I don't find this persuasive at all. Mozilla wants to frame itself as the browser vendor that cares about privacy, but there are now popular independent browsers like Vivaldi and Orion that go much further than Firefox to protect user privacy, shipping tightly-integrated and fully-featured adblocking out of the box. Firefox on iOS still doesn't natively support adblocking, they weirdly segmented that capability out into a separate "Firefox Focus" product.
Mozilla becoming an advertising company unquestionably warps their incentives and brings them out of alignment with the end user. Tracking-based internet advertising is inherently adversarial and there's no silver bullet or technical approach that magically makes it less so. The fact that their chief partner for this is Meta is deeply disqualifying, given Meta's track record (e.g. Onavo scandal, among a multitude of other things).
There's a ton of real-world value in having Firefox, with a non-Chromium rendering engine, remain relevant in the market. But if Mozilla wants to retain any marketshare at all, they are going to have to compete with other independent browser vendors on UX and privacy. Becoming an advertising company is not the way.
Vivaldi at least is closed source and I had a hard time understanding their revenue model so it's hard to gauge how privacy respecting they actually are.
Firefox is basically 100% funded by Google. It can't ship an adblocker without defunding itself. It also has a lot more work to do than browsers which are basically Chrome skins.
If anyone reading this was wondering, like me, "how can I automate diff'ing about:preferences to scan for new checkboxes that were inserted and opted-in without my knowledge?"—you can track the zip archive browser/omni.ja in the Firefox install root, and diff this specific file inside that archive (en-US for example),
Which is a plain-text localization file whose version diff will, in this example, contain:
1274,1282d1217
< website-advertising-header = Website Advertising Preferences
<
< website-advertising-private-attribution =
< .label = Allow websites to perform privacy-preserving ad measurement
< .accesskey = a
<
< website-advertising-private-attribution-description = This helps sites understand how their ads perform without collecting data about you.
<
It might be pragmatic to run this as an OS hook of some kind! Pop a short warning dialog every time Firefox adds a checkbox. Probably much shorter than the complete patch notes.
Some people want to keep letting the company do remote installation of code on their computers ("automatic updates") even when everyone knows the company is selling them out.
"The fox guards our hen house. In return we let him eat all the chickens he wants." Mozilla has got you covered.
Do Firefox users ever share patches to remove these undesirable "features". There are patched versions of Firefox with goofy names that claim privacy advantanges. But AFAICT always distributed in binary form.
If Firefox is so bad then which better alternative do you propose?
The one owned by the biggest advertising company?
The one that is only available on Apple's devices?
The one owned by the company that puts ads into the start menu of your OS?
The one that injects its own affiliate ID into the websites you browse?
The one that takes tens of seconds to load even the simplest website?
One of those that don't support JavaScript and thus don't let you use 99% of the web?
I guess that’s one way to look at it, but one of those options is clearly different from the others because the maker doesn’t have the same economic incentives.
It’s a shame that the EC decided to make it easier for websites to force users not to use that one, though.
I clicked on this with a rebuttal already half-written in my head, but (after skimming the CTO's post and then reading the detailed explanation of PPA[0]) I'll admit that I jumped the gun on assuming that PPA was just the latest name for storing an ad id. The idea behind it (that you have to give the advertisers an anonymous way to measure conversions to have a shot at getting them to give up tying your traffic back to your identity) is reasonable, and the implementation doesn't look crazy.
There's details I don't understand yet and I'd like to see someone smarter than me critique the details, but for now I'll put my money where my mouth is by going in to Settings and re-enabling it.
That's missing the broader point. It's a web browser and users don't want this 'feature'. None of this is necessary for me to browse the web which is all I want from my web browser.
Why should I have to jump through hoops and compromise my security and privacy to help some corporation with their marketing and advertising metrics? Why not just make this an opt-in option for users who want to volunteer their data to help these ad-tech companies? Oh that's right, no one in their right mind would do that.
