I have all kinds of anti tracking installed in Firefox but I'm going to sign up for this.
Why? Because I want Firefox to be the best browser. Mozilla is not Google and not Microsoft. They have a very different view on privacy and how they would like the internet to evolve.
If Firefox is going to be the best browser, it should focus on fixing bugs, optimizing performance, keeping up with standards and ensuring users keep full control of their browser on desktop and mobile via detailed configuration options and a powerful extension framework. That's it. Ever. I'm positive this kind of thing will only be used to make Firefox worse by inspiring new built-in "features".
Now that I think about it, all the built-in telemetry stuff like SHEILD should be handled by extensions. I shouldn't have to worry about a UI checkbox being respected by code. If the code's not there, I've got nothing to worry about.
All of the things you listed largely don't matter to anyone outside the bubble of hackers. Users care about features and aren't nearly as sensitive to feature creep as we are.
* Average users wouldn't recognize a bug if they saw one.
* Average users don't even know what it means to control / be controlled by software. It's a tool that either does something useful for them or not.
* Average users barely know what an extension is, and they'll ask you to install an ad blocker for them.
* Average users don't touch settings. They don't even know what an 'about' page is let alone a mozilla.cfg.
* Average users don't even know what HTTP or HTML stand for. And nobody actually cares about standards, they care that the websites they use work. If given the choice between going against the standard or breaking any popular website a browser would be shooting their own foot by not picking the latter.
This is why it's important that we who understand this also acts like it.
Friends look to us for recommendations what to use, and why. As tech people, we are guides. Use your influence in the best way possible. Internet can be an amazing tool for shining light on oppression and censorship or it can become like cable TV, with corporate senders and powerless receivers.
Average users don't even care about features, they use the browser they're given or the last one they were tricked into installing.
None of the things in that list would need to be a concern of the average user if the right thing is the default. Nothing I suggested would stop that from being the case. In fact, most of those things are already being done right in Firefox, except the telemetry. Presenting the opt-in choice as a warm fuzzy sounding thing ("improve product", "speedy solutions", "Dark Web protection") to users that have no clue what it's about isn't really opt-in, it's just inducing a predictable fear-based response. Having a multi-step process to install an extension to turn those things on would be true opt-in. The average user would be too lazy to do it, the people that want it can have it, and those that explicitly don't want it, don't have to worry about it being inadvertently activated.
Note, by "keep up with standards" I didn't mean be standards compliant at all cost, I meant implement new ones as they come up.
I'm pretty sure end users care about performance and bugs, although certainly you have to get over a significant threshold before it becomes a big deal.
The Mr. Robot extension didn't send data about you to other people so that means it didn't invade your privacy. It was strange that Mozilla would allow such an extension but it wasn't spying on you.
Blocking ads that target us is the main reason we notice privacy invasion. The Mr. Robot extension was an ad, and Mozilla received money to distribute it to their "hacker" base. How is it not an invasion of privacy?
You're conflating different forms of ads. Ads that get your info through trackers are invading your privacy. The Mr. Robot ad is as invading of your privacy as an ad in a paper magazine. It didn't collect your data. Come on don't pretend you don't know how invasion of privacy works.
How to Block Pop-Up Ads in Mozilla Firefox
The article is writing by Roberts Dale from https://meowessay.com/homework-help/ about the problem of pop-ups faced by What are the Pop Ups faced by Mozilla Firefox users. What are the Pop Ups? The 'Pop Up' word refers to any web browser window that is opening without user permission. These are flashy advertisements trying to either get the information from you such as zip code or email address, or sell you something. Pop-up ads are so frustrating that hamper your Internet browsing experience. As consumer targeting and Internet marketing become savvier, the pop-up ads are also becoming gradually widespread.
If you browse any website over the Mozilla Firefox web browser, then you can block such annoying ads without any hassle. You will not only get the Pop-ups to be blocked, but will able to see them again via a specified option if you want. However, if you don't have any information or you don't know how to block pop-ups in Mozilla Firefox, the following are the easy steps help you to remove these ads properly.
Launch the Firefox browser and hit the 'Firefox' option placed in the upper left-hand corner of the browser window on the menu bar.
