Hacker News new | comments | ask | show | jobs | submit login
Testing Cliqz in Firefox (blog.mozilla.org)
156 points by hnaccy on Oct 7, 2017 | hide | past | web | favorite | 159 comments

This is fine if the user is fully informed in advance and has your consent before using the software. It is absolutely unacceptable to do this behind their backs.

If this was a feature that was shown to be highly beneficial to your users, then why deploy it to just 1%? Super shady. This is Pocket all over again.

Will this be something that can be fully disabled?

Not something I ever expected to see out of privacy-focused Mozilla. Are we going to need a world with unmozillad-firefox, à la https://github.com/Eloston/ungoogled-chromium ?

Sad day.

Reading over the technical description [1], I agree that this does not live up to the standards I expect from Mozilla (although it's not as bad as some people make it out).

That said, rolling out new features to 1% of users first is not that extraordinary. Especially considering that we (or at least, I) hadn't heard of this experiment earlier, and that there's only now erupting some fuss over this, it seems like a good idea to still consider it in the experimental phase and thus just roll it out to an initial batch. And hopefully back out of it later.

[1] https://gist.github.com/solso/423a1104a9e3c1e3b8d7c9ca14e885...

Surely you know how search engines make money? They need users. Can't sell adspace without users.

Were Mozilla says recommendations I say payed referrals ;)

I mean yeah search engines started as charitable organizations long ago but now? Tangentially related I noticed how it is impossible to remove all the embedded search engines in Firefox...

I don't really remember search engines being charitable? My first exposure to the online search arena was human-powered, slow, and expensive. As in, you paid someone to scour the 'net for you and return the results to you.

DMOZ is the only charitable search that I really know of, and I think they are shutting down.

i understand that it's a gradual rollout. i dont think this is something that will be backed out.

the only way it would be backed out is if no one used it or there was some public outcry, which is impossible because there isnt an informed choice being made to opt in and users are not told what's going on.

Well, I feel like there's some public outcry already. Source: this thread :)

> Are we going to need a world with unmozillad-firefox

Waterfox or palemoon?

Isn't one explicit goal of these projects to diverge from Firefox's new "Quantum" rewrite of the core browser engine?

Trying to continue to support XUL is going to seriously leave these browsers in the past if there isn't a strong effort to replicate what Mozilla is doing in a way compatible with traditional addons.

I like the idea of an unmozillad-firefox (right now I compile firefox without DRM and pocket) but I don't think these two projects are the answer

> If this was a feature that was shown to be highly beneficial to your users, then why deploy it to just 1%? Super shady.

They've seen this on a small scale, and only among power users. They're now rolling it out to this 1% to test further how users like it and especially also to see how average users like it.

Besides that, they're trying to improve the data set to see how well it works with enough data. 1% of users is plenty to get that data set up. So, in case they decide to not roll the feature out, they only have to take it away from that 1% of users.

Lastly, they are aware that this opens up potential ways to infringe on user privacy and more-so will spin up conspiracy theorists that have now discovered that Mozilla was evil all along. It's just something that can harm their image, even if it is done in an entirely privacy-respecting way.

So, they're testing the waters. If users like it a lot, they might be willing to take that reputation damage. If the feedback is good, but not overwhelming, then they might backpedal, just to get those conspiracy theorists back into the boat.

A quick look at the source of the extension shows they use the following addresses for gathering data and publishing 'offers':

These can be added to the blocklist on the router or just watched for fun and profit, your choice.

As an aside, both the domain name 'cliqz.com' as well as the use of terms like 'offers' leave a bad taste. If this is really meant to be a legitimate operation they could have done better than to copy the language of the bottom feeders of the 'net, now they just come across like a revamp of 'Bonzi Buddy' and its ilk, watching users' browsing habits to provide 'shopping opportunities' and such drivel.

I'm going to repeat the same thing I said during the whole Pocket fiasco. Why not have this pre-installed as an add-on but disabled? You can make an announcement on the updates page with your reasoning, and users who feel like this is worthwhile can opt-in by enabling it. Why is this being enabled by default for 1% of users?

Because 1% of users is still probably an order of magnitude higher than however many would opt-in and because they want as broad of a user-base. If you only have people that opt-in, you'll pretty much only have power-users.

But is that worth the damage to the brand?

I tried to support Firefox for as long as I could, but their mixed messages about what they stood for + poor performance (at the time) eventually forced my hand in switching browsers. However, they did apologize after the huge backlash post-Pocket. Combined with all the news about FF 57 and Quantum, I was intrigued enough to consider giving them a second chance. This move though... it is so much worse than any other misstep they've done. From my point of view, this just seems like an opportunistic attempt at slipping something by right before one of their biggest releases / PR pushes. I cannot see myself ever believing in Mozilla the organization anymore.