And the CTO's whole argument about stopping the 'perpetual arms race' by compromising with and appeasing the aggressor is absurd. Malicious actors and ad-tech companies will just exploit this too. If there's a legitimate way to access this data then we can only assume there's an illegitimate way to do it also.
No offense but are you confident you know what PPA is/does? "volunteer their data" doesn't seem a remotely fair characterization to me.
Ignore the CTO's hand-wavey justification and go look at what it actually does and tell me if you still hate it this much. I agree with you ideologically but I think you're engaging in friendly fire here.
> That said, we consider modal consent dialogs to be a user-hostile distraction from better defaults
What a load of b**
So THAT is why they turned a feature on by default that does not have any upside for the users? Why has blatant lying become acceptable for executives?
Can't wait for Ladybird to become a viable alternative.
> we consider modal consent dialogs to be a user-hostile distraction from better defaults, and do not believe such an experience would have been an improvement here.
(before the uproar):
> This feature will be enabled by default with an option to disable it.
Having this enabled for more people ensures that there are more people contributing to aggregates, which in turn improves utility.
Yep, some weird 'express yourself with this limited selection of colors' thing. Keeping in mind we've been able to adjust that for as long as I can recall
It seems like a lot of folks are pretty upset about this.
I go to great lengths to avoid advertising. I've even routed mail to my post office's general delivery rather than give away my address.
But I am also practical. The CEO makes a fair point that ads aren't going away. This wouldn't work as an opt-in.
The big miss here was messaging. The CEO has got to know most FF users use FF to for privacy. If they wanna make it an opt out, fine. But then people have to know there is something to out of. Then again, maybe this was in the release notes and on the blog.
> Then again, maybe this was in the release notes and on the blog.
It belonged in the big tab they popped up when 128 was installed. If that's not for informing users about major new features they really should know about, what is it for?
It's weird, I never get that tab here on my FreeBSD install. Whatever triggers it doesn't happen for me.
Now, it's not even an officially supported platform for firefox so perhaps the maintainer did something that breaks it, and it's not super critical because I follow the news anyway. I'm glad it works in at all in the first place.
I'd much rather the ongoing game of cat and mouse than... this creation, honestly. It's entirely practical. I haven't seen significant advertising in forever. HN dogfood is the most of it
Basically, I don't buy the proposition that the surveillance will ever stop, so I won't disarm myself
> I'd much rather the ongoing game of cat and mouse than... this creation, honestly. It's entirely practical.
Also, I'm 100% sure that advertisers won't stop fingerprinting even when they have this, because it every little tidbit of info they can get will be worth it for them. It's not a gamechanger for either side. I won't let go of my adblocker and they won't let go of their sneaky invasive tactics.
I agree. Thinking strategically, it is a win/win if advertisers can become convinced that this approach works well enough to rely on it. Inverting the responsibility for storing a users profile data - to the user agent - benefits the advertisers from a cost perspective and the users from a privacy one. “localfirst for your ads”
It's a skill issue then, I do that too with resounding success, I haven't seen an ad in decades, either on pc or android. I don't use apps which have ads and only use browsers that support ublock origin on any platform.
> But I am also practical. The CEO makes a fair point that ads aren't going away.
So? I won't stop fighting. Especially since I seem to have won the moment ublock origin came out and that status is unchanged.
> This wouldn't work as an opt-in.
Yeah, because I hate that industry so much I'd rather not use a device than see an ad.
> But I am also practical. The CEO makes a fair point that ads aren't going away. This wouldn't work as an opt-in.
That's not practical, it's defeatist. Firefox has done absolutely nothing to make ads go away, that's all done by third-party extensions. They can at least try before claiming defeat.
> The big miss here was messaging.
No, that was a relatively minor blunder. The big miss is yet again ignoring preferences that they know a large part of their userbase has. Why do you think FF has been bleeding users? Because of shit like this that makes it into nothing more than worse Chrome.
> If they wanna make it an opt out, fine.
No, opt-outs for privacy violations are never "fine". Even an opt-in would still go agaisnt Firefox's mission since there is zero user benefit to this feature.