Scroll down the options list that appear via Arrow key or mouse and hit on the 'Preferences'. A small box as a pop-up will come out on the screen, which provides a list of Firefox setting numbers that can be changed.
Search the 'Content' icon placed next to the box and click on this using your mouse. It will change the settings list that is displayed in the box.
Hit on the box beside the 'block pop-up windows' list option that should be placed on the list topmost part. Now, the box should be verified, means that Firefox will block all the popup ads and windows much easier.
Now, you can browse over the internet using Firefox without any annoyance. However, if you have still any queries regarding the above mentioned information, feel free to contact Firefox support phone number. The certified professionals help you to resolve your problems more efficiently. In addition, you can also visit Contactforhelp in case you want to get your problems to be resolved immediately.
However, anything's possible with the way businessmen tend to bend the rules to make money, so it's certainly within the realm of possibility that within 10 years the Foundation will sell the Corporation to Amazon-Comcast-Warner LLC and then they'll monetize the data.
Precisely. If one is concerned about not giving data like this to Google, MS, et. al. for privacy reasons, I wouldn't trust Mozilla's guarantees without actual contractual language declaring the lifetime of the data and under what circumstances the data will be destroyed (including but not limited to "company is purchased by another company").
But more importantly understand that this probably isn't for everybody. I think it's a fair guess to say they just want a small population, not something in the millions.
The data they harvest is to make a better browser. The same can not be said about Google or Microsoft.
But yes, there are no guarantees in life. Place your bets and roll the dice. You can be passive and do nothing or you can help the ones you believe in.
Can it really not be said about Google and Microsoft?
Do you really think Google is harvesting Chrome crash data because they want to better target ads? What ads are you imagining being targeted to Chrome crashing with a segfault that wouldn't be targeted to Chrome crashing with a stack overflow?
I would bet that nearly all the data Google collects goes into making their products better for users, even the data that's also used for ad targeting.
You'll never guess where I'm writing from. But, once you've gone through the pain of following GDPR, there's a chance you'll treat everyone the same.
The GDPR means that they can't just hoard whatever data there is, keep it forever and do whatever they want with it. The user needs to agree to how the data will be processed, there is a default expiry of 5 years (IIRC), and you can always just ask to retrieve all data and/or have it all deleted, with absurd fines for non-compliance.
So, you don't have to trust the next CEO. Making it so that Mozilla never knew you existed is a simple GDPR request away.
Isn't Shield the same system that pushed a marketing gimmick late last year? I'm still feeling sore about that fiasco. Not sore enough to stop using Firefox and switch to a worse-for-privacy alternative, but sore enough to be grumpy about signing up for their studies.
Yes, this is using the same system as the Mr Robot marketing gimmick last December. That isn't very worrying to me though, since that platform is basically a generic "do something in the browser" capability, where "do", "something" and "the browser" are fairly loosely defined. Both the Mr Robot promotion and the Pioneer program could be done through other avenues. Shield is the most convenient mechanism currently available for this sort of fine-grained deployment.
User's computer => Encrypted => Sent over the internet => Mozilla's public servers => Mozilla intranet gateway => Mozilla non-internet-facing server => Decrypted here
It doesn't say the server is completely offline. It can be connected to through a server which can connect to both that server and the wider internet, but the machine in question cannot.
I agree. A more honest and accurate way of putting it would be, “not accessible from the wider Internet.” On the other hand, with immutable servers, giving them no route to the wider Internet actually could be possible.
hopefully the server connected to the wider internet can only receive from the wider internet and not send anything to the wider internet. Otherwise it can just be used as a proxy to the server that’s not connected to the internet.
You will send your data to publicly available server, which will forward it to other server available only through local network, hidden from the prying eyes, secured by firewall, routers, and/or some network configuration.
It could store it on a network filesystem. The computer that writes it would be connected to the internet, and the computer that reads it would not. Or it could store it in a database.
Encrypted data is uploaded to some Mozilla server. From there, the the encrypted data is copied onto some sort of storage device (USB stick or DVD), which is then inserted into the non-connected machine where it is decrypted.
Most likely they mean that it only gets decrypted after going through a bastion-like host that's connected to both the internet and one of their intranets.
