I have all kinds of anti tracking installed in Firefox but I'm going to sign up for this.
Why? Because I want Firefox to be the best browser. Mozilla is not Google and not Microsoft. They have a very different view on privacy and how they would like the internet to evolve.
However, anything's possible with the way businessmen tend to bend the rules to make money, so it's certainly within the realm of possibility that within 10 years the Foundation will sell the Corporation to Amazon-Comcast-Warner LLC and then they'll monetize the data.
Precisely. If one is concerned about not giving data like this to Google, MS, et. al. for privacy reasons, I wouldn't trust Mozilla's guarantees without actual contractual language declaring the lifetime of the data and under what circumstances the data will be destroyed (including but not limited to "company is purchased by another company").
But more importantly understand that this probably isn't for everybody. I think it's a fair guess to say they just want a small population, not something in the millions.
The data they harvest is to make a better browser. The same can not be said about Google or Microsoft.
But yes, there are no guarantees in life. Place your bets and roll the dice. You can be passive and do nothing or you can help the ones you believe in.
Can it really not be said about Google and Microsoft?
Do you really think Google is harvesting Chrome crash data because they want to better target ads? What ads are you imagining being targeted to Chrome crashing with a segfault that wouldn't be targeted to Chrome crashing with a stack overflow?
I would bet that nearly all the data Google collects goes into making their products better for users, even the data that's also used for ad targeting.
You'll never guess where I'm writing from. But, once you've gone through the pain of following GDPR, there's a chance you'll treat everyone the same.
The GDPR means that they can't just hoard whatever data there is, keep it forever and do whatever they want with it. The user needs to agree to how the data will be processed, there is a default expiry of 5 years (IIRC), and you can always just ask to retrieve all data and/or have it all deleted, with absurd fines for non-compliance.
So, you don't have to trust the next CEO. Making it so that Mozilla never knew you existed is a simple GDPR request away.
If Firefox is going to be the best browser, it should focus on fixing bugs, optimizing performance, keeping up with standards and ensuring users keep full control of their browser on desktop and mobile via detailed configuration options and a powerful extension framework. That's it. Ever. I'm positive this kind of thing will only be used to make Firefox worse by inspiring new built-in "features".
Now that I think about it, all the built-in telemetry stuff like SHEILD should be handled by extensions. I shouldn't have to worry about a UI checkbox being respected by code. If the code's not there, I've got nothing to worry about.
All of the things you listed largely don't matter to anyone outside the bubble of hackers. Users care about features and aren't nearly as sensitive to feature creep as we are.
* Average users wouldn't recognize a bug if they saw one.
* Average users don't even know what it means to control / be controlled by software. It's a tool that either does something useful for them or not.
* Average users barely know what an extension is, and they'll ask you to install an ad blocker for them.
* Average users don't touch settings. They don't even know what an 'about' page is let alone a mozilla.cfg.
* Average users don't even know what HTTP or HTML stand for. And nobody actually cares about standards, they care that the websites they use work. If given the choice between going against the standard or breaking any popular website a browser would be shooting their own foot by not picking the latter.
This is why it's important that we who understand this also acts like it.
Friends look to us for recommendations what to use, and why. As tech people, we are guides. Use your influence in the best way possible. Internet can be an amazing tool for shining light on oppression and censorship or it can become like cable TV, with corporate senders and powerless receivers.
Average users don't even care about features, they use the browser they're given or the last one they were tricked into installing.
None of the things in that list would need to be a concern of the average user if the right thing is the default. Nothing I suggested would stop that from being the case. In fact, most of those things are already being done right in Firefox, except the telemetry. Presenting the opt-in choice as a warm fuzzy sounding thing ("improve product", "speedy solutions", "Dark Web protection") to users that have no clue what it's about isn't really opt-in, it's just inducing a predictable fear-based response. Having a multi-step process to install an extension to turn those things on would be true opt-in. The average user would be too lazy to do it, the people that want it can have it, and those that explicitly don't want it, don't have to worry about it being inadvertently activated.
Note, by "keep up with standards" I didn't mean be standards compliant at all cost, I meant implement new ones as they come up.
I'm pretty sure end users care about performance and bugs, although certainly you have to get over a significant threshold before it becomes a big deal.
The Mr. Robot extension didn't send data about you to other people so that means it didn't invade your privacy. It was strange that Mozilla would allow such an extension but it wasn't spying on you.
Blocking ads that target us is the main reason we notice privacy invasion. The Mr. Robot extension was an ad, and Mozilla received money to distribute it to their "hacker" base. How is it not an invasion of privacy?
You're conflating different forms of ads. Ads that get your info through trackers are invading your privacy. The Mr. Robot ad is as invading of your privacy as an ad in a paper magazine. It didn't collect your data. Come on don't pretend you don't know how invasion of privacy works.
Isn't Shield the same system that pushed a marketing gimmick late last year? I'm still feeling sore about that fiasco. Not sore enough to stop using Firefox and switch to a worse-for-privacy alternative, but sore enough to be grumpy about signing up for their studies.
Yes, this is using the same system as the Mr Robot marketing gimmick last December. That isn't very worrying to me though, since that platform is basically a generic "do something in the browser" capability, where "do", "something" and "the browser" are fairly loosely defined. Both the Mr Robot promotion and the Pioneer program could be done through other avenues. Shield is the most convenient mechanism currently available for this sort of fine-grained deployment.
User's computer => Encrypted => Sent over the internet => Mozilla's public servers => Mozilla intranet gateway => Mozilla non-internet-facing server => Decrypted here
It doesn't say the server is completely offline. It can be connected to through a server which can connect to both that server and the wider internet, but the machine in question cannot.
hopefully the server connected to the wider internet can only receive from the wider internet and not send anything to the wider internet. Otherwise it can just be used as a proxy to the server that’s not connected to the internet.
I agree. A more honest and accurate way of putting it would be, “not accessible from the wider Internet.” On the other hand, with immutable servers, giving them no route to the wider Internet actually could be possible.
Encrypted data is uploaded to some Mozilla server. From there, the the encrypted data is copied onto some sort of storage device (USB stick or DVD), which is then inserted into the non-connected machine where it is decrypted.
Most likely they mean that it only gets decrypted after going through a bastion-like host that's connected to both the internet and one of their intranets.
A sneakernet would be an option but it's fairly unlikely
You will send your data to publicly available server, which will forward it to other server available only through local network, hidden from the prying eyes, secured by firewall, routers, and/or some network configuration.
It could store it on a network filesystem. The computer that writes it would be connected to the internet, and the computer that reads it would not. Or it could store it in a database.
Companies like this data to improve their products. As long as it's opt-in, we should have no ethical issue with it. Doesn't surprise me that Mozilla is dealing with this ethically. One of the few organizations I trust.
Indeed, I didn't mean to suggest that it was a permanent decision; but rather that opting in to the program as a whole explicitly and clearly, but nonetheless perhaps undesireably, amounted to opting in to in to not just the present but also the future parts of it—perhaps such as, without any guarantee to the contrary, future stunts on the order of the Mr Robot promotion.
I have all kinds of anti tracking installed in Firefox but I'm going to sign up for this.
Why? Because I want Firefox to be the best browser. Mozilla is not Google and not Microsoft. They have a very different view on privacy and how they would like the internet to evolve.
> Mozilla is not Google and not Microsoft.
... right now. How many years do you trust them to hold the data they harvest from you? Through how many CEO transitions? ;)
It may be helpful to understand how Mozilla's operations are structured: https://en.wikipedia.org/wiki/Mozilla_Foundation
However, anything's possible with the way businessmen tend to bend the rules to make money, so it's certainly within the realm of possibility that within 10 years the Foundation will sell the Corporation to Amazon-Comcast-Warner LLC and then they'll monetize the data.
Precisely. If one is concerned about not giving data like this to Google, MS, et. al. for privacy reasons, I wouldn't trust Mozilla's guarantees without actual contractual language declaring the lifetime of the data and under what circumstances the data will be destroyed (including but not limited to "company is purchased by another company").
> I wouldn't trust Mozilla's guarantees without actual contractual language...
Then go read the fine print: https://addons.mozilla.org/en/firefox/addon/firefox-pioneer/...
But more importantly understand that this probably isn't for everybody. I think it's a fair guess to say they just want a small population, not something in the millions.
The data they harvest is to make a better browser. The same can not be said about Google or Microsoft.
But yes, there are no guarantees in life. Place your bets and roll the dice. You can be passive and do nothing or you can help the ones you believe in.
https://medium.com/firefox-context-graph/make-firefox-better...
Can it really not be said about Google and Microsoft?
Do you really think Google is harvesting Chrome crash data because they want to better target ads? What ads are you imagining being targeted to Chrome crashing with a segfault that wouldn't be targeted to Chrome crashing with a stack overflow?
I would bet that nearly all the data Google collects goes into making their products better for users, even the data that's also used for ad targeting.
You're acting like crash data is the only data they are collecting.
GDPR is a wonderful thing.
I'm afraid I don't follow; how does GDPR enter into it?
Wouldn't GDPR protections only apply to European customers?
Do you honestly think Mozilla is going to deliberately treat Americans worse than Europeans? :)
Sure. All they have to do is tell themselves that this data is totally being used for a good purpose and Europe is just being over regulatory.
You'll never guess where I'm writing from. But, once you've gone through the pain of following GDPR, there's a chance you'll treat everyone the same.
The GDPR means that they can't just hoard whatever data there is, keep it forever and do whatever they want with it. The user needs to agree to how the data will be processed, there is a default expiry of 5 years (IIRC), and you can always just ask to retrieve all data and/or have it all deleted, with absurd fines for non-compliance.
So, you don't have to trust the next CEO. Making it so that Mozilla never knew you existed is a simple GDPR request away.
> Why? Because I want Firefox to be the best browser.
I think users and companies over-value this kind of telemetry as a way to improve the product any more than it would be with a principled leader.
Yes, e.g., A/B testing can end up testing the wrong thing, and we end up with uglier pages that are geared toward maximizing an unique objective.
If Firefox is going to be the best browser, it should focus on fixing bugs, optimizing performance, keeping up with standards and ensuring users keep full control of their browser on desktop and mobile via detailed configuration options and a powerful extension framework. That's it. Ever. I'm positive this kind of thing will only be used to make Firefox worse by inspiring new built-in "features".
Now that I think about it, all the built-in telemetry stuff like SHEILD should be handled by extensions. I shouldn't have to worry about a UI checkbox being respected by code. If the code's not there, I've got nothing to worry about.
All of the things you listed largely don't matter to anyone outside the bubble of hackers. Users care about features and aren't nearly as sensitive to feature creep as we are.
* Average users wouldn't recognize a bug if they saw one.
* Average users don't even know what it means to control / be controlled by software. It's a tool that either does something useful for them or not.
* Average users barely know what an extension is, and they'll ask you to install an ad blocker for them.
* Average users don't touch settings. They don't even know what an 'about' page is let alone a mozilla.cfg.
* Average users don't even know what HTTP or HTML stand for. And nobody actually cares about standards, they care that the websites they use work. If given the choice between going against the standard or breaking any popular website a browser would be shooting their own foot by not picking the latter.
This is why it's important that we who understand this also acts like it.
Friends look to us for recommendations what to use, and why. As tech people, we are guides. Use your influence in the best way possible. Internet can be an amazing tool for shining light on oppression and censorship or it can become like cable TV, with corporate senders and powerless receivers.
Average users don't even care about features, they use the browser they're given or the last one they were tricked into installing.
None of the things in that list would need to be a concern of the average user if the right thing is the default. Nothing I suggested would stop that from being the case. In fact, most of those things are already being done right in Firefox, except the telemetry. Presenting the opt-in choice as a warm fuzzy sounding thing ("improve product", "speedy solutions", "Dark Web protection") to users that have no clue what it's about isn't really opt-in, it's just inducing a predictable fear-based response. Having a multi-step process to install an extension to turn those things on would be true opt-in. The average user would be too lazy to do it, the people that want it can have it, and those that explicitly don't want it, don't have to worry about it being inadvertently activated.
Note, by "keep up with standards" I didn't mean be standards compliant at all cost, I meant implement new ones as they come up.
I'm pretty sure end users care about performance and bugs, although certainly you have to get over a significant threshold before it becomes a big deal.
I wonder why such strict standards are needed, given that it is open source.
That's the same channel that Mozilla used to deliver js based ad for mr. robot.
Yeah, they treat us as we don't have any memories, with a couple of buzzword about privacy and user control.
The Mr. Robot extension didn't send data about you to other people so that means it didn't invade your privacy. It was strange that Mozilla would allow such an extension but it wasn't spying on you.
Blocking ads that target us is the main reason we notice privacy invasion. The Mr. Robot extension was an ad, and Mozilla received money to distribute it to their "hacker" base. How is it not an invasion of privacy?
You're conflating different forms of ads. Ads that get your info through trackers are invading your privacy. The Mr. Robot ad is as invading of your privacy as an ad in a paper magazine. It didn't collect your data. Come on don't pretend you don't know how invasion of privacy works.
Of course, I specifically mention the difference in the essay too, including the history of Google ads.
When they are receiving most of their revenue from Google or Yahoo!, I doubt they don't have the interests of advertisers in mind.
Isn't Shield the same system that pushed a marketing gimmick late last year? I'm still feeling sore about that fiasco. Not sore enough to stop using Firefox and switch to a worse-for-privacy alternative, but sore enough to be grumpy about signing up for their studies.
Yes, this is using the same system as the Mr Robot marketing gimmick last December. That isn't very worrying to me though, since that platform is basically a generic "do something in the browser" capability, where "do", "something" and "the browser" are fairly loosely defined. Both the Mr Robot promotion and the Pioneer program could be done through other avenues. Shield is the most convenient mechanism currently available for this sort of fine-grained deployment.
> The data you submit is encrypted in Firefox and not decrypted until it is on a server that is not connected to the wider internet.
Okay, stupid question: How does it get there? Sneakernet?
It gets there encrypted via the internet
Not directly connected to the wider internet ? As in not referenced by DNS, but connected to machines which are ?
Either sneakernet, or the server is disconnected before the private key is attached, I assume. But sneakernet makes the most sense to me.
User's computer => Encrypted => Sent over the internet => Mozilla's public servers => Mozilla intranet gateway => Mozilla non-internet-facing server => Decrypted here
It doesn't say the server is completely offline. It can be connected to through a server which can connect to both that server and the wider internet, but the machine in question cannot.
hopefully the server connected to the wider internet can only receive from the wider internet and not send anything to the wider internet. Otherwise it can just be used as a proxy to the server that’s not connected to the internet.
Hmm. If I was describing a server behind a bastion host I'd feel dishonest saying it's "not connected to the wider internet".
I agree. A more honest and accurate way of putting it would be, “not accessible from the wider Internet.” On the other hand, with immutable servers, giving them no route to the wider Internet actually could be possible.
Encrypted data is uploaded to some Mozilla server. From there, the the encrypted data is copied onto some sort of storage device (USB stick or DVD), which is then inserted into the non-connected machine where it is decrypted.
Can't edit, but should add that this is speculation
Most likely they mean that it only gets decrypted after going through a bastion-like host that's connected to both the internet and one of their intranets.
A sneakernet would be an option but it's fairly unlikely
Hmm. If I was describing a server behind a bastion host I'd feel dishonest saying it's "not connected to the wider internet".
You will send your data to publicly available server, which will forward it to other server available only through local network, hidden from the prying eyes, secured by firewall, routers, and/or some network configuration.
It could store it on a network filesystem. The computer that writes it would be connected to the internet, and the computer that reads it would not. Or it could store it in a database.
> Okay, stupid question: How does it get there? Sneakernet?
Homing pigeon.
Companies like this data to improve their products. As long as it's opt-in, we should have no ethical issue with it. Doesn't surprise me that Mozilla is dealing with this ethically. One of the few organizations I trust.
Yup. They screw up occasionally, but I trust that they do their best and mistakes made are going to be resolved in a way that I feel comfortable with.
$5 say their marketing dept will "accidentally" install/push something that will "accidentally" opt-in everyone.
How about $500, over the next.. 8 years (you have to stop a bet eventually). Or just $5 if you don't have the confidence in a mistake.
> The data you submit is encrypted in Firefox and not decrypted until it is on a server that is not connected to the wider internet.
This is a good approach.
> Once you’ve opted in, you may be enrolled in additional studies without potentially annoying prompts.
Ha. "Once you've opted in, you will not have explicit control over enrollment in future studies" is a less sunny way of saying this.
Check the "How do I opt out?" part of the article.
Indeed, I didn't mean to suggest that it was a permanent decision; but rather that opting in to the program as a whole explicitly and clearly, but nonetheless perhaps undesireably, amounted to opting in to in to not just the present but also the future parts of it—perhaps such as, without any guarantee to the contrary, future stunts on the order of the Mr Robot promotion.
I see that this personal information, too, doesn't pay like what pioneers used to get paid ... in land, gold, animals.
"if you meet the criteria."
No. I don't.