No matter how you try to spin this, I don’t think you can call your browser a “user agent” if it’s implementing features that exclusively benefit advertising companies.
If it were feasible to write one’s own web browser for personal use, no one would add this feature out of kindness to advertisers.
It seems to me that Mozilla is gambling with the privacy of their users.
The gamble might be worth it, even though I do not think so.
But even if it somehow was a good gamble, that it not how Free Software projects should work. Free software should prioritize the wishes of users. If a lot of firefox users collectively decided to give up some privacy to avoid loosing more privacy, that is their choice, but that is not what have been happening.
Using this kind of defeatist arguments, there is no end to backdoors and compromises that can be defended.
I would prefer Mozilla to fight in the arms race.
I also wonder: what is the next step? I.e., why would advertizing trust firefox instances. It is tempting to create a fork of Firefox that use and manipulate this API in all kind of ways.
>The prototype is temporary, restricted to a handful of test sites
Does that mean that there's only a few websites that can benefit from this data, and that there would be a list of websites that can profit from this or something like that in the future? Not sure if that's a good thing. I hate ads, and think that enabling this by default is still a super weird inversion of control (the user client should think about the user, not the websites that it browses). But I really wonder about who will gate keep the access to the aggregated data, and if that won't make the big players even more dominant in web advertising.
Our Browser options are currently all tied to one of the big AdTech companies:
* Safari is owned by Apple
* Edge is owned by Microsoft
* Chrome is owned by Google
* Firefox is partnered with Facebook/Meta
I guess technically there's Opera (owned by Chinese company Kunlun) and Brave (known for inserting affiliate links into stuff), which aren't any better.
In the future there might be Ladybird (where we'll have to see if Shopify wants something in return for their >=$100,000 investment), though that's pretty far off.
I know that maintaining a browser is a massive amount of work, but man, things are bleak. I guess that an OSS fork like Librewolf or Chromium is the best option these days.
They do have a "Privacy Preserving Ad Measurement" setting that's enabled by default. Just like Firefox, you can opt out of it, but it is opt-out - so same deal as with Firefox. Apple may be a lot better than others, but they're still doing tracking.
This is not tracking for Apple ads, this is the exact sort of thing that Firefox is experimenting with now, of providing a carrot to advertisers in the form of a means of measuring ad effectiveness without violating user privacy.
Apple turned on its equivalent of PPA by default in Safari and iOS back in 2021. Apple also runs ads in Apple News, which you cannot uninstall on MacOS.
- "in the absence of alternatives, there are enormous economic incentives for advertisers to try to bypass these countermeasures, leading to a perpetual arms race that we may not win"
It's in the user's interest to attempt to appease the spammers? It's in the user's interest to voluntarily hand over some personal, private information about themselves, to commercial stalkers, in hopes that–what–satiates the data harvesters?
I don't think this is fair. It's not like we have great privacy now, and Mozilla is in danger of giving it away; advertisers already fingerprint your browser and tie your traffic back to a real-world identity today. I don't think PPA would help them do that any better at all.
Mozilla's position is, instead of the arms race to hide/identify traffic, if the browser builds in a way to measure conversions that doesn't rely giving up your identity then advertisers have less need of getting at your identity through other means. (And they haven't said this, but I assume the next step is, if advertisers can measure conversions then it becomes easier to envision legal countermeasures in the form of regulation)
> Telemetry is the in situ collection of measurements or other data at remote points and their automatic transmission to receiving equipment for monitoring.
Well, they’ve been trying to fight the advertisers for, oh, 2 decades now; and the advertisers have basically won every fight repeatedly. This is combined with Firefox market share declining to the point that if they do not at least somewhat placate the advertisers, the advertisers could simply block Firefox en-masse and survive. Time for a new strategy.
Believe me, the advertisers are probably watching the whole Manifest v3 rollout in Chrome very closely; and weighing the odds that, if they block Firefox, they’ll be able to kill it off completely and have ads for everyone.