A sneakernet would be an option but it's fairly unlikely
Companies like this data to improve their products. As long as it's opt-in, we should have no ethical issue with it. Doesn't surprise me that Mozilla is dealing with this ethically. One of the few organizations I trust.
Indeed, I didn't mean to suggest that it was a permanent decision; but rather that opting in to the program as a whole explicitly and clearly, but nonetheless perhaps undesireably, amounted to opting in to in to not just the present but also the future parts of it—perhaps such as, without any guarantee to the contrary, future stunts on the order of the Mr Robot promotion.
I have all kinds of anti tracking installed in Firefox but I'm going to sign up for this.
Why? Because I want Firefox to be the best browser. Mozilla is not Google and not Microsoft. They have a very different view on privacy and how they would like the internet to evolve.
> Why? Because I want Firefox to be the best browser.
I think users and companies over-value this kind of telemetry as a way to improve the product any more than it would be with a principled leader.
Yes, e.g., A/B testing can end up testing the wrong thing, and we end up with uglier pages that are geared toward maximizing an unique objective.
If Firefox is going to be the best browser, it should focus on fixing bugs, optimizing performance, keeping up with standards and ensuring users keep full control of their browser on desktop and mobile via detailed configuration options and a powerful extension framework. That's it. Ever. I'm positive this kind of thing will only be used to make Firefox worse by inspiring new built-in "features".
Now that I think about it, all the built-in telemetry stuff like SHEILD should be handled by extensions. I shouldn't have to worry about a UI checkbox being respected by code. If the code's not there, I've got nothing to worry about.
All of the things you listed largely don't matter to anyone outside the bubble of hackers. Users care about features and aren't nearly as sensitive to feature creep as we are.
* Average users wouldn't recognize a bug if they saw one.
* Average users don't even know what it means to control / be controlled by software. It's a tool that either does something useful for them or not.
* Average users barely know what an extension is, and they'll ask you to install an ad blocker for them.
* Average users don't touch settings. They don't even know what an 'about' page is let alone a mozilla.cfg.
* Average users don't even know what HTTP or HTML stand for. And nobody actually cares about standards, they care that the websites they use work. If given the choice between going against the standard or breaking any popular website a browser would be shooting their own foot by not picking the latter.
This is why it's important that we who understand this also acts like it.
Friends look to us for recommendations what to use, and why. As tech people, we are guides. Use your influence in the best way possible. Internet can be an amazing tool for shining light on oppression and censorship or it can become like cable TV, with corporate senders and powerless receivers.
Average users don't even care about features, they use the browser they're given or the last one they were tricked into installing.
None of the things in that list would need to be a concern of the average user if the right thing is the default. Nothing I suggested would stop that from being the case. In fact, most of those things are already being done right in Firefox, except the telemetry. Presenting the opt-in choice as a warm fuzzy sounding thing ("improve product", "speedy solutions", "Dark Web protection") to users that have no clue what it's about isn't really opt-in, it's just inducing a predictable fear-based response. Having a multi-step process to install an extension to turn those things on would be true opt-in. The average user would be too lazy to do it, the people that want it can have it, and those that explicitly don't want it, don't have to worry about it being inadvertently activated.
Note, by "keep up with standards" I didn't mean be standards compliant at all cost, I meant implement new ones as they come up.
I'm pretty sure end users care about performance and bugs, although certainly you have to get over a significant threshold before it becomes a big deal.
I wonder why such strict standards are needed, given that it is open source.
That's the same channel that Mozilla used to deliver js based ad for mr. robot.
Yeah, they treat us as we don't have any memories, with a couple of buzzword about privacy and user control.
The Mr. Robot extension didn't send data about you to other people so that means it didn't invade your privacy. It was strange that Mozilla would allow such an extension but it wasn't spying on you.
Blocking ads that target us is the main reason we notice privacy invasion. The Mr. Robot extension was an ad, and Mozilla received money to distribute it to their "hacker" base. How is it not an invasion of privacy?
You're conflating different forms of ads. Ads that get your info through trackers are invading your privacy. The Mr. Robot ad is as invading of your privacy as an ad in a paper magazine. It didn't collect your data. Come on don't pretend you don't know how invasion of privacy works.
Of course, I specifically mention the difference in the essay too, including the history of Google ads.
How to Block Pop-Up Ads in Mozilla Firefox The article is writing by Roberts Dale from https://meowessay.com/homework-help/ about the problem of pop-ups faced by What are the Pop Ups faced by Mozilla Firefox users. What are the Pop Ups? The 'Pop Up' word refers to any web browser window that is opening without user permission. These are flashy advertisements trying to either get the information from you such as zip code or email address, or sell you something. Pop-up ads are so frustrating that hamper your Internet browsing experience. As consumer targeting and Internet marketing become savvier, the pop-up ads are also becoming gradually widespread.
If you browse any website over the Mozilla Firefox web browser, then you can block such annoying ads without any hassle. You will not only get the Pop-ups to be blocked, but will able to see them again via a specified option if you want. However, if you don't have any information or you don't know how to block pop-ups in Mozilla Firefox, the following are the easy steps help you to remove these ads properly.
Launch the Firefox browser and hit the 'Firefox' option placed in the upper left-hand corner of the browser window on the menu bar. Scroll down the options list that appear via Arrow key or mouse and hit on the 'Preferences'. A small box as a pop-up will come out on the screen, which provides a list of Firefox setting numbers that can be changed. Search the 'Content' icon placed next to the box and click on this using your mouse. It will change the settings list that is displayed in the box. Hit on the box beside the 'block pop-up windows' list option that should be placed on the list topmost part. Now, the box should be verified, means that Firefox will block all the popup ads and windows much easier. Now, you can browse over the internet using Firefox without any annoyance. However, if you have still any queries regarding the above mentioned information, feel free to contact Firefox support phone number. The certified professionals help you to resolve your problems more efficiently. In addition, you can also visit Contactforhelp in case you want to get your problems to be resolved immediately.
> Mozilla is not Google and not Microsoft.
... right now. How many years do you trust them to hold the data they harvest from you? Through how many CEO transitions? ;)
It may be helpful to understand how Mozilla's operations are structured: https://en.wikipedia.org/wiki/Mozilla_Foundation
However, anything's possible with the way businessmen tend to bend the rules to make money, so it's certainly within the realm of possibility that within 10 years the Foundation will sell the Corporation to Amazon-Comcast-Warner LLC and then they'll monetize the data.
Precisely. If one is concerned about not giving data like this to Google, MS, et. al. for privacy reasons, I wouldn't trust Mozilla's guarantees without actual contractual language declaring the lifetime of the data and under what circumstances the data will be destroyed (including but not limited to "company is purchased by another company").
> I wouldn't trust Mozilla's guarantees without actual contractual language...
Then go read the fine print: https://addons.mozilla.org/en/firefox/addon/firefox-pioneer/...
But more importantly understand that this probably isn't for everybody. I think it's a fair guess to say they just want a small population, not something in the millions.
The data they harvest is to make a better browser. The same can not be said about Google or Microsoft.
But yes, there are no guarantees in life. Place your bets and roll the dice. You can be passive and do nothing or you can help the ones you believe in.
https://medium.com/firefox-context-graph/make-firefox-better...
Can it really not be said about Google and Microsoft?
Do you really think Google is harvesting Chrome crash data because they want to better target ads? What ads are you imagining being targeted to Chrome crashing with a segfault that wouldn't be targeted to Chrome crashing with a stack overflow?
I would bet that nearly all the data Google collects goes into making their products better for users, even the data that's also used for ad targeting.
You're acting like crash data is the only data they are collecting.
GDPR is a wonderful thing.
I'm afraid I don't follow; how does GDPR enter into it?
Wouldn't GDPR protections only apply to European customers?
You'll never guess where I'm writing from. But, once you've gone through the pain of following GDPR, there's a chance you'll treat everyone the same.
The GDPR means that they can't just hoard whatever data there is, keep it forever and do whatever they want with it. The user needs to agree to how the data will be processed, there is a default expiry of 5 years (IIRC), and you can always just ask to retrieve all data and/or have it all deleted, with absurd fines for non-compliance.
So, you don't have to trust the next CEO. Making it so that Mozilla never knew you existed is a simple GDPR request away.
Do you honestly think Mozilla is going to deliberately treat Americans worse than Europeans? :)
Sure. All they have to do is tell themselves that this data is totally being used for a good purpose and Europe is just being over regulatory.
When they are receiving most of their revenue from Google or Yahoo!, I doubt they don't have the interests of advertisers in mind.
Isn't Shield the same system that pushed a marketing gimmick late last year? I'm still feeling sore about that fiasco. Not sore enough to stop using Firefox and switch to a worse-for-privacy alternative, but sore enough to be grumpy about signing up for their studies.
Yes, this is using the same system as the Mr Robot marketing gimmick last December. That isn't very worrying to me though, since that platform is basically a generic "do something in the browser" capability, where "do", "something" and "the browser" are fairly loosely defined. Both the Mr Robot promotion and the Pioneer program could be done through other avenues. Shield is the most convenient mechanism currently available for this sort of fine-grained deployment.
> The data you submit is encrypted in Firefox and not decrypted until it is on a server that is not connected to the wider internet.
Okay, stupid question: How does it get there? Sneakernet?
User's computer => Encrypted => Sent over the internet => Mozilla's public servers => Mozilla intranet gateway => Mozilla non-internet-facing server => Decrypted here
It doesn't say the server is completely offline. It can be connected to through a server which can connect to both that server and the wider internet, but the machine in question cannot.
Hmm. If I was describing a server behind a bastion host I'd feel dishonest saying it's "not connected to the wider internet".
I agree. A more honest and accurate way of putting it would be, “not accessible from the wider Internet.” On the other hand, with immutable servers, giving them no route to the wider Internet actually could be possible.
hopefully the server connected to the wider internet can only receive from the wider internet and not send anything to the wider internet. Otherwise it can just be used as a proxy to the server that’s not connected to the internet.
You will send your data to publicly available server, which will forward it to other server available only through local network, hidden from the prying eyes, secured by firewall, routers, and/or some network configuration.
Either sneakernet, or the server is disconnected before the private key is attached, I assume. But sneakernet makes the most sense to me.
Not directly connected to the wider internet ? As in not referenced by DNS, but connected to machines which are ?
It could store it on a network filesystem. The computer that writes it would be connected to the internet, and the computer that reads it would not. Or it could store it in a database.
Encrypted data is uploaded to some Mozilla server. From there, the the encrypted data is copied onto some sort of storage device (USB stick or DVD), which is then inserted into the non-connected machine where it is decrypted.
Can't edit, but should add that this is speculation
Most likely they mean that it only gets decrypted after going through a bastion-like host that's connected to both the internet and one of their intranets.
A sneakernet would be an option but it's fairly unlikely
Hmm. If I was describing a server behind a bastion host I'd feel dishonest saying it's "not connected to the wider internet".
> Okay, stupid question: How does it get there? Sneakernet?
Homing pigeon.
You're right. It's a stupid question. What are you doing on Hacker News?
Personal attacks will get you banned here. Please don't do this again.
https://news.ycombinator.com/newsguidelines.html
It gets there encrypted via the internet
Companies like this data to improve their products. As long as it's opt-in, we should have no ethical issue with it. Doesn't surprise me that Mozilla is dealing with this ethically. One of the few organizations I trust.
Yup. They screw up occasionally, but I trust that they do their best and mistakes made are going to be resolved in a way that I feel comfortable with.
$5 say their marketing dept will "accidentally" install/push something that will "accidentally" opt-in everyone.
How about $500, over the next.. 8 years (you have to stop a bet eventually). Or just $5 if you don't have the confidence in a mistake.
> The data you submit is encrypted in Firefox and not decrypted until it is on a server that is not connected to the wider internet.
This is a good approach.
> Once you’ve opted in, you may be enrolled in additional studies without potentially annoying prompts.
Ha. "Once you've opted in, you will not have explicit control over enrollment in future studies" is a less sunny way of saying this.
Check the "How do I opt out?" part of the article.
Indeed, I didn't mean to suggest that it was a permanent decision; but rather that opting in to the program as a whole explicitly and clearly, but nonetheless perhaps undesireably, amounted to opting in to in to not just the present but also the future parts of it—perhaps such as, without any guarantee to the contrary, future stunts on the order of the Mr Robot promotion.
I see that this personal information, too, doesn't pay like what pioneers used to get paid ... in land, gold, animals.
"if you meet the criteria."
No. I don't.