Hacker News new | past | comments | ask | show | jobs | submit login
Firefox partners with ProtonVPN (firefox.com)
111 points by spac 4 months ago | hide | past | web | favorite | 122 comments

I'm really excited about this idea, but I also think it isn't fully baked yet.

I'm excited because VPNs are all about shifting trust: I'm no longer trusting Comcast not to sell my data, I'm now trusting SketchyVPN. If SketchyVPN turns out not to be trustworthy, then I'm paying for something that is worth less than $0 to me, and there's no way to detect that as a user. It's like paying more for organic food in a town where farm stands are paid to lace organic food with arsenic -- why would you?

For VPN service, I trust Mozilla more than to just about anybody: they're nonprofit, have clear and transparent governance, have many mission-driven employees, and would lose more than they could possibly gain by breaking the terms of service on a VPN. They also have a big enough profile that it takes no extra effort to stay up to date on how trustworthy they are -- they do make missteps, but every misstep hits the front page of HN, which is exactly what I want. If they run a VPN, I'm sold that it's worth more than $0.

But the service isn't fully baked yet for me, because they're not explaining how they're enforcing the trustworthiness of ProtonVPN. I have no idea if ProtonVPN is as trustworthy as Mozilla -- maybe it is, but I don't want to learn and stay on top of that. Instead I want premium.firefox.com/vpn/ to convince me that, if I use Mozilla's service, I'm fully benefiting from their trustworthiness.

> But the service isn't fully baked yet for me, because they're not explaining how they're enforcing the trustworthiness of ProtonVPN. I have no idea if ProtonVPN is as trustworthy as Mozilla -- maybe it is, but I don't want to learn and stay on top of that. Instead I want premium.firefox.com/vpn/ to convince me that, if I use Mozilla's service, I'm fully benefiting from their trustworthiness.

I'm also interested in this. I cannot help but wonder if the reason is 'because they gave us money to', like Firefox 'partnering' with google to make google search the default provider.

You can find details about this on Mozilla's blog post on this topic, which also describes what they did to audit ProtonVPN: https://blog.mozilla.org/futurereleases/2018/10/22/testing-n...

To be fair, that's not very detailed. While I trust Mozilla, I agree that it would be interesting to have more details.

So if I understand correctly, you would want to know the details of how Mozilla audited ProtonVPN, is that it?

Right -- I'm looking for a white-paper level of detail somewhere behind the landing-page level of detail. What threats (internal and external) did you consider, what evidence convinced you they were addressed, and what acceptable risks remain? What would you as an engineer want to be told by another engineer who did the audit, for you to say "great, that's what I would have done, sounds like you did your due diligence, I'll use that"?

The white paper won't be read by everybody and shouldn't be targeted at everybody, but it will be read by the most knowledgeable folks and be a source of confidence that filters out to everyone else.

This all depends on there actually being an audit -- so far the landing page doesn't even say that! From the text on the page there's no way to tell if Mozilla just read the published policies for a bunch of VPNs and made a recommendation, or has an employee embedded in ProtonVPN's security team and a seat on the board, or somewhere in between. Without knowing the details, it's hard for me to say whether I'm looking for more documentation of the audit that already happened, or a stronger actual relationship behind the endorsement.

Everyone in Vilnius, Lithuania knows, that both, NordVPN and ProtonVPN, are being developed here by the people related to Tesonet, which has been recently sued in Texas Eastern District Court for the patent infringement in "Large-scale web data extraction products and services with residential proxy network ( https://oxylabs.io/ )"[1] by Luminati Networks, an Israeli data mining company behind HolaVPN[2].

The section from the "About" page of Tesonet (26 Apr 2018)[3], which was suddenly removed in June 2018 after the connection between ProtonVPN and Tesonet was made public by the co-founder of PIA[4]:

"For the latest project, Tesonet is working together with an international brand from Switzerland to create a security product that helps users protect their network traffic. As part of this technical partnership, we are collaborating on datacenter and network infrastructure that can easily supply 10 Gbps worth of bandwidth to users around the world. The product is developed using the latest authentication encryption methods and the best practices in the security world."

As late as September 2018, NordVPN and ProtonVPN still become affected by the same extremely rare Windows security bugs at the same time[5], even though the CTO of ProtonMail claimed here on Hacker News, that they used Tesonet, a data mining company, for developing ProtonVPN, a free VPN service, only as "an office space provider"[6].

[1] http://litigation.maxval-ip.com/Litigation/DetailView?CaseID...

[2] http://fortune.com/2015/05/29/hola-luminati-vpn/

[3] https://web.archive.org/web/20180426161609/https://tesonet.c...