> Well, they’ve been trying to fight the advertisers for, oh, 2 decades now; and the advertisers have basically won every fight repeatedly.
Who has been fighting the advertisers? Mozilla? No, they haven't even included a basic ad blocker with FF, only some lackluster "tracking protection" that barely anyone is going to enable (while implementing whatever new privacy leaks Google proposes). If the advertisers have won any fights it is only because Mozilla hasn't even bothered to show up.
Which two decades? They haven't even began trying to fight advertisers. There are a few browsers with aggressive ad blocker shipped out of the box; Firefox is not one of them.
Claiming modal consent dialogs are “user hostile” then making an obvious anti-feature silently opt-out is really insulting user intelligence.
The browser is one of the most important tools and we’re stuck with no truly good options. I’m positive my terminal or image editor is never going to smuggle data to help ad companies out, but with browsers and operating systems those concerns are the norm now.
More dissembling. Anonymous and private are not the same thing. Claude Shannon mathematically formalized what privacy is all the way back in 1949, and this isn't it. No matter how much Mozilla twists and squirms, they are deploying a system that converts your private activities into information that benefits your adversaries. A privacy preserving system doesn't do that. It gives nothing to your adversaries.
You can't reference Claude Shannon and information theory and then say a system to serve ads that preserves privacy can't exist. It's especially ironic because they use a technique called Differential Privacy to prevent any actual bits of information from being leaked to advertisers: https://andrewmoore.ca/blog/post/mozilla-ppa/#user-content-f... / https://arxiv.org/pdf/2405.16719
Differential privacy just means the info isn't linked to individual users. It is still information. Statistical information is information. If it was useless to advertisers, they wouldn't be willing to pay for it. And if it is useful to the advertisers, then extracting it without user permission is invasive.
Fine, but privacy is privacy. I'm no fan of advertisers either, but if you're going to invoke Shannon let's use the right terms and stay intellectually consistent.
Do you understand Shannon's definition? Have I made a mistake somewhere? Differential privacy as I understood it is a statistical notion. It gives the advertiser a noisy average of the behaviour of a large group but not about the individual users in the group. Mozilla pulls a switcheroo saying that the individual info is protected so everything is fine. In fact the statistical info is invasive too, and that's Shannon's notion. The system is private if the information gained by the adversary is exactly zero.
Also, "advertiser" is way too benign a term: in cryptography we generally use "adversary". Consider that in this election season, the Trump and Biden political campaigns will be among the biggest advertisers. Mozilla will sell them information and they will use it. Question: will they only use it to solicit votes, or will they also use it to help round up their enemies if they get into power?
And yes, they can use statistical information for that. The first thing they will want to know about any specific class of enemy is how many of them there are, before worrying about identifying individuals. So Mozilla shouldn't help them with either.
Does Shannon actually have a concrete definition of "privacy"? Maybe you're confusing it with "perfect secrecy", which is a cryptographic measure I'm not sure applies here.
> Mozilla will give them information and they will use it.
Let's just get on the same page about what information the advertisers get. I'll reproduce the paragraph I linked to:
> Since the DAP server acts as a middleman, and reports are only generated at conversion times (impressions without conversions are not reported), ad networks have no way through this method of collecting your personal information (such as your user information or your IP address/browser client info). All they receive is an aggregate that informs them that their ad y (published on source x) led number of people to a positive outcome for their customer over a period of time p. Some amount of noise is also added to the information in order to further strengthen privacy[7].
I'm not aware of how you "round up your enemies" using conversion rate information on websites. It doesn't even tell you how many "specific class of enemy" there is, it's too muddled by the variable of the click rate of the audience.
Not to mention that as state actors I'm sure they would have other, more useful and reliable methods of doing... whatever you're accusing them of doing.
> Does Shannon actually have a concrete definition of "privacy"? Maybe you're confusing it with "perfect secrecy", which is a cryptographic measure I'm not sure applies here.
Perfect secrecy is the standard that a browser calling itself privacy preserving should use. It should give the adversary no information that they don't already have. The concept of browser privacy of course didn't exist when Shannon wrote his paper.
