Firefox is on a slippery slope December 16, 2017 on Drew DeVault's blog

For a long time, it was just setting the default search provider to Google in exchange for a beefy stipend. Later, paid links in your new tab page were added. Then, a proprietary service, Pocket, was bundled into the browser - not as an addon, but a hardcoded feature. In the past few days, we’ve discovered an advertisement in the form of browser extension was sideloaded into user browsers. Whoever is leading these decisions at Mozilla needs to be stopped.

Here’s a breakdown of what happened a few days ago. Mozilla and NBC Universal did a “collaboration” (read: promotion) for the TV show Mr. Robot. It involved sideloading a sketchy browser extension which will invert text that matches a list of Mr. Robot-related keywords like “fsociety”, “robot”, “undo”, and “fuck”, and does a number of other things like adding an HTTP header to certain sites you visit.

This extension was sideloaded into browsers via the “experiments” feature. Not only are these experiments enabled by default, but updates have been known to re-enable it if you turn it off. The advertisement addon shows up like this on your addon page, and was added to Firefox stable. If I saw this before I knew what was going on, I would think my browser was compromised! Apparently it was a mistake that this showed up on the addon page, though - it was supposed to be silently sideloaded into your browser!

There’s a ticket on Bugzilla (Firefox’s bug tracker) for discussing this experiment, but it’s locked down and no one outside of Mozilla can see it. There’s another ticket, filed by concerned users, which has since been disabled and had many comments removed, particularly the angry (but respectful) ones.

Mozilla, this is not okay. This is wrong on so many levels. Frankly, whoever was in charge should be fired over this - which is not something I call for lightly.

First of all, web browsers are a tool. I don’t want my browser to fool around, I just want it to display websites faithfully. This is the prime directive of web browsers, and you broke that. When I compile vim with gcc, I don’t want gcc to make vim sporadically add “fsociety” into every document I write. I want it to compile vim and go away.

More importantly, these advertising anti-features gravely - perhaps terminally - violate user trust. This event tells us that “Firefox studies” into a backdoor for advertisements, and I will never trust it again. But it doesn’t matter - you’re going to re-enable it on the next update. You know what that means? I will never trust Firefox again. I switched to qutebrowser as my daily driver because this crap was starting to add up, but I still used Firefox from time to time and never resigned from it entirely or stopped recommending it to friends. Well, whatever goodwill was left is gone now, and I will only recommend other browsers henceforth.

Mozilla, you fucked up bad, and you still haven’t apologised. The study is still active and ongoing. There is no amount of money that you should have accepted for this. This is the last straw - and I took a lot of straws from you. Goodbye forever, Mozilla.

Update 2017-12-16 @ 22:33

It has been clarified that an about:config flag must be set for this addon’s behavior to be visible. This improves the situation considerably, but I do not think it exenorates Mozilla and I stand firm behind most of my points. The study has also been rolled back by Mozilla, and Mozilla has issued statements to the media justifying the study (no apology has been issued).

Update 2017-12-18

Mozilla has issued an apology:

https://blog.mozilla.org/firefox/update-looking-glass-add/

Responses:

Mozilla, Firefox, Looking Glass, and you via jeaye.com

Have a comment on one of my posts? Start a discussion in my public inbox by sending an email to ~sircmpwn/public-inbox@lists.sr.ht [mailing list etiquette]

Articles from blogs I read Generated by openring

Status update, August 2020

Hi! Regardless of the intense heat I’ve been exposed to this last month, I’ve still been able to get some stuff done (although having to move out to another room which isn’t right under the roof). I’ve worked a lot on IRC-related projects. I’ve added a znc-i…

via emersion 2020-08-19 00:00:00 +0200 +0200

What's cooking on Sourcehut? August 2020

Another month passes and we find ourselves writing (or reading) this status update on a quiet, rainy Sunday morning. Today our userbase numbers 16,683 members strong, up 580 from last month. Please extend a kind welcome to our new colleagues! Thanks for read…

via Blogs on Sourcehut 2020-08-16 00:00:00 +0000 +0000

Go 1.15 is released

Today the Go team is very happy to announce the release of Go 1.15. You can get it from the download page. Some of the highlights include: Substantial improvements to the Go linker Improved allocation for small objects at high core coun…

via The Go Programming Language Blog 2020-08-11 11:00:00 +0000 +0000

North Pacific Logbook

The passage from Japan (Shimoda) to Canada (Victoria) took 51 days, and it was the hardest thing we've ever done. We decided to keep a logbook, to better remember it and so it can help others who wish to make this trip.Continue Reading

via Hundred Rabbits 2020-07-31 00:00:00 +0000 GMT