[4] https://news.ycombinator.com/item?id=17258203

[5] https://www.pcmag.com/news/363619/protonvpn-and-nordvpn-bugs...

[6] https://news.ycombinator.com/item?id=17258538

1 only shows Tesonet being sued and does not prove that both Nord and Proton services are being developed by Tesonet people, and even if they were Tesonet-adjacent people, further proof would be needed to link these services directly to Tesonet the entity. 2 is contingent on 1.

3 and 4 are the only things I can see with any weight to them, yet they were brought up by a competitor (red flag), and vague enough not to be considered "evidence".

5 and 6 prove absolutely nothing. Both of these products use OpenVPN, which is what the vulnerability was in.

The vulnerability has nothing to do with Tesonet and I have not seen proof otherwise. Presumably other VPN services that also use OpenVPN could have encountered the same vulnerabilities. What makes you think that both having the same bug, because they use the same open-source system, is any kind of "proof"?

It's interesting how one can seem to provide a huge body of quotes and evidence for something- yet the majority of it easily deflates when viewed directly. We're gonna need more than this, much more. I'm not willing to 100% disbelieve you or dismiss your concerns outright- but if you're trying to convince people, this is a pretty weak effort.

You've made these claims before, you say ProtonMail's response is inadequate- could you elaborate on why? I thought it was relatively thorough and convincing, but am willing to see any holes poked in it

What PIA co-founder proved in June 2018 on Hacker News[1], and what happened after:

- ProtonVPN UAB lists Tesonet's CEO as a director [after: the company's name was changed multiple times in 2 months, and the director's name was hidden from the public view]

- ProtonVPN UAB is operated from Tesonet's HQ in Vilnius, Lithuania [after: the company's address was changed to a co-working space's located a few streets away, which doesn't require to relocate to use it]

- ProtonVPN UAB uses previous Tesonet's technical employees [after: still true]

- ProtonVPN uses IP address blocks that belong to Tesonet [after: these IP address blocks were assigned to ProtonVPN]

- ProtonVPN Android mobile app was signed by Tesonet [after: still true]

The ProtonMail's response on reddit was modified multiple times and locked, to prevent people from picking the holes in the narrative.

[1] https://news.ycombinator.com/item?id=17258203 ["showdead" must be enabled in settings to see the entire thread]

These points are either incorrect or already debunked here: https://www.reddit.com/r/ProtonVPN/comments/8ww4h2/protonvpn...

There are even photos from Mozilla's visit to Proton HQ in Geneva: https://www.instagram.com/p/BpR7ungAi6Y/

Proton does have an office in Vilnius (one of 6 offices globally), but the bulk of our staff works in our two Swiss offices.

krn 4 months ago [flagged]

Why didn't you invite Mozilla to the real office in Vilnius, Lithuania where ProtonVPN was actually being developed?

Because the senior team members who developed the ProtonVPN partnership with Mozilla were all in our Geneva HQ, because that's where we're actually based...

krn 4 months ago [flagged]

Could you post some pictures from your office in Vilnius, Lithuania, where ProtonVPN UAB with 19 technical(?) employees is currently based? Are they still working from Tesonet's HQ, just like they did in 2017, and for the most of 2018?

Is Tesonet's CEO still the director of ProtonVPN UAB, more than 2 years after the incorporation in July 2016? I can no longer check it myself, because the public record is now hidden. But it was still true in June 2018.

And how do you feel about partnering on a free VPN service with a company, which has been sued for multiple patent infringements in "Large-scale web data extraction products and services with residential proxy network" by the founders of another free VPN service, HolaVPN, who have publicly admitted to using it for exactly that?

You can find Proton's response to these false allegations here: https://www.reddit.com/r/ProtonVPN/comments/8ww4h2/protonvpn...

> false allegations

These are nothing but facts backed by sources anyone can verify by himself.

Why is there an article about Hola in there?

To show that Luminati Networks, which sued Tesonet for patent infringements, has publicly admitted using HolaVPN as a residential proxy network for data mining operations.

> I'm excited because VPNs are all about shifting trust

I agree overall about the benefits of getting more reliable auditing for VPNs, I think that's important and I'd like to see Mozilla release more details.

But I strongly disagree with the "shifting trust" explanation that people use when they talk about VPNs. People bring up this point all the time, that if you can't guarantee trustworthiness, there's no benefit. And it's ridiculous -- even a moderately trustworthy VPN is a benefit over not using a VPN.

VPNs consolidate trust. When you don't use a VPN, you aren't just showing your traffic to your ISP. You're also leaking your IP address to any website you visit. You're also trusting any other networks that you connect to when you open up your laptop in a coffee shop or hotel room not to have a sniffer sitting on them. You're trusting tons of faceless organizations across the entire chain of you to the website you visit to be safe with your data.

The main benefit of a VPN is not just that it hides your data from your ISP (although that alone is a really good benefit because we already know that most US ISPs are untrustworthy). The main benefit is that you only need to trust one company with your IP address instead of every single individual website that you visit, and that you only need to trust one provider not to sniff your traffic, instead of every single ISP that you connect to.

If your VPN is moderately trustworthy, to the same level that you would trust an ISP like Verizon, then it is a strict upgrade in security to use that VPN for all of your traffic, because you're eliminating some of the lowest-hanging network vulnerabilities while you travel and putting a barrier between yourself and the websites you visit so that it's at least slightly harder for them to track you or tie you to a physical location.

> You're also leaking your IP address to any website you visit.

As opposed to leaking your VPN's IP address, which is about as meaningful.

> You're also trusting any other networks that you connect to when you open up your laptop in a coffee shop or hotel room not to have a sniffer sitting on them.

True. Which is why a personal VPN to your home network is useful.

> You're trusting tons of faceless organizations across the entire chain of you to the website you visit to be safe with your data.

The connection from the VPN provider still goes through a similar chain.

It's true that the chain will be substantially different if you, say, connect to a service in the US from the UK via an Australian VPN service. On the other hand, the chain will be way longer if you use that Australian VPN to look up your local pizza place's menu.

> As opposed to leaking your VPN's IP address, which is about as meaningful.

Unless you're very lucky with providers, your local IP address is good enough for me to get at least your zip code, and if you're particularly unlucky with your provider/network setup there are theoretical attacks that can be used to get even closer to your physical location[0].

By comparison, the closest VPN address to my physical location is in a different state. That really matters if you care about privacy -- without a VPN you are broadcasting your current town to literally every single site you visit.

> The connection from the VPN provider still goes through a similar chain.

But when it goes through that chain, the request is sent from the VPN provider, not from your own IP address, which is significantly more unique and easier to track, even if you've taken steps to block browser fingerprinting. Request aggregation is by no means a perfect defense against tracking, but it is significantly better than not aggregating requests.

> Which is why a personal VPN to your home network is useful.

Granted. If you've set up a personal VPN to your home network and you're maintaining your own server to make that work, that'll protect you when you browse at a coffee shop. It's also a lot more work for the average user (it's certainly not a viable substitute for what Firefox is doing here), and if done incorrectly a home VPN can make your network vulnerable to attacks because it forces you to open ports.

So my suggestion if you're going down that route would be to buy a 3rd-party server on something like Linode and set up your VPN there. That way a poorly configured server won't make your home network vulnerable. That will also protect you from at least the geolocation attacks I mentioned above. You won't have the advantage of sharing an IP with other people, but I can see that being an acceptable tradeoff for people who want more control.

At that point though, you've basically just rolled your own private VPN provider. You can debate whether or not it's better to roll your own provider or use an existing provider, but in either case, you're still using a VPN. Because VPNs are strict upgrade to network security for most people.

[0]: https://arstechnica.com/tech-policy/2011/04/getting-warmer-a...

I've been toying around with ProtonMail premium service, so this isn't a direct reflection on ProtonVPN the product. However ProtonMail's support is abysmal. For me that hasn't been a direct reflection of the product, however getting anyone from ProtonMail to engage in a cognizant support conversation is next to impossible and takes days to get an answer. They don't seem to treat paying customers any different than those using free service by way of enhanced SLA on support tickets. My interactions have been so bad I've considered getting a refund on all my outstanding credit (hundreds of dollars for multiple users over multiple years).

I'm curious how this bleeds over into support of ProtonVPN.

I switched to ProtonMail about 6 weeks ago and have had nothing but prompt, positive experiences with their support team. Going so far as releasing new import-export tools which specifically address issues I came across when migrating my mail over.

Bridge has been in development for while. I'm guessing that's the tool you're referring to. I've asked them about a few more complex scenarios with regard to sharing of mailboxes and group send-as features. My questions were well defined and not answered in their existing FAQ. The problem I experienced was that they gave me non-answers to my questions. Sure, I did receive a response (days later) but the response didn't address my questions. Since your issue seems to have been well defined I'm not all that surprised you had a more positive experience.

Personally, I never had to use their support. I was lucky enough that everything worked well the whole time. Only reason I switched away was that I wanted a calendar too (using fastmail now)

I was/am contemplating ProtonMail from Fastmail. I've been using it for a couple years now and it's been awesome. I was hoping to gain additional security with ProtonMail but maintain the flexibility I need with multiple accounts and shared addresses that Fastmail does very well.

I fully understand. If you can't trust Proton then you don't _actually_ benefit from anything.

If it helps however, ProtonVPN is by the people behind ProtonMail, the security-first email provider. They started in CERN as a mission to provide email to scientists that wouldn't be subject to censorship.

Their entire business - email and VPN both - embodies the same philosophy that Mozilla does.

It's rare that I trust any company but Mozilla and ProtonMail are two of a _very_ short list.

> Their entire business - email and VPN both - embodies the same philosophy that Mozilla does.

ProtonMail doesn't report security vulnerabilities to the users, when researchers discover them[1]. It has also publicly boasted about hacking a phishing site, when claimed the journalist's report was based on "unsubstantiated rumors"[2]. I really hope that it has nothing to do with the philosophy Mozilla embodies.

[1] https://www.theregister.co.uk/2014/07/07/protonmail_fail_jav...

[2] https://motherboard.vice.com/en_us/article/qvvke7/email-prov...

> I'm excited because VPNs are all about shifting trust: I'm no longer trusting Comcast not to sell my data, I'm now trusting SketchyVPN.

If you use a laptop, it would rather be: "I'm no longer trusting [home ISP] + [workplace's IT staff] + [workplace ISP] + [family I'm visiting's ISP] + [cellular service provider] + [train station hotspot] not to sell my data, I'm now trusting SketchyVPN".

> I trust Mozilla more than to just about anybody: they're nonprofit,

Mozilla Foundation is non-profit but Mozilla Corporation is for profit. I don't know how that would affect your opinion but it certainly did when I found that that out recently when I wanted to know how much they were paid by search engines.

But the for-profit is owned and governed by the non-profit, so overall it's still non-profit. It's probably about the statues of the nonprofit and certainly at least on part about keeping a separation between income (Google) and activities (contrary to Google)

How did you reach the conclusion that you had to trust ProtonVPN?

> For VPN service, I trust Mozilla more than to just about anybody: they're nonprofit, have clear and transparent governance, have many mission-driven employees, and would lose more than they could possibly gain by breaking the terms of service on a VPN.

It seems to me that none of these are reasons to trust either Mozilla or ProtonVPN. The reason to trust Firefox is that it is free software (free as in freedom to run, inspect, share, and modify). If you don't like what Firefox is doing, you have the permission you need to change your copy, or hire someone to vet and/or change the copy you run, and you can help others by distributing your improved version. The seeds of coming to trust Firefox are in its software freedom, not in any public relations effort or perception about Mozilla's employees.

So there's nothing about Firefox that compels you to trust or use ProtonVPN. The limits of how trustworthy you want to make Firefox are up to you individually and other Firefox hackers collectively.

I only use firefox. But I don't feel like I can strongly recommend it because of the long list of bad decisions.

- Google analytics baked into about:addons

- Sending data to Cliqz

- Pocket, as a service being added to the topbar

- Pocket, as a service being added to the default home/newtab page

- Firefox hello

- Completely banning unsigned addons

- Mr. Robot advert

- And now probably this

I want a browser that is reliable, high quality, respects my privacy, and nothing else. I don't want addons baked into it. I don't want to be spied on.

Today I received promotional e-mails from Mozilla to my Firefox Account address. That really annoyed me, dipping into a privacy-sensitive database just to send marketing spam. How can marketing people even get access to that DB?

No Mozilla, I don't want to watch your seasonal streaming music concerts. I want you to get on with building a better browser and stop undermining my trust. Sadly the top management think they're running a social experiment.

I agree, I was pretty pissed when I received this. I really want to support firefox, I really do...

Don't throw the baby out with the bathwater. These are minor things compared to having no other good choice but the Google browser.

I suppose someone should mention Brave is an alright choice. If it had mobile sync working, I might be using it (Firefox currently)

Edit: just checked and their android version doesn't seem to have implemented password manager support yet. I'm excited for when they do, but its disappointing.

Are we supposed to pretend that options like ungoogled-chromium don't exist?

Once there is no more competition Google can change how it open sources a project. Look at Android.

I've never found the "choose this, because the other option(s) suck more" to be a particularly flattering argument for web browsers, programming languages, cars, or politicians.

The modern aversion to "lesser of two evils" is a thinly-disguised post-hoc rationalization for apathy (or worse, nihilism). It's not even false equivalence, because that would suggest trying to paint both "evils" as equal; no, this is simply saying that, when presented with two choices where one is better than the other, we might as well make the worse choice, because who cares?


You should personally should choose the lesser of two evils when those are your only choices. Promoting the lesser evil is not such an easy call though.

From a practical standpoint, promoting an evil, even if it's a lesser evil, has the potential for harming your own reputation as a reliable source.

It is also fundamentally morally questionable, of course what is morally right and wrong is a matter of much debate. Suppose a psycopath calls you up and says "I'm going to do one of two things, shoot a random 5 year old named Joseph, or shoot two random 5 year olds named Kate, which should I do?". Assume for the hypothetical that you know they are telling the truth, and there is nothing you can do about the situation but choosing what you say back. In my view of the world saying "shoot Joseph" still makes you morally culpable, even though you were avoiding a worse situation.

Alternatively, you can lobby for a different choice, or pressure the 'lesser evil' to improve themselves. Rarely do folks bother to do this though after they've made their choice.

It's not supposed to be flattering. It's just saying it's the least bad option.

> I want a browser that is reliable, high quality, respects my privacy, and nothing else. I don't want addons baked into it. I don't want to be spied on.

I recommend that you look into what you're getting with software freedom -- the single most important aspect that makes Firefox different from Google Chrome, Microsoft's web browsers, Opera, or Apple Safari. All of the items on your list can be changed by using your software freedom. And this doesn't have to involve you learning to program (though that wouldn't be a bad idea). It could involve you asking programmers nicely to help you out, or hiring programmers to improve Firefox to be what you think it should be, or getting funds together with others who share your views to collectively fund programmers who work on your shared goals.

As it stands your desire reads selfishly because it is indistinguishable from you saying that you want programmers to develop a free software (free as in freedom to run, inspect, share, and modify) web browser you trust without you doing anything to help vet its trustworthiness or modify the software until it becomes software you trust. We don't have to settle for doing nothing; software freedom lets us have as much control over free software as we wish to have. The limits are on us to make things better.

I know how to program. I've contributed to Mozilla projects. Including minor contributions to components of Firefox.

I do not have the time or the money to personally develop a secure web browser for the rest of the world, nor does any other individual. Your demand is unreasonable.

Moreover, I'm not demanding that Mozilla do something. I'm explaining what would have to change for me to be able to promote Firefox and contribute to reversing the declining market share. Short of not breaking the law I make no claims that Mozilla must do anything.

PS. Chromium is also free software. The difference is how Mozilla develops it's free software.

> I do not have the time or the money to personally develop a secure web browser for the rest of the world, nor does any other individual. Your demand is unreasonable.

Apparently some people do, that's why we have Firefox derivatives like the Tor browser and GNUZilla, among others. Also, I made a recommendation not a demand. I continue to recommend that you consider what software freedom grants you in light of what you say you want other programmers to do for you.

You missed a few things:

- They have telemetry turned as the default

- They are experimenting with TLS over HTTPS and use beloved Cloudflare to handle every DNS request

- They are always in the headlines about some shady 'addon' or 'extension' been sold off and taken over by shady actors

- The TorBundle which is a fork of FF ESR is always in the headlines as been unsecure and way behind FF mainline release

Yes, I'm sure I missed some things, I was trying to keep the list as non controversial as possible. Here are some specific responses.

1. Agreed, but at least they do prompt fairly early letting you turn it off.

2. I'm only looking at things in the release version of firefox. As I note elsewhere they treat nightly/beta users much worse. Longterm TLS over HTTPS is great for privacy, and they had to choose some provider, so I'm mostly fine with this.

3. This isn't their fault, the same applies to chrome. An extension is a third party piece of software you choose to install.

4. Again, a third party piece of software, not under their control. Further they are actively working to improve this situation and bring Tor onto mainline firefox!

> TLS over HTTPS

Sorry I meant DNS over HTTPS

lol, so did I :)

Could you elaborate about the tor browser?

> Could you elaborate about the tor browser?

Currently Tor is behind mainline Firefox in terms of security because it's a fork of Firefox ESR[1]. Pay attention to this part[2]:

> Unlike other release channels, ESRs are not updated with new features every six weeks. They are instead supported for more than a year, updating with major security or stability fixes.

[1] https://www.mozilla.org/en-US/firefox/organizations/

[2] https://developer.mozilla.org/en-US/docs/Mozilla/Firefox/Fir...

Well, unsigned addons are banned in the branded release browser. If you use the developer edition, nightly or compile Firefox yourself then you can install unsigned addons into Firefox. The last option also enables you to turn of Pocket and a variety of other services.

Does anyone maintain a branch with precompiled builds that has sideloading turned on + no Pocket / other services? Preferably with autoupdate still working?

Firefox is my primary browser on Windows, and I'd love to have this stuff removed, but I'm really not at a point where I can be compiling the code myself.

Icecat[0] might be the closest thing to what you are looking for. It's part of the GNU project.

0. https://www.gnu.org/software/gnuzilla/

No binary releases for Windows. :(

38.8.0 was the last one. https://ftp.gnu.org/gnu/gnuzilla/38.8.0/

That's exactly how it should be! The developer version isn't behind any barriers - it's trivially easy to find and install - and it keep the majority of people from installing some of the most malicious extensions.

I use to use nightly, then I found out they spy on you a lot more if you use nightly. I suspect the same applies to developer edition.

[0] https://utcc.utoronto.ca/~cks/space/blog/web/FirefoxNoNightl...

[1] https://lobste.rs/s/ri4kny/you_probably_don_t_want_run_firef...

When you first open a new Nightly install there's literally a banner across the entire browser telling you that it's collecting metrics, along with a button that displays more information and allows you to customize what data gets sent. The whole point of offering a Nightly build is so that they can have feedback on performance regressions and crashes. Characterizing it as "spying" is simply FUD.

And the event I'm linking to is a scenario where Mozilla updated nightly with no warning to share more data without telling me, against the policy stated about the setting in the browser. And a response by a Mozilla engineer saying that they thought this was perfectly acceptable behavior.

I would add:

- Public search for sources of other people's breached personal data via monitor.firefox.com (eg, you can enter anyone's email and see results, and not just your own, as there's no verification that you own the email until you sign up for continuous alerting)

That said, I love Firefox itself and think Mozilla usually try to do the right thing. Someone just lost the security vs usability debate there I guess.

Apparently informing people who won't check their email for a link but will enter their email into a form trumps protecting people who don't know the site exists from stalkers and other malicious actors.

> Public search for sources of other people's breached personal data via monitor.firefox.com

That page is powered by haveibeenpwned.com. Mozilla just made a fantastic security tool available to user who don't know about Troy's site.

> you can enter anyone's email and see results

This data is all very easily available online anyway. It's just aggregating leaks that already public, and neither HIBP or the Mozilla page provide the _actual_ personal info that was leaked.

> Someone just lost the security vs usability debate there I guess.

That's the thing though; this _is_ a valid security tool. And a powerful and valuable one at that. HIBP has been used for years by thousands of users to secure their accounts after data breaches.

In other words, they have publicized the existing tool to make it available to a broader audience without adding anything on top to improve its security. They're both in the wrong on this.

The argument of "Others are being irresponsible, so we should be irresponsible as well" does not stand up very well.

The only valid use case for providing this information is for when a user no longer has access to the email address in question.

In this case, they should still require it to be sent via email, and they should still send a notification to the email address being requested which includes details about the request like the IP it is made from and the email it would forward to, perhaps with a delay-and-prevent option so that someone who still owns the email can prevent the exfiltration by responding to the notice quickly.

Otherwise, this enables anyone to solicit unauthorized PII data about basically anyone else from Mozilla.

Even HIBP somewhat acknowledge the potential damage this can do, from the way they censor some results like the Ashley Madison data breach. They've made the decision that some personal information linked to a person's email address is more worthy of protection than other bits of personal information, which really shouldn't be up to them.

They get away with it because of weak data protection laws and the fact that this caters to individual users who are more likely to opt themselves out if they become aware of it than to file a lawsuit or otherwise apply pressure to make them change.

Isn't that just what haveibeenpwned does? In fact, I wouldn't be surprised if monitor.firefox were using hibp internally.

Yes, it's the same, FF Monitor calls HIBP on the backend. Firefox Monitor is basically branding, to get the information out to more users (and more stalkers) because they are more recognizable.

If you use macOS, Safari since Mountain Lion has consistently hit all three of those checkboxes for me, you might want to consider giving it a shot.

> Pocket, as a service being added to the topbar

> Pocket, as a service being added to the default home/newtab page

Is that really worse than Mozilla allowing all of your Google searches (from the new tabs) to go through Google? At least it owns Pocket.

Mozilla needs to make money somehow. Promoting its own services doesn't seem nearly as bad as the partnership with Google, in my opinion.

It's a fairly straightforward configuration change in the primary configuration screen to switch search providers. It's an advanced about:config change (when even possible) to change those others.

Pocket wasn't Mozilla's own service when they added it.

Maybe we need a light fork which removes all those problematic parts on each release?

Some of this problematic points are historical and resolved, like the Mr. Robot advert.

Maybe with a user-orientated fork the ability which allowed the Mr. Robot-thing would be gone too. As I remember it's a sketchy part which is not neccessary for the basic functionality.

The fact that there are so many points just means we all have to sit and wait to see what the Mozilla Corporation does next. It does not matter if they resolve every grave transgression they do, I already have 0 trust placed on them.

GNU IceCat, or presumably most of these things are compile options.

Agree. Isn't that why we have extensions for?

>- Pocket, as a service being added to the default home/newtab page

Firefox now shows you ads on your home page by default. It's diabolical.

I trust a well-configured Chrome (and with that I mean using the options dialog, not the cryptic about:config) more than Firefox. Even after having a well configured about:config, they managed to remotely install the Mr. Robot advertisement addon on my computer. I freaked out when I saw it.

The Mozilla Corporation would do very well with a big change of leadership.

In that case you would be better served by Google Chrome. I bet it doesn't have Pocket and Firefox hello.

Google chrome has it's own set of problems that I think are worse. Namely giving Google the ability to make services that only work on its browser (which Google has been doing).

The unfortunate part of this is that how much weight you assign to the twos actions is subjective, so I can't tell other people "you should definitely be using firefox instead" in good faith.

I feel Firefox could be quite a bit more attractive, if it did less. I don't want my browser integrated with one particular VPN. I don't want Pocket on by default and hard to get rid of.

I also agree that Firefox needs to work on beautification and marketing.

But I'm happy Firefox did Pocket because I view that as a cross-platform readability and bookmark strategy that other companies makeup for through their platform. Even if Pocket ultimately folds, I'd want Mozilla to do something else in that place. Like if Mozilla knows that iOS users by wide margins use Safari, how are they supposed to get their bookmarks to them?

damned if they do, damned if they don't

It's almost as if giving users options and letting them opt out of things is the way to go. Who would have guessed.

Apparently not, since the opening comment complains about an optional VPN offering and a service integration you can turn off.

You can already opt into Proton VPN. See, it's right here: https://protonvpn.com/

So that's the point; don't bake features into my browser that point me to one company when the whole purpose of a browser in the first place is to be able to visit web pages... like https://protonvpn.com/.

This is about only one thing: money (affiliate sales).

While I'm sure some money exchanged hands, this is obviously not just a marketing move.

We live in a world where VPN are a must if you want to have any expectation of privacy. Giving people easier access to these services is not a bad thing. Mozilla has a privacy-minded vision for the internet. Regardless if you agree with their vision, they are at least following it.

Also, if it's true that Mozilla is auditing ProtonVPN, that is a huge benefit to everyone. The biggest issue with VPNs are you're forced to trust this new company that they'll do as they say with your data (namely that they don't harvest or store any of it). To me, that's a huge thing.

It's also about evangelization, I think. I bet that there is a substantial amount of users of Firefox that do not know what a VPN is, nor how to choose among the very many providers. Without entering in the merit of the choice of provider, I feel it is a good idea, that aligns with the mission of Mozilla and the need of generating income. If I remember correctly, the Mozilla foundation was mainly supported by Google money: having forms of independent income generation is both necessary for any sustainable non-profit, and desirable to maintain, indeed, independence.

Yeah, in the about:config, which you are told not to meddle with by the browser. I agree, it's better than nothing. But it might as well be missing for the average user.

You're right, I totally forgot that you can't hide all Pocket details directly. They're just hidden in menus I never use, so I didn't notice.

Have you tried Firefox Lite? (Android only, I believe)

That is the version I am running on mobile.

I trust Mozilla, and if this helps Mozilla (and Firefox) further, I'm all for it. From a different angle though, I'd prefer more decentralized solutions than centralized ones like a single VPN provider. That could be in the form of more Tor infrastructure coming up to make the Tor network faster (I myself am not capable of setting up and running nodes).

My other concern with centralized VPN is that Cloudflare, with its appetite seemingly focused on being the biggest pipe (by a large measure) for Internet traffic, might soon come up with a free VPN service and kill most others. I'm certainly not a fan of large companies becoming large enough and entrenched enough to put up insurmountable barriers against disruption (this could end up being a futile hope).

when considering different VPN services based on privacy criteria, this site is helpful:


for example, i can see the ProtonVPN is hosted in Switzerland, and that Switzerland cooperates with Five-Eyes countries (according to Privacy International) by sharing intelligence information regarding citizens of Five-Eyes countries (including the US). this is a relatively mild concern, compared to VPNs hosted in one of the Fourteen-Eyes countries.

i can also see they use AES-256 for all data encryption. good. however, their terms of service and marketing material contain conflicting language regarding what information is logged, and details are not provided about how long logs are kept and whether these logs are personally identifiable. (running a truly "no logs" VPN service isn't really possible.)

at the network level, they appear to follow open standards and everything is implemented in a predictable manner. bandwidth looks good, but speeds and pricing are sub-par.

i've used ProtonVPN. i appreciate that they expose the details necessary to configure VPN using the built-in OS-level or router-level configuration screens, rather than requiring that you use their custom app. ultimately, the low speed (compared to similarly-priced VPN services) is what turned me away. it is neither the most privacy-conscious, nor most capable, nor highest value solution in the VPN market and i'm surprised to see this offering come through Mozilla. it's a weird endorsement.

That being said, you don't need to provide your real identity to sign up; in fact, you're encouraged not to. So, it's a lot harder to identify a particular user.

Switzerland has _extremely_ good banking privacy laws so they can't be required to disclose credit card details, so that's an identifying link not available to Five-Eyes. Plus, you can pay in BTC.

I'm not sure about what's required for a company in Switzerland to be compelled to share information with Five-Eyes but I expect they would have to be ordered to by the Federal government; a hard feat given how privacy friendly they are, and how the Cantonal government of Geneva have additional privacy laws.

the proton team has an office in SF negating the advantages of being overseas

I generally distrust VPN providers and appreciate a recommendation from a brand that I generally do trust.

Links to the homepage for me, is this article region specific?

Searching around turned up this blog post, looks like it's US only https://blog.mozilla.org/futurereleases/2018/10/22/testing-n...

How can one subscribe to this?

By using a VPN :)

It's prolly me that I am dumb and don't get it but I am already a Proton VPN paid user. On top of that I have to pay $10? What the fucking fuck?

Did they take the page down? I'm getting redirected to the Firefox homepage

This is a US-only test. You’re only supposed to get the link through an offer inside Firefox. Direct access to the website just redirects if you’re outside the US at the moment.

There are multiple extensions and VPN products out there (some better and some worse), so why are they choosing who wins or loses here. I know it is because of $, but I hate the direction they have been taking lately.

If they did something like search engines, where they have a large list with someone as the default and the ability to add more, I might be ok with it. But certainly not with this sort of advertising.

The number of people installing adblock should tell them that their users don't want to see advertising.

That money has to come from somewhere; I'd happily pay for Firefox but most people wouldn't and it's not cheap developing a browser.

Their outreach, web literacy, and STEM education work is also not cheap and is doing amazing work.

It would be nice for them to list two or three VPNs they've audited though. Their endorsement goes a long way for many people and we would still have a choice then.

1. --

2. Also, is ProtonVPN such a stronger contender than the rest of the field that Mozilla would endorse them?

3. And what is Mozilla's final relationship between you and ProtonVPN? Why are they relevant as a middleman?

It's actually exactly the same price, if you untick the "Anually" button on the ProtonVPN page.

Also, Mozilla actually audited ProtonVPN. I have no idea whether any other VPN have been audited by independent third-parties.

I assume this still works at the network level and not the browser level? If so, the association with Firefox is just confusing things. If not, it's dumb.

I started using ProtonVPN in the last few weeks. If you run Little Snitch, you can see they're sending data to Google Crashlytics. Doesn't inspire confidence. https://www.dropbox.com/s/t5ciujv55g7l2dj/ProtonVPN-Google-C...

They confirmed this [0]. I don't like it, but I don't think it's the worst thing in the world if there's no user data being sent.

[0] https://www.reddit.com/r/ProtonVPN/comments/a0qiuu/protonvpn...

Good to know - thanks! As a privacy company, it seems like a very odd decision by the ProtonVPN product team to use a Google service in the first place and have their brand anywhere close to Google... a company that is the exact opposite of privacy. Regardless, definitely glad they're fixing it.

In particular it's in the todo list to migrate to Sentry on premise.

I've heard good things about Mulvad but have yet to try it out. https://www.mullvad.net/en/

Nord was pretty good but I got rid of them when they removed the ability to see the distances to the servers in their app.

I was really bummed to see that the partnership only allowed you to subscribe to ProtonVPN at the full $10 per month price. It's $8 per month if you subscribe for a year and $4 per month if you get the Black Friday / Cyber Monday deal. I would love to support Mozilla this way, but I would also like to benefit from a 60% discount.

If you want to see this page from outside the US, you'll need a VPN. :-)

Do these services actually provide a (virtual) private network. For example: can I see my home machine and my phone on the same private network? And then connect them using ssh/scp?

First question: yes, they provide a virtual private network between you and the service endpoint.

Second question: no, it's not a general-purpose VPN. It's purely for cloaking traffic to and from anywhere on the internet.

Is there a service that can do the second?

ZeroTier (https://www.zerotier.com/ ) does this. I use it successfully on Windows, Linux, Mac. I've heard positive things about Tinc as well (https://tinc-vpn.org/).

Typically if you're trying to provide VPN access to your own private network, you would run your own VPN server on that network.

If you click Subscribe, you'll see the money goes through Firefox. Why not point directly to Proton's own subscription page?

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact