this post was submitted on 30 Jul 2024
524 points (91.2% liked)

Firefox

17857 readers
17 users here now

A place to discuss the news and latest developments on the open-source browser Firefox

founded 4 years ago
MODERATORS
 

PSA (?): just got this popup in Firefox when i was on an amazon product page. looked into it a bit because it seemed weird and it turns out if you click the big "yes, try it" button, you agree to mandatory binding arbitration with Fakespot and you waive your right to bring a class action lawsuit against them. this is awesome thank you so much mozilla very cool

https://queer.party/@m04/112872517189786676

So, Mozilla adds an AI review features for products you view using Firefox. Other than being very useless, it's T&C are as anti-consumer as it possibly can be. It's like mozilla saying directly "we don't care about your privacy".

top 50 comments
sorted by: hot top controversial new old
[–] tinfoilhat@lemmy.ml 306 points 3 months ago (3 children)

I hate the anti-pattern of "Not Now". How about "No"?

[–] jet@hackertalks.com 101 points 3 months ago (1 children)

Yeah, corporate dark patterns really don't respect consent. When would you like to know more: Now, or Later?

[–] Buddahriffic@lemmy.world 26 points 3 months ago (2 children)

Though I don't mind the "accept, deny, ask me again later" for when something seems interesting but I don't want to put the effort into looking into it right at the moment but don't want to click yes without looking into it.

load more comments (2 replies)
[–] laughterlaughter@lemmy.world 17 points 3 months ago

Best I can do is accepting three options: "Yes," "No," and "Remind me later."

"Not now" or "No, I don't want this awesome feature" bullshit infuriates me.

[–] AlexWIWA@lemmy.ml 15 points 3 months ago (1 children)

These should be flatly illegal. No means no

load more comments (1 replies)
[–] nia_the_cat@lemmy.world 120 points 3 months ago* (last edited 3 months ago) (6 children)

~~Hot take and I can guarantee this will be downvoted but I think people are putting way too much blind trust into Mozilla for this.~~ (edit: Apparently not here, pleasantly surprised at that)

They just purchased an advertising company, they made the T&C waive your right to a class action lawsuit. They keep giving their CEO raises and laying off their workers. Mozilla is actively enshittifying but people don't react until it's too late because it's a boiling frog situation.

Whether you think the feature is useful or not, Firefox is unfortunately shifting away from being a privacy-focused user-focused browser. The saving grace is that it is open source and forks can be made of it, "Firefox" itself can survive anything as long as there's enough interest to keep it alive.

I think that Mozilla does great work, but they've lost sight of their goals, and are changing focus. This is not necessarily a bad thing, but this needs to be looked at objectively instead of with brand-loyalty. At the end of the day, they're just another company with financial interests prioritized over user interests.

[–] redditReallySucks@lemmy.dbzer0.com 75 points 3 months ago (2 children)

Hot take

Thats not a hot take anymore. A lot of people in privacy communities are moving to forks of Firefox that disable Mozilla's bullshit.

[–] Professorozone@lemmy.world 19 points 3 months ago (7 children)
[–] nia_the_cat@lemmy.world 39 points 3 months ago* (last edited 3 months ago) (14 children)

On desktop I've been using Librewolf, Mullvad Browser is good too. There's also some forks on Android, Mull and Fennec, of those I prefer Mull

Edit: Waterfox is another fork on desktop that had some controversy when bought by an advertising company, but they're independent again as of last year

load more comments (14 replies)
load more comments (6 replies)
load more comments (1 replies)
[–] laughterlaughter@lemmy.world 22 points 3 months ago* (last edited 3 months ago)

What irks me is that they proudly announce that these features are baked in directly in the browser. Why the FUCK would they do that? I want my browser to be a browser only. Everything else must be relegated to an optional add-on.

[–] Vincent@feddit.nl 19 points 3 months ago

they made the T&C waive your right to a class action lawsuit

Fakespot did already have that before they got acquired. Which doesn't mean it's not worth changing, of course.

[–] leopold@lemmy.kde.social 17 points 3 months ago (1 children)

man why do people always label the most cold-ass takes in the universe as hot takes

[–] nia_the_cat@lemmy.world 19 points 3 months ago* (last edited 3 months ago)

Depending where you are it is. On some Mozilla communities you're downvoted into oblivion or dogpiled on for saying this. I was pleasantly surprised here that it wasn't

A lot of them are very fanboy heavy

[–] sozesoze@lemmy.world 15 points 3 months ago (1 children)

until it’s too late because it’s a boiling frog situation.

That's a common misconception. If frogs are thrown into boiling water they almost die instantly, if they are placed in a pot that's slowly beginning to boil, they desperately try to escape after a while

load more comments (1 replies)
load more comments (1 replies)
[–] friend_of_satan@lemmy.world 107 points 3 months ago (1 children)
[–] jet@hackertalks.com 52 points 3 months ago

Ohh, Good point, so the entire trust model is we are trusting Mozilla not to share data with Mozilla, because if Mozilla colludes with Mozilla then there is no privacy here at all.

[–] davel@lemmy.ml 88 points 3 months ago* (last edited 3 months ago) (1 children)

Why not just be a web browser and leave stuff like this to browser extensions?
Oh right, you enshittified yourself.

Edit to add: Why give them money when they apparently already have too much of it from corporate inputs (most of it from Google)? I think they ask us for donations in order to retain their non-profit image, for PR purposes.

[–] Urist@lemmy.ml 35 points 3 months ago (2 children)

You are not wrong. I got curious how much they receive in donations, but could not find anything about it in their financial statements.

load more comments (2 replies)
[–] Blaster_M@lemmy.world 71 points 3 months ago
[–] ZeroHora@lemmy.ml 47 points 3 months ago (8 children)

Fakespot is from Mozilla, if you trust Mozilla, why don't you trust Fakespot?

And why is it useless? With the amount of fake AI reviews an AI to detect them is not completely useless.

But the popup is annoying.

[–] rtxn@lemmy.world 49 points 3 months ago (4 children)

People shouldn't trust Mozilla either. It's a company that does company things. Just because it's not as far-gone as Google doesn't mean it's incapable.

load more comments (4 replies)
[–] lone_faerie@lemmy.blahaj.zone 22 points 3 months ago (1 children)

Using AI to detect AI is completely useless. It's been a big issue in academics, where a professor will plug your essay into an AI detector and then you get dinged for plagiarism because your entirely handwritten essay gets marked as AI. It's just glorified pattern matching, it has no concept of real or fake.

load more comments (1 replies)
[–] LWD@lemm.ee 21 points 3 months ago

I trust Mozilla to do what they promise with my private data

load more comments (5 replies)
[–] possiblylinux127@lemmy.zip 45 points 3 months ago

Librewolf.net

[–] Napain@lemmy.ml 44 points 3 months ago (10 children)

didn't the Firefox management say they would focus on their core product rather than random little services like this

[–] fine_sandy_bottom@discuss.tchncs.de 15 points 3 months ago* (last edited 3 months ago)

Actually I thought there new ceo said they were going to fuck around with AI stuff.

Edit:

https://techcrunch.com/2024/02/13/mozilla-downsizes-as-it-refocuses-on-firefox-and-ai-read-the-memo/?guccounter=1

load more comments (9 replies)
[–] LWD@lemm.ee 37 points 3 months ago (2 children)

FakeSpot is a hilarious company run by trend chasers, "crypto enthusiasts and web3 believers."

If Mozilla chasing the AI trend isn't bad enough, and their privacy policy doesn't hurt your soul, FakeSpot also only works on the biggest and most predatory platforms (Walmart and Amazon).

[–] Blisterexe@lemmy.zip 29 points 3 months ago (14 children)

FakeSpot also only works on the biggest and most predatory platforms (Walmart and Amazon).

that also happen to be by far the most popular, and also where you are the mos likely to see fake reviews

load more comments (14 replies)
load more comments (1 replies)
[–] thegreenguy@sopuli.xyz 29 points 3 months ago (1 children)

AI shit alone, I never understood the urge to build a whole OS in the browser. I want my browser to view websites. If I want more, then I can install extensions. I'd rather them release this as some sort of "official" extension. Might switch to LibreWolf (do you have any other suggestions?)

load more comments (1 replies)
[–] 01189998819991197253@infosec.pub 28 points 3 months ago (4 children)

I actually use fakespot a lot, but will never install an add-on for this.

I got that notice a few months ago, but I didn't use either button on the bottom. I used the X on the top, and haven't seen it since.

I thought we were done with the age of Toolbars, but here we are, back there. An app or add-on for every damn thing. No, I don't want this integrated into my browser. No, I don't need your HTML5 app on my phone to do less than the webpage does. No, I don't want your spyware app to view the one-off Twitter, Facebook, or Instagram link a friend sends me. No, I don't mean 'maybe later', I mean 'no forever'.

load more comments (4 replies)
[–] jet@hackertalks.com 27 points 3 months ago* (last edited 3 months ago) (2 children)

"strategic partnerships"

https://support.mozilla.org/en-US/kb/review-checker-review-quality

Protect your privacy

Firefox is committed to empowering you with information about review reliability while respecting your privacy. We use Oblivious HTTP (OHTTP) for Review Checker.

When Review Checker is turned on, we use information about the products you visit on Amazon, Best Buy and Walmart to analyze the reviews, but by using OHTTP we ensure Mozilla cannot link you or your device to the products you have viewed. OHTTP uses encryption and a third party intermediary server to offer a technical guarantee that this is the case: all Mozilla learns from this network request is that someone, somewhere, looked at a given product.

[–] jet@hackertalks.com 27 points 3 months ago* (last edited 3 months ago) (5 children)

Here is a talk on OHTTP (OHAI) https://www.youtube.com/watch?v=_HEzpnktAwY

and a OHTTP recap https://www.youtube.com/watch?v=qjLwo4Ufp8s

Basically, if you trust the OHTTP Proxy (mozilla) and the OHTTP service provider (fakespot) to not collude, then OHTTP protects your data.

If you think Mozilla and fakespot might collude, then this doesn't give you any privacy. (Update - Someone pointed out Mozilla has purchased fakespot, so this comes down to Trusting mozilla with 100% of your data for their privacy promise and OHTTP is totally pointless here)

Depends on your threat model.

If they actually cared about privacy they would have the OHTTP model, sure, but also a TOR hidden service endpoint that anyone could use as well ; Removing all the links between the user and the service shouldn't be a problem, since they are not monitizing user behavior, right? RIGHT?!?!?

[–] GenderNeutralBro@lemmy.sdf.org 16 points 3 months ago* (last edited 3 months ago) (2 children)

Mozilla says they use a third-party OHTTP intermediary. In the blog post linked above, they name Fastly as their partner. So it's not as bad as Mozilla + Mozilla-wearing-funny-glasses.

Personally, I still think this is the wrong approach to privacy, even though I've used Fakespot on my own many times over the years. Largely because I don't think any of this needs to be built into a web browser.

I would prefer my web browser to minimize information leakage by default, to the greatest degree that it can while still remaining useful as a web browser. Mozilla keeps adding bloat to Firefox, and bloat always comes at a cost. I'd much prefer these to be browser extensions that people can download if they want them, rather than built in by default. The baseline Firefox should be lean. Less "stuff" = smaller attack surface. Simplicity is best.

I mean, the Fakespot browser extension has existed for a long time, and I've never seriously considered installing it. I'd much rather just take an extra three seconds to load their web site and paste in a URL than have it constantly monitoring my activity and doing god-knows-what with it. That way I have better knowledge and control of what is happening with my data. Even if I trust their intentions, I don't implicitly trust their competence (all software has bugs) and I don't trust that they will never go rogue in the future.

And also, I just don't find this claim all that compelling in principle:

By processing the data jointly across two independent parties, they ensure neither party holds the information required to reveal sensitive information about someone.

I mean...sure. That's fair. Buuuuuut handing half the data to your "partner" doesn't give me a whole lot of confidence. Especially since literally nobody reads all of the privacy policies they are subject to. See:

https://www.theatlantic.com/technology/archive/2012/03/reading-the-privacy-policies-you-encounter-in-a-year-would-take-76-work-days/253851/

https://www.npr.org/sections/alltechconsidered/2012/04/19/150905465/to-read-all-those-web-privacy-policies-just-take-a-month-off-work

https://www.techradar.com/computing/cyber-security/you-need-a-whole-workweek-every-month-to-read-privacy-policiesand-thats-bad-news

Minimizing privacy policies should be a high-priority goal for any organization that claims to value privacy.

Furthermore, how many additional parties have access (legally or otherwise) to both Mozilla and Fastly? 🤷

load more comments (2 replies)
load more comments (4 replies)
load more comments (1 replies)
[–] ssm@lemmy.sdf.org 24 points 3 months ago* (last edited 3 months ago) (1 children)

The real reason people want to revoke the second amendment is so Mozilla will stop constantly pointing guns at their own feet.

load more comments (1 replies)
[–] z3rOR0ne@lemmy.ml 20 points 3 months ago (2 children)

Please tell me there's an about:config setting to turn this bs off.

load more comments (2 replies)
[–] MrQuallzin@lemmy.world 19 points 3 months ago (1 children)

I actually love Fakespot. I've had it installed as an extension for years, but now it's native

[–] laughterlaughter@lemmy.world 18 points 3 months ago

And that's the bullshit part. It shouldn't be native. A browser should be a browser.

[–] Dirk@lemmy.ml 18 points 3 months ago

What are the right settings to disable that crap via user.js? I assume this is done via hidden extension, like Pocket.

[–] iAmTheTot@sh.itjust.works 16 points 3 months ago (4 children)

I've used Firefox since it was released. I will be considering other browsers due to this. I do not want AI in my products.

[–] Mereo@lemmy.ca 28 points 3 months ago (1 children)

Librewolf and Floorp are good Firefox based alternative browsers.

load more comments (1 replies)
[–] ThePantser@lemmy.world 19 points 3 months ago (1 children)

What other browsers? Firefox was the last good one.

[–] puppy@lemmy.world 18 points 3 months ago

Since Firefox is free and open source, there are many other variations of it built and distributed by the community.

load more comments (2 replies)
load more comments
view more: next ›