a thread about Mozilla, the outrage is in the threads about Apple removing ADP for iCloud users in the UK.
Yes. Thank you.:)
It got 1700 points.
Misleading framing.
Apple removed encryption for iCloud users in the UK rather than pretending to keep it while giving the UK a backdoor.
In this, Apple was the good guy and the UK the bad actor.
https://news.ycombinator.com/item?id=43128253
I kept getting flagged for calling out Firefox/Mozilla, for years
Now you get what you deserve, folks
I'm sure there is a better source than that culture warrior twitter account.. Like the commit on github itself, for instance.