> I'm not aware of how you "round up your enemies" using conversion rate information on websites. It doesn't even tell you how many "specific class of enemy" there is, it's too muddled by the variable of the click rate of the audience.
The adversary can make a statistical estimate before getting the conversion rate, and another one that has been conditioned on the conversion rate. If the two estimates aren't the same, they have gained information, so Shannon secrecy has failed.
Why do you make this so complicated? Mozilla runs this program and if you participate in it, your adversaries benefit from your participation. So do you want to participate? More concretely, what do you think of Mozilla opting you in by default? Which side did they say they were on?
> Perfect secrecy is the standard that a browser calling itself privacy preserving should use.
I'm not convinced. It sounds nice, but why? We already know Mozilla's counterargument, and in my personal experience of having thrown chaff in the way of annoying interlopers before, it seems reasonable.
> If the two estimates aren't the same, they have gained information
Okay, so by my understanding, now the goalposts are all the way out to being unable to capture the count of enemies but being able to verify the count? I feel like this is a long way from the original argument (in either intention or phrasing).
> Why do you make this so complicated?
Because I have at least a passing interest in nuance.
It's not great that Mozilla hasn't learned from the Pocket debacle, and I am glad that folks like yourself are understandably angry about being opted into something that benefits others without not just consent but even notification, because pushing back on stuff like this even on principle is commendable. We don't disagree on that being wrong.
I would just prefer we discuss facts based in reality and focus our conversation, because that makes change more effective. If you want a blanket ban on advertisers across the web, I'm in agreement with you. If you want Mozilla to stop shipping potentially privacy-affecting changes without consent or notification, I'm in agreement with you. But the actual system they describe and their reasoning for implementing it is, in my mind, relatively sound.
> Okay, so by my understanding, now the goalposts are all the way out to being unable to capture the count of enemies but being able to verify the count?
I don't think the goalposts have moved, at least for me. I've always had them set at Mozilla not turning any info over to advertisers. They spout a mathematical formalism (differential privacy) so I point out that a better formalism (Shannon secrecy) already existed 70 years earlier and they should stay with it.
> If you want Mozilla to stop shipping potentially privacy-affecting changes without consent or notification, I'm in agreement with you. But the actual system they describe and their reasoning for implementing it is, in my mind, relatively sound.
"Without consent or notification" is more misdirection, since they did give notice and arguably obtained consent, knowing perfectly well that almost nobody actually reads the notifications and conditions, and instead uses the defaults. If they have default opt-out and a true affirmative opt-in then that is more acceptable. We went through this with email spam more than a decade ago, and currently acceptable practice is DOUBLE opt-in.
> But the actual system they describe and their reasoning for implementing it is, in my mind, relatively sound.
I can believe that in technical terms, their system does what it says it does. Their reasoning for implementing it is that it brings in money, and that reasoning is probably sound too (i.e. it really does bring in money). Their reasoning that it preserves user privacy is self-serving and obnoxious. They too successfully obfuscate how real privacy protection would work.
"The FBI sifted through customer data collected by San Francisco-area grocery stores in 2005 and 2006, hoping that sales records of Middle Eastern food would lead to Iranian terrorists," CQ's Jeff Stein reports.
"The idea was that a spike in, say, falafel sales, combined with other data, would lead to Iranian secret agents in the south San Francisco-San Jose area.
"The brainchild of top FBI counterterrorism officials Phil Mudd and Willie T. Hulon, according to well-informed sources, the project didn’t last long. It was torpedoed by the head of the FBI’s criminal investigations division, Michael A. Mason, who argued that putting somebody on a terrorist list for what they ate was ridiculous — and possibly illegal."
So we escaped that time. What about now? Don't forget that thanks to the Supreme Court, the President is now immune from prosecution.
It's information still, maybe not targeted to the individual, but it allows still identifying trends which will eventually result in an ad I will (maybe) see. The advertiser wastes its time trying to show me an ad I will likely block, requiring filter managers to spend time blocking the ad and requiring me to spend time installing the extension. The total utility of the system is negative, even if just slightly. Sure there are cases where an ad could inform me of something useful I actually need, but this has basically never occurred to me, ever.
From there we can devise that the best solution for society is a global ban on advertisement.
I think the first order utility of the system is indeed negative. But the second order effect is to set a boundary with advertisers as to what is acceptable, which is positive.
I don't think it actually allows advertisers to identify trends except in terms of conversion rates. Let me reproduce the paragraph I linked to:
> Since the DAP server acts as a middleman, and reports are only generated at conversion times (impressions without conversions are not reported), ad networks have no way through this method of collecting your personal information (such as your user information or your IP address/browser client info). All they receive is an aggregate that informs them that their ad (published on source ) led number of people to a positive outcome for their customer over a period of time . Some amount of noise is also added to the information in order to further strengthen privacy[7].
Impressions without conversions aren't reported, so the only trends seen are over conversions as grouped by websites. If that's all it takes for advertisers to stop fingerprinting us, I'm open to something along those lines.
> But the second order effect is to set a boundary with advertisers as to what is acceptable, which is positive.
The idea of advertisers respecting boundaries or caring what other people think is acceptable seems hopelessly naive. As I remember, the Do Not Track (DNT) header was motivated by the same ideal, and it failed totally, as one should expect. Advertisers will take whatever they can pry loose.
> Impressions without conversions aren't reported, so the only trends seen are over conversions as grouped by websites. If that's all it takes for advertisers to stop fingerprinting us, I'm open to something along those lines.
They won't stop, and anyway fingerprinting is just one invasion out of many. If they also want information about trends, then of course I want to deny that to them as well.
Thought experiment: instead of opting everyone in by default, suppose Mozilla does an A/B test. Opt in 50% of the users by default, and opt out the other 50%. Then see how many users in each group switch the setting away from the default. Do you expect more will opt in on purpose, or opt out on purpose? What does that make you think of Mozilla's actual choice of default?
> As I remember, the Do Not Track (DNT) header was motivated by the same ideal, and it failed totally, as one should expect.
Microsoft decided to turn on DNT by default in Windows 8 / MSIE 10, which led to a violation of the DNT standard and a complicated debacle which rendered the whole thing pointless. It was a silly idea and an even sillier outcome, but that does not make the ideal itself silly.
> They won't stop
Then we can rip this out later, or submit a patch to opt everyone out. I trust Mozilla to accept such a patch much more than I do Google. It's not irreversible, it's an ongoing negotiation.
> Thought experiment:
Your thought experiment ignores the rationale Mozilla provided. I think ideally we would be notified on first upgrade / out of box that we are opted in to sharing our preferences with advertisers in a limited way, with a nice obvious "Opt out" button in that notification. That way, legitimate advertisers get the limited conversion rate information they desperately want from enough people who aren't interested one way or the other, and those who are diametrically opposed to the entire concept are perfectly able to turn it off before their first browsing action.
But I also don't think they'd build an interface this extensive for what they describe as a limited test run against a handful of allow-listed sites for exploratory and standards-determining reasons. I would have liked to at least see a heads-up upon the activation of this system in those cases, since that seems easy enough to build for a test run.
> Then we can rip this out later, or submit a patch to opt everyone out. I trust Mozilla to accept such a patch much more than I do Google. It's not irreversible, it's an ongoing negotiation.
Like removing the UI option to turn off Javascript? In fact they've now made it near impossible to turn off Javascript in a running window. (You can turn it off before it begins to run, but it used to be possible to turn it off after it had already started running, say to populate a page that you wanted to look at). When has a revenue-generating "test" ever been reversed?
Anyway, what info that advertisers are currently getting, will be withheld from them under the new regime? If they will get everything they got before, plus more stuff besides, that can only make things worse. Most of us think that it's plenty bad already.
> That way, legitimate advertisers get the limited conversion rate information they desperately want from enough people who aren't interested one way or the other, and those who are diametrically opposed to the entire concept are perfectly able to turn it off before their first browsing action.
By that logic, it's ideal for the Mafia to recognize a "do not kidnap" button that anyone diametrically opposed to kidnapping could choose to wear. They are then free to kidnap anyone not wearing the button. I could accept it being the other way around (they can kidnap you if you wear an opt-in button) though I'd hope they get few takers.
In fact, the statistical "great unwashed" info does tons of damage in its own right, and that's why it's not ok to simply exclude a few self-selected outliers. Shoshana Zuboff's book "Surveillance Capitalism" goes into this. They want to make behavioural predictions about whole populations, and "differential privacy" is one of the obfuscations they use to sell invasions that enable that. Disclaimer: I haven't read the book yet--it's been on my list for a long time. I got the above info (about predicting population behaviour) from reading an online interview with the author. IDK if she mentions differential privacy specifically. That conflict is my own interpretation.
The problem is that the boundary is not acceptable. The acceptable boundary is none of my information is exfiltrated. Pretending that we have set an "acceptable" boundary is manufacturing consent to being spied upon, and is itself a problem.
Yes, we're being asked to accept Mozilla giving up on thwarting the adversaries and instead transitioning to cooperating with them, "because the economic forces are too powerful" - which is a politically indirect way of saying "Because Mozilla want 'dat money, badly".
It's an endless cycle of Mozilla buying some shitty company then forcing their shitty "technology" into Firefox. We must be on episode three or what of this nonsense now. "Leader"ship is rotten.
Why is everybody concerned about FF adding an alternative to tracking (a good intention in my opinion) and why is nobody concerned about the technical details, especially the so-called "3rd party" that is supposed to aggregate and anonymize the data? That anonymizer can be corrupted, bought, hacked, etc.
So from his post I got that together with Meta at W3C PATGC in partnership with ISRG they have created a DAP/Prio which uses an MPC, which is pretty uncompromising on a privacy front. I guess all my concerns are alleviated now, sounds very authoritative.
I'm sure I miss something, so could anyone from "privacy-protectionists" explain how they see Mozilla/Firefox surviving in the medium-to-long run, given that:
- main source of income for Mozilla is an Ads Company
- "ads industry is not going to pack up and leave"
- ads industry has much deeper pockets than Mozilla (even if Mozilla replaces Google's money bags with someone else's money bags of equal size)
- any step away from the extreme privacy-protecting position is seen as treason
?
I’ve started seeing adverts in theguardian.com again today, on iOS, where there weren’t any before. I use Firefox Focus and noticed that my is at version 128, released a week ago. Is this purely a coincidence or am I seeing this because of a change in policy at Mozilla?
Firefox Focus, while being a Safari based browser in its own right, is also a “content blocker” plugin, supported in iOS Safari for several major versions.
Honestly I am pretty convinced by this post. Good job Mozilla.
> Digital advertising is not going away, but the surveillance parts could actually go away if we get it right.
This rings especially true to me. A lot of people, especially HN readers and myself included, hate advertising so much that we want to block ads altogether. But clearly we are still in the minority and we have to accept its existence. I think Mozilla's position here is clear: digital ads are evil but it's a necessary evil, so the best we can do is to limit how evil it could be.
> It is often misquoted as "peace in our time", a phrase already familiar to the British public by its longstanding appearance in the Book of Common Prayer.
I must admit, even after reading the WP article, I am not clear on how it applies to TFA reddit post.
Mozilla becoming an advertising company unquestionably warps their incentives and brings them out of alignment with the end user. Tracking-based internet advertising is inherently adversarial and there's no silver bullet or technical approach that magically makes it less so. The fact that their chief partner for this is Meta is deeply disqualifying, given Meta's track record (e.g. Onavo scandal, among a multitude of other things).
There's a ton of real-world value in having Firefox, with a non-Chromium rendering engine, remain relevant in the market. But if Mozilla wants to retain any marketshare at all, they are going to have to compete with other independent browser vendors on UX and privacy. Becoming an advertising company is not the way.