Right, so there is a genuine moral case for Mozilla doing this. It depends why you hate ads:
A: the main problem with ads is tracking and privacy invasion
B: the main problem with ads is manipulation and seizure of my attention
If you only care about A, you might like this approach, as in principle if it works and becomes standard, then the pressure from the ad industry to track everything will be easier to resist, as 1) they will have less incentive, and 2) the argument that tracking is essential is undermined, so it may be possible eventually to ban it.
Of course, that assumes that you trust that this is better for your privacy than tracking. After all, it does feel a bit like tracking... If it's done properly then your individual data is not sprayed to a thousand dodgy ad brokers, but only to one company who tells advertisers not about you personally, but just whether their ad is working.
The question is, does it work? Are they doing it properly? Do they have the correct incentives to keep doing it properly in the long term? Can advertisers just undermine it by giving everyone's ads a different ID? Also, your threat model may include that this aggregator company is hacked, or that the government secretly forces it to share the data with them.
Nevertheless, I think that Mozilla probably genuinely think this is better for privacy. And there is a case that there is.
A big issue however its that at present the constituency for Firefox includes people who care about B. This doesn't undermine that directly, but it does mean that Mozilla have an incentive not to care about it.
Ad blockers are probably more popular than Firefox.
The original web did not have targeted ads and did not require ads to exist. It has never faced an existential threat due to "not enough data collection and targeted advertising".
The web is not TV. At least it did not begin that way. The above is from the mid-1990s when the web was nothing like TV, not even close. The first paragraph is prophetic.
For a "non-profit" organisation, Mozilla is extremely focused on making/keeping the web a source of profits for a selected few.
Giant websites calling themselves "tech companies" are nothing like newspapers. Newspapers sold a product: journalism. Readers paid for newspapers. These giant websites do not sell a product. They do not hire journalists to produce news. These websites are free. If they chanrged for access few people would pay. They use the products of other peoples' labor as bait to lure in ad targets because the product of their own labor has no such value, it draws no significant audience. They are intermediaries, middlemen.
Mozilla wants to encourage and protect this behaviour, not change it. Make ads "private". Mozilla is along for the ride. Keep the money flowing.
If newspapers are your model of a better alternative - pre internet, newspapers were funded largely by advertising. Yes, they also took subs and sales, but they could not operate on that alone. A very large amount of product and service discovery -not just consumer, but B2B -happened by means of ads (including classifieds) in newspapers and professional magazines. Have a look at a 19th century issue of "The Engineer" or "The Builder", it's very enlightening.
If we want to get rid of the current internet giants, we need to figure out what can replace them so effectively that businesses dump them like they did the newspapers.
If want to use analogies when discussing the (unnecessary) presence of advertising on a computer network, the presence or (regulated) absence of advertising on highways and in public outdoor areas is a better analogy. The internet (and web) are supposed to be a public resource. It is nothing like a privately-owned TV network or newspaper. A client for accessing the web does not need to support advertising.
D. the main problem with ads is that they stimulate more unnecessary consumption
Ads are the wrong monetization model for the web. Instead of paying for information directly, you are now paying for information by buying something physical (most ads are about physical items). In this resource-limited world, this is clearly ridiculous.
> D. the main problem with ads is that they stimulate more unnecessary consumption
Yes! If our culture(s) weren't so damned full of pure consumerism, forgetting the first 'R' in Reduce, Reuse, Recycle, we'd potentially be living in a healthier ecosystem.
And honestly, having gone from living with a hoarder to living with a tad more than essentials where I can see the damned floor in my house, it's such a f-ing relief.
honestly the worst, most persistant ads are for games. The pump millions into it because they can utilize whales to make billions. Which means more ads.
Mozilla is an ad company under the new leadership, hence the assumption.
And exactly: I reject C. I reject the monetization of the web. It didn't need to happen; we just wanted it to happen in our greed. We bit the apple. Money is the root of all evil. It ruins everything.
Hopefully nobody. The internet and servers existed before targeted advertising was a thing. The only thing targeted advertising enabled is trillion dollar valuations for some shareholders.
Servers cost money though. And generally, they cost proportionately more the more users you have.
This means that the standard information wants to be free/free software arguments ultimately have costs to cover (like, you used to need to pay for GNU tools to cover the cost of postage and storage).
Any approach that ignores this economics is just gonna fail (and that would be sad).
I agree that TV stations and websites don't have to be purely vessels for advertising, but in today's climate of slim margins – due to an expectation that everything is 'free' – and sliding ethics, advertising lends more and more bias to operations. And that bias has been there as long as there has been advertiser funded operations.
We could just return to a culture of paying for things (that are conspicuously not tracked) and this whole imposition of advertising in our daily consumption can go away. But the vast majority of people simply don't care.
I think ads should not be allowed for anything at all in the digital world, including TV. In a world without ads, products would be known due to reputation. Ads are an assault on the limited resource of attention.
People say how can new products reach people, but the solution to that problem isn't ads but platforms/websites that catalog new products and allow for easy discovery.
Ads actually make the problem of finding new products worse because you only see a fraction of new products if you consume ads, primarily those from companies that already have lots of money to invest into ads.
It’s a nice dream, but enough people have to be willing to pay for things in preference to tolerating ads to not pay. Streaming services and some online news services provide this option, so it’s available. But asking for everything to be free and ad free is wishful thinking, at least outside government funded media (which is still paid by taxes)
And we have also learned to use taxonomies and hierarchies and sets. Therefore the intersection between the set tv stations and the set ad companies is the set ad-funded tv stations. Ad-funded tv stations are a subcategory of the larger ad companies category.
Consumers vote with their wallets and will virtually always take a free product with ads over anything else, so taking a dogmatic stance against ads is just going to be financial suicide. Ad blockers simply live on borrowed time until they're banned or made unusable. In which case if a competitor springs up, at some point they need money, which means they'll need to serve ads. Like say Brave, which blocks ads and then ... serves you their own ads.
The original web is irrelevant because it didn't sustain large economies. It's like comparing radio hobbyists to the central TV station, the economics change when you have to actually pay employees and serve a mass market.
> The original web is irrelevant because it didn't sustain large economies. It's like comparing radio hobbyists to the central TV station, the economics change when you have to actually pay employees and serve a mass market.
A large number of us wish that we could go back to a web that didn't exist primarily to sustain large economies. Back to a web that existed for academics and enthusiasts, a web where modern HN discussions would have been ranked in the lower half of quality instead of the top 5%.
That web existed as late as 2010 (already as a bit of an enclave, but a thriving one). It was killed by ad-funded social media and some of us are still bitter about it.
Multiple things exist on the internet at once right, I mean we're having this discussion on an old-school website right now, it didn't go away, that's the nice thing about the internet, pretty much unlimited space.
But it also strikes me as very odd if not elitist to say you'd wish for a web when it consisted of academics and enthusiasts. Because for everyone who doesn't come from money or academia, like me, the fact that there's a real economy underpinning the web now means I have a job that actually feeds my family. (I in particular don't work for an ad company for what it's worth).
It's one major business model that keeps the lights on in a lot of places and to say we should all be enthusiasts, who in this industry do a lot of work and get almost no compensation just doesn't work for most people. And is also just bad for software in general.
I'm a bit puzzled by this comment. By saying you have an option "C" you are indicating that there is some other factor, intrinsic to ads, that you object to. Which is a valid position - others have mentioned some- but, you don't say what that factor is. My curiosity is piqued! Can you elucidate?
It's possible to use a computer network for commercial transactions. For example, use the network to transfer data to browse selections of products and services, make payments and complete purchases.
It's also possible to use a computer network for advertising. For example, putting ads one every page of every website so when a www user is reading some noncommercial page, ads are everywhere. Or when a www user is communicating about noncommercial topics over someone else's website,^1 ads are everywhere.
1. A dumb idea because of "tech" company surveillance and ads
IMHO, the two are not mutually inclusive. Perhaps there are only so many widgets that can be sold over the web. But with ads, there is no limit. The ads are not there to provide "free" services despite the messaging from Silicon Valley. The ads are there so that so-called "tech" companies can make money. They do not even have any widgets to sell. They have nothing that web users will pay for. Thus, surveillance and ads.
A common retort every time someone mentions that the original web had no ads usually goes something like "The early web sucked" or "I don't wan't to go back to the early web". But that is not the point of mentioning the original web. With today's hardware, there is no going back. The internet is incredibly fast now. It does not have to suck anymore.
The point of mentioning the early web without all the ads is that bogus claims by entities like Mozilla that "the web needs ads to survive" or by Google that they are "making the web faster" while still delivering same/more ads are pure nonsense. The web does not need ads. Ads are what makes the web slow. Google deliberately adds delay to webpages when they "load" so ad auctions can take place.
At the same time, it is common to HN commenters reminiscing about the early web and complaining about the current web.
Far above and beyond issues of privacy and attention, my primary concern with internet ads today is malicious content. There is simply too high a volume of deceptive—or outright malware-laden—ads to feel comfortable allowing them to render in my browser. It’s not even an edge case hiding in dark corners of the internet, search ads at the top of Google results are consistently used for phishing and other fraud.
The incentives are all wrong for ad networks to address the issue. As long as websites use third-party networks which themselves let anyone sign up and buy ads, it will continue. Doing too much vetting of ads or KYC on advertisers cuts into the bottom line. I don’t think all that much about privacy issues with ad measurement, because all of my browsers, those of the friends and family I advise, and those of the companies whose security policies I am responsible for, will block ads for the foreseeable future.
One of these is that they use your power, and waste your network bandwidth, to try to force to display them and to track you and other stuff. Their use of your power in this way is like theft; they are stealing your power for their own use (even though such theft is not being done directly).
Although you could (at least sometimes) block them, they often make it unnecessarily inefficient and difficult.
Other problems include both A and B above, but these are separate problems. There are additional problems as well, such as deceptive advertising, and others. (TV shows that display advertising within the show is also a problem, but again that is a separate problem than any of the above.)
I never understood this argument. You agree to see ads when you use a service someone provides you for free. You are within your right to block ads but they also have every right to show them.
> You are within your right to block ads but they also have every right to show them.
No, they don't have the right to show them. They don't own my computer and my display, what's show on my display is entirely up to me and my browser that I own and control.
However they have every right to choose what data they send my way, including their main content.
You're being pedantic about verbiage. They have every right to accept payment from other companies in order to arrange RGB values on their website that may inform you about products from that paying company. Is that better?
What they are saying is that they have the right to filter out the content that is being sent over to their computer before displaying it locally.
If a company is adamant that ads should always be seen alongside the main content and they know the target computer is capable of doing this filtering, then their only solution is not send anything at all (pay to view instead of ad-supported).
If that is what they are saying, then are just repeating what I said initially. They have a right to send ads, you have a right to block them. I'm not seeing what's getting lost in translation here.
> agree to see ads when you use a service someone provides you for free
I agree to absolutely nothing. I consent to absolutely nothing. That they insist on showing me their noise puts them in malware category and they should be treated as such.
Please don’t log into your bank with Servo just yet!
So .. just their own test shell compiled about engine as yet. (AFAIK)
There a few longish tech talks on youtube, the initial focus was on bringing documentation up to date in order to draw third party dev's in. Now there's more focus on more coverage of test suite.
It's in a decent sweet spot for certain types to get on board; new funding, new energy, room to change the guide rails and a milestone to work towards.
Well as I understand it the goal now (or arguably 'still') outside Mozilla is just the engine, not the browser that uses it (which would have been Firefox)?
So there still needs to be some browser project like the Ladybird mentioned, or a Brave, or whatever that decides to use Servo instead of WebKit, is my understanding.
(A bit of a tangent since not a browser, but I assume Tauri will be keen to use it.)
Won't happen anytime soon :
"
Will Ladybird work on Windows?
We don't have anyone actively working on Windows support, and there are considerable changes required to make it work well outside a Unix-like environment.
We would like to do Windows eventually, but it's not a priority at the moment.
"
The Linux ecosystem is by far the largest market for enthusiasts volunteering their time to develop a new browser. It makes sense this community would only care about building a browser for their own needs (Linux support only).
Additionally and unlike Mozilla, this volunteer community is also very unlikely to care about non-enthusiasts who may complain the browser doesn't support Encrypted Media Extensions (EME), Web Environment Integrity (WEI) or whatever anti-features ad-tech companies are trying to force onto mainstream users. This volunteer community is also unlikely to care too much about whether web sites containing 10MB of obfuscated JavaScript that was developed and tested solely against Chromium-based browsers works well. I think you'd find that the community would rather spend time working on projects such as yt-dlp to just re-implement front-ends for horribly broken websites, or would simply prefer to use non-broken alternative websites.
Linux is also the easiest kernel to develop against too for reasons that include _much_ better sandboxing features being available, better debugging tools and availability of source code to learn from and debug with. Contrast to Windows with undocumented or poorly documented kernel and other system library APIs, lack of source code (particularly examples of APIs being used in other software), and having to do more work to opt-in to security features that are enabled by default on a Linux system.
"smallest market" is relative, the Linux market for suckless tools for example is likely 10x bigger than the Windows one. For privacy focused alternative browsers I'd say its somewhere close to 50/50.
Which is not the point. If you want to have success you need to copy the Blender/Godot model. Year by year they make great versions for all platforms, and they do well. A new browser should support both and rally the people to work on it, again like the Blender Foundation has done.
Of course thats a great metric, but to better exemplify, taking Blender again, with their pool of money (mostly donated by enthusiasts) they could really accelerate the development, hiring the best contributors on a case by case basis, which solidified the code base and continuity. What I am saying is there is a great middle ground, with a good team, where money and enthusiasm go hand in hand.
Yes, it's called WSLg. Uses Wayland, so many apps are a bit messed up. I think there's a way to install X11. Last time I tried it over a year ago it was a bit rough.
I think they were listing the lineage of browsers they used, starting from the earliest one to current one. Not that they were using Firefox 30 years ago.
Draw a trend line through Windows releases and it doesn't look good. I can't see myself upgrading to 11 any time soon and I'm seriously considering just switching to Linux. It's all I've used on work laptops since 2013 and it's just fine.
I still despise Gtk 3 or whatever it is that is killing menus and sticking controls into the title bar etc. but it's fine. You don't need to use Gtk apps much these days anyway.
I'm afraid it'll take very, very much time and effort for Ladybird to be as fast as Firefox. Web pages are terrible resource hogs. An inefficient browser will not be popular.
> One of the long term goals is to match the performance of other production JavaScript engines like JavaScriptCore and V8 when they run without a JIT compiler.
Only for a few years until they come up with same shit but with a different name. Take a look at the presumably "dead" Palladium initiative and consider how much of it we're actually been subjected to now in our computing.
You don't need to rely on alpha vaporware. You can use a Firefox or chromium fork that patches out the changes and still have a quality battle tested browser.
Using "he" as default is just as much of a political stance as using "they" as default. The fact that whoever rejected this PR thinks that pronouns are "political" gives me a pretty good guess as to their overall political leanings.
To me that depends on the context it's used in - if it's like:
> When a user visits a web page, he expects [...]
then yes, I'd even just say that's wrong, no opinion or politics about it.
However if it's:
> So once Alice has published the website, and Bob visits it in his browser, he expects [...]
and the PR is suggesting that actually we don't know how fictional Bob identifies... Then personally I just think that's tedious, the pronouns are helpful to disambiguate Alice & Bob in shorthand anyway, and that is bringing 'political' (ish? Societal?) views into it.
Yeah that's clearly the first case I gave then, it's just wrong, it's not even about not liking 'woke' or 'PC gone mad' or whatever.
At least, that's what I was taught at a private school, in a Conservative-voting area, ~25 years ago.
(I've always disliked the 'unknown-she/her' for 'important' roles too, for the same reason: it's fighting wrong with opposite wrong. Matt Levine for example will write 'if you ask someone on the front desk I feel like she will tell you' - it's an abstract person, they will tell you. Grr. Anyway.)
In this particular case I might actually say 'it' anyway. But in general I think to native English speakers (because we don't gender most things) it's pretty clear it should be 'they' if the sentence is more mundane and bias-free, like 'find someone to ask for directions, and if they don't know [...]' - it's just weird if you substitute '(s)he doesn't' isn't it?
It's hard to put faith in a project that's partially AI-generated and doesn't disclose it.
That picture of the laptop is the most blatant part. Is that just one contributor phoning it in for the landing page, or does that culture run deeper through the Ladybird project?
I've followed Kling's videos for years, both the ones working on serenity OS and the ones working on Ladybird, and followed the general arc of those projects and even contributed once a few year' back, and they actually seem to take the quality of their work very seriously and enjoy producing good high-quality code. I think it's just that none of them had experience with website design and the one guy who stepped up to do it happens to be one of those people that thinks AI generated stuff is fine.
I can't help but see these "let's create a Web browser from scratch" projects as massive wastes of time. You can't build a sane implementation of an insane standard.
Modern websites and the standards they rely on are overcomplicated. The problem lies with the standards, and the way they are used. The browser can't control that. I could never work on such a project without quickly losing motivation.
Also, that link says "The main community hub is our Discord server." That doesn't inspire confidence in anything.
It is an attempt to replace more invasive tracking techniques. The AdTech industry is unlikely to give up on knowing which ads were "successful". A privacy-friendly solution developed by Firefox is miles better than something invented by Google, the AdTech company masquerading as a browser vendor.
Personally I don't see why we should treat browser/web vulnerabilities that are being abused for tracking any different than every other security vulnerability... apart from the discussion being warped by Doubleclick pumping out new browser vulnerabilities, baking them into web standards, and marketing them as "features" to be rapidly adopted.
Complete agreement; anything that can be used for tracking is a security vulnerability. That doesn't mean it's a top-priority security vulnerability on par with remote code execution, but there's already a whole vulnerability category for "information disclosure".
This is not a tracking mechanism - it's quite convincingly private to _all_ participants in the protocol (only you, as the browser client, have the full data). Websites specifically receive only aggregate data from their complete user base, not any individual info.
Whether it's worthwhile and/or will help reduce industry tracking practices is a good & separate question, but it's not reasonable to describe this as anything akin to a attack on privacy.
I'm quite happy to continue saying "advertising is bad, tracking is bad, anything that serves no purpose other than to help them is bad for users". Calling that "black and white thinking" is not an argument that advertising is good, or tracking is good, or that this API proposal is good.
What is the reason this is good for users? It's not "this is better than other tracking", because this does nothing to take away other tracking so it's not an either-or. Other tracking won't go away until it's blocked. There is no requirement to provide a replacement.
"We've should eliminate toxic waste being dumped in the water!" "What do you propose to replace the toxic wastewith? Why don't we provide a less toxic waste? Maybe if we offer the option of dumping a less toxic waste, that'll incentivize factories to dump that instead of the more toxic waste?"
> Calling that "black and white thinking" is not an argument that advertising is good
I never said this proposal is any good. I don't know if is as I just looked at the general overview, and that's not really enough to make a judgement one way or the other. As a general point I do think it's a problem with solving.
What I am saying your case for "it's bad" is entirely without substance and seems to be based on axiomatic black/white thinking.
The substance of my case is "this won't work, this provides no value to users, this is disclosing a non-zero number of bits of information about users, and this is nothing but attack surface area for potential information disclosure".
Once you have a non-zero number of bits flowing from the browser to advertisers, that's a path to try to extract more bits of identifying information than the browser intended to provide, by any number of means.
There will be lots of people trying to deanonymize users from the data. There will be warrants served to the intermediary. There will be attempted security breaches on the intermediary. Those are just a few bits of potential attack surface, all of which is entirely unnecessary.
> I'm quite happy to continue saying "advertising is bad, tracking is bad, anything that serves no purpose other than to help them is bad for users". Calling that "black and white thinking" is not an argument that advertising is good, or tracking is good, or that this API proposal is good.
GP was very clear in what he considered "black and white thinking" and you very clearly avoided addressing what GP wrote.
> What is the reason this is good for users?
Did GP said it was good, no. So why are you even asking this question?
> There is no value gained by compromising with advertisers.
I mean, there's the part where advertisers pay for a huge chunk of the web? Maybe you're ideologically opposed to that and think websites should only have crowdsourcing-type revenue sources, but in the meantime website owners need to pay the bills.
> I mean, there's the part where advertisers pay for a huge chunk of the web?
They don't. Most of the web is unpaid UGC.
> Maybe you're ideologically opposed to that and think websites should only have crowdsourcing-type revenue sources, but in the meantime website owners need to pay the bills.
That's up to those website operators to figure out and not the concern of the user's browser. It only becomes the browser's concern when those website operators try to enrich themselves by manipulating the user into acting against their best interest via ads, in which case the only correct response is to block those ads. For the most part, the website operators that are in it to make a living are simply scammers that will not be missed.
> Third party cookies cannot be turned off without this replacement and for other things due to competition law and web ecosystem issues.
"competition law" is a problem for Chrome; as a browser run by a massive advertising company, interfering with other advertising companies raises antitrust concerns. It is not a problem Firefox needs to care about. (Also, it's not a problem that a browser with a tiny fraction of market share needs to worry about.)
"web ecosystem issues" is a fascinating euphemism. Let's cause more "issues" for advertisers.
> Ad supported content is worth something and eliminating that business model overnight would be bad as a bunch of things would be less accessible.
It's not going to go away overnight; it will take a long lingering time to die, and that time gets longer every time someone hesitates to kill it. In the meantime, as it becomes less effective, other models will become more effective.
If Firefox delivers a feature the AdTech industry would be OK with, then Chrome can adopt it and kill third-party cookies. Firefox already can block such cookies, but some legitimate sites may break (but developers don't care about Firefox). If Chrome blocks them by default, those sites will have to adjust.
Chrome is already delivering a (different) feature that they propose as a replacement for third-party cookies. That's not a reason for Firefox to adopt that API.
Interesting thanks! Anonyms technology is presumably what the original article was about?
Any idea what a transaction will look like. Who will pay them for this and how? I guess ad networks would pay so they can still attribute and do retain their customers better? I wonder what the fee is per
Firefox is controlled opposition. Firefox will hire leadership that is most capable of maximizing revenue from Google, and Google sends their money to Firefox based on now nicely that CEO cooperates. Therefore it’s probably not a direct threat but a “do we understand each other?” situation
Only if you redefine privacy. I don't want any of my information being leaked.
It is plausible for example that you could form a statistical cohort around people that work in an organization and determine that they have become interested in a topic that reveals internal plans.
Even as an individual, I can only see more accurate modeling of my interests as a tool to be used against me. I do not consent to sharing those correlations. They are private.
This feature isn't modelling your interests. It's letting advertisers get insight into the performance of their ad campaigns without tracking individual users.
The ad agency is only able to see: their add (y), published on source z, led to x conversions, over a period of time (p).
> But, and I swear I'm not even joking a little bit here, Mozilla goes on to say that advertisers might be happier if Firefox itself just tracked you directly and sent activity reports back to them.
Could this advertiser be Google who also pays their salary?
Because the EU isn't a charity or a socialist union. And if EU ever wants to fund a browser, as an EU taxpayer I'd like the organization, with its employees, to be EU-based.
It is however in the EU's interest to have a mainstream browser that is not controlled by a US megacorporation. And yes, it would make more sense for them to pay local devs rather than invest in silicon valley but Mozilla could also move and/or expand if they wanted.
I'd love a detailed description of the politics and economics of adding this.
Why are Firefox doing it, how does it relate to similar features in other browsers? If it leads to direct revenue, how? If there are relationship reasons for doing it, what are the forces at play?
Just the actual background, not opinions on whether it is good or bad before understanding that background.
That is very disappointing, indeed. "[A]nnounced with very little fanfare" is an understatement. It is mentioned as an afterthought on the page with new features, without the screen-shots that are shown for the other configurable features, and couched in soothing language: they call it "privacy preserving". It's almost “But Mr Dent, the plans have been available in the local planning office for the last nine months.” (https://www.planetclaire.tv/quotes/hitchhikers/the-hitchhike...)
You do this when you want to hide something. This does not inspire trust.
Edit: instead, if they believe this to be a way out of the ongoing data thievery that is the ad industry, they could have announced this openly and boldly. "You want privacy, they want ads, here's a middle-ground." It could have been scrutinized by members of the community beforehand. Now, it'll just tarnish the reputation of Firefox and go down with it.
The gist of it seems to be that Mozilla and ISRG now proxy the tracking data and give aggregated reports to advertisers. And that they handle the data in a way so that neither Mozilla nor ISRG alone can access the unaggregated data.
... it sounds a bit like they route the data through something like an onion network. So nodes in the network do not know what data they are routing and the advertisers get aggregated data without knowing who the users were:
... our DAP service, which is a Multiparty
Compute (MPC) system based on Prio ...
And the "Multiparty" seems to be these two:
Our DAP deployment is jointly run by
Mozilla and ISRG. Privacy is lost if
the two organizations collude
I think this is actually an interesting approach. I don't know whether two parties are enough and whether the specific algorithm used is good. But if it works as advertised (haha), it would result in measuring ad effectiveness without compromising user privacy. Which might be a good thing.
Disappointing behaviour by Mozilla, but not hugely surprising.
It's also rather suspicious that the setting to disable this seems to be somewhat hidden. If I go to settings and search for "advertising" then I get:
> Sorry! There are no results in Settings for "advertising".
But if I browse to it manually in then the setting is there, in the section named "Website Advertising Preferences". And the search definitely includes section titles, because if I search for "collection" then it shows that section of the Privacy & Security settings, with a highlight on the text on the title.
Confirmed the new setting was on for me. Mozilla is really starting to test my patience. Do I have to check the settings every time I update my browser now?
Mozilla have been doing that trick for a while. When they wanted to push Pocket, if you removed the toolbar button (they disabled removal of the add-on) they added it back in on the next update.
Hard to see their repeated reversion of specific controversial user settings as accidental.
Limit online advertising to contextual ads, and to the same attribution methods advertisers have access to with traditional (TV, print and billboard) ads.
Is your browser a user agent or an advertiser agent?
Donations and paying for things doesn't change this. Often, providers can just double-dip, and sell the service or product, and then have channels for advertising as well.
But I do agree that it's a string of bad news for Firefox users over the years.
Once again, I have to stick my ore in here and chill for LibreWolf :D I think it might really be worth checking out for people like me that prefer the user interface and functionality of Firefox over chromium and don't want to contribute to the blink engine monopoly, but also often doesn't approve of what Mozilla is doing upstream and wants someone to shield them from it. It's my daily drive for browser for basically everything, and 99% of the time, even on stuff that you would think wouldn't work, it works just fine. I keep chromium in my back pocket just in case, but I've only had to pull chromium out like twice in the past year, once for something that required the USB-HID protocol and once for iCloud.
And yes, for those of you on distributions, you might say that your distribution maintainers will just patch out or customize out, and the nefarious changes that Mozilla makes upstream. But the thing you have to remember is that distribution maintainers are handling, by a whole lot of other things, tens of thousands of other packages, and an entire operating system, and its upkeep, go through them. So they will often just not patch out or patch things out inconsistently or not really pay attention. I think it's much better to rely on a project whose whole purpose and explicit mission is making Mozilla more privacy-friendly and secure and who have a dedicated community of a few developers consistently working on it. Especially since distribution maintainers don't really make any specific mission statement promises with regards to specific packages, but something like LW does. It does a lot more than just this one thing. It's essentially equivalent to having a arkenfox config maintained for you and always applied to your browser and updated in lockstep with your browser, as well as a set of patches that they maintain to remove things like Pocket.
"Controller and processor
Data controllers must clearly disclose any data collection, declare the lawful basis and purpose for data processing, and state how long data is being retained and if it is being shared with any third parties or outside of the EEA."
I don't see the word "personal" in this sentence, only "any data collection". It's clearly not in the users' interest/benefit to activate this data collection, and not required for the normal functioning of the browser/websites. So activating this silently is minimum _very unethical_ and probably illegal, but I'm not a lawyer.
At least to Beta. Not sure about the release version because it doesn't have about:flags. Probably it's infested with it too, and it's unclear how to disable it.
Not taking sides here, but does anyone actually think that people will use strictly opt-in features at all? They went to the trouble to develop it so if you were them, why should it be so hidden as to have barely any users?
I feel the same way about debugging telemetry... it's so valuable for developers and yet people want to see you hang if it's not (at best) a manual opt-in, but they don't care that it won't be used by anyone in that case.
Counterpoint: Syncthing's telemetry is strictly opt-in, and > 100,000 people have opted in. It's possible to collect useful data in a way that also respects your users. Many projects do so. Firefox just chooses not to.
Interesting... I wonder how many other projects have had similar success, this is the first time I've heard about an opt-in number that large. I'd be interested to know what their UX for it is and if they did any research on it.
There are plenty of opt-in features that people do use. Hell, the entire extension ecosystem is based around people choosing to opt in to various extra features.
So if this is something that is so undesirable that no one would opt it to it, then maybe it's not a feature that should be included the the browser at all - especially when Mozilla's slogan is "Internet for people, not profit".
I wonder if they snagged themselves one of those executives that justifies ignoring privacy by insisting people really do want targeted ads more than privacy... so you really really don't even need to inform them about it or give them a choice.
Why should users opt in to a feature if they perceive it has no value to them?
So what developers should be asking is how they can make it directly valuable to the user to enable the feature. User led not business led.
Reliability ratings, notifying of fixed reported crashes, improvements in performance telemetry etc
> Why should users opt in to a feature if they perceive it has no value to them
There will be users that perceive any feature of the application to have no value. I think developers should not only consider the opinions and wishes of the user but also what's best for the application itself.
I enable debugging telemetry when I encounter bugs, but I'm not going to constantly send some company a shitload of my usage metadata just in case it's useful at some point.
I really don't see anything wrong with this, personally. It's a limited test with a small number of websites involved. Only aggregate data is received, so all they'll know is something like "x number of people saw this ad and y number of people clicked on it"; no other information about those users. Seems very innocuous to me.
As to it being opt out instead of opt in: consider the fact that only a small number of websites are involved in the experiment; if it was opt in then it seems quite likely that there could potentially be no intersection between users who opt in and users who visit those specific websites, rendering the entire experiment pointless.
Am I wrong that it is only aggregate to the advertisers and not aggregate to the ISRG? I feel pretty negative about the ISRG having my data to provide aggregate data from.
A: the main problem with ads is tracking and privacy invasion
B: the main problem with ads is manipulation and seizure of my attention
If you only care about A, you might like this approach, as in principle if it works and becomes standard, then the pressure from the ad industry to track everything will be easier to resist, as 1) they will have less incentive, and 2) the argument that tracking is essential is undermined, so it may be possible eventually to ban it.
Of course, that assumes that you trust that this is better for your privacy than tracking. After all, it does feel a bit like tracking... If it's done properly then your individual data is not sprayed to a thousand dodgy ad brokers, but only to one company who tells advertisers not about you personally, but just whether their ad is working.
The question is, does it work? Are they doing it properly? Do they have the correct incentives to keep doing it properly in the long term? Can advertisers just undermine it by giving everyone's ads a different ID? Also, your threat model may include that this aggregator company is hacked, or that the government secretly forces it to share the data with them.
Nevertheless, I think that Mozilla probably genuinely think this is better for privacy. And there is a case that there is.
A big issue however its that at present the constituency for Firefox includes people who care about B. This doesn't undermine that directly, but it does mean that Mozilla have an incentive not to care about it.