If you actually look into it, there's basically nothing that you can accuse them of here.

There's the possibility that Cliqz does actually start collecting the data, i.e. breaks the contract, commits a crime, and that then Mozilla, which owns parts of Cliqz and therefore has insight, does not notice right away.

Other than that, there's nothing. No serious journalist will pick this up, because it would in turn damage their reputation to accuse Mozilla of mishandling user data here.

Yes, it is still going to damage Mozilla's brand, because people prefer conspiracy theories over actually reading up on what they're doing, but it's going to stay isolated to first-hand news discussion forums, like HN, Reddit, Slashdot.

This is simply an investment that Mozilla is willing to take to potentially improve search in their browser and to decrease the internet's dependence on classic web search engines, which is to say Google.

> and to decrease the internet's dependence on classic web search engines

Which seems like a worthy objective. However automatically enroling users as pawns in that strategy is not noble.

Create a strategy, advertise it and discuss it on the Mozilla mailing lists before launching the feature. This 'feature' doesn't involve Mozilla financial or proprietary data.

Quite the contrary it involves the data of their end-users who, through their indifference to the Cliqz add-on, have already shown that they're not interested in the deal.

> but it's going to stay isolated to first-hand news discussion forums, like HN, Reddit, Slashdot.

I don't think you can call that isolated. Although I don't have data to back it up, it does not seem unlikely that a lot of their user base starts from there. This reader base includes many people's tech person, that e.g. help their friends install a browser.

Its really fucking simple, NO TRUST! If something reqires that I have take someones word for it, then the feature does not belong in a privacy focused application, no exceptions.

And that's really fucking unworkable as a principle. Because you rely on trust thousands of times every day, if you want it or not.

> Because you rely on trust thousands of times every day,

Of course; everyone makes countless decisions about who to trust every day, as we adapt to our changing knowledge, environment, and situation. These decisions are necessarily unique to each person.

Trust is not transitive.

You can recommend some{one,thing} as trustworthy, and you an explain why you trust some{one,thing}. However, you cannot get other people to trust a 3rd party - even if they do trust you - simply by fiat. Trust is earned, and betraying existing trust is very hard recover.

This attitude that asks users to believe that trust is transitive but risk is not transitive is misguided, rude, and possibly sociopathic.

> Trust is not transitive.

So you only browse sites whose SSL cert was issued by Mozilla? Or do you trust the SSL root Store provided by Mozilla and your OS and, transitively, everyone they trust?

No, I do not trust the entire set of root authorities provided by Mozilla. I have disabled some of the certs. The entire PKI system - as currently implemented - is another abuse of trust. The user needs to be informed about the chain-of-trust that is currently vouching the website they are using. The user also needs an easy way to indicate who they trust and the scope/limits of their trust. A proper web of trust[1] can respect the user.

[1] https://users.ece.cmu.edu/~adrian/630-f04/PGP-intro.html#p19

That you've disabled some of the Mozilla roots is laudable. However you're still trusting every other root to trust their intermediaries to trust their intermediaries and on and on to trust the people they issue certs to. This is fundamentally how the modern internet works. The same is true for DNS as SSL.

As for your solution: a web of trust is also transitive, unless your depth of trust is one. If your depth of trust is one, the only way you're productively browsing the internet is by doing TOFU for every single cert at which point I have other questions.

You're completely missing the point; this isn't about technical protocols, nor is it about minimizing trust. I can choose to agree with Mozilla or a root CA[1]. Trusting intermediaries does not necessarily involve transitive trust. Someone that trusts Mozilla does not necessarily also trust a 3rd party simply because Mozilla trusts them. Mozilla cannot simply force anyone to trust a 3rd party by fiat, and attempting to do so (such as in the current situation) can easily be seen as a betrayal.

[1] re: root CAs and "trust the people they issue certs to" - that isn't how the current PKI system works. The CA is only vouching for the validity of a certificate. Trusting a CA's claims about the identify of the other end of a SSL connection is orthogonal to the trustworthiness of the 2nd party at the other side of the SSL socket.

SSL or not, websites are someone else's computer(s), they should not be trusted and you shouldn't be sending anymore personal data then necessary to use the service. My point is that the software on my computer should not betray me and it's relatively easy to tell if it could. If there's no code in the software to send data out then it's good to go, no one needed to write any code and no one needed to opt-in or opt-out.

So it's all or nothing? With software it's really easy to not require trust, in fact it's harder for everyone involved for the requirement to be added. If Mozilla wants to be a user-data selling whore, then they need to be that and say that's what they are, or don't say anything about it at all like Chrome. They definitely shouldn't be selling user data and also saying user privacy is a primary focus.

Several orders of magnitude.

Not if you lose all your users over this.

Sort of off topic but if you use Ghostery, it was acquired by Cliqz back in February:


It’s really hard to understand what is going on with the web these days. There seems to be this whole bait > acquire > switch routine is the exit strategy. Take the whole unrollme/uber thing:


oh well... it was a fun ride while it lasted

Cliqz is like a search engine in your address bar: https://cliqz.com/en/

I think it's a nice tool, but auto-opting in users' data to be forwarded to Cliqz servers is kinda shitty. I get that there are no user profiles being built, but it's still concerning for me.

It's not "kinda shitty" - it is an act of betrayal by mozilla.

The company once known to care about user privacy, now u-turned and works against you.

The sooner mozilla dies, the better. It has become evil - not as evil as google yet, but on its way towards more and more evilness.

So what should we use instead? Let’s assume you’re 100% correct and Mozilla needs to die. What’s our replacement? Which of the other browser vendors listen to the community whatsoever? Mozilla is a large ship, and hard to steer, but it’s not impossible to change. I think killing it, however it is achieved, isn’t the right move. Baby, bath water, etc.

Personally, kind of wishing projects like QupZilla had more devs/maintainers/releases:



The concept seems good, but the software gets so few releases it's unlikely be safe for use as a daily browser. :(

But then we're headed even more into a WebKit monoculture... which is dangerous in it's own way, I think. I don't know, there's no easy answer here, because a brand-new modern web engine is basically an impossible task for a standard FOSS community.

Oh yeah. It’s going to be super difficult to guess who I am when I log into example.com and it redirects me to example.com/profile/igorpartola. Nothing to see here. Nothing at all.

It's described here, how they deal with that sort of stuff: https://gist.github.com/solso/423a1104a9e3c1e3b8d7c9ca14e885...

To summarise: they're not going to send which URLs you visit.

However, they can set up specific experiments, and will send the results. Thus, they could set up an experiment "did users first visit example.com and later example.com/profile/igorpartola, and then have only you report that to be the case.

That example is of course not that likely and thus troublesome. What worries me, though, is the described experiment "what search terms have led to users switching search engine", and then reporting the search engine. They acknowledge this problem, but the response is "at least that's better than gathering that data server-side". True, but it's still too much data, I think.

We don’t want to know who you are. We obsess over not knowing who you are. None of us want to know who you are. I know this is of little assurance, but all the same.

Have fun dealing with ALL the 16 Landesdatenschutzbeauftragten taking a very close look at you.

Considering that all this tracking has to be opt-in under German law (I talked with the Landesdatenschutzbeauftragte of my state about your "experiment" here already, and they confirmed it), I’d say you can expect quite some trouble with the way you’re running this shit.

Please follow up with this, if Mozilla does not understand anything short of the law this might be the only way to make them believe they are actually doing privacy a disservice.

I will, I’ll continue discussing this on monday with them.

And, in contrast to Mozilla, the Landesdatenschutzbeauftragte actually uses PGP email.

True. Americans tend to forget the EU has very different privacy and consumer protection laws. Either out of ignorance or arrogance.

This is not bad - Mozilla employees can then be put in prison.

It's also one way to do away with mozilla.

> It's also one way to do away with mozilla.

This is why I previously continued using Firefox and supporting Mozilla even while they put Google Analytics in their browsers’ addon menu.

But after this, I just can’t. A world without mozilla is now better than one with.

Collecting personally identifying information has to be opt-in. They don't collect personally identifying information.

That is for the Datenschutzbeauftragte and the courts to decide, if your IP and your entire browsing history combined is personally identifying or not.

But even if it is not, hopefully the resulting media presence is enough to either kill Mozilla, or to ensure everyone at Mozilla that considers this a good idea is fired.

They don't either collect the IP. They receive it, simply because a network communication has to take place, but they don't store it. And while they do collect your browsing history in fuzzied form, it's intermixed with other people's browsing history, therefore cannot either be used to identify you.

And yes, at the end of the day, it's up to the Datenschutzbeauftragte and the courts to decide, but I really do think that you delude yourself, if you believe this will go anywhere. They'd have locked up the entirety of Google and Microsoft multiple times already.

> They'd have locked up the entirety of Google and Microsoft multiple times already.

They have sued Google and Microsoft into the ground multiple times already. There’s a reason half of Google Photos and Facebook’s features aren’t available in Germany (including no face recognition).

Thilo Weichert, previous Landesdatenschutzbeauftragter of SH was constantly in the media due to constantly suing (and winning) against Google, Facebook and co.

Very unlikely - I am sure you can be identified too.

Either way it is ethically questionable.

Another example of how evil mozilla has become.

These are just promises and don't mean anything. If you want to be trusted, you need to offer proofs. I will never use your products, and I'll probably stop using Firefox too because I'm tired of all the shit they are pouring in.

The proofs are in the blog post. The code is linked and the statements in the blog post are official statements from Mozilla, therefore if it was factually inaccurate, they could be sued over misleading customers.

I didn't mean proof of Mozilla involvement with Cliqz. I meant proof that their system will not screw me.

> Users who receive a version of Firefox with Cliqz will have their browsing activity sent to Cliqz servers, including the URLs of pages they visit.

Yep, this should end well.

Mozilla has been trying to sell out for years. c.f.: Pocket

Correction: We bought Pocket, not sold out to Pocket.

Your behavior in this discussion sickens me, and I'm not saying that lightly.

Not only is this 'clickz' thing antithetical to any privacy argument that made me a supporter of Mozilla and Firefox, the fact that you're in here responding as if this is not a big deal is a slap in the face. I was bothered by having Pocket shoved down my throat, let alone another unasked privacy situation.

What's so difficult about just providing a fucking browser that does not harvest my data for ads? Are you bored?

I've seriously never been angry on an online forum since I was in my teens, and yet here we are.

Devil's advocate, but the difficulty is a delivering a very complex piece of software to a highly competitive market to customers not willing to pay for anything.

What's with the revisionist history? Mozilla acquired Pocket long after the controversy. Per wikipedia [0]:

Integration into Firefox: June 2015

Acquired by Mozilla: February 27, 2017

[0] https://en.wikipedia.org/wiki/Pocket_(service)

Mozilla killed Reading List, signed a referral deal with Pocket, and made misleading-at-best statements for months before coming clean. You bought Pocket more than a year after that.

Marketing fun in action: "we highlighted the increasing problem of centralisation and how that impacts discovery on the Web."

And that's why they send all their user's data to one central place that responds with recommendations where they should go to next.

I've just opened an issue at uBlockOrigin with information on the URLs used by this thing:


Can it block other extensions?

As noted by someone else in the issue discussion, the old version (works until Firefox 57 arrives) can, but the new webext version can not: https://github.com/gorhill/uBlock/wiki/Firefox-WebExtensions...

WebEx seems like a worse and worse idea (or perhaps it's just the execution) every single time I read anything about it.

IMHO sandboxing extensions is overall a good thing. A rouge extension could have access to e.g. your password manager otherwise.

Thing is: I trust uBlock Origin more than I trust Mozilla.

There's a difference between compartmentalization and limiting your platform's extensibility.

Is this a joke?

I started using FF as my primary browser two weeks ago, thanks to the good performance of Quantum in beta and the new brand image as the privacy-oriented browser.

If this ends up on a single download I will switch back to Safari.

We are both in the same boat. I just switched from Chrome to FF Beta recently. And now this...

Now mozilla totally lost it.

I realized a few months ago that mozilla is run by google drones, so it no longer surprises me that mozilla kills itself.

But the level of stupidity is amazing. I think the people who work there are deliberately recruited in regards to who is the better one at killing off mozilla.

Which google drones? Can you point to particular names or is this just a random theory?

What the flying fuck, Mozilla???? You build your brand around privacy and freedom from tracking, then you pull a stunt like this? Are you guys trying to fail?

Mozilla has shown they do not tolerate unpopular opinions. Since they know better, they'll tell you what information you should consume. But at least their browser is fast now.

Remember that we’ve argued for thousands of hours over multiple years about this stuff internally. I’m not involved directly with the teams, but I’ve been part of their discussions. These are not actions taken lightly, and they are absolutely and wholeheartedly in service of improving the experience of all users.

I totally get that, but this is a pretty classic example of what the road to hell is paved with. Sending my browsing history to a remote server is not a thing a browser should do. How did the discussion not end when this was brought up?

I was literally today getting ramped up to switch to Firefox. Now I have to be on a constant lookout for stuff like this?

I think this may actually do enough damage to kill Firefox. And for what? Better search? Firefox is a browser, not Google/Bing/DDG/whatever.

Honestly, if you guys wanted to know where to find good porn on the internet, why didn’t you just ask?

Same here. Trust is hard to earn but easy to loose.

From which browser?


Why? Thanks to this move, Firefox and Chrome have the same privacy – all your data is shipped to untrustworthy servers – and Chrome gives you a better UI, faster browsing, and compatibility with more pages.

There is ZERO reason anyone would still use Firefox after this. ZERO.

You can not possibly claim that Google and "cliqz" are equals regarding trust and data security. In addition to that is Chrome only syncing your history if you are logged in.

Well, the Burda Media Group, one of Europe’s largest publishing houses is behind CliqZ.

They’re about as shady as Google, but also about as useful. It’s a tradeoff.

There is a Burda Maps? IMO they are more shady than Google and by far not that useful.

Well, considering that Google hasn’t updated maps in my city since 2004 (satellite) or 2009 (street data), entire districts are missing, no transit data is integrated (despite being freely available in the required format, and even HERE maps has it), I’d say that Burda probably has some product that’s useful as a map as Google maps is.

Looks like my next search via duckduckgo will be "Windows browser -chrome -firefox".

I saw you comment about thousands of hours of internal discussion... must not have thought to include users in that discussion or we could have saved you LOTS of wasted time.

I don't particularly care how much thought went into the decision: it's still the wrong decision, an utterly wrong decision.

This is much like how Mozilla completely broke the security of its Sync protocol: sure, they thought about it and had what they believed to be convincing reasons, but they were still completely wrong. Why Mozilla why?

Your view is the one we launched with, but our users made it very clear that it wasn’t sufficient. IIRC the most-requested Sync feature for multiple years was “let me login at the library and view my open tabs and bookmarks”. Should we have rejected our users’ real-world needs, or honored their most frequent request? There’s no compromise path with the crypto - either the former, or the latter, period.

> “let me login at the library

As opposed to, "automatically log me in and sync everything without asking" (I use Sync; you have to explicitly enable it and choose what to sync).

> There’s no compromise path with the crypto

I hope you aren't really promising that your crypto has no weaknesses and never will.

Your users are a group of individuals, not some anonymous mass. People don't have a problem with Mozilla implementing new features, people have a problem with losing control over their personal data. It's really arrogant to believe that you are entitled to making this decisions on behalf of your users. Just make it opt-in with a huge warning-sign an a message detailing how the data sharing works. Problem solved!

> and they are absolutely and wholeheartedly in service of improving the experience of all users.

The road to hell is paved with good intentions.

That's what Lenovo said about Superfish. Nobody wants a product like that.

I guess some people would want those recommendations, but only very few will voluntarily and consciously trade their data for it.

Your assertion about people is very incorrect. Do a study and see what results you get back. It’ll horrify you.

No matter, because the argument made by a non-fool to a non-fool that there are fools who think X makes sense is void regardless of the amount of fools.

> Remember that we’ve argued for thousands of hours over multiple years about this stuff internally.

Yeah, and then they summarize it as "We want to provide recommendations from new and diverse places, make space for innovation in discovery and navigation, and above all build experiences our users love." If there are all these deep thoughts and reasons, where are they? "You had to be there" is all we get? Because until the fruit of those thousands of hours of discussion are shared, mentioning that it took all these people all this time doesn't exactly make it better. I'm sure there are also people who discussed thousands of hours over the artistic merits of "Basic Instinct", but I'm still going with Bill Hicks' take on it.

Just accept that Mozilla lost something in the eyes of many today it will not get back. I'll still use Firefox, even like I might still buy things I need at a shop after the shopkeeper I genuinely respected dropped a racist slur or something. Get in, grab things, pay, get out. No attachment, no relationship.

> absolutely and wholeheartedly in service of improving the experience of all users.

Intended to be in service, maybe. In service of all users, no. I've know Firefox since 2000 and use it as main browser since Opera went to crap. For all intents and purposes, I am a user. Wholeheartedly on your behalf doesn't fit with how much it is in actual service of actual me.

If you ask random FF users what top 5 things they would like to see in FF, how often do suggestions in the address bar come up? Why not use the search bar for that? Have you ever worked in customer service? An address bar not being a pure address bar is one of the major Verschlimmbesserungen (a supposed improvement that just makes things worse) I can think of. (Though in CS it was never was bad when trying to help my mother before we started using Teamviewer. But man, the pain that caused. And I can't think of one moment of joy it caused to make up for that.)

You know why cars don't just have four lights indicating standstill, moving slowly, moving fast and moving too fast? Because we take that stuff seriously. As opposed to browsers and operating systems and other things that are regressing. And while plenty of car accidents happen, any random fool and their brother can use a car like virtuoso in comparison to how many people still just stumble through the web, on a machine where they stumble through icons and windows. There are reasons for that, and the time will come when just turning the back on all of it, making a CPU with some tape and boogers and writing applications for that will be more efficient (not to mention fun) than a lifetime in the coming artificial womb keeping people in stasis. Sorry for getting all dark on you there, but saying I spent thousands of hours thinking about this would be selling myself short.

"Edit": come to think of it, FF didn't exist in 2000. But I've known it since it was hailed for being some kind of improvement for those people who didn't know Opera. I became a somewhat of a fan even after resenting it for getting the attention Opera would have deserved tenfold. But all this marketing fluff speak, and playing cute while ignoring valid questions or points... "you might win some, but you just lost one".

This is no good. I've used only Mozilla/Firefox since 2003. Even this makes me want to leave. I can't help but wonder why? Desperate for money? No body will believe the story that this is some how for "good"

> Eines von Mozillas zentralen Prinzipien zum Schutz von Daten lautet Keine Überraschungen.

One of Mozilla's central data protection principles is No Surprises.

I damn well hope that the download link will be clearly marked as an altered version of Firefox, explain that the complete browsing history will be collected and analyzed, and will preclude absolutely any way to accidentally download it without understanding the risk.

To clarify, when you say “complete browser history” you describe what Chrome does, where the entire browser history is sent to Google for sync and analysis.

Did you mean to say “all links visited in the Cliqz-enabled browser”, or otherwise does the post somewhere express any intention to collect visit data from prior to Cliqz?

To clarify, when you say "what Chrome does", you describe what Chrome does if you sign in.

The article doesn't say prior history won't be collected, and the grandparent didn't say it will be. If you want to be pedantic, someone installing Firefox from the main download page probably won't have any prior history.

It's ironic that this might end up being a privacy argument for Chrome over Firefox. At least you can decide not to log in.

the comment is pretty clear. tell users exactly what they're downloading and how it affects their privacy.

"This version of Firefox will send your browsing history to a third party, Cliqz, for analysis and suggestions".

When i download Chrome, i know where my history goes - to Google. I also know where it doesn't go - somewhere else.

That entirely oversimplifies things, though. For one, Mozilla owns parts of that third party, therefore they presumably do know what happens with that data and can pull the plug from their side, if nefarious things happen.

And secondly, Google can do a lot more with your data than Mozilla and that third party combined could ever do, both from a technical viewpoint in terms of evaluation, linking to other data, distribution, and especially so from a legal viewpoint.

Providing this information as you put it would be entirely misleading, even if it is factually accurate in isolation.

You can upvote the bug report:


Personally, I think, that's a horrible move by mozilla, that destroys any momentum that they gained with the quantum project.

I did. Interestingly, I also tried to view a related bug to find "You are not authorized to access". How fitting. There seems to be a fight between people trying to raise the issue to Mozilla's attention, and the staff. So they get caught doing something shady again, get told to stop, and react by posting pseudopolite comments about how we've made their work experience difficult, close comment threads, and come spread misinformation here? What should be done?

It's clear that this move won't be popular with a vocal portion of FFs _developer_ base. I have to wonder - is there a breaking point in the future where a meaningful fork begins? The only other product of a similar size that I can think of being forked is OpenOffice/LibreOffice - and, in that case, the original was effectively defunded.

There is Pale Moon. Being a very niche browser developed by a small community it is unlikely to add to the internet data mining gold rush that is currently going on. Pale Moon doesn't even accept the new DRM standards that Mozilla was forced to accept.

Happy palemoon user here, can recommend. Combined with pentadactyl it's pretty cool browser. I use chrome from youtube and twitch though.

The TOR browser is the fork you seek. It already turns off every bit of phone-anywhere that we have, and we work with them to keep that the case. Use it and be merry.

This is very bad advice.

The TOR browser is not just a Firefox without the data traps, it's tunneling your connection through the onion network. This is something you have to be aware of while browsing. It has many implications!

Sneak the unpopular news out on a Friday evening.

We work on Friday evenings, and a lot of staff participate on HN. Enjoy your evening off; I’m spending mine on Hacker News.

Is HN officially work now?

If you're shilling, it is.

Awful. Who are the suits that are sabotaging Mozilla's core mission? Don't they understand that Mozillas Unique Selling Point is trust? Why the hell are they fumbling the ball?

Dev tools are completely useless after the update I got today and now they're pulling more anti-privacy stunts. Not a happy user right now.

Which dev tools, specifically? What functionality is broken? Is this in 56 or 57?

I've wanted vertical tabs forever but existing addons didn't work or held my cpu at 100% the whole time. A little while ago they trialled it with Firefox Test Pilot and I've been enjoying it ever since. Now they broke their own addon in Firefox 56, which is not even suppossed to have the shit webextensions yet. I was going to stay at 56 for a while until there were replacements for everything, but it seems 55 was the last usable version.

I don't know what parent means specifically, but 56 already started breaking stuff irrevocably for me.

If you switch to the ESR client, it'll retain working old-extensions support and continue offering security updates for a while longer.

If I understand the Google translation correctly, Mozilla has invested in Germany based Cliqz, basically a privacy oriented fork of Firefox. Cliqz has a feature which displays contextual information in the address bar and apparently Mozilla is experimenting with this feature in Firefox. German users (less than 1% of them) who download Firefox will have the Cliqz addon activated and the addon will collect anonymized user data, such as which URLs have been visited. Cliqz's attempt to collect data while safe guarding user privacy is called Human Web [0] and the code is open source [1].

[0] https://gist.github.com/solso/423a1104a9e3c1e3b8d7c9ca14e885...

[1] https://github.com/cliqz-oss/browser-core/blob/master/module...

Ask toolbar lives again, this time in Firefox.

tl;dr can someone summarize for non-German readers?


Google Translate is pretty good on this page.

Basically, they invested in this Cliqz company that "provides recommendations and other information, such as news, weather news, or the world of sports, while typing into the address line". Being a recommendation engine, it needs to be fed user data, so they are automatically shipping and turning on user tracking in 1% of Firefox downloads from German servers.

For a brand built on privacy and freedom, it's shocking - but it's the same sort of idiocy that we saw with the Pocket thing a few years ago. Clearly nobody learnt the lesson - or maybe they did, this time they are sneaking things through slowly and communicating it on Friday afternoon.

This is pure filth from Mozilla.

Well, first of all, I wouldn't call it "tracking". They're going to be aggregating the data and specifically promise to not create profiles on individual users.

Secondly, I wouldn't necessarily call it "third-party" either, since Mozilla owns parts of the Cliqz GmbH, so will at least know what's going on inside the company and can easily pull the plug, if Cliqz should actually start to store user data.

Generally speaking, though, Cliqz is a content recommendation engine, trying to compete with web search engines, so sort of hoping to take a bit of world domination (and money) out of Google's hands.

The actual recommendations will be generated locally without sending data to Cliqz, but they do need a data set that tells them what users are usually looking for based on the browsing history that they have.

> They're going to be aggregating the data and specifically promise to not create profiles on individual users.

A promise isn't good enough. They say so themselves either, which is why they've described here how they try to prevent themselves from even being able to create profiles, so you don't have to trust them: https://gist.github.com/solso/423a1104a9e3c1e3b8d7c9ca14e885...

That said, a cursory reading does make it seem like they wouldn't be completely unable too, but I haven't dived into it too extensively yet.

>The actual recommendations will be generated locally without sending data to Cliqz

If this is true, that's great news. They should mention it in the post IMHO.

I suspect it would make little difference. Either users are okay with server-side data collection (with differential privacy etc), or they are hostile to all data collection full stop. The in-between nuance of “results generated locally” does nothing to salve the anguish of this post’s comments. I wish it would.

They claim it is to offer you more diverse search results in the face of centralization.

I can validate this claim, having been in some of those discussions at work.

Search engine lock-in is a serious and real problem to us. Search engines aren’t effective vs. long-tail sites. A search engine that takes into account recent browsing is vastly more capable of surfacing relevant results. Google has done this for years under the head on “Personalized Search Results”, but continues to force users into Google Accounts to derive a benefit, complete with the horrendous privacy policies that comes with. We’re trying to solve this without violating privacy. We encourage and work with the TOR project, which builds ESR with all server-side functions disabled. If you require inaction, request denied.

A search engine that takes into account recent browsing is vastly more capable of surfacing relevant results

No, it's vastly more capable of "surfacing" sites you've already visited, putting you into a filter bubble.

If you really care about privacy, switching the default search engine to DuckDuckGo would probably make a better statement of that.

> No, it's vastly more capable of "surfacing" sites you've already visited, putting you into a filter bubble.

Not necessarily. Here's an example: say the 3 most visited sites by a user are NYT, LAT and the Atlantic. Even if this user has never visited The NewYorker, it's a good bet that she would find it of interest.

Tin-foil hat: "Invisible hand" is trying to make mass surveillance of Firefox users easier.


Cliqz provides recommendations such as news, weather news, or the world of sports, while typing into the address line. Next week, a little less than one percent of the German users who download Firefox from mozilla's central download page will receive a Firefox version with the Cliqz recommendations activated automatically. This includes the data capture tool that records the surfing activities those users, including the URLs of the pages they visit. The data are sent to the Cliqz servers. Cliqz promises to anonimize the data. The data gathering code is available online at [1] and a description methods of gathering at [2]. One can always use the Disable Data Recovery or completely remove the Cliqz add-on.

[1] https://github.com/cliqz-oss/browser-core/blob/master/module...

[2] https://gist.github.com/solso/423a1104a9e3c1e3b8d7c9ca14e885...

Wow - just when it looked like Mozilla might be on the right path again, after years of incredibly bad ideas, they remind us all why we moved to Chrome.


@floatingtoll Can you please send me your complete browsing history, everyday? I promise to protect it and will not do any evil, I'm very good at cyber.

What could possibly go wrong?

If you won't trust some random guy from the internet, why should users trust Cliqz?

Somehow Mozilla thinks it's worth to loose the over years gained valuable trust of users for the benefit of recommendations.

You may think I'm totally wrong here, so please make the following test -

Ask random people: "Are you ok that all your browser history is send to our high security server (insert security/promise magic here), so we can provide you better recommendations?"

If people really understand the first part of the question I can't imagine they have a good feeling about it, that's not human nature.

Acceptance for such "features" must not rely on people don't understanding what's happening behind the scenes.

Hey, I want that. How do I opt in?

I think, the Cliqz browser extension will do the same: https://addons.mozilla.org/en-US/firefox/addon/cliqz/


Christ Almighty if I wanted Chrome I would be using Chrome.

I specifically use FF to get away from this stuff. I have no Google or Facebook account and block/erase as many trackers and cookies because I'm not interested in aiding your data mining quest. Bah.

Is that the same announcement? It's from August 2016.

I think this is the correct URL for the latest announcement in English:


This looks like it is the new link.

That's the announcement of Mozilla investment from last year, and it says Cliqz would just be an optional add-on. There is nothing about being preinstalled and turned on by default.

> The surfing activities of those users who receive a Firefox version with Cliqz are sent to the Cliqz servers; including the URLs of the pages they visit.

Yeah thanks but no thanks.

This would make a great 1st of April joke.

What the hell, Mozilla? Google is tracking everything, come to us we'll respect your privacy ... while we send all the urls you visit to some 3rd party you've never heard of.

But what's more trustworthy than a third-party you've never heard of called "Cliqz"?


Can you at least try to not rip sentences like these completely out of their place? There's people here who won't bother to translate and you're abusing that to make Mozilla look bad. The sentences afterwards:

"Cliqz uses different methods which should take care of removing sensitive information, before it's sent out from Firefox. Additionally, Cliqz does not create profiles of individual users and erases their IPs as soon as the data has been collected. The code of Cliqz is publicly accessible [open-source under MPLv2] [1] and a description of the used methods can be viewed here [in English, 2]."

[1] https://github.com/cliqz-oss/browser-core/blob/master/module...

[2] https://gist.github.com/solso/423a1104a9e3c1e3b8d7c9ca14e885...

No abuse here. I honestly think you are missing the point of what is upsetting people.

Nothing in your full quote makes it any more palatable.

No matter how nice your intentions are. No matter how transparent you are. No matter how sincere your wish to contribute to a greater common good is. Do not... Do not... Do simply not collect my browsing data. They are not yours to have.

Whatever excuse is brought to the table I will take it as dishonesty. It can come as no surprise that even the slightest privacy concerned users will take offense of this. They simply hope it will fly under the radar of the common users - because "we do good".

(Please do not take the "yours" as a personal attack - english is my second language - some nuance has been lost in translation)


Take it like that if you will. There is a distinction between considering something dishonest and flat out lies.

You do however not indicate any interest in discussing the finer points.

This is already too far into the realm of flame wars. I apologize to those who had to endure. I got caught up: Someone on the Internet was wrong!

Have a nice weekend!

After seeing the astroturfing in this thread, I'm switching to Vivaldi or Chromium, not Tor Browser.

1) the sentence is true.

2) why should I or anyone else trust a company called Cliqz to do anything?

Who wold trust a company named “YCombinator”? Or “Google”, which was at one point a sexual slang word?!

Discriminating by name will get you absolutely nowhere.

You hit the point accurately. But misses why the discrimination is both warranted and needed.

We do not trust those either.

With the recent progress in Firefox they had a really good position to win users back. A key driver would be getting away from Google (Chrome) who wants your data.

That driver has now been reduced. They have taken the lower road.

Neither do I trust YCombinator with this data. Or anyone else...

So why trust company X? The point being: I do not.

Thank you for your software but please do not use it as leverage for getting my data.

Well, people who are pissed off should know that Chrome and Chromium have been doing the same thing for a decade.

This doesn't diminish what Mozilla is doing, but at least you should yell at Google too.

Yell at Google? Google is dead to me, I'm at the part where people who tolerate it die to me. It's quieter than yelling but way more final.

I'd like to hold Mozilla to a higher standard. Sigh.

We certainly hold ourselves to a higher standard, no matter what people say to the contrary. Endless never-ending arguments for a very long time about all of this. Whatever else you think of us, at least remember that we not only care but agonize over this stuff at length.

Then why do you instantly bring up Chrome to "clarify" here https://news.ycombinator.com/item?id=15421980 ?

Endless never-ending arguments? So they're still going on? Or you're so exhausted, you can't actually address anything for real and share none of what was discussed?

Then why the fuck are you behaving just as horrible as Google in exfiltrating user’s data, illegally, without opt-in?

How the fuck do you deceive yourself into thinking you’re supporting the privacy of your users by doing this, or the Google Analytics in the addon settings?

These are accusations, not questions. The framing of the sentences prevents any useful reply.

Yes, and as a direct result, I don't use Chrome!

Applications are open for YC Summer 2019

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact