It's great to see this recent marketing initiative from Mozilla to frame themselves as a privacy-first company. Mozilla has always been considered by the community as an organisation that should respect the privacy of their users, but there hasn't until now been such direct public statements to that effect to point to.
Mainly I hope this can now be pointed to by Mozilla/Firefox users as a set of standards that should be followed when Mozilla devs put in place measures that infringe users' privacy or don't do enough to protect it.
Right now, https://mozilla.org/ sets 15 Google cookies and 12 Google localStorage tracking values when you visit it. Mozilla's previous statements[0] justifying this have been fairly weak. I really hope this new PR initiative gives some extra leverage to those asking for change.
Be careful taking in this new direction as anything more than marketing PR. As you've stated before, I don't even think this time, it's anything more than the marketing department speaking for everyone. Mozilla has had weak statements on previous PR controversy's before. On a longer timescale, the organization will change it's position again due to economic and cultural pressures.
It's interesting to me how you can call out this post and recent others as a "marketing initiative from Mozilla" without any apparent backlash (as of yet), but when I called it "brigading by Mozilla supporters and fans" on multiple other threads I was completely removed from the conversation. Is there really a difference?
Is this the sort of story that casual users or even avid fans of the browser would organically promote? That's the logic that I was handed in some of the responses to me. Am I that out of place to assume that the following is how it goes down? 1.) The marketing/evangelical folks at Mozilla create a story and post it here and elsewhere. 2.) They put out a call to all their supporters in various channels to come and help promote the story (and keep other commenters in line apparently)...
I think the problem is that comment forums always optimize towards showing me what the currently active mob/majority thinks about a topic rather than sorting things towards my own personal tastes. I'd much rather see a rating system that weights posts/topics and comments based on my history. For instance: if I've promoted a certain topic in the past, put it higher. If I typically promote a given user, put their comment higher. If I typically promote a certain user who promoted another comment, put that comment higher. And so on. Basically censor the stuff I usually disagree with instead of allowing mob rule. [1]
I don't see the point of trying to make everybody see the same truth because that's not how real life works. Mostly, people tend to live in tribes. Wouldn't it be nice if the Internet wasn't always in your face telling you how wrong you are? IMO, such systems would put a chill on the global culture war.
[1] - This might be the perfect problem for a graph database. If anyone wants to work on something like this, let me know how to contact you and I'll give you all of my ideas!
No, I'm advocating for plurality of opinion, exposure to new information and constant challenging of my own viewpoints.
My reasoning is that, at any given point in time, I am wrong about a great number of things. I fear that any algorithm that learns to present me exclusively with the content I like (i.e. which elicits the least emotional objection) is going to hide all things that might correct my current errors.
> No, I'm advocating for plurality of opinion, exposure to new information and constant challenging of my own viewpoints.
Good for you! Now, how about letting people get challenged and exposed to new information at a time and place when they choose to instead of constantly? I like camping and hiking...but I'm glad I get to go home to my comfortable house most of the time.
People are currently starting to gravitate more towards small group chats on WhatsApp and similar and away from places like Twitter and Facebook. I wonder why? Could it be it's because they don't want what you want 24/7?
I think so.
And the system you're advocating for, the current one, is obviously way more susceptible to being gamed. As you can see here all it takes is a small mob and a marketing push to get your unpopular browser on the front page 5 times this week. The system I want isn't susceptible to that in the slightest (but if I want to go look at things that I might not agree with, I'm still able to - that's my whole point: User in control, not some timely mob).
> People are currently starting to gravitate more towards small group chats on WhatsApp and similar and away from places like Twitter and Facebook. I wonder why? Could it be it's because they don't want what you want 24/7?
Are they and does this have anything to do with exposure to conflicting opinions? Proper studies would be needed to determine this conclusively. After all, this is how it used to be, before Facebook and Twitter appeared and became widely popular not that long ago.
> And the system you're advocating for, the current one, is obviously way more susceptible to being gamed.
I'm not advocating for any system, this is just how life is: you undoubtedly encounter opinions which are not aligned with your own. You will also be wrong a lot of the time. That's nothing to be afraid of. You certainly don't need to build a sheltered city to hide from this.
> The system I want isn't susceptible to that in the slightest (but if I want to go look at things that I might not agree with, I'm still able to - that's my whole point: User in control, not some timely mob).
Except this doesn't really work in the general case. It's both intuitively familiar and well researched that it is really hard to change someone's mind and opinions are very inert.
Furthermore, I don't really see why it would be useful to expend significant energy to shelter yourself from opposing opinions. Simply to avoid emotional discomfort? If you're not in the mood for it in a certain moment, simply not reading online forums and going for a walk or picking up a book seems like a better option.
It is not a dicothomy. While there are obviously trends at all times, they evolve over time and new ones emerge.
I do not know your positions but it could simply be that someone with the right formulation able to start a trend is yet to come.
Mob mentality is not the same as a popular idea or opinion, could be that popular assumption are indeed wrong and many people either do not care (maybe for principles or maybe because it is not really important) or just never encountered convincing arguments.
> Mob mentality is not the same as a popular idea or opinion...
Firefox isn't popular and that's my point. A browser with less than 10% market share got on the front page of many places this week because of a marketing push that was helped by a group supporters, a mob, who helped push it there.
A system that was optimized more towards my own dislike and distrust of Firefox and Mozilla wouldn't have shown me this bullshit.
Most people follow like minded people, become surprised when they have an unexpected opinion, and sometimes unfollow them. Not sure developing new social media would gain adoption.
I love Mozilla, but it's difficult to take this seriously while they're still partnering with Cloudflare on in-browser resolvers that bypass my local DNS resolver and expose my lookups to Cloudflare: https://blog.mozilla.org/futurereleases/2019/04/02/dns-over-...
Mozilla has published a DoH resolver policy[0], which should hopefully allow more resolvers to be added to the default list, and let Firefox pick as per latency.
My personal resolver gives me better latency than both CF and Google, and I plan to get it added to the list[1].
Maybe, but no one is forced to use their ISPs DNS either. Giving user's data to one snoop to protect them from another doesn't sound like a win to me either way.
The nice thing about Firefox is that you can configure it to use any DNS resolver you please!
It may perhaps be worth considering privacy-enhancing settings in the context of a mass-market product, where the vast majority of users do not know what DNS is and do not run their own resolvers. In such a context, do you think it might be possible that most users might be better off with privacy-first defaults? With, of course, all the appropriate configuration options for more sophisticated users.
Whoever wrote that blog post made several claims which are contradicted by the linked blog post. I'm wondering whether that's just being confused on the different between enabling the DoH code behind a disabled default setting and changing the default configuration to use a particular server.
Here's what Mozilla said:
> Firefox does not yet use DoH by default. See the end of this post for instructions on how you can configure Nightly to use (or not use) any DoH server.
> Our second effort focuses on building a default configuration for DoH servers that puts privacy first.
Um, wtf? So, they're now bypassing user choice on DNS in order to send your domain lookups to Cloudflare and this is supposed to be security?
From https://bugzilla.mozilla.org/show_bug.cgi?id=1529437 it says "[QA:] We have finished testing ... GREEN - SHIP IT" and "signed version [...] for release". Does that mean it went mainstream and is now a browser default?
I see a preference name "network.trr.uri" with a cloudflare URL used for "dns-query" ... that looks bad?
Where in this page is the actual promise? Is it the "take less" bit? That is a surprisingly weak statement.
I think almost all of the statements made here are worded vaguely enough that could be equally have been claimed by Google, e.g. "never sell ... your info" / "only data we want is ... data that serves you in the end". But I think Mozilla's actual intended position is pretty far from Google.
Mozilla do too though, for example for Hello, or Pocket? They also have an advert for Firefox Mobile on desktop browsers. So Mozilla's ads are clearly de minimis in comparison, but they don't disagree on the prinicple of targeting ads to users (even after they've expressed a preference to receive no advertising).
How about "take nothing" instead of "take less"? No PII should be "taken" anywhere. They're a browser -- a platform -- and as such they should be taking great strides to prevent collection of anything at all by applications running on that platform.
Tbh, I don't have as big an issue with Mozilla "taking" lots and lots of my PII as I do with Mozilla sending data about me to 3rd-parties.
That is unfortunately not alluded to directly at all in this promise.
In fact, for an org championing privacy, one would expect them to at the very least be compliant with something like the GDPR. However, the privacy link[0] in the footer of their website lists data to 3rd-parties by default and describes (pretty non-straighforward) methods to opt-out of each of these individually, rather than the normally required explicit consent of GDPR.
It's good and all that you have a policy, but the fact remains that you have the ability to make exceptions for collecting PII in category 4. That's what I mean by "don't collect" -- this stuff isn't your data. Get your mitts off it.
You make it sound like we could decide to have Firefox collect your PII without your consent. We won't. The standards for the collection of category 4 data are
"Default off. May be eligible for opt-in data collection by specific users, provided there is (i) advance user notice (ii) consent and (iii) an opt-out."
The only collection of this data that I'm personally aware of is the Firefox Pioneer program.
Funnily enough, the Pocket logo is present in the thumbnail for the Firefox Family video on https://www.mozilla.org/en-US/ Pocket does not however feature in the video (which is unironically hosted on that Google video hosting platform...)
That's really weird that they don't host the video themselves but instead on YouTube and send all their users (who go on that webpage) automatically to Google.
Firefox is really doubling down on their positioning vs Google, I feel like every day I see a new privacy-focused promise or tool on the front page from Mozilla
It was a perfect time to strike while Google is being seen to make anti-user decisions with Chrome and ad-blocking add-ons. I don’t know if it was a coincidence but the timing was excellent.
Looks like they conveniently forgot of when they sent the entire browsing history of some users to a third party advertisement agency. Thanks for protecting my privacy, Mozilla! Looking forward to your next surprise.
Of all the things I wish Mozilla did differently, their choice of internal corporate email provider is roughly at the bottom of the list. Using a FOSS solution provides essentially zero benefit to even a fraction of a percent of their users.
Their job seems to be to appear to geeks as if they oppose Google whilst still funnelling as much useful traffic/data to Google as possible. Then people who oppose Google can use Firefox, thinking it helps, when it probably helps a lot less.
It would be like a political party being the main donor to the second choice party.
I don't know.
I hate DRMs and so far I've successfully managed to avoid using EME.
But I recently said good things about Firefox to someone, and noticed one day that they switched to it from Edge. It felt like a small victory.
This person uses Netflix and Spotify. If Firefox didn't support EME, they would not have ditched Spotify and Netflix. They would probably have gone back to Edge, or installed Chrome and used EME from there. EME would not exist in my ideal world but in this case I'm kind of happy EME works in Firefox. Using Firefox over Edge or Chrome is a net gain. Maybe this person will evolve and start to refuse DRMs and/or seek free software (one can dream), but this is not today. Firefox acts like an entry point to this world. If the entry point is too rough, it will not be taken. One thing at a time.
We ask ourselves: do we actually need this? What do we need it for? And when can we delete it?
That is the minimum of every company's obligations under the European GDPR (Genderal Data Protection Regulation) and even then as far as "our promise to you" goes the answer can simply be "yes, to guide us making better services, for as long as you use anything from Mozilla".
Tech companies are using the word “privacy” a lot these days [..] They all want you to think they can be trusted.
What the US needs is a regulatory framework like GDPR that incentivizes this sort of behavior. Private data should be considered a liability, not an asset. Taking less and keeping it private+secure should be the default -- not the exception that needs calling out.
Kudos as usual to Mozilla for going out of their way to promote these principles.
Mainly I hope this can now be pointed to by Mozilla/Firefox users as a set of standards that should be followed when Mozilla devs put in place measures that infringe users' privacy or don't do enough to protect it.
Right now, https://mozilla.org/ sets 15 Google cookies and 12 Google localStorage tracking values when you visit it. Mozilla's previous statements[0] justifying this have been fairly weak. I really hope this new PR initiative gives some extra leverage to those asking for change.
[0] https://groups.google.com/forum/#!msg/mozilla.governance/9IQ...