Hacker News new | comments | show | ask | jobs | submit login
Unknown Mozilla dev addon "Looking Glass 1.0.3" on browser (support.mozilla.org)
757 points by shak77 5 months ago | hide | past | web | favorite | 511 comments

Many people seem to be shocked because Mozilla installed an add-on automatically. In my opinion, it doesn't really matter since the code is coming from Mozilla - they're building the whole browser, so they could introduce functionality anywhere. If someone distrusts their add-ons, why trust their browser at all?

The main question is what behavior is being introduced. I haven't researched deeply, but apparently the add-on does nothing until the user opts-in on studies.

Speaking for myself here, but I'm not concerned that Mozilla might push malware into Firefox installations. I'm concerned about the lack of judgement in pushing an extension with a vague, scary-sounding name and description simply for a cross-marketing tie-in, and I'm worried that it could have damaged the trust ordinary users have in Firefox.

> I'm not concerned that Mozilla might push malware into Firefox installations

Nobody is concerned about that, in my opinion. I'm concerned someone will push malware through Mozilla into Firefox installations. Pushing addon installs should not be possible at all.

> I'm concerned someone will push malware through Mozilla into Firefox installations.

Mozilla installing a bunch of addons that look like viruses ends up preventing users from being able to identify actual viruses.

End users being users prevents them from identifying actual viruses.

I'm concerned about Mozilla pushing software written by the Mr Robot marketing department.

I'm not entirely comfortable with how this all went, but it's at least worth noting that the add-on was written entirely by Mozilla engineers.

This is the opposite of comforting

Well it is - one could expect this sort of crap pushed by marketing/bizdev via management but the fact that Mozilla engineers actively collaborated on this is a sign of deep normative inadequacy among the people who are supposed to be the last line of defense against this sort of thing.

You seem to either not understand or ignore that even in a company like Mozilla, there are decisions made by marketing that end up having to be implemented by engineers. It might be a non-profit, but it's a non-profit corporation with salaried employees, not a loose assembly of people purely in it for the love of a browser. If the incredibly high up people say X needs to happen, you make X happen.

I understand it all too well, but when Mozilla is posing as a public benefit company with the "good of the Internet" as its mission this kind of stuff is inexcusable and should be called out all the louder.

It's a non-profit with a duty specifically different from "make profits" and there are consequences to this.

To quote an ex-mozilla employee:


Because the Mozilla Foundation is a nonprofit corporation, it has a specific legal purpose for existing spelled out explicitly in its articles of incorporation: "The specific purpose of the Corporation [here meaning the Foundation] is to promote the development of, public access to and adoption of the open source Mozilla web browsing and Internet application software." If Mozilla Foundation were to ignore this mandate, it would jeopardize the nonprofit, tax exempt status of the foundation


In this case they are definitely ignoring the mandate, and this should never remotely have happened.

Source of the legalese: https://static.mozilla.com/foundation/documents/mf-articles-...

Is the plugin opensource, where can we vet it? I can't find it on github or anything like I can with the other plugins I use

Looking over [the contributors list][1], looks like the plugin was written entirely by Mozilla employees. So, no "Mr Robot marketing department", as some commenters here have been speculating.

[1]: https://github.com/gregglind/addon-wr/graphs/contributors

It's technicality. The description is still:

"Looking Glass is a collaboration between Mozilla and the makers of Mr. Robot to provide a shared world experience."

It doesn't matter who technically coded it. "Mr Robot marketing department" was obviously deciding about its existence, behavior and content -- if that description is true.

But looking at the source of the extension, I find the following URLs inside:



So it seems it is some marketing, the question is which company now, and do they change?

I'm not sure why this is downvoted. I work in advertising as a conceptual creative. My entire career is about creating ideas like this for brands.

An art director and copywriter sat in a room together over two days and came up with lots of different ideas to generate PR for Mr. Robot. They presented the ideas to a creative director, who went through the work and picked the one he felt was most suitable. They presented it to the client, who supported the idea.

There would have been some line of communication from the creative agency, whoever owns Mr Robot, a media/PR agency and Mozilla. The idea was bought by the client, had the agency liaise with media/PR, got in touch with Mozilla with an undisclosed donation and the add-on was coded.

The biggest problem, for me, is that these extensions obviously get less scrutiny in Mozilla organization. The "core" is made with a lot of "eyes" taking care that not something "wrong" for the user enters the code base.

Then some marketing people both in and outside of Mozilla push something that is probably not passing the same strict reviews.

It points to the organizational problem in Mozilla.

Re: "not sure": don't worry, some people do this not for the content but for the author, some lack reading comprehension and some just press the wrong button. Just vote yourself, and if you reply, say that you agree, don't mention the word you mentioned.

Why would assume that it doesn’t pass through the same review process? None of your assumptions are obvious to me.

Why would you assume that it does? Have you ever seen how big products like core Firefox binaries are written, reviewed and tested? I took part in that, and this doesn't look at all as part of that process. I see it's even not in the same repository where the "serious stuff" is. It's not the part of that process.

This looks like "let's give litte Perry and these marketing departments something to play, whatever, it's just an extension, who cares." So little Perry writes a description of the extension "MY REALITY IS JUST DIFFERENT FROM YOURS", the extension gets silently pushed to all the US users(!) (Firefox has support for that) who freak out, and the first response from somebody involved with that was "it was not supposed to be seen." You see, it was planned to keep the extension also "invisible" to the users -- Firefox has support that too! The extension was obviously not formally reviewed or formally tested, if the "invisibility" was the goal. Of course, it being "invisible" wouldn't be better. It's a misuse of the whole mechanism, compared to what Mozilla explained to the users. The mechanism was supposed to allow making "studies" from the behavior of the users who agree to take part in them. Instead, it was an attempt to a "viral ad" that was delivered to the whole Firefox using US population. There are multiple wrong decisions in this story.

Now I hope Mozilla does get the idea that the users do care.

> [...] the extension gets silently pushed to all the US users(!)

Non-US user here, my Firefox got it, too.

It's not what you are but what your settings are, please go here and check what your browser reports under ACCEPT_LANGUAGE. If it is "en-US" you are considered a "US user" enough:


BTW: the extension we all talk about here has exactly this site that is used for checking the headers hardcoded inside, obviously in order for the developers to test their newly coded functionality with which they add an additional header entry in the request to some specific sites, specifically, the "main target" is a brand (I've given the link earlier on in this thread). It's obviously an advertisement for the US as that "main target" site is only meaningful to the US public. But it's obviously not the whole story.

If your language is not en-US it's worse than what I've understood.

In my case the setting lists two languages, but "en-US" does appear to have a higher 'quality' factor, so there.

This thread needs to lighten up. It's one goofily named add-on pushed to a miniscule number of users in an opt in program. Firefox and their judgement are fine.

it was an opt-out program actually.

Studies are enabled by default.

See the dev's response on the "slippery slope" thread. You had to go into about:config to enable it.

They can also push new browser releases though. They are also auto-installed by default.

The exception is that an addon can do slightly less damage than a compromised browser itself.

I deeply hate this update methodology. Some hippster fresh from university decides that the gui, approach, functionality i use daily is no longer needed and pushes his rewrite into a release. One click later im stuck with this, because all the bundled crap is hijacking the "security" for a ride.

If any software developer would truely respect users, he would offer updates as seperate packages, where users can opt out of non-security ones- and those updates humanity votes with there feet against, vannish into the bin of useless software.

Imagine the complexity of maintaining the software when every patch must anticipate a fragmented mess of different pieces of patches being installed on target systems. Imagine the explosion of testcases required.

At that point, it’s probably better to just stop feature development and do nothing but security patches, which of course will lead to stagnation and which will also lead to fragmentation as many more incompatible releases of the same software will be out in use.

This will make it even harder for developers to adapt new technologies. Imagine how bad the already messy caniuse.com would look when every single browser version would be supported forever and could be individually configured feature by feature.

Especially as people somewhat versed in technology (I think it’s safe to call HN audience that), I think there is advantage in going with the flow and adapting to new releases and UI paradigms.

Otherwise we'd still be running on DOS and us developers would still have to support it.

Relevant XKCD: https://xkcd.com/1172/

> Imagine the complexity of maintaining the software when every patch must anticipate a fragmented mess of different pieces of patches being installed on target systems.

...why imagine? That's life as a Windows/Linux/Android dev. (Apple is sort of a stand-out because it has vastly fewer installable parts and less versions in the wild such that it's actually possible to test every patch level of every supported version of macOS or iOS at any given time).

But none of that makes push updates right or wrong. The reality is that it's less of a push than it is a pull anyway - in this case the client is asking for updates on an interval, and the server says "yep, there's one for you." The client grabs it and installs it. And it's turned on by default because, for the most part, that's the right thing to do for your users: you'd rather them be on the newest patch level. Hell for IT admins though, which is why it's almost always a feature they can disable at will.

So here's where this case differs: it's an "experiment" that's actually just marketing trash pushed through the "experiments" channel which is also armed by default, rather than a security or product update (which anybody reasonable can argue should be on by default - secure by default is the goal, after all). The only "experiment" in this case is seeing how many users will put up with Mozilla continuing to pimp out Firefox to the highest bidder as a grab for a new revenue stream before they reluctantly switch back to Chrome.

And judging by the backlash on patches like this one, it's not going so well...

Ever heard of debian ? Then maybe you've heard of debian backports ?

I'm asking because debian and backports are doig exactly that: separating security patches from the rest, not for a browser but for a whole OS and every applications including firefox.

also this xkcd is not relevant. the point here is that mozilla has quite a history of breaking userspace earning them the reputation of "making far-reaching and very short-sighted decisions in a vacuum."[1]

[1]: http://forums-test.mozillazine.org/viewtopic.php?p=14736466#...

I suspect it's a plan to make some functionality optional... Or opt out..

Ie. code spitting and reducing bloat, and speeding up development by providing some features as add-ons...

I don’t see the harm in a good organization contributing lot of value to this world having a little fun.

Some of the comments are mentioning IT managers banning firefox, those will be the same IT managers doing all the other pennywise/pound foolish things that make you try not to work on their team in the first place.

Maybe it’s actually good to put something scary sounding in there to raise awareness. It could help people understand that scary phrases are not the most common sign of foul play. When the real hackers come for you, they usually dont look scary at all.

What do you mean having a little fun ?

Firefox is bleeding market share and has been for a while. Despite this, revenue and profit is at an all time high for mozilla which is weird as the revenue comes from sending theirs users to google for being profiled and exposed to ads. Meanwhile long time users lose faith and trust in mozilla and firefox.

Not exactly the best time to be caught having "a little fun" move showing that they will sneakily install stuff in your browser without asking.

Then again mozilla is "making far-reaching and very short-sighted decisions in a vacuum."[1]


> Firefox is bleeding market share and has been for a while.


    Chrome            54.98%
    Safari            14.79%
    UC Browser         7.98%
    Firefox            6.09%
    Internet Explorer  3.88%
    Opera              3.79%
In all fairness, Firefox has overtaken IE.

Not really.. Microsoft is killing off internet explorer

Actually chrome and microsoft are responsible for IE hitting the bottom. Look at the following chart from stat counter:


That all versions of firefox combined barely do better than obsolete unsupported browser that the manufacturer actively try to remove from the market is not a good sign.

non sequitur. either it’s right or it’s wrong, whether or not you like the org as a whole doesn’t change that.

even so to briefly chase your point, do you believe they are doing net good, and some things are looking more positive, like the servo work? my only point is that criticism works on a relative scale. i agree there are things they could do better, but i still prefer they exist.

right/wrong or good/bad are concept derived from organized religions to control populations' beliefs and they are inappropriate in most cases if not all because they are relative to your own beliefs.

If you are the good guy then your enemy is the bad guy but from the bad guy point of view he is the good guy and you are the bad guy.

No one is ever the bad guy in the movie of her own life.

servo, or whatever else they could come up with will never reach a net good for me as I need ALSA support and the extensions mozilla has dropped to make firefox useful to me.

I would rather have them disappear so there is room for something better to exist in its place. Right now there are occupying space and prevents an alternative to emerge.

The sad part of this is that by accumulating blunders, near sighted and far reaching decisions, with their attitude of not caring about user feedback or user freedom of choice they managed to turned me, a long time supporter (since netscape times) that has based part of my business on their browser, against them and wishing they would go away. This is quite a feat in itself. I'm not sure there is another entity that managed to alienate me that much, not even canonical or gnome.

Pulse seems pretty functional now. Did you know it was still possible to build firefox with alsa support?


It seems like a lot of addons are being ported to the new apis too. Maybe you are too hasty?

There would be "rioting in the streets" of the internet if Mozilla ever decided to drop support for ALSA in Firefox.

There are distros, Void Linux (which I am using right now) for one, which ship without pulseaudio (or systemd for that matter) installed by default, thank goodness.

> I don’t see the harm in a good organization contributing lot of value to this world having a little fun.

One potential downside is that now people might not pay close attention to the installed addons. "Oh, must be some Mozilla thing", as GoldenDwarf quietly consumes user CPU cycles to mine cryptocurrency for someone else.

This calls for.... anti mining extension. like adblock, miningblock.

I don't look to my browser's implementation to "have a little fun". This is a foolish decision on Mozilla's part.

poor argument. ostensibly the only reason to separate business from pleasure is out of practical concerns. without stating practical concerns there’s no way consider the validity of your comment.

who knows, you may totally change my mind, but as it stands it makes it difficult to disagree or agree with you.

How about this:

I opted into FF telemetry and "studies" with the understanding that some extra data would be collected and experimental features or specialized debugging tools might get pushed to my browser (like the last "study" I saw for collecting JS errors).

This addon is none of those things. It is an advertisement. Call it an "alternate reality game" if you like, but it's an advertisement for a television show. It has nothing to do with making FireFox a better browser.

Using the Shield Studies program to deploy extensions and advertisements that have nothing to do with the original stated purpose is an abuse of the tool and a breach of trust.

That's all aside from the fact that there's been numerous reports of people receiving the addon who never opted in to Shield Studies in the first place.

Raising awareness about security and privacy relevant issues from a TV show seems to me like it (indirectly) makes Firefox a better browser. An AR game does nothing to improve the browser by itself, but think of the big picture. Cultural awareness is a big part of it.

If you want to take an ideological perspective, the big picture of this is that the browser maker is willing to push advertising software to people who didn't ask for it, over a channel that wasn't built for it, to further a political agenda.

Even if it's ostensibly about ideals I might agree with, this was a very poor decision and a breach of trust.

I'm worried my work Security/IT department will see it, freak out, and blanket ban Firefox on all machines for 6 months.

your work security team loves mr robot, it will be fine...

No, it really will not. My workplace saw that OpenOffice had a security issue, and banned it AND LibreOffice.

Nothing I can do about it. Can’t argue. Trust is very, very easily lost and incredibly hard to regain. And it can hit innocent third parties. It’s very, very wrong to do anything that could destroy trust.

Have they seen the shit that's been found in Microsoft Office? It seemed like there was a new RCE every week for while.

I didn’t say it was logical.

If this does not happen at your workplace, it will certainly happen at some other workplace around the world.

Hopefully this helped people who were scared by it learn how to analyze add-ons for trustworthiness.

What's scary about "Looking Glass"? It's not named something like "PrivacyRemover" or "SpamEmailer" or anything.

What was wrong about apple automatically adding a U2 album to itunes library ?

Same here for looking glass, we do not want corporations to be in control of our stuff. Mozilla showing that they have built the capacity to auto install addons into your browser is quite the issue, you can rest assured that some are already working on ways to abuse this.

That they have done it as a promotional marketing trick and not or something useful or serious sends the wrong kind of message on top of it.

The major problem is that they installed an add-on without properly communicating what it was. A somewhat smaller problem but still a big problem is that was an utterly frivolous add-on that shouldn't have been pushed to people who didn't explicitly want it. But the biggest problem is that Mozilla seems to have trouble understanding why any of those two would be a problem, I want my browser vendor to be serious and not play silly games that can so easily backfire.

Yeah, add-ons from Mozilla merits the same trust as the browser. But this cuts both ways, this stuff undermines my and probably more people's trust in the browser.

So this is the first response from Mozilla in the Gizmodo article:

“Firefox worked with the Mr. Robot team to create a custom experience that would surprise and delight fans of the show and our users. It’s especially important to call out that this collaboration does not compromise our principles or values regarding privacy. The experience does not collect or share any data,” Jascha Kaykas-Wolff, chief marketing officer of Mozilla, said in a statement to Gizmodo. “The experience was kept under wraps to be introduced at the conclusion of the season of Mr. Robot. We gave Mr. Robot fans a unique mystery to solve to deepen their connection and engagement with the show and is only available in Firefox.”

This is horrible. They pushed out this crap under false pretenses as a study and obfuscated it. Don't talk the ethics talk if you're not prepared to do the ethics walk.

I've been using Firefox for 90% of my browsing for a few years now and really want to continue to do so but I really wish Mozilla would stop shooting themselves in the foot already. This once again gives the impression that they have some teams that aren't in touch with the reality on the ground, that these types of initiatives hurt their chances of gaining more users.

Let me suggest you a browser aptly named waterfox, that could be described as firefox without mozilla nonsense.

[1]: https://www.waterfoxproject.org/

Waterfox is nonsense, no offense to the people behind it. Removing some stuff from Firefox and calling it a day does not make a better Firefox, it just makes for a preconfigured one. You might as well just run Chromium.

The problem is that Mozilla is a good company, that has had a true net positive effect on the world, especially in tech, and continues to do so today with wonderful projects like Rust etc.

If Mozilla were a shitty company, we could all simply dismiss Firefox and get on with our day. But Mozilla is not a shitty company and the fact they keep shooting themselves in the foot like GP said, the fact they are completely out of touch with their userbase, that they cannot see the OBVIOUS problems with this addon even after the Pocket debacle, is ridiculous.

Heaven forbid the decisions about what features an application gives and takes away are decided by lowly users. The free in free software means libre still, right? So if someone forks over 1 change or 10 they are still libre to do it, or is that passe? Its free as in liberty, as in freedom of thought, or is that also passe?

Forking a project, and adding features and removing pulls that you don't want and/or need is kinda the idea behind the whole 'open source' thing.. cause what else would you do with the source code, but compile it.

Speaking of Firefox, a build or two ago, without warning, Firefox deprecated (broke) every add-on. Because [insert-old-architecture-security-justification]. It's not like anybody was doing anything real with a browser anyway.

The new extension system was announced years in advance, including the warning that XUL addons would eventually be deprecated.

This design decision is behind a large part of the performance improvement in 57.

Yes I'm sad, I lost some of my favourite addons as well. But this move was announced well in advance and it had a serious technical reason behind it.

In a difficult situation, Mozilla made a tough decision that is good in the long run and that benefits all its users. Crying "fork!" over it is so blind it leaves a bad taste in my mouth.

> So if someone forks over 1 change or 10 they are still libre to do it, or is that passe?

It's nonsense. Doesn't mean they can't do it, doesn't mean it's not nonsense. Furthermore, in some situations, forks can be harmful to the overall health of an already fragile ecosystem. They're not free of externalities.

Is there any reason to believe that one guy has sufficient resources to maintain a fork of firefox? Its not like he can keep backporting all fixes from what will increasingly be an incompatible browser.

It also wont get any of the improvements mozilla is in the process of making so it will ultimately be slower and with fewer features.

> Don't talk the ethics talk if you're not prepared to do the ethics walk.


> "The experience does not collect or share any data," Jascha Kaykas-Wolff, chief marketing officer of Mozilla, said

Looking in the sources of the extension, it adds additional HTML header to every HTML request to https://www.red-wheelbarrow.com/forkids/ pages. The activity of the users there could of course be tracked and the data dependent on the extension being active collected. Good try Mr. marketing officer of Mozilla delivering Mr. Robot ad using the mechanism for the "studies."

> "Firefox worked with the Mr. Robot team to create a custom experience that would surprise and delight fans of the show and our users."

Obviously fail. Surprise, yes. Delight? No.

The add-on only initializes itself (and thus sends the header) if the user has manually gone into about:config and flipped the `extensions.pug.lookingglass` preference: https://github.com/gregglind/addon-wr/blob/59659431fd2a75c33...

It was obviously not complete in the form it was delivered, the "turning on" was supposed to be added somewhere at some later moment.

The whole thing is still suspicious: it was delivered to everybody whereas if it was supposed to be used only by the users who are aware of it, as now Mozilla tries to spin it, i.e. only to those who decided to "play the game", then the hidden install, especially to every user, was unnecessary as the normal extensions to Firefox are easily installed by the user, a click or two are enough:


The proof of the planned data collection, confirming my previous claims, found declared in the source of the extension itself:

"## Observed data

- Possible page view counts on SUMO

- Possible page view counts (with and without the special 'enrolled' header) on Partner pages."

I've also already explained the "special 'enrolled' header."

The turning on was obviously either planned for some special moment, which wasn't the moment of that the extension was actually delivered, or the extension was accidentally delivered in the unfinished state -- doesn't matter, it provably didn't get enough scrutiny, see my other comments here for the details, the damage it actually done is regarding "tracking" less than planned, but regarding annoyance of their users probably more.

What are the odds that [current] Chief Marketing Officer Jascha Kaykas-Wolff is also the highest-ranking person in the organization to have signed off on this?

If they'd decided to sneak in a Mr Robot-themed easter egg I wouldn't really care. The fact that they decided to use a debugging/telemetry permission to push out a stupid marketing gimmick makes me question the judgement of everyone involved.

Much like some other situations in the political arena over the past 2-3 decades, I don't care that much about what was done but the decision to do it makes me question the judgement of people that I'm supposed to trust to make good decisions.

> [...] The experience does not collect or share any data [...]

Wrong (unless proven otherwise).

From the Shield Studies FAQ[1]:

> What data do Shield Studies normally collect?

> [...]

> Mechanism:


> - at STARTUP, SHUTDOWN, INSTALL, UNINSTALL, - send a `shield-study` packet containing the Unified Telemetry Environment.

As was stated before, users report that they have had this extension pushed to their browser without their prior consent to sending any telemetry data.

[1]: https://wiki.mozilla.org/Firefox/Shield/Shield_Studies

I completely agree. A browser sits on a bit of a higher plane than most other pieces of technology these days, as it is so important. I have no reason to doubt the ability or intent of the developers involved with this add-on, but there is zero reason for it to be pushed to everyone without consent. I use Firefox because I want to trust my browser and not have to worry about it doing dumb shit behind my back. This goes against that very notion.

Being serious is quickly becoming a lost art. I don't know if the majority of the userbase really enjoys it, but I can't wait till the current fashion of treating your users like 3-year-olds blows through.

agreed. nothing is more frustrating to me than when my windows computer delivers an error message with a “ :( “

> I want my browser vendor to be serious and not play silly games that can so easily backfire.

I would not care about silly stuff, like say a christmas easter egg. But this wasn't meant as a silly joke.

The major problem was building a feature into the product that allowed for pushing add-ons without users knowledge much less active consent in the first place, there is no benign use for this kind of functionality.

you mean the automatic update process, which can change every single byte of every file in every directory under Firefox's control? Because unless you want to live in a world where your browser can't automatically apply security patches and upgrade critical components, the fact that the application can update itself is very much not the actual problem (and with the new web extension addon system rathern than the old XUL system, addons are actually way less security-compromising-in-potentio than updates to the actual browser itself)

I'd argue there's a vast difference between an automatic update for something that was already manually installed, by the user, and automatically installing something without any indication to the user that it was installed. Worse, it's impossible to argue that this was even a useful extension.

I don't watch television, and I don't keep up with any popular modern shows. I had no idea what Mr. Robot was until looking through this thread, and the description text for the addon was, at first glance, suspicious. This was a terrible idea and isn't even remotely analogous to applying security updates automatically. If I have something I specifically installed, fine, I can expect those addons to be updated automatically. I don't expect them to side load something I don't even want. "Delight fans" my ass. You have to be a fan first, and I'm not even sure most people who are fans of Mr. Robot would think this is a particularly good idea.

Funny enough, the only thing I can think of that's even remotely similar to this is the "Hell, Dolly" plugin for WordPress, and that's installed out of the box as part of the distribution.

The automatic update process fails because it does not have right to install software on my box. The power of setting permissions and not blindly trusting software just because it is floss.

I would not want it to have this kind of power as the security patches and critical updates are provided by the kind people managing the distro repositories, and if it could update itself it would remove the third party patches required because mozilla has been refusing for 15 years to integrate correctly in my desktop environment but did integrate in the main competitor.

Actually an application being able to update itself is a security issue and terrible design. Strictly speaking it should have only have write access to say its cache files and a directory where you store downloads.

Its also moronic to have a different update policy per app that is achieved in 35 different UIs.

This is the norm on windows because they were late to the party as far as a central source of software and further managed to make it an unattractive proposition and didn't get much buy in from developers.

Totally aside from the implicit security issue the ui flow is also terrible. Either each of 35 different apps runs their own update checker process in the background wasting your resources and prompting you at annoying times or when you run an app one out of n times it will prompt you to update whereupon you will ultimately have to stop doing whatever you were actually doing and let it update itself and restart.

It is truly amazing that people not only put up with this ridiculous situation but defend this as a feature.

Your system should periodically on a schedule you set update every piece of software you own and never bother you otherwise.

In Linux distributions you get it from the distribution repository, and automatic updates are disabled. So at least it's reviewed by a third party.

You could use add-ons to manage optional functionality a la Atom. Users can enable and disable add-ons to customize their browser and some come enabled by default. If you were migrating to this method of customization it would absolutely make sense to push an enabled add-on that replaces functionality you took out of the main app.

Why is this downvoted?

It sounds like a valid reason for being able to auto-install add-ons.

Because this is not the scenario that is being denounced here. A brand new add-on with functionality unrelated to the product is being installed without consent or even notification - that's capital M Malware peddling.

Is this a thing ? History shows mozilla removing functionality but never replacing it. And then it's up to volunteers to make an extension to fill the gap, until mozilla breaks the extension or drops the extensions engine altogether.

For exemple australis and classic theme restorer.

This is bullshit and you know it. If you want to shittalk Mozilla, then at least try to be honest.

Automatically updating an already enabled add-on is hardly the same thing as silently pushing a new one.

Security updates were and still are configurable to be installed after prompting, also when they are installed automatically I am notified that this has happened. There is also an implicit trust in the vendor that only security-related functionality should be changed in a security update.

This. I love Mozilla, but between automatic change of default search engine in 57.0.1, pushing changes that broke most of my extensions and now this, I am starting to feel anxious...

Ever heard of waterfox ?


Indeed. I'm seeing people recommending Chromium (not Chrome) instead of Firefox because of this.

Why not recommending waterfox[1] instead ? It's firefox without the mozilla nonsense.


I personally am fine with using Firefox (though after Looking Glass I've disabled the setting to allow experiments).

IIRC the person that advocated for Chromium (instead of a third-party Firefox rebuild) base it on performance (they were dubious Quantum is actually better, I personally find it fast enough except when loading Facebook), as well as the alternative versions of Firefox not keeping up with the official version. Also, supposedly Chromium (as opposed to Chrome) settings are reasonably privacy-friendly out of the box.

They did recommend installing uBO-Extra in addition to uBlock Origin on top of Chromium, which is revealing -- with Firefox, there is not even a need for uBO-Extra.

My original point (which I didn't elucidate clearly enough) is that this Looking Glass experiment is resulting in unwarranted backlash against Mozilla -- whereas from the standpoint of preserving an open web and protecting user privacy it's actually one of the better players.

If this were the first incident, and they quickly backtracked on it, then maybe we can give them a pass. But this isn't the first case of somewhat shady behavior. Remember the "user-enhancing" sponsored tiles a few years ago?


> Excited to share the launch of @mozilla @firefox Tiles program, the first of our user-enhancing programs

The problem there wasn't just the idea of putting ads in the browser, it was also the way in which they tried to present it as a useful addition just like every other ad company tries to defend ads

That tweet sounds like doublespeak, but Directory Tiles really did have some genuinely good ideas mixed in with the bad.

I don't know how far we got with it, but one of the ideas was to serve a generic bundle of ads, and then select which ones to display locally, based on an entirely private, client-side analysis of the browser's history. Now, that probably shouldn't have been on the new tab page, and probably not in Firefox at all, but if ads are going to be the way we fund the Internet, then that sounded like the best possible outcome: better targeting without remote tracking. Heck, even Brave ran with the idea for a while: https://brave.com/about-ad-replacement/

The only good ideas about tiles were lifted of opera and better implemented in extensions.

Serving ads is never a good idea, and no, ads are not the way we fund the Internet, commercial ads is what is destroying the WWW and the Internet.



I've recently switched to a browser that doesn't fund itself through ads. It's not an iron law of the universe that the Internet needs ads to function.

You think because your code is running native you can spy on me better for ad purposes, and that's a feature? That is just tone-deaf.

The whole point is that they weren't spying on you. The observations of your behavior were made entirely client-side, in your browser, and never passed back to Mozilla or anybody else.

Defining that as "spying" strikes me as a big reach. It's no more spying than (say) Windows observing what programs you use most and adding shortcuts to them in your Start menu. Software adapting itself to fit the user better is a good thing, as long as it's done in a way that respects the user's privacy, which keeping the data 100% local absolutely does.

This breaks the HN guidelines. Please respond to the strongest plausible interpretation of what someone says, not a weaker one that's easier to criticize.


Edit: we've had to warn you a lot. Continuing to break the guidelines ends in bannage, so please clean up your act.

There are things I don't agree with that Mozilla does, but I will stand up for that one. The idea behind the "tiles" was to try to figure out a way to do privacy-respecting ads. And if you look at how it actually worked... it was actually a really good plan for how that could happen.

Mozilla's job is to find ways to push the web forward in ways that respect humans, and ads are, well, how the web mostly gets funded. So it's entirely within bounds for them to try to figure out ways to make ads work without invading people's privacy.

Maybe if that was actually the goal, it might have been a good thing. But all I received was marketing blabla to tell ads are enhancement.

And if Mozilla really are different, then they should communicate different - honest.

This is being added to the browser, outside the realm of security updates, through what is supposed to be a UX improvement program, for commercial purposes. It's written by a commercial company that produces advertisement content. It's not clear this code is audited.

Sorry, but I'm uninstalling firefox. They have broken the basic trust I have in them as a user to not push arbitrary code to my machine against my interests.

Have fun in Lynx. that's probably the only browser that wouldn't do something like this.

Well maybe Safari, not because Apple wouldn't, but because they just don't care enough about ad revenue.

Chrome: They leech everything they can get away with, granted it goes only to Google, but you know it's just to feed their never-ending ad-revenue goal.

MS: They bypassed IE only ads, and went on to build ads into the entire OS.

The truth is that there have been other text-only browsers both before and after lynx. I have tried every one I could ever find, since the 1990s. Some of them seem to have been forgotten. IMO, whatever is in todays package collections is not a true representation of all text-only browsers ever written. Most times when someone cites "lynx", as is common on HN, I interpret this as a signal they are not too familiar with text-only browsers. IMO, lynx is relatively big, slow and clunky with too many options; definitely not the best text-only browser I have used.

I happen to like text-only browsers for viewing HTML (e.g HTML tables), tcpclients like netcat for making TCP connections, and my own software for generating HTTP requests. Almost all websites work[FN1], with zero "loading time" as one may experience when using "modern" browsers to do these tasks. I can easily get the content I want (text, with option to download images, PDF, video, etc.) and skip the stuff I dont want. No autoloading of resources. I choose what I want.

Surprisingly, the web is actually getting more, not less text-friendly. Today I can often get text encapsulated in JSON, Markdown, etc. instead of wrapped in HTML, making parsing even easier.

There is heaps of Javascript written by others available on the web today but as a user I have little interest in running it. I would rather write my own.

FN1. "work" means I get the body the page that contains the content.

I agree, I just used lynx there as a stand in for all text based browsers, since it's the most well known, and easiest to get running.

I'm not sure I agree the web is getting more text-friendly.. it is getting more JSON friendly, mostly, but actually visiting web-pages where JS isn't required is becoming increasingly rare. I've yet to find a text/console browser that can actually run JS. (I know there have been some experiments, but none that actually work last I checked)..

I use the text-only browser, in text-mode, to dump HTML tables to ASCII. I do not necessarily need the networking code. Reading HTML tables as ASCII is its primary purpose for me. TCP connections and generating HTTP headers are handled by other programs. Text processing is done by other programs. Legend has it that accounting logs on an early Research UNIX saw Ken Thompson using something like 240 separate programs in one week. While I will unlikely ever reach that plateau, I am not going to use a single, large, complex program where I can use separate, small, editable programs that give me greater flexibility.

Do I need javascript to accomplish any of these tasks? No. I am not interested in graphical web pages. I am interested in retrieving information, images, documents, sound files, video files, etc. I never need javascript to get these files, nor to read, edit or view them.

Simple example: I do not need a webpage full of javascript to view a YouTube video. I only need a video player (compiled without networking code).

Years ago, links added a javascript engine. Later it was removed. There is no point. A script can still consume inordinate amounts of RAM, even when there is no GUI. And for what? What is that javascript doing?

In the distant past, I recall browsers used to hand off media files to other programs, based on Content-Type (see article on MIME posted earlier today). Today, these external programs have been subsumed by the "modern" browser.

Perhaps modern browsers can be useful as offline image viewers, document viewers and media players. As I am in text-mode, the graphical browser is on another computer, connected via crossover cable or LAN. After inspecting their contents in text-mode, I transfer the documents and media files to a fileserver.

The decision to forgo using the so-called modern browser comes down to how important web design is to the user. If the user is interested in how fonts look, how a page of text is arranged, icons, styles, etc. and wants each and every website to look different, then the "modern" browser may be unavoidable. Probably javascript is needed to share in the web designers "vision".

The text-only browser OTOH makes all websites look more or less the same, regular, and if in text mode there is only one font, easy to read, IMO less eye strain on black background. It is perhaps better suited for the user that wants fast information retrieval, reliable, efficient file retrieval and cares little about graphical web design.

Which is the best text-only browser?

The browser is not even needed with stuff like weboob[1] (WEB Outside Of Browsers).

[1]: http://weboob.org/

Beside elinks, something newer?

I'm running Firefox via Debian, and I intend to continue running Firefox via Debian - I trust that the outcry in the Debian community would be so huge if the Firefox maintainer (or any other maintainer) allowed this sort of code from upstream through.

Well FF did just get caught with their pants down, installing a Mr.Robot (tv show tie-in) Add-on(extension) to FF users, without their consent. Since it was an Add-On that was pushed after a debian install, Debian devs wouldn't have been able catch it before it reached end-users.

That said, I still use FF, but I do make sure I keep all the opt-in telemetry and stuff off, since it was one of these settings that "let them" get away with installing the add-on without consent.

Granted the add-on by default didn't do anything unless you enabled it, but still.....

The Debian package of Firefox is not supposed to pull any code directly from Mozilla - whether security updates, marketing tie-ins, updated SSL libraries, whatever. Like all Debian packages, code is supposed to go through Debian. The only Debian programs that are supposed to fetch code on their own are ones where you explicitly tell it to do so (e.g., you're running `pip install` or something).

So the only way this code would end up on my machine is one of two ways:

1. The Debian Firefox package is pulling code from Mozilla without the maintainer's review (which is definitely possible, given how complex Firefox is and how there's approximately one person packaging updates including timely security updates), which would of itself be seen as a serious problem

2. The Debian maintainer specifically picked up this code as part of the tarball from Mozilla, and shipped it without noticing (also definitely possible!) or decided it was worth including

For what it's worth, I do not have this plugin in about:addons, and Debian unstable hasn't picked up a Firefox update since December 1, so as far as I can tell the system is working properly.

Software companies are like music bands. You might like their current album but next year they could totally sell out and go pop :)

Me, I keep it underground (qutebrowser at the moment) but I'm constantly in search of something better

At the moment I'm using waterfox, but also uzbl, netsurf, otter.

yo thanks for the tip i'll check waterfox out for sure

Gopher. That was content focused and so inflexible that it was hard to be a dick with it.

The original WWW was too. (It didn't have cookies, for instance, so there was no way to track a user from one page to another.)

When it got popular, smart people started bending it to make being a dick possible, which is how we got the Web of today. I don't doubt the same would have happened to Gopher, if it had been the one to get popular.

> Well maybe Safari, not because Apple wouldn't, but because they just don't care enough about ad revenue.

Truthfully, this is why I use Safari. Apple makes money by selling me devices and services, Mozilla and Google are both driven by ad revenue. Even good actors within these companies are working within a framework where the customer is the product.

.. also Safari saves like 15% on battery.

Christ, are you seriously arguing that Apple, who does operate an ad network, is less driven by ad revenue than Mozilla, a non-profit, who at best will get to continue working on Firefox, if there continue to exist search engines that make revenue.

You can also use good old Konqueror, they also won’t do this.

what about otter ? waterfox ? uzbl ? poseidon ? netsurf ? falkon ? k-meleon ? Iron ? Iridium ? Liri ? Min ?

To cite some of the browsers you overlooked in your snarky comment.

It was definitely snarky, but I did try to qualify the snark to be useful-snark, and not just plain snarky.

As for all these browsers, all of them(unless I'm mistaken) are based off of one of the big 3(Chrome, FF, Safari) so you still have to trust the big 3 to run these, for the most part, as they are all single-developer or maybe a very small team, and would be very hard pressed to catch underhanded attempts from any of the big 3 to embed any nastiness.

For the record, of that list NetSurf is an independent browser with its own rendering engine (and is correspondingly less… full‐featured).


+1 for mentioning Otter though - those guys are doing amazing work

https://vivaldi.com/ https://otter-browser.org/

> It's written by a commercial company that produces advertisement content. It's not clear this code is audited.

Do you have any evidence of this?

Assuming their normal processes for SHIELD studies were followed, a _lot_ of different people have to review the plugin before it gets approved: https://wiki.mozilla.org/Firefox/Shield/Shield_Studies#Who_A...

Edit: Also, the contributors list on the plugin's GitHub repo lists exclusively Mozilla employees: https://github.com/gregglind/addon-wr/graphs/contributors

Unfortunately the most important person involved didn't get to review the plugin before it was installed on my computer. Me.

OK, I have to rant a bit on this.

I worked at Mozilla for about four years (2011-2015), on MDN. It's built as a wiki, with wiki features open to everyone. The code is all open source and on GitHub. Its issues and tasks and roadmap are tracked in a public bug tracker. We operated in a public IRC channel. We didn't have to do that. We could have just built something targeted to only be used by the technical writing staff at Mozilla, and never bothered to open it up or make the code available or make it transparent about who wrote articles and when. In fact, it's much more work to do all the things we did (and not just in terms of implementing features, but also in terms of dealing with spammers and trolls and other malicious people who wouldn't have had access in a less open system), but we did it anyway because Mozilla is a radically open and transparent organization. But... in four years, not many people from outside Mozilla ever joined in and got involved with actually contributing (either code or articles or edits to articles or housekeeping or suggesting/arguing for ideas of how to improve MDN).

And I've been doing open source for much longer than that, and I see exactly the same pattern: a handful of folks do all that work, and go to the trouble of being open and transparent and providing ways for people to see what's going on and get involved... but people don't.

And then those same people willingly install the software and use it every single day, and complain that they were never consulted, or never got a chance to review, or never got to provide input. You had chances to look at the source code, to see what was being checked in, to read the referenced Bugzilla bugs on commits, to leave comments on them, to submit alternative ideas. You didn't. You did install Firefox, though (assuming your claim is correct that this was installed on your computer). By installing the software while not participating in the process, you absolutely gave your "review" of it, and your "review" was "just make a browser for me for free and don't bug me about how".

Now, if you want to be involved, go start watching Bugzilla and the Mozilla project wiki pages, and CC yourself on stuff and join mailing lists. Because it's Mozilla. You can do that. If you don't want to do that, or you don't think it's worth your time to do that, then don't do it. But don't then come charging onto HN to complain that nobody consulted you. People practically got on their hands and knees and begged you to join in the process of making Firefox and other open source software, and you decided not to.

I think you misunderstood. I don't want to review the damn source code. I don't have time to do that. I am pretty sure the Mozilla developers are all better developers than I am as well, so my contributions there would be a complete waste of time.

However, when you decided that the source code I could review would be installed on my computer without my consent, then I do object. It's my computer. It runs things that I choose to run on it, not things your marketing/sales department thinks my computer should run.

Additionally I find your rant about "open source is for all of us to contribute and if you don't shut the fuck up" wholly ridiculous.

You chose to install Firefox, and you chose not to participate in the process that creates it. What happened next was not "without your consent". What happened absolutely had your consent. You consented by deciding that the whole messy process of producing the software was going to be someone else's problem, and you just wanted the sausage without having to see or take part in how it got made. You consented by delegating to the people who actually did the hard work of making and shipping the software.

If you now decide you don't want to run that software anymore, that's perfectly fine and is your choice to make. But arguing that you didn't have an opportunity to know what was going on or review code before it landed on your computer, when you installed Firefox by your own choice, when you decided not to take advantage of the radically transparent and open way it's built, is just not going to fly. You had a million and one opportunities to "review" the code you were going to download and run. You just chose to do other things instead. You seem to regret that, but you also seem not to have learned any lesson from it.

Actually, according to comments on one of the Bugzilla reports about this issue (#1424977), the original bug implementing the feature is:


As you'll see, this bug is marked as private (at least as of writing this comment). So, as a matter of fact, it does not appear that even the most diligent user had the option of reviewing what's going on. So far, it has not even been disclosed who among the Firefox peers signed off on this change; that information appears to be private as well.

Correct. Even when logged in, the normal user gets:

"Access Denied You are not authorized to access bug 1423003."

Again, I did not have a chance to review whether or not the add-on would be installed and run on my computer, because you installed and ran it without my consent.

This is not hard. Don't automatically install stuff on your users' computers. You're defending something every other software company has found themselves in trouble for previously. I really don't understand why. The fact that Firefox is open source in no way excuses it.

because you installed and ran it without my consent

I didn't install and run anything on your computer. I don't work for Mozilla.

And you installed a piece of open-source software whose source code you could have audited at any time, but you chose not to. You delegated the auditing to someone else, and now you're upset at what they chose to do with the power you gave them. You're free to complain that you don't like what they did, and not to trust them in the future, but you don't get to say that you had no chance to give input or to see what would run. You had plenty of opportunities for that and did not do it.

Is it reasonable to expect a software vendor, open source or not, to not install adware on your users' computers without consent? Yes or no?

If yes, then why would it be necessary for me to audit anything?

If no, then PLEASE elaborate on why?

Your original comment complained that you didn't get to review the software. My point has consistently been that you did have a chance to review it, and chose not to. What you think about what it did, or what I think about what it did, doesn't matter, and "what it did was bad" is not a counterargument to "you had a chance to review it and chose not to".

This isn't the first time a piece of software, open source or not, has released a new version that did something users didn't expect or were angry about. The sole difference is that, in the case of open source software, you have the chance to review what it will do by looking at its source code prior to running it. The fact that you didn't review it doesn't mean it was impossible to (that would be the case with a proprietary browser like Chrome).

No, I didn't. You misunderstood my comment, and have beaten that straw man to death since then.


And you could have done that.

By... paying attention to the source.

> You had a million and one opportunities to "review" the code you were going to download and run. You just chose to do other things instead.

False dichotomy. I chose to opt into USER STUDIES because I trusted Mozilla. I use Firefox specifically because I do not want to use a browser from a company that makes its money off of advertising, meaning Chrome. I trusted Mozilla to hold to their word regarding what opting in to user studies meant, and they instead gave me exactly what I didn't want: advertising.

If your solution to this is to completely throw away my trust in Mozilla, replacing it with having to spend an extraordinary amount of time reviewing every wiki change, mailing list post, commit, and bug, then you're being ridiculous and showing extraordinary contempt for users -- especially the many users who aren't programmers. Firefox is supposed to be a browser that respects users, but this case shows that it doesn't.

Finally, I have both donated to Mozilla and helped resolve a bug, so I absolutely have participated in the process.

You want to point us towards where ... on Bugzilla and the Mozilla project wiki pages and the source code and all the other things you mentioned ... this addon was discussed?

Firefox is open source. Someone had to have committed code to make this happen, which you can use to go dig up the history if you want to.

But you're not going to do that. Which is your right; it's just hard to complain about not being consulted/not getting to review/etc. when you're talking about a piece of open-source software with public repositories and trackers. Anyone on earth is allowed to see what's going on in there.

You speak as if this browser is used solely by elite software developers. Mozilla markets this is as a browser for the common man, indeed, the common man concerned about privacy. These people have no ability to review source code to see if a new release has inserted some stupid theatricals that the user has no interest in, merely because these users, in good faith, thought they were helping collect usage data to improve this browser.

This has nothing to do with open source development at Mozilla or anywhere else, it has to do with what Mozilla the organization portrays itself as. If Facebook had pulled something like this, well, I don't think anybody would have been surprised. For Mozilla, I think it's inexcusable, and after the major marketing push on Quantum as 'Chrome without spying!' it's an amazing own goal. I really want Firefox to succeed, and marketing retards at Mozilla are going to sink the whole thing by garnering exactly the kind of publicity they don't need.

Sure, users want to have their cake and eat it too: a free browser, open, produced by invisible elves.

But so does Mozilla. They're a big enterprise when it suits them, and a scrappy upstart otherwise.

The Mozilla brand is looking mighty shabby. Privacy is the one thing they've consistently pushed, and yet I can't recall any serious innovation or stance they've taken on recent years that actually puts their money where their mouth is.

Private browsing was invented by Chrome. Brave shields you from script bloat. Safari's adding machine learning to that end.

Which leaves Mozilla... pushing adware onto its users. Qué?

It's disingenuous to say that users should be able to intuit how it's all organized and how they can contribute, when something like this clearly only happens because of privileged first party involvement with real revenue attached.

Unless you're suggesting that anyone who wishes to spam a campaign to Firefox users can just get that done by opening up an issue and submitting a patch...?

The bug is closed and it was only open sourced after it was already installed in people's browsers.

Firefox is not fully open source.

As someone who could contribute technically to Firefox but doesn't, let me add my perspective.

First of all, Firefox is a huge and complex project notorious for its legacy code and architecture. It's not a project that I would find pleasant to work on without getting paid. The only reason I might start working on it for free was if I wanted a job at Mozilla.

Second, it seems to me (as an outsider) that the biggest problem with Mozilla is its management. Any work I contribute to the browser will just be a feather in their cap, and they will still be making bad decisions that I can't meaningfully push back on. The solution for me then would be to fork the whole browser (which has already been done multiple times). However now I'm no longer working with Mozilla, I'm basically fighting them. Without paid, experienced engineers familiar with the Firefox codebase (or a PR budget), there's no reason to believe those forks can "win."

Third, Firefox is just so large that I could spend my whole life and have a negligible impact.

Fourth, as an outsider I'd always be "the wingnut who doesn't work at Mozilla." Perhaps if there were several companies sponsoring Firefox development, there would be more of a social place to fit in.

In conclusion, the state of the web today has left me feeling powerless. If I do nothing it's not necessarily because I'm lazy, but because I see nothing to be done.

One of the reasons people are angry, is that this type of investigation has been made as hard as possible currently.

Posts are being removed from bugzilla and threads being locked. The code itself comes from a random github repo, not affiliated with mozilla/firefox. (https://github.com/gregglind/addon-wr/)


people here were asking why normal process wasn't followed. No answer or links to resources.

another closed discussion here:


and here:


I appreciate your input as someone who knows the process, but this really wasn't followed this time.

edit: they've changed the repo now. so it's redirected to https://github.com/mozilla/addon-wr

What browser are you going to use instead?

If you like Firefox but don't trust Mozilla anymore there are plenty of forks to choose from: Waterfox, Pale Moon, Basilisk, GNU IceCat.

Personally I build Firefox from source and maintain a set of patches largely based on these: https://aur.archlinux.org/packages/firefox-esr-privacy/

I think about doing this as well but heard a lot of bad things about the firefox build process. How long does it take to build for you?

They are probably true. Using an i5 @4.3GHz it takes 2.5/3 hours to build. To test changes you must set up a compiler cache or it's going to take forever.

That seems a little slow. I compile nightly for my own use and it takes around 20 minutes on a haswell i5, using tmpfs for the build directory.

20 minutes sound like a dream, I don't know why it's so slow for me. Maybe because I'm using Nix to build it and the source is on an SSD. I can't use tmpfs because it doesn't fit in memory without adding swap.

Firefox 57's sweeping changes ruined most of my vim-like ui customizations (vimperator, vimfx). For 2 months I've switched to qutebrowser and palemoon as a backup and dont miss firefox at all.

If you're looking for a browser with first-class vim compatibility qutebrowser is outstanding.

I've also found palemoon to be a perfectly boring/stable/functional variant of firefox without all the drastic/breaking changes (vim plugins work quite well also)

If you were a vimperator aficionado you might want to have a look at uzbl.

Pale moon is not as good as waterfox, at least for me.

Links2. http://links.twibright.com

No, it doesn't show PDFs or videos, but does that belong in the browser anyway?

I wonder if Links2 or lynx can be ported as Chrome add-ons.

To some extent, the line between code in the browser core and code in an add-on coming from Mozilla is arbitrary. However, it's a line that Mozilla themselves have drawn. We've been trained to be vigilant when choosing and installing add-ons, to read the list of permissions the add-on is asking for and judge whether we want to take the risk. The implicit messaging to users has been that if you let through a bad add-on that degrades the browser in some way, it's your fault. (Indeed, we're supposed to sympathise with Mozilla when 'badly-written' add-ons slow down the browser and make Mozilla look bad.)

Mozilla have presented "add-ons" as a line where users are supposed to be responsible for what to "trust", over and above the choice to install the browser in the first place. They can expect those users to be watching that line carefully.

(Incidentally, I would still dislike this functionality - moreso even - if it was in the browser core.)

> If someone distrusts their add-ons, why trust their browser at all?

"Well, I'm your bank. You already gave me authority to reinvest all your savings. Why are you mad now that I invested everything into bitcoin futures?"

What exactly does "trust" mean? We might have given mozilla such a widespread access exactly because we trust them not to abuse it. Stuff like this undermine that trust.

Maybe not be the best analogy since that is exactly what banks do with your money while it's parked in your savings account - invest it in whatever they feel like. Probably not Bitcoin futures because the bank manager doesn't want to, but there's nothing stopping them from doing exactly that.

No, the bitcoin futures were my point. Of course they can re-invest in principle but the trust is tgat they won't invest them into something that is an obvious risk.

And no, they can't: In many countries there are regulations forbidding high-risk investments with regular savings accounts for exactly that reason.

How is this extension an abuse of that trust?

Before, we didn't need to trust them, because we didn't have to. We had all the code, we could verify the code we can read is the code in the binary we use via checksums. Now the code contains the ability to go fetch arbitrary code behind our backs and run it against our will. Firefox is now malware and it's a real damn shame.

> Now the code contains the ability to go fetch arbitrary code behind our backs and run it against our will.

How is that not what automatic updates are?

Right. I trust my browser vendor to send me automatic updates without me reviewing because I believe that's net good for my security. I'd prefer to live in a world where I don't have to question that.

There are definitely situations like corporate networks where automatic updates need to be quarantined and tested before rolling them out to all the machines, but since I don't pay a dedicated sysadmin to run tests on all my software on my personal computer before I receive updates, I'm content to trust my browser to update itself and hope it doesn't break anything.

It's disheartening when the update is a marketing tie-in.

Dumping odd stuff that's not clearly from Mozilla and is poorly explained, without warning, is a fast road to lost trust.

I'm using Firefox 57 heavily (typing this in it), and actually really like it for a change. This after years and years and years and years of wanting to like Firefox but finding it completely and absolutely unusable due to performance issues.

(Chrome has been ... faster, but insanely aggravating in all sorts of ways, including utter and complete contempt from Google and the Chrome devs for users. The frustrations are rapidly mounting.)

Mozilla have just cost themselves some portion of their advanced user test base through abuse of trust. I really wish they'd not do that.

> In my opinion, it doesn't really matter since the code is coming from Mozilla - they're building the whole browser, so they could introduce functionality anywhere. If someone distrusts their add-ons, why trust their browser at all?

An appropriate response here would be to decide that you no longer trust their browser at all.

It's hard to quantify trust exactly. I'm fine with trusting the partly-closed-source Google Chrome build, including the proprietary Chromecast, Hangouts, etc., plugins, because I believe that the people writing them are generally reasonable. I don't have a good formal proof that they're generally reasonable people, and I never will - that's why it's trust. If they start installing marketing gimmicks, certainly they have the technical ability to do that, but I will lose my trust that they're reasonable people.

Here's an analogy: I trust a small number of my friends with keys to my apartment because I think they'll make reasonable use of that access. If they decide to show up at 3 AM with a keg and three tubas without telling (let alone asking) in advance, I technically have no grounds to complain that they abused their access - but I'll certainly not be calling them friends any more.

>I technically have no grounds to complain that they abused their access.

I would argue that since they knew you were giving them access on the assumption that they would not do things like that, you would have grounds to complain. Similarly, I installed Firefox on the understanding that it would not phone home with opt-out telemetry, advertise third party products, or syntergise with acquired properties. Mozilla has, in the past few months, done all three.

I like Firefox, though, so I'd rather kick the tubas out of Mozilla than go kick them off my individual installation. Does the public have any power over Mozilla's governance?

Just switch to waterfox, you'll get the best of firefox and none of the mozilla nonsense. This is what I did after finally getting fed up with mozilla not caring about user and just doing as they please to try to get more revenue and marketshare.

What do we know about marketing gimmicks hidden in Chrome? If they are not made in the form of add-ons, or if they are add-ons but Chrome has a way to hide them (as it hides Flash), we just never know. I bet Google's marketing gimmicks, if any, are not open-source either, and not included in Chromium.

Hence, as you said, the only way is to trust Google here, without much ability to verify.

I have never seen marketing gimmicks in Chrome, apart from the choice of default search/new tab page.

> I haven't researched deeply, but apparently the add-on does nothing until the user opts-in on studies.

It adds some css to a list of words:


Only if the preference extensions.pug.lookingglass is changed from the default of false.

I haven't figured out how that setting is exposed yet. Maybe they expect people to go to about:config and change it? Is there video footage suggesting that in the TV show?


From reading the source, that setting is not exposed anywhere; about:config seems to be the only way to turn it on.

From reading the commit history, it looks like it's still under active development.

    @gregglind re-add 'fuck' to the word list
    gregglind committed 3 days ago

i'm on nightly and the default was to opt me in. that's some shady shit. i'm pissed.

mozilla is rapidly burning through over a decade of hard-earned trust and goodwill. i install firefox on other people's machines. i'm not a good user to piss off.

am i gonna have to wait for servo to mature and make an unmozillad servo? what a sad reality that would be.

this is not the browser we were looking for.

if you're on Nightly, this is literally what you signed up for: all the experimental settings and all new functionality turned on by default so that you can be part of the test bed of users and devs that can report back to the larger developer community through Bugzilla when things aren't working the way they should be. Complaining about the fact that Nightly did exactly what it's supposed to is kind of ridiculous.

> if you're on Nightly, this is literally what you signed up for

no, it is not, because i signed up for nightly a decade ago when mozilla still had my trust and admiration. i signed up to help mozilla find bugs before they hit end users. i signed up for new web platform features and bug fixes. i signed up to see the perf and ui improvements.

what i get force-fed now is an additional mystery platter of ad experiments, privacy erosion, forced third-party integration, random auto-addons and who knows what else at this point - they can literally push anything behind my back. the absence of all of these things is the exact reason i have stuck with firefox. i guess this relationship is not meant to last.

as another comment says in this thread, it's literally the "Windows 10 of browsers". Want faster perf and more security? Just sign up for the next version with more ads, less privacy and random third party services we auto-push to you. I know Chrome does this too, which doesnt make it ok for mozilla - it just leaves me with 0 options. if i had other viable options, i would leave quietly and never post this comment.

There are a number of decent suggestions in the rest of this threaed, like the various un-mozilla'd versions of firefox.

a bit like saying, "your problem is your expectations about mozilla's commitment to privacy, transparency and choice"

kind of, but more "your original complaint is about a release channel intentionally designed to give you all the latest features turned on by default, including experiments", which has been true since the release/beta/nightly channels were set up. If you don't like something Mozilla did to the browser in nightly, you file an issue in bugzilla, and if you missed this and discovered it too late, then that's a consequence of being a single human being who can't discover every single that is introduced every single day when nightly gets updated.

If your problem is with the actual _release_ version of firefox, that's a completely different complaint, and you have lots of choice in terms of getting the Firefox codebase but without some of the stuff that Mozilla feels is appropriate to put on top. If that's the level of control you want, then there are actually several options for you.

I was in your boots when mozilla dropped ALSA and announced they were dropping extensions.

I have since found waterfox and have been very happy with it.

How can I get my bitcoin mining extension included in the nightly build, too? Trust me, it really needs lots and lots of widespread testing by as many users as possible!

The extension only starts up if the config option "extensions.pug.lookingglass" is set to "true" though:


(It defaults to "false.")

We already have a mechanism for disabling or enabling addons, it's not installing them in the first place. Why on earth would we put it to addons to self-police them.

It's behind a preference flag because it's installed automatically, and Mozilla's the only one who can do that. That's also why there's a lengthy approval process before such an addon can be pushed out:


You can just not install (and enable) addons automatically. Those addons should only be delivered to users who have 1) opted into the study process and 2) opted into the study in the first place.

What it bugs me is not that Mozilla pushed and extension into my/their browser but the behavior of the extension itself. It literally broke some pages, disrupting my use experience more than it was supposed to do (or at least I hope it was not intended). Peoples who complain about Mozilla pushing this just failed to check the basic browser options and should blame themselves instead. Anyway Mozilla seem to have rised quite a lot of attention about the secuirity and the privacy of their own browser with this stunt, so... it was a success, I guess?

Then why not install it when the user opts in? Installing this kind of crap automatically is sleazy.

Somebody trusted their browser, because never before they attempted such things as installing code that has nothing to do with the browser and is an advertisement gimmick.

I am genuinely astonished that somebody up the corporate tree at Mozilla thought this is a good idea. I mean, I get the appeal of getting the money and doing the cool IRL tie-in to the show, but that's not just how you do it. If I am a fan of a particular actor, I don't expect him/her to suddenly be in my bedroom when I come home one day. I would prefer to invite them first (if I am so inclined).

The trust here is specifically trusting them not to do such things. Which now has been violated. And the fact that CMO says anything else than "Man, did we screw up! We're so sorry, would never happen again!" is deeply sad and concerning.

>If someone distrusts their add-ons, why trust their browser at all?

You mean like when they set the default search to Bing?

You're assuming people trust firefox or mozilla.

I do not trust mozilla, they've repeatedly proven they cannot be trusted. I do not trust firefox, because a piece of software is open source software does not mean it should be trusted.

> it doesn't really matter since the code is coming from Mozilla

For now, yes. Until someone finds a way to push a "study" through which is not from someone "trusted".

> If someone distrusts their add-ons, why trust their browser at all?

Well, trust is rather simple to break, and this - remote installing things - was not part of my original trust I put in Firefox 1.0. I know things change. This is not one I tolerate, and you are right: I will not trust a browser after a step like this.

Besides the trust, it's unexpected data. Probably don't effect many on big data plans, and is probably a tiny extension this time, but it's still data I have not asked for.


* https://news.ycombinator.com/item?id=15921134

This is a link to the GitHub issue:

* https://github.com/gregglind/addon-wr/issues/36

There are several scary things about this:

- Unknown Mozilla developers can distribute addons to users without their permission

- Mozilla developers can distribute addons to users without their knowledge

- Mozilla developers themselves don't realise the consequences of doing this

- Experiments are not explicitly enabled by users

- Opening the addons window reverts configuration changes which disable experiments

- The only way to properly disable this requires fairly arcane knowledge Firefox preferences (lockpref(), which I'd never heard of until today)

> Unknown Mozilla developers can distribute addons to users without their permission

"In related news, unknown website developers can distribute programs and run them in your browser. Additionally, it's been determined that browsers sometimes download changed versions of themselves without your permission. Worst of all, we've determined that sometimes the program you download and run yourself on your computer does stuff it didn't say it would do!"

In all seriousness, I understand this is an important issue, and needs to be addressed, but we've obviously gotten to the point as a society recently where no news can't be played up for hype by pundits and commentators for their own benefit (and probably without realizing they are doing it in a lot of cases).

The whole way this is being presented (by many here, not to pick on the parent) as a new chunk of the sky falling is what I find really troublesome. No, chicken littles, the sky isn't falling, but there is some interesting shit going on up there that deserves a look.

I fail to see how getting half the people frothing at the mouth and the other half downplaying it just to try to keep some sanity in the discussion helps for a good outcome.

> "In related news, unknown website developers can distribute programs and run them in your browser. Additionally, it's been determined that browsers sometimes download changed versions of themselves without your permission. Worst of all, we've determined that sometimes the program you download and run yourself on your computer does stuff it didn't say it would do!"

No they can't, despite mozilla removing the option to prevent this, I have an extension preventing website to run code in my browser without my permission. it happens to be one of the most popular firefox extension: noscript. (also umatrix and request policy).

No the browsers do not download changed version of themselves, they do not have the administrative permissions required to install programs on my box. I get my update from the official distro repository on my terms.

I do not download and run programs, they come from the distro repository. This is a matter of trusting the package maintainers but up until now this has served many people well.

It seems you guessed wrong and it does not work the same for everybody, some of us have chosen to take the extra step required for this kind of misadventure to be unlikely.

> No they can't, despite mozilla removing the option to prevent this, I have an extension preventing website to run code in my browser without my permission. it happens to be one of the most popular firefox extension: noscript. (also umatrix and request policy).

You've conflated third party javascript with javascript in general. You can turn off javascript entirely, but unless you do so, that website is generally able to ship javascript to you as included scripts from the same domain or in a script section or inline with attribute handlers.

> No the browsers do not download changed version of themselves, they do not have the administrative permissions required to install programs on my box. I get my update from the official distro repository on my terms.

Yes, they very often do. Currently, they generally ask if you want to restart using the new version and give you that choice, but they are often downloading newer versions of themselves ahead of time to speed up this process.

Whether they have permissions depends entirely how you installed the application. If it wasn't installed globally, user permissions are all that is needed.

> I do not download and run programs, they come from the distro repository. This is a matter of trusting the package maintainers but up until now this has served many people well.

Good! I hope you've also never ever piped wget output to a shell for some application's quick installer. I also hope you've never installed any programming language module through that language's package manager and not your distro's package system, because those are notoriously bad at making sure there's not holes through which bad stuff can happen either.

Regardless, it's possible that the package you downloaded, no matter the source, can do something other than stated.

> It seems you guessed wrong and it does not work the same for everybody, some of us have chosen to take the extra step required for this kind of misadventure to be unlikely.

Actually, I don't think I guessed wrong because I wasn't guessing anything, and I never said it works the same for everybody. I believe, since I was careful to qualify my statements, that each is easily proven correct, and I've done so.

Just coming up to speed, apologies for the potentially obvious questions.

1. Can you explain what you mean by "unknown Mozilla developers?" Unknown to whom?

2. Can you provide more detail on what specific configuration changes are reverted when opening the add-ons window? That sounds like a fairly serious bug.

3. What is the specific "this" you're trying to "properly disable?" You shouldn't have to dive into things like lockpref.

Mozilla (and other browser vendors) have the ability to push updates to their browsers outside of the normal release cadence. In many cases, these updates are distributed as add-ons, as they're cleanly separated from the rest of the browser internals, but that's just an implementation detail. If you visit about:support in Firefox, you should see a table of "Firefox Features," which are exactly that. Their source lives at: https://hg.mozilla.org/mozilla-unified/file/tip/browser/exte...

For example, we used a system add-on to control the gradual roll-out of multiprocess Firefox, and the New Tab page is also implemented as an add-on called "activity-stream."

I'll try to answer in the parent's place, since I've been watching this issue.

> Can you explain what you mean by "unknown Mozilla developers?" Unknown to whom?

Unknown in the sense that this extension wasn't documented at all, there was no Bugzilla issue for it and it's not clear whether it was properly vetted by QA. Whether you argue that this kind of silent push updates is good or bad, I think they aren't tested as well as in-browser functionality. This is a necessary consequence of "let's try it and revert if something breaks or people complain".

More so, a rolled back Shield study will be invisible to the users, so any problems will be impossible to debug. This is made worse by the fact that most, if not all Shield studies are opt-out, so the user won't be notified.

> Can you provide more detail on what specific configuration changes are reverted when opening the add-ons window? That sounds like a fairly serious bug. > What is the specific "this" you're trying to "properly disable?" You shouldn't have to dive into things like lockpref.

People have reported that extensions.ui.experiment.hidden reverts after viewing the add-ons list. I haven't tried it myself, but you can find details in that Reddit thread.

Others have noticed that the Shield studies checkbox sometimes (possibly on version bumps) reverts to enabled. I can't overstate how bad this is; it's basically cheating the users' trust. Lately, Mozilla has been doing some pretty nasty things for an organization that takes pride in caring about the privacy of its users.

Are you aware of the complaints regarding Windows telemetry? Edge, for example, sends full browsing history to Microsoft by default. Should Mozilla follow suit? Because that's exactly what Pioneer does and, while it's not opt-out yet, Firefox advertises enabling it.

As for the rest of the system add-ons, they're either poorly documented (if they are at all), poorly named ("Presentation"), or seem concerning from a privacy point of view (e.g. Activity Stream, Follow-on Search Telemetry, Photon onboarding, Presentation, Web Compat Reporter).

For anyone curious, Presentation seems to be an implementation of a proposed Web API that allows browsers to find and talk to devices in their neighbourhood. Does that include location/proximity beacons like this old proposal https://hacks.mozilla.org/2013/06/the-proximity-api/ ? Do users really want Firefox to tell advertisers where they're shopping? That's the same kind of "experience improvement" that the spyware of yore used to bring.

Why should Pocket be an add-on with superpowers? There was quite a bit of backlash over it a while ago, but Mozilla didn't budge, and some employees actually spread misinformation (not to say "lied"). And actually none of my system add-ons seems to be providing any important functionality (if you disregard the new tab page, for which I haven't seen yet a privacy policy). Looking at Shield studies ( https://www.jeffersonscher.com/sumo/shield.php ), it's even worse: most are surveys, advertisements, asking the user to enable Pioneer (i.e. send full browsing history to Mozilla).

Thank you for your responses.

The comment about the visibility of the add-on (Bugzilla, QA process, documentation, etc.) is well taken, as are those regarding the naming of system add-ons, Pioneer, etc.

I've got an intercontinental flight coming up soon, and I'll do some grepping around to try to understand the prefs mentioned. If someone else beats me to it and posts a specific set of steps to reproduce a pref flip on those, I'd appreciate it.

I can confirm that extensions.ui.experiment.hidden gets reset to true on Nightly after opening about:addons. It seems to have no effect, though it might have if one uses lockPref.

> Mozilla developers can distribute addons to users without their knowledge

I think for most people this is the stickiest point. Other commenters have said things along the lines of, "well if you trust their browser you should be able to trust their add-ons" and I do, mostly, trust their add-on here... but I really don't like how it slipped into my Add-Ons without telling me. For every other Add-On I have to click an explicit blue button, so I know what's in and what's out.

In today's landscape, Add-Ons have massive potential as security threats. For instance, would a savvy user who is security-aware (most users on HN, I assume) install an Add-On like Gmail Checker Plus[0]? Without digging in, it's hard to be 100% certain what this Add-On is and isn't doing with my Gmail content (I have no reason to assume anything nefarious, it's just an example). My browser Add-Ons should be off-limits to any sort of tampering without my permission, as well should be my bookmarks and auto-fill info. If I broke into your house and changed your bedsheets, you'd rightly be creeped out... nothing was stolen, new bedsheets don't affect you in any significant way, but it's still wrong and weird and hurts trust.

0. https://addons.mozilla.org/en-US/firefox/addon/checker-plus-...

They could (should?) have a non-user visible addons stash for this kind of functionality. Putting it in the Add-ons UI is a bad idea.

I think this was a very bad move, because Mozilla installed adware in all of its browsers. The fact that it was installed through an add on, though, seems irrelevant. Mozilla developers can distribute arbitrary code to all users because they write the browser. The add on just makes this particular bit of code user visible.

Looks like it's a promo for Mr Robot, which is really not ok.

> What's happening? Are you a fan of Mr Robot? Are you trying to solve one of the many puzzles that the Mr Robot team has built? You’re on the right track. Firefox and Mr Robot have collaborated on a shared experience to further your immersion into the Mr Robot universe, also known as an Alternate Reality Game (ARG). The effects you’re seeing are a part of this shared experience.[0]

EDIT: looking at this[1] comment, perhaps it's not a promo?

[0]: https://support.mozilla.org/en-US/kb/lookingglass [1]: https://www.reddit.com/r/firefox/comments/7jh9rv/what_is_loo...

Wow. So Mozilla lets advertisers push extensions to your browser? Is that right or am I misunderstanding something?

It seems to be developed by Mozilla employees, which is less terrible than allowing actual third-party addons, and it's disabled by default, but still - pretty distasteful.

> So Mozilla lets advertisers push extensions to your browser?

Of course not.

Mozilla can install extensions if you have "shield studies" enabled. They use extensions it to run UI studies and things like that. I think you have to opt-in to each study individually if you want to be part of it. Enabling the studies in your settings only means "notify me when there's a new study I can participate in".

See https://support.mozilla.org/en-US/kb/shield and https://wiki.mozilla.org/Firefox/Shield/Shield_Studies

Now they have partnered with Mr Robot to use the same feature to offer some sort of "Alternate Reality Game".

That sounds like "no they haven't pushed an unsolicited advert at all ... except to people who offered to be in a development program, who they've pushed an unsolicited advert to" ...

I was talking about advertisers running code in your browser. I think you have to opt-in to participate in one of the studies, so that's not happening without your consent.

It looks like Firefox auto-installs the studies though if you've enabled the feature. But it only activates the individual extensions for the studies once you've opted in to participate.

The extensions themselves need to be approved by a bunch of people at mozilla (at least for the normal studies). So I guess nothing bad can happen until you click "participate" or whatever they call it.

Still, I would also consider the notification itself to be an ad. This was obviously a bad idea and I don't want anyone to think I'm defending it. I guess they've chosen to abuse their shield studies for this because it's the only way for them to send notifications to the browser, but that's no excuse. I have the studies disabled anyway but now I'm not even going to consider ever turning them on.

I never knowingly opted in to anything and found both the "Studies" section and the "pug-experience" study turned on just now in about:studies. I don't know if it really is meant to be opt-in, but it certainly didn't seem like they've done it correctly.

The wiki page says that no changes are made until you opt in. Can you tell if you're part of the game? (I assume you'd be able to tell somehow)

I did not recall agreeing to opt-in for the studies and there it is under Privacy & Security as checked.

I have the pug experience study active and I don't recall the browser asking about it.

From the studies about page linked from about:studies...

"When a study is available, you will automatically be enrolled if you meet the criteria. There will be occasions where we might prompt you for participation first."

Just saw also that if you opt-in for the "Allow Firefox Developer Edition to send technical and interaction data to Mozilla" then it automatically checks the studies checkbox for you. I would wonder if I checked the allow sharing at some point in the past, or during installation, with no mention of the studies option. So it was presumed to opt me into the studies automatically.

It is also active for me, and there is zero chance id ever opt into this garbage.

Most shield studies are opt-out: https://www.jeffersonscher.com/sumo/shield.php (filter by "extensions").

But it appears from the link thread that there was no individual opt-in to this particular study, done for what appears to be the purposes of advertising. Clearly it's not as bad as what I first thought it to be, but still sounds fishy.

From the page:

> No changes will be made to Firefox unless you have opted in to this Alternate Reality Game.

Also, from the same page for those that appreciate irony:

> One of the 10 guiding principles of Mozilla's mission is that individuals' security and privacy on the internet are fundamental and must not be treated as optional. The more people know about what information they are sharing online, the more they can protect their privacy.

> No changes will be made to Firefox unless you have opted in to this Alternate Reality Game.

That can't possibly be true. I had it installed, and I'm on my work machine using Firefox Developer Edition. I didn't opt in to any ARG.

I think what they mean is that the addon doesn't do anything unless you opt-in. Still, why install it at all?

The installation of the add-on is unquestionably a change to Firefox. Whether the add-on does anything is largely immaterial.

Really poor choice of words here from mozilla. "The changes that already happened will not make changes to your firefox unless you enable them to", in other words the changes already happened and are just waiting to be activated.

It's installed, but apparently doesn't do anything if you don't have "studies" enabled.

Something was installed on my system without my permission, from a vendor that I chose specifically because they promise not to do things like that.

To put it another way - if I discovered a rootkit sitting in the ~/Downloads directory on my Mac, that would be a problem. If the entity that surreptitiously placed it there said that I shouldn't worry about it because it hadn't been run, I wouldn't be inclined to trust them.

That lack of permissions make this illegal IMO. CFAA in USA and CMA in UK both make unauthorised access and unauthorised modification of a computer a crime.

I've used FF since before it was FF, and I've installeded it on umpteen other people's computers; strongly advocating for it. Since they sacked that guy for not conforming to a specific liberal ideology they seem to have gone batshit crazy ... what happened? Was he their main privacy advocate or something?

Hahaha. You gave them permission when you agreed to their TOS. But you didn't read it, did you?

ToS terms that aren’t either expected by the user, or explained in plain text without having to click through anything, are considered null and void in the EU.

By that definition, this would be unallowed modification of the computer of the user, and fall under the various hacking acts.

The more interesting thing is that this has also been rolled out to german government computers, which mostly used to use Firefox, but due to previous troubles with CliqZ and the Google Analytics in the addon menus, have already moved on to other browsers.

>ToS terms that aren’t either expected by the user, or explained in plain text without having to click through anything, are considered null and void in the EU.

You mean like the TOS and EULA you agree to when you install the browser? That would qualify as "expected by the user" and "explained in plain text" both.

Correct, those ToS and EULA are considered invalid, if they contain unexpected agreements, such as "your firstborn belongs to us", or "we can install whatever software we want on your system".

Except they didn't install whatever software they want. They said they can install software to check metrics and more. Which is what this is.

"and more" == "whatever"

Check metrics !== advertise a game.

Installing extensions is not "No changes will be made to Firefox".

> No changes will be made to Firefox unless you have opted in to this Alternate Reality Game.

How does it not occur to them that this is a clear lie?

Because the previous ads for Pocket and Telefonica were effective and they don't care?

I hardly think it's a lie. My browser contains no trace of anything related to Looking Glass, even though I'm opted into Shield Studies. It seems to affect some people but not others. Definitely something that should be fixed in the core mechanism of how these things are downloaded by your browser if there are cases where it can happen without user intervention, but it doesn't seem to be intentional to download extensions without the user's consent.

It's absolutely a lie.

Mozilla has injected malicious-looking advertisement executable software into my process without my permission and then lied about it. I have no idea what this software is, what it does, or whether it is proprietary or free. I opted into nothing.

This is a huge, huge mistake by Mozilla.

The ads during the show are super cringey. It's not as bad as the Alexa product placement, but still

Seems kind of like it is part of an ARG. I can't say I'm totally against something like that; Mozilla's gotta make money somehow, and as long as it's not selling out user privacy it's a better tradeoff than Chrome.

You think having advertisers change text on unrelated websites you visit is an acceptable tradeoff?

> Mozilla's gotta make money somehow

Actually they do not. their revenue is at an all time high despite the market share reaching an all time low.

https://www.cnet.com/news/mozilla-revenue-jump-fuels-its-fir... https://www.computerworld.com/article/3240008/web-browsers/m... https://www.ghacks.net/2017/12/02/mozillas-revenue-increased...

Not to mention the great amount of money they've wasted in certain previous frivolous, doomed projects, like Firefox OS - great idea, by the way, to make your "native" app platform the most power hungry, slowest of them all, and then market the OS only for pairing it with low end devices sold to third worlders - because third worlders totally need slow software running on the hardware they can barely afford - it's not as if they were people, with real world needs, just like us, and not lab rats. For a company that prides itself on its open values.. that's really treating people with contempt.

However they're experimenting with selling user privacy to 3rd party companies, with small percentage of users in Germany (it's enabled by default).

Come on! their business model has been exactly that since they created the corporation to stop illegally collect money from google.

The whole partnership with google to put its search engine as default is about enabling google to profile firefox users and shows them ads.

> Mozilla's gotta make money somehow

They're a nonprofit; they're not allowed to just "make money". And, they already take donations.

I think the the term “non-profit” is more about how an organization spends the money, rather than how they make it. Non profits and charities definitely bring in money through channels other than donations...

I agree.

I merely challenge the notion that a nonprofit -- which proudly tumpets its benevolence and non-profitness -- should get a free pass for covertly installing advertising arrangements, just because they need to "make money".

Their charter and marketing is all about defending the internet from the companies doing shady things to make money, so they can't have their cake and eat it.

There is a difference between a non-profit and a non-for-profit (most health insurance companies are the later; go try and figure that out).

Firefox gets most of its donations from corporate sponsors. That's why the default search and switched back and fourth between Yahoo and Google; it's all about the amount of money they contribute for that. I'm not sure, but Pocket might be another example.

User contributions are actually pretty low. They don't go out and request them though like NPR or Wikipedia.

You're confusing mozilla foundation and mozilla corporation here. The default search with google and yahoo is not donations for the foundation but a commercial contract with the corporation.

I'm not sure mozilla even gets a significant amount of donations compared to their commercial contracts.

Mozilla bought Pocket a while ago.

That would be a valid complaint if this was an advertising arrangment, rather than one where if you watch the TV show, you learn that you can activate a firefox addon to participate in an small AR game that changes your normal web experience into a Mr Robot style web experience for the duration.

The addon itself does not advertise for Mr. Robot, Mr. Robot advertises for this addon.

Sure, but why install it on random people's installs, even in some sort of disabled state? Viewers should be called on to install it themselves. I'd be cool with, say, an about: page that makes it easy for users to discover it, but pre-installing the addon in people's browser's seems a bit much.

It actually claims to be an "Alternate Reality Game (ARG)", not a "small AR game" as in "Augmented Reality" or "Mixed Reality". That's something else:


I'd charitably call it "Augmented Memory", but it's definitely not "Augmented Reality".

And I'd hardly call it a game, just a parasitic advertising gimmick that slows and bloats the browser. It just injects a bunch of JavaScript code, DOM elements and CSS effects into every tab.

There's really no game there, and it's pretentious to call it an "Alternate Reality Game", which is defined as "intense player involvement with a story that takes place in real time and evolves according to players' responses":


This extension just wraps all occurrences of a set of keywords (now including "fuck") in a span with some css animations and a tooltip that links to their web page.


But in terms of memory usage, CPU and battery consumption, it's not that small, either.

It injects a blob of CSS and some JavaScript into every tab, then it does a regular expression search of every text node on each page, filtering out everything but paragraphs, then for each occurrence of a keyword in the text, it creates a new text node to split the current text node, then inserts a new span element between them, containing its own text node, then it creates an additional tooltip element containing six text nodes, five br elements, and one anchor element linking to https://support.mozilla.org/kb/lookingglass , and it also configures css class names to associate all those new nodes it created with the blob of css styling and animations that it injected.

This extension isn't the best example of their technology for Mozilla to be promoting and distributing, if they're really serious about delivering a fast memory efficient browser.

While I agree with you on that, your previous comment was simply wrong. Non-profits are very much allowed to just "take money" (legal restrictions aside, but for-profit businesses also have legal restrictions). They're not allowed to take that money and distribute it to shareholders as profit.

Non-profit orgs are such due to legal designations that give them favorable tax treatment. In return they promise to organize and operate only to fulfill a charitable mission. The mission of Mr. Robot (content sniffing) has nothing to do with the charitable mission of Mozilla, "Our mission is to ensure the Internet is a global public resource, open and accessible to all."

The charitable mission of mozilla ended with their deal with google in 2004. Let's not forget that mozilla had frozen 15 millions dollars because of the IRS audit related to this deal and mozilla status, ending up settling outside of court for 1.5 millions.

> I think the the term “non-profit” is more about how an organization spends the money, rather than how they make it.

Tax-exempt non-profit (especially charity) status is very much about both how money is made and how it is distributed/spent.

This is a very common misconception about non-profits that is not true. The details depend on local laws, but generally a non-profit only means that the owner of the non-profit can't take the all of the actual profit (money) directly out of the non-profit via dividends. Things like non-profits must be focused public good or they can't pay high (or any) salaries are urban legends that have no basis in reality.

The key word is "just".

That's not a misconception I share. I understand Mozilla can and should make money to further its mission.

But unlike a for-profit, making money isn't the mission of Mozilla. So needing to make money can't be used as a justification for doing naughty things against the public good.

Making money may not be the mission of the mozilla foundation, but it is the mission of the mozilla corporation fully owned by the mozilla foundation.

And money it makes, in the hundred of millions, for serving its users to the worst known worldwide privacy offender, collecting and profiling user to sell advertising.

The "good" non profit charity foundation is governing the "evil" for profit corporation giving away users to the worst opponent of the mission of the charity. Quite a contradiction in this.

They also have limits on political speech. The IRS gives them breaks. One of the big misunderstandings/myths is that a church cannot support a political candidate.

Some people cry "free speech violation" but they can endorse a candidate, they just need to give up their tax privileges. This is why the ACLU is split into two parts. One you can donate to and get tax dedications for, but the other is their lobbying arm, and therefore cannot allow tax deductions for their donors.

"non-profit" isn't a magical incantation that means they can run with a revenue deficit forever though. They have expenses and there has to be enough revenue coming in to cover those expenses, or they will go out of business. That's true for any business, whether it's for-profit or non-profit.

Mozilla foundation (the non profit) set up Mozilla Corporation (the for profit raking in hundreds of millions of dollars) when the IRS investigated the foundation about tax fraud.

Of course non profits are allowed to make money.

I believe the idea is that Mr. Robot fans use Firefox to participate in the ARG, not that Firefox users suddenly start watching Mr. Robot. So if anything I'd expect that Mozilla pays Mr. Robot for this.

If it was a promo, it would be a real bad promo. I did not watch Mr Robot and that quote did not made me aware of it until people started referencing it here.

The extension is for shield study, when you install Firefox for the first time it asks if you want to take part in it (it is enabled by default though)

Mr Robot is a tv show repeatedly showing how you can pwn other people computer by pushing seemingly innocuous code.

It has been praised for its technical accuracy, basically the show warns us about exactly what mozilla did as this could be exploited to hack into computers.

> Looks like it's a promo for Mr Robot, which is really not ok.

From what I've heard (I work for Mozilla), this is promo for Firefox. As I just wrote elsewhere in this thread: I believe the idea is that Mr. Robot fans use Firefox to participate in the ARG, not that Firefox users suddenly start watching Mr. Robot. So if anything I'd expect that Mozilla pays Mr. Robot for this.

That would be an idiotic waste of money by a non-profit organisation considering the audience of Mr Robot.

> So if anything I'd expect that Mozilla pays Mr. Robot for this.

The irony is that Mr. Robot is owned by Universal, a subsidiary of Comcast. So much for that commitment to net neutrality.

Google is among the worst privacy offender there is and mozilla has been sending their users towards then in return for a small share of the google mega profits.

So much for the advertised protection of user privacy.

This happened to me yesterday, so I looked for it.

The Extension actually does nothing, but invert (make them upside down) a few words on specific sites.

It's an experiment called "PUG ARG" to check whether page contents sniffing works. Its page doesn't reference any Bugzilla issue or Wiki page, while https://wiki.mozilla.org/Firefox/Shield/Shield_Studies/Queue doesn't list it.

The source code references https://support.mozilla.org/kb/lookingglass, which (as of now) only says "test - 12817".

The add-on tests whether specific words can be detected on sites; the current list has nice picks like "revolution" and "privacy". Of course, this is only a test, but in the future Firefox might look for specific terms in the pages you load and do specific things based on them.

The other thing it's doing is to send an extra header to three specific sites: https://github.com/gregglind/addon-wr/blob/da464ac8f1c3b0894.... I suppose the words and the domain are a reference to the Mr. Robot series.

The add-on describes itself as an "Augmented Reality Game Experience" and was made by a certain "PUG Experience Group": https://github.com/gregglind/addon-wr/blob/da464ac8f1c3b0894....

Of course, Shield Studies are supposed to be a way of making "more informed product decisions based on actual user needs".


I was fine with the Shield Studies program when I understood it to be a tool for improving the browser.

This is clearly an abuse of a development/testing/telemetry tool to deliver an advertisement.

Trust is hard to win and easily lost.

Take a look at the existing studies: https://www.jeffersonscher.com/sumo/shield.php

Wow, FF is sniffing the content and changing words.

Could not think of anything worse a web browser could do.

Do they change political arguments on pages in the future to see how I react in a user study?

Signed Mr. Guinea Pig

That's ridiculous, since FF is literally fetching and rendering that content, being its raison d'être.

You can't "sniff" what is already yours to begin with.

Sniff implies sending. It's the scanned content transportation and destination that's the issue.

There's no sending involved with this add-on.

>Do they change political arguments on pages in the future to see how I react in a user study?

It's possible: https://blog.mozilla.org/blog/2017/08/08/mozilla-information...

Is this something that was a test that just got merged into production? It sounds like an honest mistake that shouldn't have gone out?

This would be a major blunder and showing that the merge into production process is lacking a lot.

Luckily this is intended and seems to be a paid for marketing/advertising scheme

> This would be a major blunder and showing that the merge into production process is lacking a lot.

It's one flag, an entirely non-critical one at that, to either install this add-on hidden or not. It's not a major blunder to forget this once out of a few hundred times and it most definitely does not in any fucking way show that "the merge into production process is lacking a lot".

Absolutely no one would have minded, and there's no reason to either, if this would have been installed hidden.

You need to get the fuck down from those clouds and think about reality. Your comments are getting more ridiculous by the minute.

1) Mozilla uses weird, spooky language in an add-on.

2) Users are justifiably concerned.

3) Mozilla explains that the add-on is actually anodyne; the developers responsible were having fun with an opt-in research service.

4) Some users try to justify their initial overreaction by painting Firefox as mysterious, dangerous entity, fabulating conspiracy theories about one of the most forthright and open OSS companies in the world.

Really, guys. If Mozilla was hellbent on invading your privacy, do you really think they would proudly entitle their tracker "Looking Glass". Or would they call it debugservice_1223?

Thanks for the positive take, but I do think that folks are justified in their anger.

Even though the add-on itself was innocuous, the context around its scope, delivery, and presentation were not what they should have been.

Justified in their concerns, certainly. But not in their seething, frothing paranoia.

We have people comparing the installation of a near-stub browser add-on by the browser vendor, to full-on home invasions.

The language was a mistake and should have not been pushed out, or maybe even written to begin with. Mozilla ought to remember how skittish their userbase can be.

3.5) Most users insist that this isn't okay, that addon installations should be approved by the owner of the computer.

This isn't about what the addon itself does or does not do, it's the principle of force-pushing unwanted content without prior affirmative consent.

This would apply even if the addon was just a stub that didn't have any executable code in it. In this case, it's worse: an ad.

I would agree with you, if the add-on in question was not developed, shipped, and offered by the people who made the browser, of which the add-on sandbox is a part.

In my view, that sandbox is a trusted area between the browser and the user.

Mozilla has the privilege accorded to it as the developer of the browser, to modify the addon sandbox so long as they don't infringe on my interests, e.g., security, stability, privacy, speed.

For example, Chrome automatically disable extensions that ask for too many new permissions upon update. Chrome will also make it difficult to add extensions that are not listed on the chrome store.

If we remove the right for browser developers to install, uninstall and alter add-ons, then we're essentially forcing them to modify the browser instead, which is overkill for the add-on in question.

At the end of the day, if you can't trust the developers of your browser, then you should install another one and disable add-ons entirely.

3.5 falls into 4.

When you install Firefox it asks whether you want to take part in these studies. You can also change the setting at any time in preferences (about:preferences#privacy section).

> 3) The developers responsible were having fun with an opt-in research service.

Having fun at whose expense, though? Widely deployed platforms used for extremely sensitive, personal materials shouldn't be subjected to "for fun experiments". That's the height of unprofessionalism.

What if the add-on had a bug, or an unintended side effect? Come on.

1) One day you wake up and somebody is watching TV in your living room.

2) you freak out. Who is this guy? I didn't invite anyone last night!

3) The guy turns around and it's just your mate Chad. He didn't mean any harm, just wanted to watch TV and hang out.

4) This is not on, Chad is a psycho.

Intentions don't really matter: they've just demonstrated a scary and invasive capability without any warning. Minimizing it doesn't help.

This "scary and invasive capability" has been included in almost every larger piece of software for years and is widely accepted to be a mostly good thing - it's called automatic updates. Considering updates allow pushing native, even admin-level code, this capability of pushing little bits of JS becomes benign in comparison. Therefore, the only thing that's left to worry about are their intentions. And I, for one, would rather trust the goodness of Mozilla's intentions than Google's or Microsoft's.

Automatic updates are a thing, but not necessarily good as this is the first thing disabled on windows since palladium for security, privacy and usability reasons.

Actually talking of good/bad dichotomy is inappropriate here, automatic updates are a tool that can be useful and comes with benefits and downsides. Firefox automatic updates is among the first things I disable when I install firefox because it caused me more issues than it solved.

Starting firefox to discover it has auto-updated itself and had broken half the extensions you rely on to make the browser usable is not nice, specially when there are no option to undo the update other than removing and reinstalling.

But when the autoupdate installed a new firefox that simply broke audio in the browser and now forces you to install something you've been actively avoiding or that is not available in this specific distro is something else.

I have a working update hygiene I'd rather deal with updates myself, thanks.

"Automatic update" implies updating of an _already_ installed add-on/program.

This was not an automatic update, it was an installation.

From great power comes great responsibility. We try hard to ignore that these things can be done, and we are reminded so brutally, it's always a shock. Maybe I've given the keys to my house to Chad years ago, for emergency purposes; that didn't mean he could come in anytime and start cracking Mr Robot jokes.

> I, for one, would rather trust the goodness of Mozilla's intentions than Google's or Microsoft's.

Me too, but when a company bases his reputation on a certain platform ("we will not spy on you, your privacy is important") and then stuff like this happens (and it's not the first time, not even this year), it shakes one's belief in their trustworthiness.

This would work better if chad lived in the same house and you shared the living room.

> do you really think they would proudly entitle their tracker "Looking Glass"

They actually called it telemetry, but IIRC in the early firefox version it was a proprietary extension (I don't remember the name) which spurred the gnu iceweasel into existence to provide the browser without the proprietary spying extension.

In the Preferences, scroll down to "Data Collection and Use", and disable everything.

I know that you only need to need to turn off "install and run studies", but this has now cost Mozilla all telemetry data from me, and I encourage everyone to do the same.

I've switched to Waterfox, because of things like this (including the Cliqz issues). I'm all for Mozilla making money and trying things, the problem is the way in which they do it. They fail to respect the users enough to communicate things, and have not been behaving like a user-friendly transparent company for some time now. I was a big enough fan to regularly donate and urge friends to do the same, but something has gone wrong inside the company.

I heard about Waterfox, but support for legacy extensions is a huge warning sign. I don't want to be stuck on FF56 technology forever.

It's not easy to keep them turned off. Browser upgrades seem to silently re-enable things.

What platform are you on?

Why can't I see the "install and run studies" option? Is it because I'm using Finnish language Firefox?

What the fuck Mozilla? You can't just sideload extensions that are literally ads. There is no universe in which this is even a little bit okay.


And this is exactly what I'm going to do, switch to a simple browser, in my personal computers. If they programmed firefox to be capable of doing thinks like this, then definitely I cannot trust them anymore.

Go to settings, look in Firefox Data Collection and Use.

Why are these turned on automatically? Plus, I turned mine off, and now they're back on again, with this looking junk installed.

What the heck Mozilla? What happened to caring about the users? We definitely can't trust Mozilla anymore.

Firefox has a tendency of resetting it's settings. I think the UI calls it "Refresh", but it's basically yet-another-nagbar that we all know and hate.

Out of literally all the software vendors I know, including the one I'm working for, Mozilla is the one I'd have least expected to allow such a thing. I'm very surprised (Negatively, needless to say)

Mozilla has been a dumpster fire for quite a while now.

Mozilla has been going downhill very fast since Brendan Eich was removed as CEO. There was some controversy at the time and it made sense why he was removed, but it seems clear now that Mozilla took the wrong choice in removing him as it seems he was keeping the ship on course. Now it is floundering from numerous sides.

I think Mozilla should look into getting him back before they all end up losing their jobs.

I would have said the same thing until they integrated the W3C Encrypted Media Extensions. It's clear they lost their way some time ago.

Why? They allowed proprietary extensions (e.g. Flash) from the start. I don't like it, but I don't see how it represents a loss of their way. Mozilla was never GNU.

Big difference between an extension and being integrated into the browser. It's directly analogous to the difference between your OS being closed source and your OS being able to run closed source programs. The former is a liability; the latter is an ability that you grant to users to use the system the way they want.

The CDM modules are not integrated with the browser. The browser only has an (open source) sandbox to run them.

I don't like EME either, but not implementing it would've killed any chance of regaining users: "Oh look, Firefox Quantum looks awesome, I should try it. ... Never mind, it doesn't play Netflix". Implemeting it, but disabling it by default was a good choice. People will have to consciously click "I accept DRM" to use it, which might get them to read more about what it is and ultimately raise awareness about how terrible it is.

Yea, but they lost me today. EME annoyed me, and I took note of it, but I didn't leave over it. But now I feel like Looking Glass is the straw that broke the camel's back.

The world doesn't need another browser that sacrifices principles for market share. Chrome, IE, and Safari are perfectly good browsers for that. What I wanted was a browser (and software in general) that promotes security, privacy, open standards, and open source. You can accuse me of misinterpreting the situation, but that's what I thought Firefox was 10 years ago. It's not what Firefox is today. It's turned into just another organization that's optimizing for the continuation of the organization over it's own founding principles.

I was concerned for a minute. Then I remembered that this is the browser vendor that constantly spouts it's privacy bonafides yet on a monthly basis "partners" with companies like Pocket to install unwanted addons and functionality and has Google Analytics on their settings pages.

Firefox bought Pocket. And they had negotiated with Google to remove tracking on that page. https://news.ycombinator.com/item?id=14753546

The acquisition was two years after the integration. The referenced comment says nothing about tracking being removed, only referencing a "special deal" whatever that means.

You are trying to muddy the waters here. Even if I were to accept your (wrong) explanations, they still don't jive with the image Mozilla is trying to project.

Mozilla went through a year long legal discussion with GA before we would ever implement it on our websites. GA had to provide how and what they stored and we would only sign a contract with them if they allowed Mozilla to opt-out of Google using the data for mining and 3rd parties. https://bugzilla.mozilla.org/show_bug.cgi?id=697436#c14 https://bug697436.bmoattachments.org/attachment.cgi?id=73207...

That's novel, going to so much effort to use a tracking service while proclaiming you are not tracking!

Sounds like taking a shower without getting wet. I see you silently dropped the Pocket thing, then?

Staying bitter for two years is one thing, but it took me a few minutes to refresh actual details about what happened. The initial integration raised privacy concerns but mainly by being unclear. Since then things have steadily improved, like Pocket updating their privacy policy. https://venturebeat.com/2015/06/09/mozilla-responds-to-firef... There was a long discussion on the Mozilla Governance board that clarified a lot of things, including the legal department affirming that users were not automatically bound by Pocket's ToS. https://lwn.net/Articles/650869/ And eventually they bought Pocket. So while Mozilla isn't perfect, privacy is a real priority for them, and when they do mess up, they put a lot of time and effort into mitigation.

I don't think there is a basis for discussion here if you can't acknowledge that the mere installation of 3rd party addons & use of GA is a breach of trust.

Mozilla Firefox installer is signed by a code-signing certificate. But at the very end it means nearly nothing: if the developer cannot be trusted, no amounts of certificates, green bars, smart screens, stores and walled gardens can fix that.

That's a very important point to grasp, as I hear a lot of voices nowadays claiming that the modern security model (read walled gardens of all kinds) is the universal panacea.

Just the opposite, it brings a false sense of security making you more vulnerable. It also tends to inhibit a healthy and free market competition when a lot of potentially good software suppliers are gated off from the walled gardens from the start.

In general though, what is the alternative to trusting the source and distributor of a piece of content? As you've noted, if you can't trust the developer, the walled garden is irrelelvant... But if you can't trust the data source, isn't basically everything about the medium irrelevant?

In contrast, if you do trust the data source, why is a walled garden model of security worse than alternatives?

Somewhat tangential to this particular issue, but this is a good lesson for developers in why you should be dry and explicit in your writing.

Sure `alert("FFFUUU WHY U NO WORK");` keeps you entertained for 5 minutes while you debug a problem but when that accidentally gets to prod...

I see you, but your example outlines a problem with the process/workflow, not with the developer.

GP meant the style of writing English, not code. Funny messages almost always end up causing problems at the end of the day.


The support thread links to https://support.mozilla.org/en-US/kb/lookingglass.

That page says, in a clearly delineated box,

> No changes will be made to Firefox unless you have opted in to this Alternate Reality Game.


Hopefully, it's a bug, and that addon wasn't intended to be installed (much less active) universally like it is.

That doesn't make it OK, but it would make me look at them with suspicion instead of hostility.


Mozilla is a company that has a long track record of dedication to openness and the free and open internet

True, and that's why I never stopped and recommending Firefox since I first installed Phoenix. That said, they're already installing and enabling Cliqz by default (for some users), and that's no bug. So it's not absurd that people might assume this isn't either. Reputation is hard to gain and easy to lose.

I think this /r/pitchforkemporium stuff is better suited to Reddit than HackerNews.

>>Hopefully, it's a bug, and that addon wasn't intended to be installed (much less active) universally like it is.

>hey look, a voice of reason!

Where's official statement saying it's a bug and it will be disabled ASAP? All I see is Mozilla workers here trying to justity the "bug".

I'm not happy with how this rolled out, and I'm not here to justify it.

I wasn't involved in its development, so I can't speak to its origin or the decision to use Shield for distribution, but I can gather feedback and answer technical questions about Firefox and the add-on.

Don't forget torches, you have to burn down the evil castle or else they'll just hide until everyone leaves.

> let's all take a step back and give them a little benefit of the doubt here, until we get some facts on what happened.

Except for:

Google Analytics being used on the Firefox Addons menu – solved by adding, in grey text on grey background, a tiny "Privacy Policy" link: https://github.com/mozilla/addons-frontend/issues/2785

Automatically sending URLs visited of random German Firefox users to a German company (CliqZ) owned by a publishing, advertisement and tracking company (Burda): https://news.ycombinator.com/item?id=15421708

Mozilla forcefully enabling toolkit.telemetry.enabled in Nightly and Developer versions, and, upon being asked, saying that "below the download link is a text telling you that by downloading these, you opt-in to telemetry".

Benefit of the doubt is over, it’s time to get the pitchforks out.

Even if installed, the add-on only initializes if `extensions.pug.lookingglass` is set to true in about:config. That preference defaults to false.

Ffs .. I've just checked my addons b/c of the headline and sure enough it has been installed against my will.

I've been very loyal to mozilla over all these years but this really is not ok. If they keep doing shit like this I'll switch to a fork.

I just wanted to add a few things.

1. I notice it yesterday, only because Avast was showing I have a low trust level Add-On installed in Firefox.

2. I googled it, and the first results was from Mozilla, showing it was part of their studies and experiment.

3. That was Ok, because I trust Mozilla, although somewhere in the back of my mind I thought every studies were supposed to be opt-in, since I have a few Add On installed in the week and I dont restart my browser, I thought i might have clicked it by mistake.

4. Now I am reading this through, I am more then worried. If I am reading the online comment correctly, Mozilla installed an Add On without user permission, enabled, collected data, and not for their own UX studies but a third party.

And to make the matter worst, that Add-On is now gone. It disappeared in my Add on Screen now I just check. Call me old fashion but that is not how i view privacy.

Like I said before, Mozilla's management and culture has a tendency of self destruction and messing things up right after they start being good. Still this is turning around much quicker then I thought.

I cant find any indication that Mozilla was collecting any data from this addon, either for themselves or for anyone else. The only way anyone would even be affected by it is by going to one of 3 hard-coded websites owned by the network behind Mr. Robot (a show known for putting easter eggs all over the web) and hovering over some text. It's definitely a dick move, but it isn't spyware as some people are saying, just a very poorly executed promotion.

It seems to have disappeared from about:addons because the "study" has ended. In about:studies I see:

> pug-experience

> Complete • My reality is different than yours

If they state as an explicit principle that no addons/studies are actually enabled unless the user opted in, then I’m going to give them the benefit of the doubt that if that happened to users that did not opt in, it was a terrible mistake (I.e a bug).

I can tolerate bugs, much more than I can tolerate sneaky app behavior. But I hope the statement about explicit opt-in will be repeated, and this will be explained.

At first I thought it must have been users that explicitly had opted in, but with so many users claiming they haven’t, it seems unlikely.

The next possibility is that preview versions have things opt-out instead of opt in (because in preview versions you need more data from users - typical for closed alphas etc) - but then this should be very clearly explained on download/install.

Just installed Firefox a week ago on OS X. Just checked and I have Looking Glass installed. I'm usually very careful when installing software about things like this. I don't recall ever opting in to anything (including error reporting). So my guess is it's a default you have to disable in settings.

I haven’t understood whether this thing is completely inert or actually does anything without opt in.

If it is downloaded and listed without opt-in, but only actually invoked after opt-in, then I’ll call it acceptable (not great, but not terrible either)

The source is at https://github.com/gregglind/addon-wr/

Its startup is controlled by the addon/bootstrap.js file. Per line 22, it's completely inert unless the user manually toggles `extensions.pug.lookingglass` in about:config: https://github.com/gregglind/addon-wr/blob/59659431fd2a75c33...

Mozilla can't stop doing crap like this. I love the engineering behind it and thr tech but I don't want any of your shenanigans. This makes me affraid to update.

I like Mozilla a lot. And this extension doesn't really bother me, since it's benign.

But oh boy, do they have a talent for always doing benign and harmless things that look bad at first glance. It's almost like they want to turn away typical messaging board users.

Menu > Options > Privacy & Security > untick Allow Firefox to install and run studies

I deliberately kept that enabled initially but if they're going to use it for Adware..

If you're still using Firefox after this it's probably safest and best just to disable everything under Firefox Data Collection and Use

While I agree that releasing this as an undocumented extension was a poor PR move, in practical terms, I don’t see how this is any more insidious than the ‘no internet’ dinosaur jumping game built in to chrome.

Both are first-party. The difference seems to be that the dinosaur game keeps you entertained, where as this hopes to promote awareness of privacy/security.

The dinosaur was not placed there by a movie studio to promote a random.movie.

Neither was the Looking Glass extension.

It is related to Mr Robot

>"I don’t see how this is any more insidious than the ‘no internet’ dinosaur jumping game built in to chrome."

You don't see the difference between a built-in game (included in the installation of Chrome) vs. Mozilla pushing an add-on to a Firefox installation using a channel meant for helping to improve the browser?

Mozilla could have just as well pushed this as part of the binary via auto-update.

FF 57 installed from Debian unstable repository has "Data reporting is disabled for this build configuration" - which disabled, in theory, the shield "studies" as well. I don't know who made this decision at Debian, but thank you.

I wonder if the Ubuntu stable ones have this too?

Ubuntu once sent everything typed in the search bar to Amazon, so...

Ubuntu stable seems to have disabled this as well.

And this is one of the reasons I stopped my yearly donation to the Mozilla foundation even if I love the new FF. If they need money so badly they should push their donation campaign and keep their products clean instead of pushing some shady alliances with big corporations.

Canceled my monthly donation because of this.

I deleted my Facebook because of this and I'm much happier as a result.

So, a lot of people in this thread are saying that Mozilla is a non-profit. There are in fact two Mozillas. One is the Mozilla Foundation, which is the non-profit. They are not involved with Firefox development, as I understand it. The Mozilla Corporation, which I think is owned by the non-profit, does the development. I think the foundation just does cute videos and outreach and other things not directly related to writing software. I also understand that if you donate money to the Mozilla foundation, the money would not make it to Mozilla corp and thus would not pay for the salary of any Firefox hacker.

I've never quite understood how exactly does this financial arrangement work and I would be grateful to anyone who could explain this to me.

It's the other way around - the foundation owns the corporation.


I don't remember if this is opt-in or not, but I do not have it in my Firefox. Maybe I just removed it myself immediately after first install, when I went through to update all of the privacy and other browser settings.

I agree that it seems like a crappy extension, and people should be upset about things being preloaded to their browser.

But there's a point here to be made, that if you're concerned about privacy at all today, you need to look at the settings of any software after you install it. It doesn't matter how much previous trust you have for the developers. This should just be default behavior so that any surprise is met immediately, and not after any damage it could perform has been done.

Didn’t I see something on here recently about Mozilla increasing its revenue significantly? [0] ;)

[0] https://news.ycombinator.com/item?id=15880565

Anyone know how I can turn off Firefox sending technical details and interactions?

Everytime I turn this off, and restart FF it's on again.


If you are on a Nightly or Developer build, you can not turn it off, I asked on Mozilla’s IRC.

Downloading these builds is considered opt-in into telemetry, and toolkit.telemetry.enabled is hardcoded to enabled, the opt-out checkbox literally does nothing, I was told. And about:config confirmed this.

Okay, having a checkbox that does nothing is really bad. The fact that the privacy policy only just says something like "this policy might not apply to non-release builds", without actually having a policy for those also is more than questionable.

Thanks for the insight.

Would be good UI to a.) disable the control b.) add a comment.

Wow ... that's .. disturbing

One step ahead (Quantum), two steps back.

Doesn't bother me at all - I am fully acclimated to the idea that the browser and other applications do run arbitrary A/B test and other code all the time.

I switched to waterfox for quite awhile. I've lost trust in mozilla when they bundled "Pocket" and people then didn't think much of it. When you lose ability to control the browser its no longer a fair game. Bundling addons, changing settings, ads and "enhancements" no one asked for, all eroded trust. Not to mention its aping Chrome more and more each version. We need more firefox forks, not less. Chrome has dozens, because the privacy threat from google is obvious: firefox hdoesn't have that much forks,because its trusted by distro makers to be safe(but its not, as mozilla just proved). People are upset when this implicit assumption that Firefox is the only browser(among modern graphical browsers) you can trust is actually false.

There is more information on this Reddit post:


Better yet, it appears that these "studies" (read: Mozilla pushing addons to your browser without notification or permission) are default opt-out.

Will they stop doing it? Of course not. I can't recall any time that this company has changed course in response to outcry.

I can: when they renamed firebird to firefox.

Was that outcry? I thought it was that or get sued. Been a while, though, so maybe I misrecollect.

TechCrunch and Gizmodo just picked up the story:



Also AFAIK the second link has the first official response of any kind? "A representative told Gizmodo the company is looking into the issue."

It's a PR disaster from Mozilla. I was once a Mozilla rep and I'm ashamed of this. Studies like these should always be turned off by default and the user can opt in voluntarily. But launching Firefox and digging into the preferences to find that I'm enrolled into some studies by default is unethical for me. Sadly, I'll have to switch to Brave or some other privacy concerned browser until I see an official statement and action from Mozilla. I'm sure the management there have something to do with all of this.

Big Browser is watching. Browse freely with Firefox.


The hypocrisy is amazing.

I actually discovered this because my browser would not stop running at 100% cpu utilization about 3 days ago, not doing anything, just sitting at Google.com with one tab open. It freaked me out because I couldn't find any documentation on the extension. Once removed Firefox was running fine again. I guess I'm relieved to know it wasn't some malware or something more sketchy, but I am wondering what it was doing pegging my cpu at 100% whenever my browser was open...

Whatever you experienced is very unlikely to be caused by this add-on. The add-on only initializes if you manually dig into about:config and enable `extensions.pug.lookingglass`. Otherwise, it just starts up once at browser launch, checks that preference, and shuts itself down. (https://github.com/gregglind/addon-wr/blob/59659431fd2a75c33...)

If you're able to consistently reproduce the issue, please let me know.

The best way to disable these things is to go to about:config, search and delete/replace all mozilla urls. For this particular case, the api url is probably in "extensions.shield-recipe-client.api_url" [0]

[0] - https://dxr.mozilla.org/mozilla-central/source/browser/exten...

I'm using FF57 and did not get this addon. Was I just lucky?

Running FF58. I don't have it either. I also don't agree to stuff unknowingly. It's clearly spelled out in the settings under privacy that you can agree to this stuff. Nothing I've seen suggests this isn't happening. People are saying things but no one is backing up any accusations with any proof yet.

Same with 57.0 on macOS 10.12.

Edit: I have FF Studies disabled under about:preferences#privacy. I guess that is the reason why it is not installed on my machine.

Running 57.0.1, and I don't see it either.

same. is it just US stuff?

I'm in Germany and it was installed here.

I just checked my installation of Firefox and this addon was present as well. The developers involved (Greg Lind et al) should acknowledge this and apologize.

Same, why is this in my addons..?

I really don't understand what they were thinking.

I checked out FF for the zillionth time the other week after the Quantum release hoping to love it, but the deep Pocket integration was just too offputting. Turning it off requires some Googling. There were other irritating commercial things too. It’s a shame. FF is probably the most important open source project in the world and it’s a shame they do stuff like this. I’m still on Chrome :(

Firefox bought Pocket. So it's a first-party feature.

I cant help but feel mozilla bought pocket because they wanted to justify the included adware nature of it as a first and foremost priority, after all the supposed logic of including it was all about reducing costs for mozilla..

> but the deep Pocket integration was just too offputting

You mean the single button that does literally nothing until and unless you click on it?

Yep, that button was really annoying. And the Pocket thing on the home screen, too. And the fact that I had to Google to figure out how to disable it.

If you must know why, I don't want promos for particular web properties in my browser. I find Pocket to be annoying conceptually (a service to help you carry around all the things you didn't and won't read—eww, no, no thank you), and I don't want to look at it every day. I don't want to have to Google to figure out how to disable it. I don't want my browser to come with nonsense I need to disable.

> You mean the single button that does literally nothing until and unless you click on it?

This must be the kind of mentality that leads people at FF to do silly things like mentioned on this thread, or having "just one button" for their acquired web property. That's the opposite of how great product minds think. Great product people think "how can I REMOVE this button?" Not "how can I get away with having it?"

Despite some strong criticisms I've made about Pocket, it actually is a pretty good tool, as such things go.

My main complaints are that it's not more useful, though with some tweaks, I've made it just that.



It needs more help than just CSS, but that's a start.

Add a couple more buttons and hey, you've got a toolbar going.

Why can't they just make a web browser that's... just a web browser? Chrome has never had buttons to email pages with gmail, record videos onto YouTube, share pages on G+ etc.

It pays off for Google to develop Chrome, because:

* they can feed Chrome Sync data into their advertising databases.

* it means that they don't have to pay other browser vendors quite so much to make them the default search engine.

* they can take control over webstandards for their other profit-driven purpose.

* they can hinder the blocking of their ads.

Mozilla can't or chooses not to rely on any of these profit schemes, so they need other ways of making money.

The default new tab in Chrome contains links to all of those things and more.

Not exactly a great example if Mozilla is trying to claim the high ground.

From the wikipedia article. linked in the ticket

> Shield Studies are available on all channels. Individual studies can be opt-out or opt-in and any and all data being collected will be declared openly. After confirming willingness to participation, a self expiring add-on will be installed on the user's machine.

Mozilla is only installing an experimental feature ass an add-on if they opt in.

As of about 5:30 GMT it looks like the addon was automatically removed from my browser. I know I saw it a couple hours ago.

What I really do not understand is why this game thing was installed automatically given that websites can ask the user to install an extension when they land on a webpage. A popup that is part of Firefox shows up and asks the user if he really wants to install it.

Is the "Unknown" part in the title really unknown, or just Mozilla trying to protect its developer(s) from pitchforks? If it's really "unknown", then that's the really concerning part.

I haven't noticed this extension sending data to outside services. Did somebody find if/where it does that? If it is sending personal or browsing-related data out, we can flood the servers with garbage.

Posted here a few days ago about how Mozilla being for-profit joined at the hip with a non-profit seems kind of shady, and got dogpiled for it. Then they do this as a tie-in for Mr. Robot.


I use Firefox 58 beta developer edition in the USA and this extension didn't install automatically...

Maybe the government need to start sponsoring Mozilla so that they stop doing things like this.

This is disappointing rather. When Mozilla spent $$ in advertising Firefox Quantum in the internet media articles, they could have mentioned this at least somewhere in them.

Mozilla takes in about half a billion dollars per year, has anyone considered the consideration for which this money is being paid ?

That's FUD. Mozilla is a 501(c)3 non-profit, and our audited financial statements and IRS Form 990 can be found at https://www.mozilla.org/en-US/foundation/annualreport/

Mozilla is... both. There's the Mozilla Foundation which is a nonprofit and the Mozilla Corporation which is very much not.

I've never quite understood what each Mozilla does, but AIUI, the Firefox development is all done by Mozilla Corp and the nonprofit does stuff like make those cute videos about how Firefox is going to save the world and make us all smiley and multiethnic.

I've talked to a number of Mozilla employees, and they also seem confused about the relationship between the corp and the foundation.

The Mozilla Corporation is 100% owned by the non-profit Mozilla Foundation, so any earnings that the Corporation makes, they either have to reinvest, put it to the side to reinvest it later or pay it out to the Foundation, where it's again in non-profit hands (i.e. forced to invest into their specified mission).

The only way that the Corporation could do shenanigans, is by paying their employees higher wages than would be necessary to hold them or is considered reasonable for the job that they do.

It was set up, because there's limits to how much money a non-profit is allowed to put to the side, which would have limited Mozilla's strategic flexibility.

The Mozilla Corporation ("MoCo"), which develops Firefox, is a wholly owned subsidiary of the non-profit Mozilla Foundation ("MoFo"). Each has its own board of directors, but the Corporation exists to serve the public benefit goals of the non-profit. The link above has a decent overview, and if you're especially curious, bylaws and articles of incorporation for each are at https://www.mozilla.org/en-US/foundation/about/.


> shady consideration for the money - check until proven otherwise.

I don't think that actually is correct. The Mozilla Foundation is a non-profit, as has already been pointed out above. As such, they specify a mission and then are legally forced to invest all money that they make/get into this mission.

And in their mission statement, they specify that "Individuals’ security and privacy on the Internet are fundamental and must not be treated as optional." (Principle 4 in the Manifesto).

So, they cannot legally do shady stuff. And even if that means nothing else to you, the rule with law violations still is "Innocent until proven otherwise".

This is the second spyware extension in recent memory.

How hard is it to fork Firefox with all this stuff hardcoded off?

waterfox? or perhaps pale moon are what you are after?

Developers have a million other ways to be cute and clever.

I've been seeing the YouTube logo inverted recently. I wonder if this has something to do with it. If so. I'm done with Firefox. I've used it since it was Netscape in 1996. Enough is enough.

This has nothing to do with Firefox, it was Youtube promoting its Youtube Rewind: https://en.wikipedia.org/wiki/YouTube_Rewind


The Mr. Robot series centers around the theme of online privacy and security. One of the 10 guiding principles of Mozilla's mission is that individuals' security and privacy on the internet are fundamental and must not be treated as optional. The more people know about what information they are sharing online, the more they can protect their privacy.

...which you've done by installing a fishy-looking addon without our permission and making us less likely to trust you?

Well-done, Mozilla.

>Firefox and Mr Robot have collaborated on a shared experience to further your immersion into the Mr Robot universe

I guess that sounds slightly better than "Firefox and Universal Cable Productions".. oh wait..

At least it's an authentic immersion into the world of dubious computer ethics.

Reminds me of this gem, wherein ads were called user-enhancing: https://twitter.com/dherman76/status/433320156496789504

> Excited to share the launch of @mozilla @firefox Tiles program, the first of our user-enhancing programs

You won this thread.

It's not really "computer ethics" but rather, just "ethics".

If you clicked on the link about shield studies you'd see it says they're opt in, did you not getting prompted about it?

Apparently it's getting loaded anyway for some people that say they had "Studies" disabled and/or "Studies" itself became re-enabled.

The whole idea of slipping paid advertorial content into what are billed as "research" kind of gives the lie to this whole thing and is why I never turn these on in any product. Which is also why it's now "opt-out" by default, and why it will eventually not be an option at all. It's all for our own good, you see.

You don't just need "Studies" enabled, you also need to explicitly opt-in to each specific study on an individual basis:

> Participation in an individual study is opt-in

Source: https://wiki.mozilla.org/Firefox/Shield/Shield_Studies

If that didn't happen in this case, then I suspect it's probably a bug.

I can confirm this most certainly did not happen in my case and, from other comments, there seem to be a number of us who did not opt in to this "study."

Same here. I didn't even known about Studies until reading this thread.

> you also need to explicitly opt-in

Wrong, as far as I see: Looking in my about:config, I see

enabled by default. The settings that I've changed from the default are shown in bold. These aren't bold. Those are the defaults. Everybody can check.

That means that the user must actively take steps to disable them, if he knows that they exist and where he can disable them.

Every time the user creates a new profile, and most probably also when he "refreshes" an old one, he has by default the studies allowed.

It's even worse in other aspects: through the UI the "Allow Firefox to install and run studies" can be unchecked but it doesn't change the value of "experiments.enabled" to false in about:config.

Apparently the "experiments" allow Mozilla to install the "experimental" extensions to any user, without him knowing. And these extensions are invisible in the GUI! Even if the user goes to the about:config and sets extensions.ui.experiment.hidden to false, it will be automatically set to true again.

I speak from experience that a lot of FF users don't even know what about:config is or how to edit it.

It all seems sneaky and deliberately obtuse.

Are you sure that's what those config options do? I tried looking them up, but they don't seem to be listed in Mozilla's config documentation: http://kb.mozillazine.org/About:config_entries

According to the Wiki page I linked in my previous comment, global settings shouldn't even matter in this case; since each SHIELD study must be opted into on an individual basis. (Or at least, that's how it's _supposed_ to work.)

Edit: Looks like the wiki was updated to state that some studies can be opt-out rather than opt-in. This also seems in-line with the documentation for SHIELD, which has a section on opt-out studies: https://normandy.readthedocs.io/en/latest/user/actions/opt-o...

Your link in edit part is the answer to your question before the edit:


"opt-out-study: Install a Study Add-on Without Prompting

The opt-out-study action installs an add-on, typically one that implements a feature experiment by changing Firefox and measuring how it affects the user."

They are obviously the topic of:


That I mentioned.

I see a lot of commenters trying to excuse them. The problem is, people allowed the "studies" because Mozilla claimed that they are "measuring" whatever "to make Firefox better." They never told anybody that they are selling the "studies" functionality which silently installs ("opt-out" not opt in!) to the advertisers.

I don't know how anybody can defend such an approach.

It looks like experiments are previews of potential new features, like letting you pop a video out of a page https://testpilot.firefox.com/experiments/min-vid?utm_source...

Whereas studies collect usage data.

Why should the "previews of potential new features" in the form of the extensions be hidden from the user, and even if the user "unhides" them be automatically hidden again?

Well, this is very troubling; it's installed in my browser. Not only did I not get prompted, I never volunteered for being in any studies. I'm running Firefox on Linux, but I installed it from Mozilla, and not the package manager.

I just installed FF on my mom's new desktop yesterday, noticed this crap while installing ublock origin. Definitely didn't opt in to anything. Made me wonder whether I'd accidentally downloaded some malware from a look-alike site, instead of official Firefox.

Firefox Studies aren't new, and aren't opt-out by default. They're opt-in per study, in fact. The code to run them comes with Firefox, that's it. All this HN link is is someone asking what the add-on is, not proclaiming it did anything.

about:studies->Preferences shows "Allow Firefox to install and run studies" is enabled on my copy of Firefox 57.0.2(OSX). I don't remember opting in at install time, was it hidden behind some innocuous-sounding checkbox?

In my Firefox 52.5.1 under a current CentOS 7, there is no about:studies. Either "studies" has been newly removed (Firefox updated yesterday, I think?) or about:studies is new or Firefox Studies has been included by default after the 52 series. Perhaps its just me, but I still think of post-52 Firefox as "new".

It's nonetheless not obvious to me why you were downvoted; I don't know if someone else was annoyed at your definition of "new" or whether there were other dubious claims in your comment. Perhaps privacy advocates are just too exhausted and cranky to explain themselves again.

Just as another data point, I'm on 56.0, and while the option is there, it is default not enabled. So, it looks like something changed in the move to Quantum.

Apparently the addon is installed anyway, it just doesn't "change anything in Firefox" if not opted-in. I have to wonder why install it at all if it's not to be used.

Mozilla really needs to be more transparent about this kind of stuff.

I did not opt in and I have the "Looking Glass - MY REALITY IS JUST DIFFERENT THAN YOURS." extension enabled.

Adding my me-too because I was fully convinced this was user error until I saw it myself. The opt-in is busted.

> If you clicked on the link about shield studies you'd see it says they're opt in, did you not getting prompted about it?

No, I had Firefox test pilot with `Video Min` addon, I was not prompted about he `Looking Glass` I removed all addons from Mozilla and their test pilot yesterday. There is only one thing that keeps me away from moving to Brave browser https://github.com/brave/browser-laptop/issues/3101

I hope they fix it soon so I can drop Firefox and their "mission". This is second time my Firefox got infected by Mozilla and their addons. A month ago my PC at work got infected with "Firefox Pioneer" https://news.ycombinator.com/item?id=15648179

Firefox Pioneer is literally a spy and tracking addon:

>Pioneer is an opt-in program that allows collection of richer data from Firefox.

I did not install it.

Not surprised to see your comment being downvoted...HN has such a double standard when it comes to certain brands/vendors.

Windows 10 sends telemetry by default? Microsoft is literally Satan incarnate! BURN THEM AT THE STAKE!!!

Firefox installs crapware addons without user permissions and signs them up to participate in "studies"? Shhhhh...it probably only an innocent bug, nothing to see here, move along now.

I remember this prompt (sending Mozilla crash/performance data) and disabled it a long time ago, and I don't have the add-on currently.

Often these days I disable every "Help us with information" box, both on close/commercial software and even open source software. I mean I'd like the help the community, but I really no longer like submitting any type of tracking information or even debugging information. Everyone is already clamoring for my data, and I guess it's more of a mentality of I don't want to give it away for free. They already get so much for free.

I'll still file a bug report on bugzillas and compile stack traces on faults. But I want to do it myself, explicitly.

I did not opt-in and the extension shows as being enabled. Someone messed up.

"messed up", like they messed up by re-adding Pocket to toolbars a few months back.

Do Mozilla have no QC, or is it purposeful?

All these "but it's only an add-on [we foisted on you]", should just be a bullet point on the upgrade screen "we'd like it if you used this".

This is Microsoft level "customer" control, where they just ignore any chance the customer doesn't want something changing and go ahead, it's being treated now as Mozilla's browser not the users.

Yep, from https://wiki.mozilla.org/Firefox/Shield/Shield_Studies:

> Participation in an individual study is opt-in

Though I do see some people now claiming the addon got installed without them opting in. Probably a bug of some kind.

I did not knowingly opt-in to any shield studies, and I see it installed for me. I guess it's possible that I clicked on something without reading it.

Anyways, I've taken the opportunity to opt-out of Firefox.

Between broken font handling and this Looking Glass thing whatever it is Firefox 57 (Quantum) has been less than stellar.

They should rename Firefox to Fiasco.

This is what it looks like: https://imgur.com/a/mriUw

It scared the hell out of me! Are these guys losing their minds?

It was reported as a bug and the response thus far is indeed underwhelming for such a severe issue: https://bugzilla.mozilla.org/show_bug.cgi?id=1424977

It wasn't supposed to be visible on the addons page

I don't think that makes it better. Knowing that there's a way to get an addon installed invisibly is going to be more justification for paranoia.

There almost certainly is not a way to invisibly install add-ons, unless you are part of Mozilla, and, you know, making Firefox. If paranoia is your thing, it might be worth considering that Mozilla can do anything it wants inside Firefox core, all of it is "invisible" to you.

And this is the point where even the most Mozilla-supporting users move away. For me, this is it, I’m going to Chromium.

Fuck this shit, in the past months we had CliqZ https://news.ycombinator.com/item?id=15421708, we had Mozilla adding new telemetry, we had Mozilla force-enable toolkit.telemetry.enabled, we had Mozilla say that, if you download Nightly, that is considered opt-in to tracking, we had Mozilla put Google Analytics into the Addons menu (because it’s loaded from addons.mozilla.org: https://github.com/mozilla/addons-frontend/issues/2785 ), and we had Mozilla say that, if we don’t trust Google, we shouldn’t use Firefox.

Fuck this.

Regarding telemetry, take a look at the settings in about:config. There are several toolkit.telemetry.Ping settings which are set to true by default. In the spirit of charity I'm going to assume that those phone home pings - on startup, shutdown, update - are not enabled unless telemetry is enabled. But I have not checked...

Alternatively you can give waterfox[1] a try.


    Disabled Encrypted Media Extensions (EME)
    Disabled Web Runtime (deprecated as of 2015)
    Removed Pocket
    Removed Telemetry
    Removed data collection
    Removed startup profiling
    Allow running of all 64-Bit NPAPI plugins
    Allow running of unsigned extensions
    Removal of Sponsored Tiles on New Tab Page
    Addition of Duplicate Tab option
    Locale selector in about:preferences > General
[1]: https://www.waterfoxproject.org/

Great points, thanks for compiling these..

I was using firefox because I don't trust google. ;(

Yes and a big part of this entire issue is users deciding whether we can trust Mozilla with that power or not.

And he's saying that this occurence should have no effect on this decision, not in any rational mind.

You can disable these studies under Options | Privacy and Security

I hate the fact that Firefox increasingly makes me jump through all sorts of hoops to find all the hidden options to turn off their various spyware attempts. Its the Win10 of browsers...

There's an extension for that called privacy settings[1] it exposes all the settings in one easy place.

I also recommend waterfox instead of firefox.

[1]: https://addons.mozilla.org/en-US/firefox/addon/privacy-setti... [2]: https://www.waterfoxproject.org/

Going through your browser settings really is quite the hoop.

Yeah, its so intuitive for the average person to type: about:config in address bar and scroll through hundreds of oddly named parameters to turn off spyware.

Comments like yours are illustrative of a certain mindset. When you encounter the complexity of domains you are not intimately familiar with (court system, law, finance, etc), and those complexities are designed specifically to make it hard for you to protect yourself, I'm sure you are just as understanding as you are now.

You're being hyperbolic, you don't need to go into about:config.

It's right in the main browser settings, under the Privacy and Security section where one would expect settings like this to be

If what you say is true, please point me to where I can find the following privacy settings in the main preferences:


Errr... is "dom.enable_performance" really a privacy setting?

Doing someone online searching now, not seeing an explanation for it. There is one other HN post though, also mentioning it in a privacy context, but not further info either. :/

> It's right in the main browser settings, under the Privacy and Security section where one would expect settings like this to be

If you asked me "where would you go to change settings to prevent the browser from violating your privacy and infringing on your security?", then, yes, I would go to "Privacy and Security". If, however, you asked me "what would you expect to find under 'Privacy and Security'?", my answer would be that that's where I would go to protect myself from malicious websites, not from malicious browsers.

(I know that 'malicious' is quite, and almost certainly too, strong here, but the point is that I think, and am explicitly encouraged to think, of Mozilla as being on my side against the sites I visit, and I don't think it's natural to expect that I will start thinking of how I need to protect myself from Mozilla to use their products in the way that I, rather than they, intend.)

How are you supposed to do turn the defaults to a reasonable level of privacy without launching Firefox once though?

I remember it was asking if I want participate in studies when I installed FF for the first time.

It is.

You should opt in, not opt out

Preferences/Options -> Privacy and Security -> Allow Firefox to install and run studies

that would be worse

How exactly? Whether they push out code to you by just changing the binary or by installing an extension makes no difference. In fact, pushing it out as an extension, means they actually have less control over your browser, because are bound to the restrictions that extensions have.

Every browser vendor has this control over you when you use their browser. Some have even more, because they don't even need to tell you about it when they're closed-source.

>Are these guys losing their minds?


I don't know what the hell is going on with Mozilla. Ever tried to install Firefox on Android? The new tab page is full of ads by default!

And this is the company we are supposed to trust? Because right now I feel like I trust Google more, and that's a lot to say.

Adds are annoying yes, but they are only bad for your privacy if they track and profile you. Adds allow for free stuff and they can be done the right way. Granted this is becoming more and more rare so I understand your standard association of adds with distrust. The adds you refer to are non tracking (please tell me if I'm wrong though) and will slowly be replaced by sites you visit (often).

> Adds[sic] allow for free stuff

The opposite is true: ads must be paid for, which makes products and services more expensive.

Ads are a convoluted, inefficient form of wealth redistribution; whether that's "good" or "bad" depends on the specific circumstances.

For example, we might (simplistically) say it's "good" when we receive something paid for by ad revenue, but the burden of paying for (e.g. by price increases) and being subjected to those ads is carried by others. For example, if we tune in to a radio station, listen to a song, and tune out before some ad for a product we don't use.

We could say it's "bad" when the opposite happens, for example if we pay higher fees for shopping on Amazon, which then get spent on advertising Prime Video which we don't use.

Ads abuse the user's time, attention, and privacy. Minus the tracking, that's still two factors of abuse rather than three.

How do they abuse your privacy without tracking? Of course if they didn't abuse your time and attention they wouldn't make sense. But someone has to be paying Firefox's development, and it is not you. I'll take that last part back if you contribute to Mozilla. Hey, maybe it's an idea for a donation: make a 5$ Firefox without adds. I'd pay. To bad part goes to Google that way.

The irony is that people pay, just not to the right place. Every unnecessarily-bloated download tears through data plans and costs people money to their ISP that never makes it to the provider.

I want plain-text ads that provide just as much revenue to web sites but without obnoxious experiences and fat downloads.

> Every unnecessarily-bloated download tears through data plans and costs people money to their ISP

Only in third internet world countries like the US... Elsewhere, we don't have limited data plans.

This is going to put me in weird company but I really don't see why metered billing is such a terrible thing. Most other utilities are pay-for-amount-used. And as a bonus, this creates an incentive for developers (via customer pressure) to not use insane amounts of data.

It is because data, unlike water or electricity, isn't a finite resource. Your electricity bill includes the generation in the power plant and the transmission over the power lines. When it comes to Internet access, you're paying for the transmission (bandwidth), but there isn't a "packet generation plant" that you should have to pay for.

Also, data caps mean people will use less data, meaning using less bandwidth, meaning ISPs will have less of an incentive to upgrade their already ancient infrastructure. It would be giving them more money to use less of what they provide.

I don’t mind ads... uMatrix and uBlock Origin take care of that noise for me.

No. Firefox was too big for my old phone and I switched to palemoon when firefox stopped allowing unsigned plugins on my desktop. I've been using habit browser on my phone. I don't really trust it at all so I give it minimal permissions and try not to do any browsing on my phone I don't expect to be tracked or monitored. It's fast and customizable and has a built in adblocker so I've been fairly happy with it. I've tried a lot of different mobile browsers. I haven't really found any I liked. They all kinda suck in one way or another. I was really hoping something from F-Droid would be appealing to use but they were all disappointing. The state of mobile browsers in general is kind of abysmal.

To solve this "problem" on android, check this xposed framework module:


We can't argue with your feelings.

Could you please be more clear? I disabled all my extensions and still don't see anything there that is based on feelings?

I think they are feeling betrayed by Mozilla, and that they are saying language like "We all love the web" and "Internet for people" inspires feelings.

You could have asked me what I meant.

Having issues with your extra? Beginning with Firefox 57 (in discharge), just additional items manufactured utilizing WebExtensions APIs, the new innovation for Firefox expansions will work.

The cringe-worthy construction "different than" which should be "different from" makes this episode even worse.

Just checked and saw the Looking Glass add-on installed on my work laptop.

I've uninstalled Firefox and will be removing it from all of my computers. I had just started slowly migrating back to it with the performance enhancements in the latest update, but honestly I don't think I can get past a breach of trust at this level.

I switched to Vivaldi a few months back and tried out FF57 recently. I really wanted to move back to FF again, but two weeks in, the performance enhancements just seem really overrated. The UI is still draggy, load times are not great.

I ended up going back to Vivaldi.


Google does a lot of things but they've never betrayed my trust by installing an extension in conjunction with a third party without telling me.

Google does track a lot of my data but they provide useful services in exchange, and in addition they make it pretty easy to see what data they have on me. Also Google's data is its competitive advantage so our interest in protecting my data from 3rd parties is aligned.

In short, Google tracks me sure, but they're pretty transparent about it. I do think some of the things Google does with Chrome and it's market position is less than stellar so I'm still exploring other options. If you have any suggestions I'd be happy to hear them.

> but they're pretty transparent about it

They may be transparent about the fact that they're tracking you, but not about what they're tracking or when they're tracking it. And there's no way for you to find out because the vast majority of their software is not open source.

Google doesn’t send your data to third parties because Google wasn’t able to identify any other companies more evil than Google to send your data to.

Thanks, thats the funniest thing I've read all week.

You missed the joke.

Well, does it matter if I use Chrome, which sends everything I do back to Google Analytics, or if I use Firefox, which also sends my interaction with the Addon menu to Google https://github.com/mozilla/addons-frontend/issues/2785 and my browsing history to a German publishing, ad and tracking company (CliqZ belongs to the Burda Group) https://news.ycombinator.com/item?id=15421708 ?

In a previous discussion, a Mozilla employee gave me as official statement that if I don’t trust Google, I shouldn’t use Firefox.

If I have to trust Google anyway, I can at least use the better browser.

Disclaimer: Until today, I’ve defended Mozilla in all such discussions, and kept the same PoV that you have presented here, but I just can’t do that anymore, when Mozilla is now just as evil as Google.

This misrepresents and overstates the Google Analytics and Cliqz situations

1. Mozilla obtained specific legal / contractual protections around any data that we store in GA, as covered in this adjacent thread: https://news.ycombinator.com/item?id=15932224.

2. We did briefly run an experiment with Cliqz, but that integration was only ever offered to <1% of new, German-language installations of Firefox. I still need to read up on the technical details of that experiment, but it's misleading to claim that Firefox in general has any interaction with Cliqz.

3. As a Mozilla employee myself, I'd be very interested in a citation for that statement re: Google.

> 1. Mozilla obtained specific legal / contractual protections around any data that we store in GA, as covered in this adjacent thread: https://news.ycombinator.com/item?id=15932224.

Which requires that users trust Google.

The reason I use Mozilla products is exclusively because I do not trust Google. If Mozilla requires that I trust Google to keep my data safe (which Mozilla transmitted to them), then I have no reason to use Mozilla products.

> 2. We did briefly run an experiment with Cliqz, but that integration was only ever offered to <1% of new, German-language installations of Firefox. I still need to read up on the technical details of that experiment, but it's misleading to claim that Firefox in general has any interaction with Cliqz.

Mozilla also invested into CliqZ, and a family member of mine was affected by the experiment – I live in Germany.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact